[kernel] refreshed layer7 patches for 2.6.21.7, 2.6.23.17 and 2.6.25.20
[openwrt.git] / docs / network.tex
1 The network configuration in Kamikaze is stored in \texttt{/etc/config/network}
2 and is divided into interface configurations.
3 Each interface configuration either refers directly to an ethernet/wifi
4 interface (\texttt{eth0}, \texttt{wl0}, ..) or to a bridge containing multiple interfaces.
5 It looks like this:
6
7 \begin{Verbatim}
8 config interface "lan"
9 option ifname "eth0"
10 option proto "static"
11 option ipaddr "192.168.1.1"
12 option netmask "255.255.255.0"
13 option gateway "192.168.1.254"
14 option dns "192.168.1.254"
15 \end{Verbatim}
16
17 \texttt{ifname} specifies the Linux interface name.
18 If you want to use bridging on one or more interfaces, set \texttt{ifname} to a list
19 of interfaces and add:
20 \begin{Verbatim}
21 option type "bridge"
22 \end{Verbatim}
23
24 It is possible to use VLAN tagging on an interface simply by adding the VLAN IDs
25 to it, e.g. \texttt{eth0.1}. These can be nested as well.
26
27 This sets up a simple static configuration for \texttt{eth0}. \texttt{proto} specifies the
28 protocol used for the interface. The default image usually provides \texttt{'none'}
29 \texttt{'static'}, \texttt{'dhcp'} and \texttt{'pppoe'}. Others can be added by installing additional
30 packages.
31
32 When using the \texttt{'static'} method like in the example, the options \texttt{ipaddr} and
33 \texttt{netmask} are mandatory, while \texttt{gateway} and \texttt{dns} are optional.
34 You can specify more than one DNS server, separated with spaces.
35
36 DHCP currently only accepts \texttt{ipaddr} (IP address to request from the server)
37 and \texttt{hostname} (client hostname identify as) - both are optional.
38
39 PPP based protocols (\texttt{pppoe}, \texttt{pptp}, ...) accept these options:
40 \begin{itemize}
41 \item{username} \\
42 The PPP username (usually with PAP authentication)
43 \item{password} \\
44 The PPP password
45 \item{keepalive} \\
46 Ping the PPP server (using LCP). The value of this option
47 specifies the maximum number of failed pings before reconnecting.
48 The ping interval defaults to 5, but can be changed by appending
49 ",<interval>" to the keepalive value
50 \item{demand} \\
51 Use Dial on Demand (value specifies the maximum idle time.
52
53 \item{server: (pptp)} \\
54 The remote pptp server IP
55 \end{itemize}
56
57 For all protocol types, you can also specify the MTU by using the \texttt{mtu} option.
58
59 \subsubsection{Setting up static routes}
60
61 You can set up static routes for a specific interface that will be brought up
62 after the interface is configured.
63
64 Simply add a config section like this:
65
66 \begin{Verbatim}
67 config route foo
68 option interface lan
69 option target 1.1.1.0
70 option netmask 255.255.255.0
71 option gateway 192.168.1.1
72 \end{Verbatim}
73
74 The name for the route section is optional, the \texttt{interface}, \texttt{target} and
75 \texttt{gateway} options are mandatory.
76 Leaving out the \texttt{netmask} option will turn the route into a host route.
77
78 \subsubsection{Setting up the switch (currently broadcom only)}
79
80 The switch configuration is set by adding a \texttt{'switch'} config section.
81 Example:
82
83 \begin{Verbatim}
84 config switch "eth0"
85 option vlan0 "1 2 3 4 5*"
86 option vlan1 "0 5"
87 \end{Verbatim}
88
89 On Broadcom hardware the section name needs to be eth0, as the switch driver
90 does not detect the switch on any other physical device.
91 Every vlan option needs to have the name vlan<n> where <n> is the VLAN number
92 as used in the switch driver.
93 As value it takes a list of ports with these optional suffixes:
94
95 \begin{itemize}
96 \item{\texttt{'*'}:}
97 Set the default VLAN (PVID) of the Port to the current VLAN
98 \item{\texttt{'u'}:}
99 Force the port to be untagged
100 \item{\texttt{'t'}:}
101 Force the port to be tagged
102 \end{itemize}
103
104 The CPU port defaults to tagged, all other ports to untagged.
105 On Broadcom hardware the CPU port is always 5. The other ports may vary with
106 different hardware.
107
108 For instance, if you wish to have 3 vlans, like one 3-port switch, 1 port in a
109 DMZ, and another one as your WAN interface, use the following configuration :
110
111 \begin{Verbatim}
112 config switch "eth0"
113 option vlan0 "1 2 3 5*"
114 option vlan1 "0 5"
115 option vlan2 "4 5"
116 \end{Verbatim}
117
118 Three interfaces will be automatically created using this switch layout :
119 \texttt{eth0.0} (vlan0), \texttt{eth0.1} (vlan1) and \texttt{eth0.2} (vlan2).
120 You can then assign those interfaces to a custom network configuration name
121 like \texttt{lan}, \texttt{wan} or \texttt{dmz} for instance.
122
123 \subsubsection{Setting up IPv6 connectivity}
124
125 OpenWrt supports IPv6 connectivity using PPP, Tunnel brokers or static
126 assignment.
127
128 If you use PPP, IPv6 will be setup using IP6CP and there is nothing to
129 configure.
130
131 To setup an IPv6 tunnel to a tunnel broker, you can install the
132 \texttt{6scripts} package and edit the \texttt{/etc/config/6tunnel}
133 file and change the settings accordingly :
134
135 \begin{Verbatim}
136 config 6tunnel
137 option tnlifname 'sixbone'
138 option remoteip4 '1.0.0.1'
139 option localip4 '1.0.0.2'
140 option localip6 '2001::DEAD::BEEF::1'
141 option prefix '/64'
142 \end{Verbatim}
143
144 \begin{itemize}
145 \item{\texttt{'tnlifname'}:}
146 Set the interface name of the IPv6 in IPv4 tunnel
147 \item{\texttt{'remoteip4'}:}
148 IP address of the remote end to establish the 6in4 tunnel.
149 This address is given by the tunnel broker
150 \item{\texttt{'localip4'}:}
151 IP address of your router to establish the 6in4 tunnel.
152 It will usually match your WAN IP address.
153 \item{\texttt{'localip6'}:}
154 IPv6 address to setup on your tunnel side
155 This address is given by the tunnel broker
156 \item{\texttt{'prefix'}:}
157 IPv6 prefix to setup on the LAN.
158 \end{itemize}
159
160 Using the same package you can also setup an IPv6 bridged connection :
161
162 \begin{Verbatim}
163 config 6bridge
164 option bridge 'br6'
165 \end{Verbatim}
166
167 By default the script bridges the WAN interface with the LAN interface
168 and uses ebtables to filter anything that is not IPv6 on the bridge.
169 This configuration is particularly useful if your router is not
170 IPv6 ND proxy capable (see: http://www.rfc-archive.org/getrfc.php?rfc=4389).
171
172
173 IPv6 static addressing is also supported using a similar setup as
174 IPv4 but with the \texttt{ip6} prefixing (when applicable).
175
176 \begin{Verbatim}
177 config interface "lan"
178 option ifname "eth0"
179 option proto "static"
180 option ip6addr "fe80::200:ff:fe00:0/64"
181 option ip6gw "2001::DEAF:BEE:1"
182 \end{Verbatim}
This page took 0.053451 seconds and 5 git commands to generate.