[system-administrators-guide] Remove: Specific Kernel Module Capabilities
by stephenw
commit f5c0953ba8738d0ae07b8f30c8288dcd8cab2123
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Tue Jul 29 08:59:28 2014 +0200
Remove: Specific Kernel Module Capabilities
Reuse "Using Channel Bonding" in Networking Guide
en-US/Working_with_Kernel_Modules.xml | 412 ---------------------------------
1 files changed, 0 insertions(+), 412 deletions(-)
---
diff --git a/en-US/Working_with_Kernel_Modules.xml b/en-US/Working_with_Kernel_Modules.xml
index b4345e3..e552be6 100644
--- a/en-US/Working_with_Kernel_Modules.xml
+++ b/en-US/Working_with_Kernel_Modules.xml
@@ -510,419 +510,7 @@ fi</programlisting>
<para>Networking and SCSI modules do not generally need to be manually loaded as they have their own particular loading mechanisms.</para>
</note>-->
</section>
- <section
- id="sec-Specific_Kernel_Module_Capabilities">
- <title>Specific Kernel Module Capabilities</title>
- <para>This section explains how to enable specific kernel capabilities using various kernel modules.</para>
- <section
- id="sec-Using_Multiple_Ethernet_Cards">
- <title>Using Multiple Ethernet Cards</title>
- <indexterm>
- <primary>kernel module</primary>
- <secondary>Ethernet module</secondary>
- <tertiary>supporting multiple cards</tertiary>
- </indexterm>
- <para>It is possible to use multiple Ethernet cards on a single machine. For each card there must be an <command>alias</command> and, possibly, <command>options</command> lines for each card in a user-created <filename><replaceable>module_name</replaceable>.conf</filename> file in the <filename>/etc/modprobe.d/</filename> directory.</para>
- <para>For additional information about using multiple Ethernet cards, refer to the <citetitle>Linux Ethernet-HOWTO</citetitle> online at <ulink
- url="http://www.redhat.com/mirrors/LDP/HOWTO/Ethernet-HOWTO.html">http://www.redhat.com/mirrors/LDP/HOWTO/Ethernet-HOWTO.html</ulink>.</para>
- </section>
- <section
- id="sec-Using_Channel_Bonding">
- <title>Using Channel Bonding</title>
- <indexterm>
- <primary>kernel module</primary>
- <secondary>bonding module</secondary>
- <tertiary>description</tertiary>
- </indexterm>
- <indexterm>
- <primary>channel bonding</primary>
- <secondary>description</secondary>
- </indexterm>
- <indexterm>
- <primary>bonding</primary>
- <see>channel bonding</see>
- </indexterm>
- <indexterm>
- <primary>NIC</primary>
- <secondary>binding into single channel</secondary>
- </indexterm>
- <indexterm>
- <primary>channel bonding interface</primary>
- <see>kernel module</see>
- </indexterm>
- <para>&MAJOROS; allows administrators to bind NICs together into a single channel using the <filename>bonding</filename> kernel module and a special network interface, called a <firstterm>channel bonding interface</firstterm>. Channel bonding enables two or more network interfaces to act as one, simultaneously increasing the bandwidth and providing redundancy.</para>
- <indexterm>
- <primary>kernel module</primary>
- <secondary>bonding module</secondary>
- </indexterm>
- <indexterm>
- <primary>channel bonding</primary>
- <secondary>configuration</secondary>
- </indexterm>
- <para>To channel bond multiple network interfaces, the administrator must perform the following steps:</para>
- <orderedlist
- continuation="restarts"
- inheritnum="ignore">
- <listitem>
- <para>Configure a channel bonding interface as outlined in the <citetitle pubwork="book">Fedora Networking Guide</citetitle>.</para>
- </listitem>
- <listitem>
- <para>To enhance performance, adjust available module options to ascertain what combination works best. Pay particular attention to the <command>miimon</command> or <command>arp_interval</command> and the <command>arp_ip_target</command> parameters. Refer to <xref
- linkend="s3-modules-bonding-directives"/> for a list of available options and how to quickly determine the best ones for your bonded interface.</para>
- </listitem>
- </orderedlist>
- <section
- id="s3-modules-bonding-directives">
- <title>Bonding Module Directives</title>
- <indexterm>
- <primary>kernel module</primary>
- <secondary>bonding module</secondary>
- <tertiary>parameters to bonded interfaces</tertiary>
- </indexterm>
- <indexterm>
- <primary>kernel module</primary>
- <secondary>module parameters</secondary>
- <tertiary>bonding module parameters</tertiary>
- </indexterm>
- <indexterm>
- <primary>channel bonding</primary>
- <secondary>parameters to bonded interfaces</secondary>
- </indexterm>
- <para>It is a good idea to test which channel bonding module parameters work best for your bonded interfaces before adding them to the <parameter
- class="option">BONDING_OPTS="<replaceable>bonding parameters</replaceable>"</parameter> directive in your bonding interface configuration file (<filename>ifcfg-bond0</filename> for example). Parameters to bonded interfaces can be configured without unloading (and reloading) the bonding module by manipulating files in the <systemitem
- class="filesystem">sysfs</systemitem> file system.</para>
- <para>
- <systemitem
- class="filesystem">sysfs</systemitem> is a virtual file system that represents kernel objects as directories, files and symbolic links. <systemitem
- class="filesystem">sysfs</systemitem> can be used to query for information about kernel objects, and can also manipulate those objects through the use of normal file system commands. The <systemitem
- class="filesystem">sysfs</systemitem> virtual file system has a line in <filename>/etc/fstab</filename>, and is mounted under the <filename>/sys/</filename> directory. All bonding interfaces can be configured dynamically by interacting with and manipulating files under the <filename>/sys/class/net/</filename> directory. </para>
- <para>In order to determine the best parameters for your bonding interface, create a channel bonding interface file such as <filename>ifcfg-bond0</filename> by following the instructions in the <citetitle pubwork="book">Fedora Networking Guide</citetitle>. Insert the <parameter
- class="option">SLAVE=yes</parameter> and <parameter
- class="option">MASTER=bond0</parameter> directives in the configuration files for each interface bonded to bond0. Once this is completed, you can proceed to testing the parameters.</para>
- <para>First, bring up the bond you created by running <command>ifconfig <option>bond<replaceable>N</replaceable></option> <option>up</option></command> as <systemitem class="username">root</systemitem>:</para>
- <screen>~]# <command>ifconfig bond0 up</command>
- </screen>
- <para>If you have correctly created the <filename>ifcfg-bond0</filename> bonding interface file, you will be able to see <computeroutput>bond0</computeroutput> listed in the output of running <command>ifconfig</command> (without any options):</para>
- <screen>~]# <command>ifconfig</command>
-bond0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
- UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
-eth0 Link encap:Ethernet HWaddr 52:54:00:26:9E:F1
- inet addr:192.168.122.251 Bcast:192.168.122.255 Mask:255.255.255.0
- inet6 addr: fe80::5054:ff:fe26:9ef1/64 Scope:Link
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:207 errors:0 dropped:0 overruns:0 frame:0
- TX packets:205 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:1000
- RX bytes:70374 (68.7 KiB) TX bytes:25298 (24.7 KiB)
-<lineannotation>[output truncated]</lineannotation>
- </screen>
- <para>To view all existing bonds, even if they are not up, run:</para>
- <screen>~]# <command>cat /sys/class/net/bonding_masters</command>
-bond0</screen>
- <para>You can configure each bond individually by manipulating the files located in the <filename>/sys/class/net/bond<replaceable>N</replaceable>/bonding/</filename> directory. First, the bond you are configuring must be taken down:</para>
- <screen>~]# <command>ifconfig bond0 down</command>
- </screen>
- <para>As an example, to enable MII monitoring on bond0 with a 1 second interval, you could run (as <systemitem class="username">root</systemitem>):</para>
- <screen>~]# <command>echo 1000 > /sys/class/net/bond0/bonding/miimon</command>
- </screen>
- <para>To configure bond0 for <parameter
- class="option">balance-alb</parameter> mode, you could run either:</para>
- <screen>~]# <command>echo 6 > /sys/class/net/bond0/bonding/mode</command>
- </screen>
- <para>...or, using the name of the mode:</para>
- <screen>~]# <command>echo balance-alb > /sys/class/net/bond0/bonding/mode</command>
- </screen>
- <para>After configuring options for the bond in question, you can bring it up and test it by running <command>ifconfig bond<replaceable>N</replaceable> <option>up</option>
- </command>. If you decide to change the options, take the interface down, modify its parameters using <systemitem
- class="filesystem">sysfs</systemitem>, bring it back up, and re-test.</para>
- <para>Once you have determined the best set of parameters for your bond, add those parameters as a space-separated list to the <parameter
- class="option">BONDING_OPTS=</parameter> directive of the <filename>/etc/sysconfig/network-scripts/ifcfg-bond<replaceable>N</replaceable>
- </filename> file for the bonding interface you are configuring. Whenever that bond is brought up (for example, by the system during the boot sequence if the <parameter
- class="option">ONBOOT=yes</parameter> directive is set), the bonding options specified in the <parameter
- class="option">BONDING_OPTS</parameter> will take effect for that bond. For more information on configuring bonding interfaces (and <parameter
- class="option">BONDING_OPTS</parameter>), refer to the <citetitle pubwork="book">Fedora Networking Guide</citetitle>.</para>
- <para>The following list provides the names of many of the more common channel bonding parameters, along with a descriptions of what they do. For more information, refer to the brief descriptions for each <computeroutput>parm</computeroutput> in <command>modinfo bonding</command> output, or the exhaustive descriptions in the <filename>bonding.txt</filename> file in the <package>kernel-doc</package> package (see <xref
- linkend="s1-kernel-modules-additional-resources"/>).</para>
- <variablelist
- spacing="compact">
- <title>Bonding Interface Parameters</title>
- <varlistentry>
- <term>
- <literal>arp_interval=<replaceable>time_in_milliseconds</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies (in milliseconds) how often ARP monitoring occurs.</para>
- <important>
- <title>Make sure you specify all required parameters</title>
- <para>It is essential that both <literal>arp_interval</literal> and <literal>arp_ip_target</literal> parameters are specified, or, alternatively, the <literal>miimon</literal> parameter is specified. Failure to do so can cause degradation of network performance in the event that a link fails.</para>
- </important>
- <para>If using this setting while in <literal>mode=0</literal> or <literal>mode=2</literal> (the two load-balancing modes), the network switch must be configured to distribute packets evenly across the NICs. For more information on how to accomplish this, refer to <filename>/usr/share/doc/kernel-doc-<replaceable>kernel_version</replaceable>/Documentation/networking/bonding.txt</filename>
- </para>
- <para>The value is set to <userinput>0</userinput> by default, which disables it.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>arp_ip_target=<replaceable>ip_address</replaceable><optional>,<replaceable>ip_address_2</replaceable>,…<replaceable>ip_address_16</replaceable></optional>
- </literal>
- </term>
- <listitem>
- <para>Specifies the target IP address of ARP requests when the <literal>arp_interval</literal> parameter is enabled. Up to 16 IP addresses can be specified in a comma separated list.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>arp_validate=<replaceable>value</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Validate source/distribution of ARP probes; default is <userinput>none</userinput>. Other valid values are <userinput>active</userinput>, <userinput>backup</userinput>, and <userinput>all</userinput>.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>debug=<replaceable>number</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Enables debug messages. Possible values are:</para>
- <itemizedlist>
- <listitem>
- <para>
- <userinput>0</userinput> — Debug messages are disabled. This is the default.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>1</userinput> — Debug messages are enabled.</para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>downdelay=<replaceable>time_in_milliseconds</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies (in milliseconds) how long to wait after link failure before disabling the link. The value must be a multiple of the value specified in the <literal>miimon</literal> parameter. The value is set to <userinput>0</userinput> by default, which disables it.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>lacp_rate=<replaceable>value</replaceable>
- </term>
- <listitem>
- <para>Specifies the rate at which link partners should transmit LACPDU packets in 802.3ad mode. Possible values are:</para>
- <itemizedlist>
- <listitem>
- <para>
- <userinput>slow</userinput> or <userinput>0</userinput> — Default setting. This specifies that partners should transmit LACPDUs every 30 seconds.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>fast</userinput> or <userinput>1</userinput> — Specifies that partners should transmit LACPDUs every 1 second.</para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>miimon=<replaceable>time_in_milliseconds</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies (in milliseconds) how often MII link monitoring occurs. This is useful if high availability is required because MII is used to verify that the NIC is active. To verify that the driver for a particular NIC supports the MII tool, type the following command as <systemitem class="username">root</systemitem>:</para>
- <screen>~]# <command>ethtool <replaceable>interface_name</replaceable> | grep "Link detected:"</command>
- </screen>
- <para>In this command, replace <replaceable>interface_name</replaceable> with the name of the device interface, such as <userinput>eth0</userinput>, not the bond interface. If MII is supported, the command returns:</para>
- <screen>Link detected: yes</screen>
- <para>If using a bonded interface for high availability, the module for each NIC must support MII. Setting the value to <userinput>0</userinput> (the default), turns this feature off. When configuring this setting, a good starting point for this parameter is <userinput>100</userinput>.</para>
- <important>
- <title>Make sure you specify all required parameters</title>
- <para>It is essential that both <literal>arp_interval</literal> and <literal>arp_ip_target</literal> parameters are specified, or, alternatively, the <literal>miimon</literal> parameter is specified. Failure to do so can cause degradation of network performance in the event that a link fails.</para>
- </important>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>mode=<replaceable>value</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Allows you to specify the bonding policy. The <replaceable>value</replaceable> can be one of:</para>
- <itemizedlist>
- <listitem>
- <para>
- <userinput>balance-rr</userinput> or <userinput>0</userinput> — Sets a round-robin policy for fault tolerance and load balancing. Transmissions are received and sent out sequentially on each bonded slave interface beginning with the first one available.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>active-backup</userinput> or <userinput>1</userinput> — Sets an active-backup policy for fault tolerance. Transmissions are received and sent out via the first available bonded slave interface. Another bonded slave interface is only used if the active bonded slave interface fails.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>balance-xor</userinput> or <userinput>2</userinput> — Sets an XOR (exclusive-or) policy for fault tolerance and load balancing. Using this method, the interface matches up the incoming request's MAC address with the MAC address for one of the slave NICs. Once this link is established, transmissions are sent out sequentially beginning with the first available interface.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>broadcast</userinput> or <userinput>3</userinput> — Sets a broadcast policy for fault tolerance. All transmissions are sent on all slave interfaces.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>802.3ad</userinput> or <userinput>4</userinput> — Sets an IEEE 802.3ad dynamic link aggregation policy. Creates aggregation groups that share the same speed and duplex settings. Transmits and receives on all slaves in the active aggregator. Requires a switch that is 802.3ad compliant.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>balance-tlb</userinput> or <userinput>5</userinput> — Sets a Transmit Load Balancing (TLB) policy for fault tolerance and load balancing. The outgoing traffic is distributed according to the current load on each slave interface. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed slave.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>balance-alb</userinput> or <userinput>6</userinput> — Sets an Active Load Balancing (ALB) policy for fault tolerance and load balancing. Includes transmit and receive load balancing for IPV4 traffic. Receive load balancing is achieved through ARP negotiation.</para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>num_unsol_na=<replaceable>number</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies the number of unsolicited IPv6 Neighbor Advertisements to be issued after a failover event. One unsolicited NA is issued immediately after the failover.</para>
- <para>The valid range is <userinput>0 - 255</userinput>; the default value is <userinput>1</userinput>. This parameter affects only the active-backup mode.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>primary=<replaceable>interface_name</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies the interface name, such as <userinput>eth0</userinput>, of the primary device. The <literal>primary</literal> device is the first of the bonding interfaces to be used and is not abandoned unless it fails. This setting is particularly useful when one NIC in the bonding interface is faster and, therefore, able to handle a bigger load.</para>
- <para>This setting is only valid when the bonding interface is in <userinput>active-backup</userinput> mode. Refer to <filename> /usr/share/doc/kernel-doc-<replaceable>kernel-version</replaceable>/Documentation/networking/bonding.txt</filename> for more information.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>primary_reselect=<replaceable>value</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies the reselection policy for the primary slave. This affects how the primary slave is chosen to become the active slave when failure of the active slave or recovery of the primary slave occurs. This parameter is designed to prevent flip-flopping between the primary slave and other slaves. Possible values are:</para>
- <itemizedlist>
- <listitem>
- <para>
- <userinput>always</userinput> or <userinput>0</userinput> (default) — The primary slave becomes the active slave whenever it comes back up.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>better</userinput> or <userinput>1</userinput> — The primary slave becomes the active slave when it comes back up, if the speed and duplex of the primary slave is better than the speed and duplex of the current active slave.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>failure</userinput> or <userinput>2</userinput> — The primary slave becomes the active slave only if the current active slave fails and the primary slave is up.</para>
- </listitem>
- </itemizedlist>
- <para>The <literal>primary_reselect</literal> setting is ignored in two cases:</para>
- <itemizedlist>
- <listitem>
- <para>If no slaves are active, the first slave to recover is made the active slave.</para>
- </listitem>
- <listitem>
- <para>When initially enslaved, the primary slave is always made the active slave.</para>
- </listitem>
- </itemizedlist>
- <!-- <para>If no slaves are active, the first slave to recover is made the active slave.</para>
- <para>When initially enslaved, the primary slave is always made the active slave.</para>-->
- <para>Changing the <literal>primary_reselect</literal> policy via <systemitem
- class="filesystem">sysfs</systemitem> will cause an immediate selection of the best active slave according to the new policy. This may or may not result in a change of the active slave, depending upon the circumstances</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>updelay=<replaceable>time_in_milliseconds</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies (in milliseconds) how long to wait before enabling a link. The value must be a multiple of the value specified in the <literal>miimon</literal> parameter. The value is set to <userinput>0</userinput> by default, which disables it.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>use_carrier=<replaceable>number</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Specifies whether or not <literal>miimon</literal> should use MII/ETHTOOL ioctls or <function>netif_carrier_ok()</function> to determine the link state. The <function>netif_carrier_ok()</function> function relies on the device driver to maintains its state with <literal>netif_carrier_<replaceable>on/off</replaceable>
- </literal>; most device drivers support this function.</para>
- <para>The MII/ETHROOL ioctls tools utilize a deprecated calling sequence within the kernel. However, this is still configurable in case your device driver does not support <literal>netif_carrier_<replaceable>on/off</replaceable>
- </literal>.</para>
- <para>Valid values are:</para>
- <itemizedlist>
- <listitem>
- <para>
- <userinput>1</userinput> — Default setting. Enables the use of <function>netif_carrier_ok()</function>.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>0</userinput> — Enables the use of MII/ETHTOOL ioctls.</para>
- </listitem>
- </itemizedlist>
- <note>
- <para>If the bonding interface insists that the link is up when it should not be, it is possible that your network device driver does not support <literal>netif_carrier_<replaceable>on/off</replaceable></literal>.</para>
- </note>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <literal>xmit_hash_policy=<replaceable>value</replaceable>
- </literal>
- </term>
- <listitem>
- <para>Selects the transmit hash policy used for slave selection in <userinput>balance-xor</userinput> and <userinput>802.3ad</userinput> modes. Possible values are:</para>
- <itemizedlist>
- <listitem>
- <para>
- <userinput>0</userinput> or <userinput>layer2</userinput> — Default setting. This parameter uses the XOR of hardware MAC addresses to generate the hash. The formula used is:</para>
- <screen>(<replaceable>source_MAC_address</replaceable> XOR <replaceable>destination_MAC</replaceable>) MODULO <replaceable>slave_count</replaceable>
- </screen>
- <para>This algorithm will place all traffic to a particular network peer on the same slave, and is 802.3ad compliant.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>1</userinput> or <userinput>layer3+4</userinput> — Uses upper layer protocol information (when available) to generate the hash. This allows for traffic to a particular network peer to span multiple slaves, although a single connection will not span multiple slaves.</para>
- <para>The formula for unfragmented TCP and UDP packets used is:</para>
- <screen>((<replaceable>source_port</replaceable> XOR <replaceable>dest_port</replaceable>) XOR
- ((<replaceable>source_IP</replaceable> XOR <replaceable>dest_IP</replaceable>) AND <constant>0xffff</constant>)
- MODULO <replaceable>slave_count</replaceable>
- </screen>
- <para>For fragmented TCP or UDP packets and all other IP protocol traffic, the source and destination port information is omitted. For non-IP traffic, the formula is the same as the <command>layer2</command> transmit hash policy.</para>
- <para>This policy intends to mimic the behavior of certain switches; particularly, Cisco switches with PFC2 as well as some Foundry and IBM products.</para>
- <para>The algorithm used by this policy is not 802.3ad compliant.</para>
- </listitem>
- <listitem>
- <para>
- <userinput>2</userinput> or <userinput>layer2+3</userinput> — Uses a combination of layer2 and layer3 protocol information to generate the hash.</para>
- <para>Uses XOR of hardware MAC addresses and IP addresses to generate the hash. The formula is:</para>
- <screen>(((<replaceable>source_IP</replaceable> XOR <replaceable>dest_IP</replaceable>) AND <constant>0xffff</constant>) XOR
- ( <replaceable>source_MAC</replaceable> XOR <replaceable>destination_MAC</replaceable> ))
- MODULO <replaceable>slave_count</replaceable>
- </screen>
- <para>This algorithm will place all traffic to a particular network peer on the same slave. For non-IP traffic, the formula is the same as for the layer2 transmit hash policy.</para>
- <para>This policy is intended to provide a more balanced distribution of traffic than layer2 alone, especially in environments where a layer3 gateway device is required to reach most destinations.</para>
- <para>This algorithm is 802.3ad compliant.</para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- </variablelist>
- </section>
- </section>
</section>
<section
id="s1-kernel-modules-additional-resources">
9 years, 9 months
- 1
- 0
[networking-guide] master: Add: Naming Scheme for VLAN Interfaces (0bc9a06)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 0bc9a06e835209106507f5b11984cd3a0eb55f95
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 23:11:11 2014 +0200
Add: Naming Scheme for VLAN Interfaces
>---------------------------------------------------------------
en-US/Consistent_Network_Device_Naming.xml | 48 ++++++++++++++++++++++++++++
1 files changed, 48 insertions(+), 0 deletions(-)
diff --git a/en-US/Consistent_Network_Device_Naming.xml b/en-US/Consistent_Network_Device_Naming.xml
index 481d783..1e75ba5 100644
--- a/en-US/Consistent_Network_Device_Naming.xml
+++ b/en-US/Consistent_Network_Device_Naming.xml
@@ -235,6 +235,54 @@ Use the <command>znetconf -c</command> command or the <command>lscss -a</command
</table>
</section>
+ <section id="sec-Naming_Scheme_for_VLAN_Interfaces">
+ <title>Naming Scheme for VLAN Interfaces</title>
+ <para>
+ Traditionally, VLAN interface names in the format: <replaceable>interface-name</replaceable>.<replaceable>VLAN-ID</replaceable> are used. The <literal>VLAN-ID</literal> ranges from <literal>0</literal> to <literal>4096</literal>, which is a maximum of four characters and the total interface name has a limit of 15 characters. The maximum interface name length is defined by the kernel headers and is a global limit, affecting all applications.
+ </para>
+
+ <para>
+ In Fedora, four naming conventions for VLAN interface names are supported:
+ </para>
+<variablelist>
+
+ <varlistentry>
+ <term>VLAN plus VLAN ID <!--vlan=VLAN_PLUS_VID--></term>
+ <listitem>
+ <para>
+ The word <literal>vlan</literal> plus the VLAN ID. For example: vlan0005
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>VLAN plus VLAN ID without padding<!--vlan=VLAN_PLUS_VID_NO_PAD--></term>
+ <listitem>
+ <para>
+The word <literal>vlan</literal> plus the VLAN ID with out padding by means of an additional two zeros. For example: vlan5
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Device name plus VLAN ID<!--vlan=DEV_PLUS_VID--></term>
+ <listitem>
+ <para>
+The name of the parent interface plus the VLAN ID. For example: eth0.0005
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>Device name plus VLAN ID without padding<!--vlan=DEV_PLUS_VID_NO_PAD--></term>
+ <listitem>
+ <para>
+The name of the parent interface plus the VLAN ID with out padding by means of an additional two zeros. For example: eth0.05
+ </para>
+ </listitem>
+ </varlistentry>
+</variablelist>
+
+
+ </section>
+
<section id="sec-Consistent_Network_Device_Naming_Using_biosdevname">
<title>Consistent Network Device Naming Using biosdevname</title>
<para>
9 years, 9 months
- 1
- 0
[networking-guide] master: Consistent Network Device Naming (5bd1ec6)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 5bd1ec65908e0a5ece34249264a11e1fa49db483
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 23:09:06 2014 +0200
Consistent Network Device Naming
misc. improvments after review
>---------------------------------------------------------------
en-US/Consistent_Network_Device_Naming.xml | 38 ++++++++++++++++-----------
1 files changed, 22 insertions(+), 16 deletions(-)
diff --git a/en-US/Consistent_Network_Device_Naming.xml b/en-US/Consistent_Network_Device_Naming.xml
index d6aea54..481d783 100644
--- a/en-US/Consistent_Network_Device_Naming.xml
+++ b/en-US/Consistent_Network_Device_Naming.xml
@@ -13,10 +13,11 @@
Traditionally, network interfaces in Linux are enumerated as <interfacename>eth[0123…]</interfacename>, but these names do not necessarily correspond to actual labels on the chassis. Modern server platforms with multiple network adapters can encounter non-deterministic and counter-intuitive naming of these interfaces. This affects both network adapters embedded on the motherboard (<firstterm>Lan-on-Motherboard</firstterm>, or <firstterm><acronym>LOM</acronym></firstterm>) and add-in (single and multiport) adapters.
</para>
<para>
- In &MAJOROSVER;, <systemitem class="daemon">systemd</systemitem> and <systemitem class="daemon">udevd</systemitem> support a number of different naming schemes. The default is to assign fixed names based on firmware, topology, and location information. This has the advantage that the names are fully automatic, fully predictable, that they stay fixed even if hardware is added or removed (no re-enumeration takes place), and that broken hardware can be replaced seamlessly. The disadvantage is that they are sometimes harder to read than the <interface>eth0</interface> or <interface>wlan0</interface> everybody is used to. For example: <interface>enp5s0</interface>.
+ In &MAJOROSVER;, <systemitem class="daemon">systemd</systemitem> and <application>udev</application> support a number of different naming schemes. The default is to assign fixed names based on firmware, topology, and location information. This has the advantage that the names are fully automatic, fully predictable, that they stay fixed even if hardware is added or removed (no re-enumeration takes place), and that broken hardware can be replaced seamlessly. The disadvantage is that they are sometimes harder to read than the <interface>eth0</interface> or <interface>wlan0</interface> names traditionally used. For example: <interface>enp5s0</interface>.
</para>
+ <bridgehead id="bh-Naming_Schemes_for_Network_Interfaces">Naming Schemes for Network Interfaces</bridgehead>
<para>
- The following different naming schemes for network interfaces are now supported by <systemitem class="daemon">udevd</systemitem> natively:
+ The following different naming schemes for network interfaces are now supported by <application>udev</application> natively:
<orderedlist>
<listitem>
<para>
@@ -80,7 +81,7 @@ By default, <systemitem class="daemon">systemd</systemitem> will name interfaces
</para>
<para>
- This policy, the procedure outlined above, is the default. If the system has <application>BIOSDEVNAME</application> enabled, it will take precedence. If the user has added <systemitem class="daemon">udevd</systemitem> rules which change the name of the kernel devices, those rules will take precedence too.
+ This policy, the procedure outlined above, is the default. If the system has <application>biosdevname</application> enabled, it will take precedence. Note that enabling <application>biosdevname</application> requires passing <command>biosdevname=1</command> as a command line parameter except in the case of a Dell system, where <application>biosdevname</application> will be used by default as long as it is installed. If the user has added <application>udev</application> rules which change the name of the kernel devices, those rules will take precedence too.
</para>
<section id="sec-Understanding_the_Device_Renaming_Procedure">
@@ -186,7 +187,7 @@ By default, <systemitem class="daemon">systemd</systemitem> will name interfaces
</listitem>
<listitem>
<para>
- The USB configuration descriptors == 1 and USB configuration descriptors == 0 values are suppressed.
+ The USB configuration descriptors == 1 and USB interface descriptors == 0 values are suppressed (configuration == 1 and interface == 0 are the default values if only one USB configuration or interface exists).
</para>
</listitem>
</itemizedlist>
@@ -197,16 +198,16 @@ By default, <systemitem class="daemon">systemd</systemitem> will name interfaces
<section id="sec-Naming_Scheme_for_Network_Devices_Available_for_Linux_on_System_z">
<title>Naming Scheme for Network Devices Available for Linux on System z</title>
<para>
- Use the bus-ID to create predictable devices names for network interfaces on Linux on System z instances. The bus-ID identifies a device in the s390 channel subsystem. A bus ID identifies the device within the scope of a Linux instance. For a CCW device, the bus ID is the device's device number with a leading <literal>0.n</literal>, where <literal>n</literal> is the subchannel set ID. For example, <literal>0.1.0ab1</literal>.
+ Use the bus-ID to create predictable device names for network interfaces in Linux on System z instances. The bus-ID identifies a device in the s390 channel subsystem. A bus ID identifies the device within the scope of a Linux instance. For a CCW device, the bus ID is the device's device number with a leading <literal>0.n</literal>, where <literal>n</literal> is the subchannel set ID. For example, <literal>0.1.0ab1</literal>.
</para>
<para>
Network interfaces of device type Ethernet are named as follows:
<synopsis>enccw<replaceable>0</replaceable>.<replaceable>0</replaceable>.<replaceable>1234</replaceable></synopsis>
-Use the <command>znetconf -c</command> command or the <command>lscss -a</command> command to display available network devices and their bus-IDs.
</para>
<para>
CTC network devices of device type SLIP are named as follows:
- <synopsis>slccw<replaceable>0</replaceable>.<replaceable>0</replaceable>.<replaceable>1234</replaceable></synopsis>
+ <synopsis>slccw<replaceable>0</replaceable>.<replaceable>0</replaceable>.<replaceable>1234</replaceable></synopsis></para>
+ <para>
Use the <command>znetconf -c</command> command or the <command>lscss -a</command> command to display available network devices and their bus-IDs.
</para>
<table id="Device_Name_Types_for_Linux_on_System_z">
@@ -234,13 +235,13 @@ Use the <command>znetconf -c</command> command or the <command>lscss -a</command
</table>
</section>
- <section id="sec-Consistent_Network_Device_Naming_Using_BIOSDEVNAME">
- <title>Consistent Network Device Naming Using BIOSDEVNAME</title>
+ <section id="sec-Consistent_Network_Device_Naming_Using_biosdevname">
+ <title>Consistent Network Device Naming Using biosdevname</title>
<para>
- This feature, implemented via the <application>biosdevname</application> program, will change the name of all embedded network interfaces, PCI card network interfaces, and virtual function network interfaces from the existing <interfacename>eth[0123…]</interfacename> to the new naming convention as shown in <xref linkend="tabl-sec-Consistent_Network_Device_Naming_BIOSDEVNAME" />.
+ This feature, implemented via the <application>biosdevname</application> <application>udev</application> helper utility, will change the name of all embedded network interfaces, PCI card network interfaces, and virtual function network interfaces from the existing <interfacename>eth[0123…]</interfacename> to the new naming convention as shown in <xref linkend="tabl-Consistent_Network_Device_Naming_biosdevname" />. Note that unless the system is a Dell system, or <application>biosdevname</application> explicitly enabled as described in <xref linkend="sec-Consistent_Network_Device_Naming-Enabling_and_Disabling" />, the <systemitem class="daemon">systemd</systemitem> naming scheme will take precedence.
</para>
- <table id="tabl-sec-Consistent_Network_Device_Naming_BIOSDEVNAME">
- <title>The BIOSDEVNAME naming convention</title>
+ <table id="tabl-Consistent_Network_Device_Naming_biosdevname">
+ <title>The biosdevname Naming Convention</title>
<tgroup cols="3">
<colspec colname="device" colnum="1" colwidth="35*" />
<colspec colname="old" colnum="2" colwidth="15*" />
@@ -318,7 +319,7 @@ Use the <command>znetconf -c</command> command or the <command>lscss -a</command
</para>
<screen><option>biosdevname=1</option></screen>
<para>
- Unless the system meets the minimum requirements, this option will be ignored and the system will boot with the traditional network interface name format.
+ Unless the system meets the minimum requirements, this option will be ignored and the system will use the <systemitem class="daemon">systemd</systemitem> naming scheme as described in the beginning of the chapter.
</para>
<para>
If the <option>biosdevname</option> install option is specified, it must remain as a boot option for the lifetime of the system.
@@ -332,6 +333,11 @@ Use the <command>znetconf -c</command> command or the <command>lscss -a</command
<para>
Many system customization files can include network interface names, and thus will require updates if moving a system from the old convention to the new convention. If you use the new naming convention, you will also need to update network interface names in areas such as custom iptables rules, scripts altering irqbalance, and other similar configuration files. Also, enabling this change for installation will require modification to existing kickstart files that use device names via the <option>ksdevice</option> parameter; these kickstart files will need to be updated to use the network device's MAC address or the network device's new name.
</para>
+ <note>
+ <para>
+ The maximum interface name length is defined by the kernel headers and is a global limit, affecting all applications.
+ </para>
+ </note>
</section>
@@ -370,7 +376,7 @@ The name provided by <systemitem class="daemon">systemd-udev</systemitem> will b
<!-- "Topics, Tasks" section -->
- <section id="sec-Disabling_sec-Consistent_Network_Device_Naming">
+ <section id="sec-Disabling_Consistent_Network_Device_Naming">
<title>Disabling Consistent Network Device Naming</title>
<para>
@@ -378,13 +384,13 @@ The name provided by <systemitem class="daemon">systemd-udev</systemitem> will b
<itemizedlist>
<listitem>
<para>
- Disable the assignment of fixed names, so that the unpredictable kernel names are used again, by masking <systemitem class="daemon">udev</systemitem>'s rule file for the default policy. This <quote>masking</quote> can be done by making a symbolic link to <filename>/dev/null</filename>. As <systemitem class="username">root</systemitem>, issue a command as follows:
+ Disable the assignment of fixed names, so that the unpredictable kernel names are used again, by masking <application>udev</application>'s rule file for the default policy. This <quote>masking</quote> can be done by making a symbolic link to <filename>/dev/null</filename>. As <systemitem class="username">root</systemitem>, issue a command as follows:
<screen>~]# <command>ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules</command></screen>
</para>
</listitem>
<listitem>
<para>
- Create your own manual naming scheme, for example by naming your interfaces <quote>internet0</quote>, <quote>dmz0</quote> or <quote>lan0</quote>. To do that create your own <systemitem class="daemon">udev</systemitem> rules file and set the NAME property for the devices. Make sure to order it before the default policy file, for example by naming it <filename>/etc/udev/rules.d/70-my-net-names.rules</filename>.
+ Create your own manual naming scheme, for example by naming your interfaces <quote>internet0</quote>, <quote>dmz0</quote> or <quote>lan0</quote>. To do that create your own <application>udev</application> rules file and set the NAME property for the devices. Make sure to order it before the default policy file, for example by naming it <filename>/etc/udev/rules.d/70-my-net-names.rules</filename>.
</para>
</listitem>
<listitem>
9 years, 9 months
- 1
- 0
[networking-guide] master: Improve "Naming Schemes Hierarchy" (a2703d0)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit a2703d052f3469e3263e48434668381d1f474fdc
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 23:07:37 2014 +0200
Improve "Naming Schemes Hierarchy"
>---------------------------------------------------------------
en-US/Consistent_Network_Device_Naming.xml | 21 ++++++++++++---------
1 files changed, 12 insertions(+), 9 deletions(-)
diff --git a/en-US/Consistent_Network_Device_Naming.xml b/en-US/Consistent_Network_Device_Naming.xml
index 4bba7cf..d6aea54 100644
--- a/en-US/Consistent_Network_Device_Naming.xml
+++ b/en-US/Consistent_Network_Device_Naming.xml
@@ -44,37 +44,40 @@
</para>
</listitem>
</orderedlist>
-By default, <systemitem class="daemon">systemd</systemitem> will name interfaces using the following policy to apply the schemes listed above:
-<orderedlist>
+</para>
+<bridgehead id="bh-Naming_Schemes_Hierarchy">Naming Schemes Hierarchy</bridgehead>
+<para>
+By default, <systemitem class="daemon">systemd</systemitem> will name interfaces using the following policy to apply the naming schemes listed above :
+<itemizedlist>
<listitem>
<para>
- Use scheme 1 if that information from the firmware is applicable and available, falling back to scheme 2;
+ <emphasis role="bold">Scheme 1:</emphasis> Names incorporating Firmware or BIOS provided index numbers for on-board devices (example: <literal>eno1</literal>), are applied if that information from the firmware or BIOS is applicable and available, else falling back to scheme 2;
</para>
</listitem>
<listitem>
<para>
- Use scheme 2 if that information from the firmware is applicable and available, falling back to scheme 3;
+ <emphasis role="bold">Scheme 2:</emphasis> Names incorporating Firmware or BIOS provided PCI Express hotplug slot index numbers (example: <literal>ens1</literal>) are applied if that information from the firmware or BIOS is applicable and available, else falling back to scheme 3;
</para>
</listitem>
<listitem>
<para>
- Use scheme 3 if applicable, falling back to scheme 5 in all other cases;
+ <emphasis role="bold">Scheme 3:</emphasis> Names incorporating physical location of the connector of the hardware (example: <literal>enp2s0</literal>), are applied if applicable, else falling directly back to scheme 5 in all other cases;
</para>
</listitem>
<listitem>
<para>
- Scheme 4 is not used by default, but is available if the user chooses;
+ <emphasis role="bold">Scheme 4:</emphasis> Names incorporating interface's MAC address, is not used by default, but is available if the user chooses;
</para>
</listitem>
<listitem>
<para>
- Scheme 5 is used if all other methods fail.
+ <emphasis role="bold">Scheme 5:</emphasis> The traditional unpredictable kernel naming scheme, is used if all other methods fail.
</para>
</listitem>
-</orderedlist>
+</itemizedlist>
- </para>
+</para>
<para>
This policy, the procedure outlined above, is the default. If the system has <application>BIOSDEVNAME</application> enabled, it will take precedence. If the user has added <systemitem class="daemon">udevd</systemitem> rules which change the name of the kernel devices, those rules will take precedence too.
9 years, 9 months
- 1
- 0
[networking-guide] master: Move "Understanding the Device Renaming Procedure" (876cd14)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 876cd1419206004b0d32a0f064fef435ad254dcb
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 23:05:57 2014 +0200
Move "Understanding the Device Renaming Procedure"
Based on feedback from jskotka
>---------------------------------------------------------------
en-US/Consistent_Network_Device_Naming.xml | 58 ++++++++++++++-------------
1 files changed, 30 insertions(+), 28 deletions(-)
diff --git a/en-US/Consistent_Network_Device_Naming.xml b/en-US/Consistent_Network_Device_Naming.xml
index 498616e..4bba7cf 100644
--- a/en-US/Consistent_Network_Device_Naming.xml
+++ b/en-US/Consistent_Network_Device_Naming.xml
@@ -80,6 +80,35 @@ By default, <systemitem class="daemon">systemd</systemitem> will name interfaces
This policy, the procedure outlined above, is the default. If the system has <application>BIOSDEVNAME</application> enabled, it will take precedence. If the user has added <systemitem class="daemon">udevd</systemitem> rules which change the name of the kernel devices, those rules will take precedence too.
</para>
+ <section id="sec-Understanding_the_Device_Renaming_Procedure">
+ <title>Understanding the Device Renaming Procedure</title>
+<para>
+ The device name procedure in detail is as follows:
+</para>
+<procedure>
+ <step>
+ <para>
+ A rule in <filename>/usr/lib/udev/rules.d/60-net.rules</filename> instructs the <application>udev</application> helper utility, <application>/lib/udev/rename_device</application>, to look into all <filename>/etc/sysconfig/network-scripts/ifcfg-<replaceable>suffix</replaceable></filename> files. If it finds an <filename>ifcfg</filename> file with a <command>HWADDR</command> entry matching the MAC address of an interface it renames the interface to the name given in the <filename>ifcfg</filename> file by the <command>DEVICE</command> directive.
+ </para>
+ </step>
+ <step>
+ <para>
+ A rule in <filename>/usr/lib/udev/rules.d/71-biosdevname.rules</filename> instructs <application>biosdevname</application> to rename the interface according to its naming policy, provided that it was not renamed in a previous step, <application>biosdevname</application> is installed, and <command>biosdevname=0</command> was not given as a kernel command on the boot command line.
+ </para>
+ </step>
+ <step>
+ <para>
+ A rule in <filename>/lib/udev/rules.d/75-net-description.rules</filename> instructs <application>udev</application> to fill in ID_NET_NAME_ONBOARD, ID_NET_NAME_SLOT, ID_NET_NAME_PATH, ID_NET_NAME_MAC by examining the network interface device. Note, that some variables can be empty.
+ </para>
+ </step>
+ <step>
+ <para>
+ A rule in <filename>/usr/lib/udev/rules.d/80-net-name-slot.rules</filename> instructs <application>udev</application> to rename the interface, provided that it was not renamed in a previous step, and the kernel parameter <command>net.ifnames=0</command> was not given, according to the following priority: ID_NET_NAME_ONBOARD, ID_NET_NAME_SLOT, ID_NET_NAME_PATH. It falls through to the next in the list, if one is unset. If none of these are set, then the interface will not be renamed.
+ </para>
+ </step>
+</procedure>
+ </section>
+
<section id="sec-Understanding_the_Predictable_Network_Interface_Device_Names">
<title>Understanding the Predictable Network Interface Device Names</title>
<para>
@@ -335,34 +364,7 @@ The name provided by <systemitem class="daemon">systemd-udev</systemitem> will b
</variablelist>
</section>
- <section id="sec-Understanding_the_Device_Renaming_Procedure">
- <title>Understanding the Device Renaming Procedure</title>
-<para>
- The device name procedure in detail is as follows:
-</para>
-<procedure>
- <step>
- <para>
- A rule in <filename>/usr/lib/udev/rules.d/60-net.rules</filename> instructs the <application>udev</application> helper utility, <application>/lib/udev/rename_device</application>, to look into all <filename>/etc/sysconfig/network-scripts/ifcfg-<replaceable>suffix</replaceable></filename> files. If it finds an <filename>ifcfg</filename> file with a <command>HWADDR</command> entry matching the MAC address of an interface it renames the interface to the name given in the <filename>ifcfg</filename> file by the <command>DEVICE</command> directive.
- </para>
- </step>
- <step>
- <para>
- A rule in <filename>/usr/lib/udev/rules.d/71-biosdevname.rules</filename> instructs <application>biosdevname</application> to rename the interface according to its naming policy, provided that it was not renamed in a previous step, <application>biosdevname</application> is installed, and <command>biosdevname=0</command> was not given as a kernel command on the boot command line.
- </para>
- </step>
- <step>
- <para>
- A rule in <filename>/lib/udev/rules.d/75-net-description.rules</filename> instructs <application>udev</application> to fill in ID_NET_NAME_ONBOARD, ID_NET_NAME_SLOT, ID_NET_NAME_PATH, ID_NET_NAME_MAC by examining the network interface device. Note, that some variables can be empty.
- </para>
- </step>
- <step>
- <para>
- A rule in <filename>/usr/lib/udev/rules.d/80-net-name-slot.rules</filename> instructs <application>udev</application> to rename the interface, provided that it was not renamed in a previous step, and the kernel parameter <command>net.ifnames=0</command> was not given, according to the following priority: ID_NET_NAME_ONBOARD, ID_NET_NAME_SLOT, ID_NET_NAME_PATH. It falls through to the next in the list, if one is unset. If none of these are set, then the interface will not be renamed.
- </para>
- </step>
-</procedure>
- </section>
+
<!-- "Topics, Tasks" section -->
<section id="sec-Disabling_sec-Consistent_Network_Device_Naming">
9 years, 9 months
- 1
- 0
[networking-guide] master: updates to GNOME and Wi-Fi descriptions (51a2925)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 51a2925417327fba8ccf08b1c32b875c80558813
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 22:44:03 2014 +0200
updates to GNOME and Wi-Fi descriptions
after technical review by dcbw and jbenc
>---------------------------------------------------------------
en-US/Configure_Networking.xml | 79 ++++++++++++++++++++--------------------
1 files changed, 40 insertions(+), 39 deletions(-)
diff --git a/en-US/Configure_Networking.xml b/en-US/Configure_Networking.xml
index ecf7aa0..8df3a44 100644
--- a/en-US/Configure_Networking.xml
+++ b/en-US/Configure_Networking.xml
@@ -268,12 +268,12 @@ To restrict connections and networking, there are two options which can be used
</listitem>
<listitem>
<para>
- <guilabel>Make available to other users</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details. To prevent unexpected behavior during installation, ensure that this check box remains selected for any network interface that you configure.
+ <guilabel>Make available to other users</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details.
</para>
</listitem>
<listitem>
<para>
- <guilabel>Automatically connect to VPN when using this connection</guilabel> — Select this box if you want <application>NetworkManager</application> to auto-connect to a VPN connection when it is available. Select the VPN from the dropdown menu.
+ <guilabel>Automatically connect to VPN when using this connection</guilabel> — Select this box if you want <application>NetworkManager</application> to auto-connect to the selected VPN connection when this connection profile is connected. Select the VPN from the drop-down menu.
</para>
</listitem>
</itemizedlist>
@@ -308,12 +308,12 @@ To restrict connections and networking, there are two options which can be used
id="sec-Configuring_a_Wi-Fi_Connection">
<title>Configuring a Wi-Fi Connection</title>
<para>
- This section explains how to use <application>NetworkManager</application> to configure a Wi-Fi (also known as wireless or 802.1<replaceable>a/b/g/n</replaceable>) connection to an Access Point.</para>
+ This section explains how to use <application>NetworkManager</application> to configure a Wi-Fi (also known as wireless or 802.11<replaceable>a/b/g/n</replaceable>) connection to an Access Point.</para>
<para>To configure a mobile broadband (such as 3G) connection, see <xref
linkend="sec-Establishing_a_Mobile_Broadband_Connection"/>.</para>
<bridgehead
id="bh-Quickly_Connecting_to_an_Available_Access_Point">Quickly Connecting to an Available Access Point</bridgehead>
- <para>The easiest way to connect to an available access point is to click on the network icon to activate the Notification Area applet, locate the <firstterm>Service Set Identifier</firstterm> (<acronym>SSID</acronym>) of the access point in the list of <guilabel>Wi-Fi</guilabel> networks, and click on it. A padlock symbol indicates the access point requires authentication. If the access point is secured, a dialog prompts you for an authentication key or password.</para>
+ <para>The easiest way to connect to an available access point is to click on the network connection icon to activate the Notification Area applet, locate the <firstterm>Service Set Identifier</firstterm> (<acronym>SSID</acronym>) of the access point in the list of <guilabel>Wi-Fi</guilabel> networks, and click on it. A padlock symbol indicates the access point requires authentication. If the access point is secured, a dialog prompts you for an authentication key or password.</para>
<para>
<application>NetworkManager</application> tries to auto-detect the type of security used by the access point. If there are multiple possibilities, <application>NetworkManager</application> guesses the security type and presents it in the <guilabel>Wi-Fi security</guilabel> drop-down menu. To see if there are multiple choices, click the <guilabel>Wi-Fi security</guilabel> drop-down menu and select the type of security the access point is using. If you are unsure, try connecting to each type in turn. Finally, enter the key or passphrase in the <guilabel>Password</guilabel> field. Certain password types, such as a 40-bit WEP or 128-bit WPA key, are invalid unless they are of a requisite length. The <guilabel>Connect</guilabel> button will remain inactive until you enter a key of the length required for the selected security type. To learn more about wireless security, see <xref
linkend="sec-Configuring_Wi-Fi_Security"/>.</para>
@@ -343,7 +343,7 @@ To restrict connections and networking, there are two options which can be used
<para>Select the <guilabel>Wi-Fi</guilabel> menu entry.</para>
</step>
<step>
- <para>Click the Wi-Fi network you want to connect to. A padlock symbol indicates a key or password is required.</para>
+ <para>Click the Wi-Fi connection profile on the right-hand side menu you want to connect to. A padlock symbol indicates a key or password is required.</para>
</step>
<step>
<para>
@@ -374,7 +374,7 @@ To restrict connections and networking, there are two options which can be used
<guilabel>BSSID</guilabel>
</term>
<listitem>
- <para>The <firstterm>Basic Service Set Identifier</firstterm> (<acronym>BSSID</acronym>) is the MAC address of the specific wireless access point you are connecting to when in <guilabel>Infrastructure</guilabel> mode. This field is blank by default, and you are able to connect to a wireless access point by <guilabel>SSID</guilabel> without having to specify its <guilabel>BSSID</guilabel>. If the BSSID is specified, it will force the system to associate to a specific access point only.</para>
+ <para>The <firstterm>Basic Service Set Identifier</firstterm> (<acronym>BSSID</acronym>) is the MAC address, also known as a <firstterm>hardware address</firstterm>, of the specific wireless access point you are connecting to when in <guilabel>Infrastructure</guilabel> mode. This field is blank by default, and you are able to connect to a wireless access point by <guilabel>SSID</guilabel> without having to specify its <guilabel>BSSID</guilabel>. If the BSSID is specified, it will force the system to associate to a specific access point only.</para>
<para>For ad-hoc networks, the <guilabel>BSSID</guilabel> is generated randomly by the <application>mac80211</application> subsystem when the ad-hoc network is created. It is not displayed by <application>NetworkManager</application></para>
</listitem>
</varlistentry>
@@ -425,14 +425,15 @@ To restrict connections and networking, there are two options which can be used
</listitem>
<listitem>
<para>
- <guilabel>Make available to all users</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref
- linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details. To prevent unexpected behavior during installation, ensure that this check box remains selected for any network interface that you configure.</para>
+ <guilabel>Make available to other users</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref
+ linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details.
+ </para>
</listitem>
</itemizedlist>
<bridgehead
id="bh-Saving_Your_New_or_Modified_Connection_and_Making_Further_Configurations-wireless">Saving Your New (or Modified) Connection and Making Further Configurations</bridgehead>
- <para>Once you have finished editing the wireless connection, click the <guibutton>Apply</guibutton> button and <application>NetworkManager</application> will immediately save your customized configuration. Given a correct configuration, you can successfully connect to your the modified connection by selecting it from the Notification Area applet. See <xref
+ <para>Once you have finished editing the wireless connection, click the <guibutton>Apply</guibutton> button and <application>NetworkManager</application> will save your customized configuration. Given a correct configuration, you can connect to your modified connection by selecting it from the Notification Area applet. See <xref
linkend="sec-Connecting_to_a_Network_Using_a_GUI"/> for details on selecting and connecting to a network.</para>
<para>You can further configure an existing connection by selecting it in the <guilabel>Network</guilabel> window and clicking the gear wheel icon to reveal the connection details.</para>
<para>Then, to configure:</para>
@@ -466,10 +467,10 @@ To restrict connections and networking, there are two options which can be used
<para>it encrypts the packet data; and,</para>
</listitem>
<listitem>
- <para>it encloses the data with an Encapsulating Security Payload (ESP), which constitutes the decryption and handling instructions.</para>
+ <para>it encloses the data in packets according to the Encapsulating Security Payload (ESP) protocol, which constitutes the decryption and handling instructions.</para>
</listitem>
</orderedlist>
- <para>The receiving VPN router strips the header information, decrypts the data, and routes it to its intended destination (either a workstation or other node on a network). Using a network-to-network connection, the receiving node on the local network receives the packets already decrypted and ready for processing. The encryption/decryption process in a network-to-network VPN connection is therefore transparent to clients.</para>
+ <para>The receiving VPN router strips the header information, decrypts the data, and routes it to its intended destination (either a workstation or other node on a network). Using a network-to-network connection, the receiving node on the local network receives the packets already decrypted and ready for processing. The encryption and decryption process in a network-to-network VPN connection is therefore transparent to clients.</para>
<para>Because they employ several layers of authentication and encryption, VPNs are a secure and effective means of connecting multiple remote nodes to act as a unified intranet.</para>
<procedure
@@ -541,7 +542,7 @@ To restrict connections and networking, there are two options which can be used
</listitem>
<listitem>
<para>
- <guilabel>All users may connect to this network</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details. To prevent unexpected behavior during installation, ensure that this check box remains selected for any network interface that you configure.
+ <guilabel>All users may connect to this network</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details.
</para>
</listitem>
<listitem>
@@ -678,10 +679,10 @@ To restrict connections and networking, there are two options which can be used
<para>You can use <application>NetworkManager</application>'s mobile broadband connection abilities to connect to the following <firstterm>2G</firstterm> and <firstterm>3G</firstterm> services:</para>
<itemizedlist>
<listitem>
- <para>2G — <firstterm>GPRS</firstterm> (<firstterm>General Packet Radio Service</firstterm>) or <firstterm>EDGE</firstterm> (<firstterm>Enhanced Data Rates for GSM Evolution</firstterm>)</para>
+ <para>2G — <firstterm>GPRS</firstterm> (<firstterm>General Packet Radio Service</firstterm>), <firstterm>EDGE</firstterm> (<firstterm>Enhanced Data Rates for GSM Evolution</firstterm>), or CDMA (Code Division Multiple Access).</para>
</listitem>
<listitem>
- <para>3G — <firstterm>UMTS</firstterm> (<firstterm>Universal Mobile Telecommunications System</firstterm>) or <firstterm>HSPA</firstterm> (<firstterm>High Speed Packet Access</firstterm>)
+ <para>3G — <firstterm>UMTS</firstterm> (<firstterm>Universal Mobile Telecommunications System</firstterm>), <firstterm>HSPA</firstterm> (<firstterm>High Speed Packet Access</firstterm>), or EVDO (EVolution Data-Only).
</para>
</listitem>
</itemizedlist>
@@ -705,7 +706,7 @@ To restrict connections and networking, there are two options which can be used
<para>Click <guibutton>Create</guibutton> to open the <guilabel>Set up a Mobile Broadband Connection</guilabel> assistant.</para>
</step>
<step>
- <para>Under <guilabel>Create a connection for this mobile broadband device</guilabel>, choose the 2G- or 3G-capable device you want to use with the connection. If the dropdown menu is inactive, this indicates that the system was unable to detect a device capable of mobile broadband. In this case, click <guilabel>Cancel</guilabel>, ensure that you do have a mobile broadband-capable device attached and recognized by the computer and then retry this procedure. Click the <guilabel>Continue</guilabel> button.</para>
+ <para>Under <guilabel>Create a connection for this mobile broadband device</guilabel>, choose the 2G- or 3G-capable device you want to use with the connection. If the drop-down menu is inactive, this indicates that the system was unable to detect a device capable of mobile broadband. In this case, click <guilabel>Cancel</guilabel>, ensure that you do have a mobile broadband-capable device attached and recognized by the computer and then retry this procedure. Click the <guilabel>Continue</guilabel> button.</para>
</step>
<step>
<para>Select the country where your service provider is located from the list and click the <guilabel>Continue</guilabel> button.</para>
@@ -754,7 +755,7 @@ To restrict connections and networking, there are two options which can be used
</listitem>
<listitem>
<para>
- <guilabel>All users may connect to this network</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details. To prevent unexpected behavior during installation, ensure that this check box remains selected for any network interface that you configure.
+ <guilabel>All users may connect to this network</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details.
</para>
</listitem>
<listitem>
@@ -946,7 +947,7 @@ To restrict connections and networking, there are two options which can be used
</listitem>
<listitem>
<para>
- <guilabel>All users may connect to this network</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details. To prevent unexpected behavior during installation, ensure that this check box remains selected for any network interface that you configure.
+ <guilabel>All users may connect to this network</guilabel> — Select this box to create a connection available to all users on the system. Changing this setting may require root privileges. See <xref linkend="sec-System-wide_and_Private_Connection_Profiles"/> for details.
</para>
</listitem>
<listitem>
@@ -1021,21 +1022,21 @@ To restrict connections and networking, there are two options which can be used
id="sec-Configuring_Connection_Settings">
<title>Configuring Connection Settings</title>
<section
- id="sec-Configuring_802.1x_Security">
- <title>Configuring 802.1x Security</title>
- <para>802.1x security is the name of the IEEE standard for <firstterm>port-based Network Access Control</firstterm> (<acronym>PNAC</acronym>). Simply put, 802.1x security is a way of controlling access to a <firstterm>logical network</firstterm> from a physical one. All clients who want to join the logical network must authenticate with the server (a router, for example) using the correct 802.1x authentication method.</para>
- <para>802.1x security is most often associated with securing wireless networks (WLANs), but can also be used to prevent intruders with physical access to the network (LAN) from gaining entry. In the past, <systemitem class="protocol">DHCP</systemitem> servers were configured not to lease <systemitem class="protocol">IP</systemitem> addresses to unauthorized users, but for various reasons this practice is both impractical and insecure, and thus is no longer recommended. Instead, 802.1x security is used to ensure a logically-secure network through port-based authentication.</para>
- <para>802.1x provides a framework for WLAN and LAN access control and serves as an envelope for carrying one of the Extensible Authentication Protocol (EAP) types. An EAP type is a protocol that defines how WLAN security is achieved on the network.</para>
- <para>You can configure 802.1x security for a wired or wireless connection type by opening the <guilabel>Network</guilabel> window (see <xref linkend="sec-Connecting_to_a_Network_Using_a_GUI"/>) and following the applicable procedure below. Press the <keycap>Super</keycap> key to enter the Activities Overview, type <command>control network</command> and then press <keycap>Enter</keycap>. The <guilabel>Network</guilabel> settings tool appears. Proceed to <xref linkend="procedure-For_a_Wired_Connection" /> or <xref linkend="procedure-For_a_Wireless_Connection" />:</para>
+ id="sec-Configuring_802.1X_Security">
+ <title>Configuring 802.1X Security</title>
+ <para>802.1X security is the name of the IEEE standard for <firstterm>port-based Network Access Control</firstterm> (<acronym>PNAC</acronym>). It is also called <firstterm>WPA Enterprise</firstterm>. Simply put, 802.1X security is a way of controlling access to a <firstterm>logical network</firstterm> from a physical one. All clients who want to join the logical network must authenticate with the server (a router, for example) using the correct 802.1X authentication method.</para>
+ <para>802.1X security is most often associated with securing wireless networks (WLANs), but can also be used to prevent intruders with physical access to the network (LAN) from gaining entry. In the past, <systemitem class="protocol">DHCP</systemitem> servers were configured not to lease <systemitem class="protocol">IP</systemitem> addresses to unauthorized users, but for various reasons this practice is both impractical and insecure, and thus is no longer recommended. Instead, 802.1X security is used to ensure a logically-secure network through port-based authentication.</para>
+ <para>802.1X provides a framework for WLAN and LAN access control and serves as an envelope for carrying one of the Extensible Authentication Protocol (EAP) types. An EAP type is a protocol that defines how security is achieved on the network.</para>
+ <para>You can configure 802.1X security for a wired or wireless connection type by opening the <guilabel>Network</guilabel> window (see <xref linkend="sec-Connecting_to_a_Network_Using_a_GUI"/>) and following the applicable procedure below. Press the <keycap>Super</keycap> key to enter the Activities Overview, type <command>control network</command> and then press <keycap>Enter</keycap>. The <guilabel>Network</guilabel> settings tool appears. Proceed to <xref linkend="procedure-For_a_Wired_Connection" /> or <xref linkend="procedure-For_a_Wireless_Connection" />:</para>
<procedure
id="procedure-For_a_Wired_Connection">
<title>For a Wired Connection</title>
<step>
- <para>Select a <guilabel>Wired</guilabel> connection in the left pane of the <guilabel>Network</guilabel> window.</para>
+ <para>Select a <guilabel>Wired</guilabel> network interface from the left-hand-side menu.</para>
</step>
<step>
- <para>Either click on <guibutton>Add Profile</guibutton> to add a new network connection for which you want to configure 802.1x security, or select an existing connection and click the gear wheel icon.</para>
+ <para>Either click on <guibutton>Add Profile</guibutton> to add a new network connection profile for which you want to configure 802.1X security, or select an existing connection profile and click the gear wheel icon.</para>
</step>
<step>
<para>Then select <guilabel>Security</guilabel> and set the symbolic power button to <guilabel>ON</guilabel> to enable settings configuration.</para>
@@ -1049,13 +1050,13 @@ To restrict connections and networking, there are two options which can be used
id="procedure-For_a_Wireless_Connection">
<title>For a Wireless Connection</title>
<step>
- <para>Select a <guilabel>Wireless</guilabel> connection in the left pane of the <guilabel>Network</guilabel> window and, if necessary, set the symbolic power button to <guilabel>ON</guilabel>.</para>
+ <para>Select a <guilabel>Wireless</guilabel> network interface from the left-hand-side menu. If necessary, set the symbolic power button to <guilabel>ON</guilabel> and check that your hardware switch is on.</para>
</step>
<step>
- <para>Either select the connection name of a new connection, or click the gear wheel icon of an existing connection, for which you want to configure 802.1x security. In the case of a new connection complete any authentication steps to complete the connection and then click the gear wheel icon.</para>
+ <para>Either select the connection name of a new connection, or click the gear wheel icon of an existing connection profile, for which you want to configure 802.1X security. In the case of a new connection, complete any authentication steps to complete the connection and then click the gear wheel icon.</para>
</step>
<step>
- <para>Then select <guilabel>Security</guilabel>.</para>
+ <para>Select <guilabel>Security</guilabel>.</para>
</step>
<step>
<para>
@@ -1416,7 +1417,7 @@ To restrict connections and networking, there are two options which can be used
<section
id="sec-Configuring_IPv4_Settings">
<title>Configuring IPv4 Settings</title>
- <para>The <guilabel>IPv4 Settings</guilabel> tab allows you to configure the method by which you connect to the Internet and enter <systemitem class="protocol">IP</systemitem> address, route, and <systemitem class="protocol">DNS</systemitem> information as required. The <guilabel>IPv4 Settings</guilabel> tab is available when you create and modify one of the following connection types: wired, wireless, mobile broadband, VPN or DSL. If you need to configure <systemitem class="protocol">IPv6</systemitem> addresses, see <xref linkend="sec-Configuring_IPv6_Settings"/>. If you need to configure static routes, which can be done by clicking on the <guibutton>Routes</guibutton> button, see <xref linkend="sec-Configuring_Routes"/>.</para>
+ <para>The <guilabel>IPv4 Settings</guilabel> tab allows you to configure the method used to connect to a network, to enter <systemitem class="protocol">IP</systemitem> address, route, and <systemitem class="protocol">DNS</systemitem> information as required. The <guilabel>IPv4 Settings</guilabel> tab is available when you create and modify one of the following connection types: wired, wireless, mobile broadband, VPN or DSL. If you need to configure <systemitem class="protocol">IPv6</systemitem> addresses, see <xref linkend="sec-Configuring_IPv6_Settings"/>. If you need to configure static routes, click the <guibutton>Routes</guibutton> button and proceed to <xref linkend="sec-Configuring_Routes"/>.</para>
<para>If you are using <systemitem class="protocol">DHCP</systemitem> to obtain a dynamic <systemitem class="protocol">IP</systemitem> address from a <systemitem class="protocol">DHCP</systemitem> server, you can simply set <guilabel>Method</guilabel> to <guimenuitem>Automatic (DHCP)</guimenuitem>.</para>
<bridgehead
id="bh-Setting_the_Method">Setting the Method</bridgehead>
@@ -1446,34 +1447,34 @@ To restrict connections and networking, there are two options which can be used
<term>Wired, Wireless and DSL Connection Methods</term>
<listitem>
<para>
- <guimenuitem>Manual</guimenuitem> — Choose this option if the network you are connecting to does not have a <systemitem class="protocol">DHCP</systemitem> server and you want to assign <systemitem class="protocol">IP</systemitem> addresses manually.</para>
+ <guimenuitem>Manual</guimenuitem> — Choose this option if you want to assign <systemitem class="protocol">IP</systemitem> addresses manually.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Mobile Broadband Connection Methods</term>
<listitem>
<para>
- <guimenuitem>Automatic (PPP)</guimenuitem> — Choose this option if the network you are connecting to uses a <systemitem class="protocol">DHCP</systemitem> server to assign <systemitem class="protocol">IP</systemitem> addresses.</para>
+ <guimenuitem>Automatic (PPP)</guimenuitem> — Choose this option if the network you are connecting to assigns your <systemitem class="protocol">IP</systemitem> address and <systemitem class="protocol">DNS</systemitem> servers automatically.</para>
<para>
- <guimenuitem>Automatic (PPP) addresses only</guimenuitem> — Choose this option if the network you are connecting to uses a <systemitem class="protocol">DHCP</systemitem> server to assign <systemitem class="protocol">IP</systemitem> addresses but you want to assign <systemitem class="protocol">DNS</systemitem> servers manually.</para>
+ <guimenuitem>Automatic (PPP) addresses only</guimenuitem> — Choose this option if the network you are connecting to assigns your <systemitem class="protocol">IP</systemitem> address automatically, but you want to manually specify <systemitem class="protocol">DNS</systemitem> servers.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>VPN Connection Methods</term>
<listitem>
<para>
- <guimenuitem>Automatic (VPN)</guimenuitem> — Choose this option if the network you are connecting to uses a <systemitem class="protocol">DHCP</systemitem> server to assign <systemitem class="protocol">IP</systemitem> addresses.</para>
+ <guimenuitem>Automatic (VPN)</guimenuitem> — Choose this option if the network you are connecting to assigns your <systemitem class="protocol">IP</systemitem> address and <systemitem class="protocol">DNS</systemitem> servers automatically.</para>
<para>
- <guimenuitem>Automatic (VPN) addresses only</guimenuitem> — Choose this option if the network you are connecting to uses a <systemitem class="protocol">DHCP</systemitem> server to assign <systemitem class="protocol">IP</systemitem> addresses but you want to assign <systemitem class="protocol">DNS</systemitem> servers manually.</para>
+ <guimenuitem>Automatic (VPN) addresses only</guimenuitem> — Choose this option if the network you are connecting to assigns your <systemitem class="protocol">IP</systemitem> address automatically, but you want to manually specify <systemitem class="protocol">DNS</systemitem> servers.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>DSL Connection Methods</term>
<listitem>
<para>
- <guimenuitem>Automatic (PPPoE)</guimenuitem> — Choose this option if the network you are connecting to uses a <systemitem class="protocol">DHCP</systemitem> server to assign <systemitem class="protocol">IP</systemitem> addresses.</para>
+ <guimenuitem>Automatic (PPPoE)</guimenuitem> — Choose this option if the network you are connecting to assigns your <systemitem class="protocol">IP</systemitem> address and <systemitem class="protocol">DNS</systemitem> servers automatically.</para>
<para>
- <guimenuitem>Automatic (PPPoE) addresses only</guimenuitem> — Choose this option if the network you are connecting to uses a <systemitem class="protocol">DHCP</systemitem> server to assign <systemitem class="protocol">IP</systemitem> addresses but you want to assign <systemitem class="protocol">DNS</systemitem> servers manually.</para>
+ <guimenuitem>Automatic (PPPoE) addresses only</guimenuitem> — Choose this option if the network you are connecting to assigns your <systemitem class="protocol">IP</systemitem> address automatically, but you wish to manually specify <systemitem class="protocol">DNS</systemitem> servers.</para>
</listitem>
</varlistentry>
</variablelist>
@@ -1522,9 +1523,9 @@ To restrict connections and networking, there are two options which can be used
<section
id="sec-Configuring_Routes">
<title>Configuring Routes</title>
- <para>A host's routing table will be automatically populated with routes to directly connected networks. The routes are learned by observing the network interfaces when they are <quote>up</quote>. This section describes entering static routes to networks or hosts which can be reached by traversing an intermediate network or connection, such as a VPN tunnel or leased line. In order to reach a remote network or host, the system is given the address of a gateway to which traffic should be sent.</para>
+ <para>A host's routing table will be automatically populated with routes to directly connected networks. The routes are learned by examining the network interfaces when they are <quote>up</quote>. This section describes entering static routes to networks or hosts which can be reached by traversing an intermediate network or connection, such as a VPN tunnel or leased line. In order to reach a remote network or host, the system is given the address of a gateway to which traffic should be sent.</para>
<para>
- When a host's interface is configured by <systemitem class="protocol">DHCP</systemitem>, an address of a gateway that leads to an upstream network or the Internet is usually assigned. This gateway is usually referred to as the default gateway as it is the gateway to use if no better route is known to the system (and present in the routing table). Network administrators often use the first host <systemitem class="protocol">IP</systemitem> address in the network as the gateway address; for example, <systemitem class="ipaddress">192.168.10.1</systemitem>. Not to be confused by the address which represents the network itself; in this example, <systemitem class="ipaddress">192.168.10.0</systemitem>.
+ When a host's interface is configured by <systemitem class="protocol">DHCP</systemitem>, an address of a gateway that leads to an upstream network or the Internet is usually assigned. This gateway is usually referred to as the default gateway as it is the gateway to use if no better route is known to the system (and present in the routing table). Network administrators often use the first or last host <systemitem class="protocol">IP</systemitem> address in the network as the gateway address; for example, <systemitem class="ipaddress">192.168.10.1</systemitem> or <systemitem class="ipaddress">192.168.10.254</systemitem>. Not to be confused by the address which represents the network itself; in this example, <systemitem class="ipaddress">192.168.10.0</systemitem>, or the subnet's broadcast address; in this example <systemitem class="ipaddress">192.168.10.255</systemitem>.
</para>
<bridgehead id="Configuring_Static_Routes">Configuring Static Routes</bridgehead>
<para>
@@ -1551,7 +1552,7 @@ To restrict connections and networking, there are two options which can be used
<guibutton>Automatic</guibutton>
</term>
<listitem>
- <para>Ensure this is <guilabel>ON</guilabel> to use manually entered routes for this connection.</para>
+ <para>When Automatic is <guilabel>ON</guilabel>, routes from <systemitem class="protocol">RA</systemitem> or <systemitem class="protocol">DHCP</systemitem> are used, but you can also add additional static routes. When <guilabel>OFF</guilabel>, only static routes you define are used.</para>
</listitem>
</varlistentry>
<varlistentry>
9 years, 9 months
- 1
- 0
[networking-guide] master: Typos and style improvements (47498b1)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 47498b1933f8d1040f830d6af4c161db830c15c1
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 22:42:16 2014 +0200
Typos and style improvements
Thanks to yruseva and jherrman for their review.
>---------------------------------------------------------------
en-US/Configure_Networking.xml | 66 ++++++++++++++++++++--------------------
1 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/en-US/Configure_Networking.xml b/en-US/Configure_Networking.xml
index 53c8c7e..ecf7aa0 100644
--- a/en-US/Configure_Networking.xml
+++ b/en-US/Configure_Networking.xml
@@ -10,7 +10,7 @@
<section id="sec-Static_and_Dynamic_Interface_Settings">
<title>Static and Dynamic Interface Settings</title>
<para>
- When to use static addressing and when to use dynamic addressing? These decisions are subjective, they depend on your accessed needs, your specific requirements. Having a policy, documenting it, and applying it consistently are usually more important than the specific decisions you make. In a traditional company LAN, this is an easier decision to make as you typically have fewer servers than other hosts. Provisioning and installation tools make providing static configurations to new hosts easy and using such tools will change your work flow and requirements. The following two sections are intended to provide guidance to those who have not already been through this decision making process. For more information on automated configuration and management, see the <application>OpenLMI</application> section in the <citetitle pubwork="book">System Administrators Guide</citetitle>. The <citetitle pubwork="book">System Installation Guide</citetitle> documents the use of <applicat
ion>kickstart</application> which can also be used for automating the assignment of network settings.
+ When to use static addressing and when to use dynamic addressing? These decisions are subjective, they depend on your accessed needs, your specific requirements. Having a policy, documenting it, and applying it consistently are usually more important than the specific decisions you make. In a traditional company LAN, this is an easier decision to make as you typically have fewer servers than other hosts. Provisioning and installation tools make providing static configurations to new hosts easy and using such tools will change your work flow and requirements. The following two sections are intended to provide guidance to those who have not already been through this decision-making process. For more information on automated configuration and management, see the <application>OpenLMI</application> section in the <citetitle pubwork="book">System Administrators Guide</citetitle>. The <citetitle pubwork="book">System Installation Guide</citetitle> documents the use of <applicat
ion>kickstart</application> which can also be used for automating the assignment of network settings.
</para>
<section id="sec-When_to_Use_Static_Network_Interface_Settings">
<title>When to Use Static Network Interface Settings</title>
@@ -27,7 +27,7 @@
<para>
</para>
<para>
- Enable and use dynamic assignment of <systemitem class="protocol">IP</systemitem> addresses and other network information whenever there is no compelling reason not to. The time saved in planing and documenting manual settings can be better spent elsewhere. See <xref linkend="sec-dhcp-why" /> for more information on this subject.
+ Enable and use dynamic assignment of <systemitem class="protocol">IP</systemitem> addresses and other network information whenever there is no compelling reason not to. The time saved in planning and documenting manual settings can be better spent elsewhere. See <xref linkend="sec-dhcp-why" /> for more information on this subject.
</para>
<para>
Note that <application>NetworkManager</application> will start the <systemitem class="protocol">DHCP</systemitem> client, <application>dhclient</application>, automatically.
@@ -91,7 +91,7 @@
</mediaobject>
</figure>
<para>
- The <guilabel>Network</guilabel> settings window has a menu on the left-hand side showing the available network devices or interfaces. This includes software interfaces such as for VLANs, bridges, bonds, and teams. On the right-hand side the <firstterm>connection profiles</firstterm> are shown for the selected network device or interface. A profile is a named collection of settings that can be applied to an interface. Below that is a plus and minus button for adding and deleting new network connections, and on the right a gear wheel icon will appear for editing the connection details of the selected network device or VPN connection. To add a new connection, click the plus symbol to open the <guilabel>Add Network Connection</guilabel> window and proceed to <xref linkend="bh-Configuring_a_New_Connection" />.</para>
+ The <guilabel>Network</guilabel> settings window has a menu on the left-hand side showing the available network devices or interfaces. This includes software interfaces such as for VLANs, bridges, bonds, and teams. On the right-hand side, the <firstterm>connection profiles</firstterm> are shown for the selected network device or interface. A profile is a named collection of settings that can be applied to an interface. Below that is a plus and a minus button for adding and deleting new network connections, and on the right a gear wheel icon will appear for editing the connection details of the selected network device or VPN connection. To add a new connection, click the plus symbol to open the <guilabel>Add Network Connection</guilabel> window and proceed to <xref linkend="bh-Configuring_a_New_Connection" />.</para>
<bridgehead id="bh-Editing_an_Existing_Connection">Editing an Existing Connection</bridgehead>
<para>Clicking on the gear wheel icon of an existing connection profile in the <guilabel>Network</guilabel> settings window opens the <guilabel>Network</guilabel> details window, from where you can perform most network configuration tasks such as <systemitem class="protocol">IP</systemitem> addressing, <systemitem class="protocol">DNS</systemitem>, and routing configuration.</para>
<figure id="exam-Configuring_New_and_Editing_Existing_Connections_Network-Details-Window">
@@ -109,7 +109,7 @@
</figure>
<bridgehead id="bh-Configuring_a_New_Connection">Configuring a New Connection</bridgehead>
<para>
- On the <guilabel>Network</guilabel> settings window, clicking on the plus sign below the menu opens the <guilabel>Add Network Connection</guilabel> window. This displays a list of connection types that can be added.
+ In the <guilabel>Network</guilabel> settings window, click the plus sign below the menu to open the <guilabel>Add Network Connection</guilabel> window. This displays a list of connection types that can be added.
</para>
<para>Then, to configure:</para>
@@ -126,16 +126,16 @@
</listitem>
<listitem>
<para>Bridge connections, click the <guilabel>Bridge</guilabel> entry and proceed to <xref
- linkend="sec-Establishing_a_Bridge_Connection"/>; or,
+ linkend="sec-Establishing_a_Bridge_Connection"/>;
</para>
</listitem>
<listitem>
<para>VLAN connections, click the <guilabel>VLAN</guilabel> entry and proceed to <xref
- linkend="sec-Establishing_a_VLAN_Connection"/>.
+ linkend="sec-Establishing_a_VLAN_Connection"/>;or,
</para>
</listitem>
<listitem>
- <para>Team connections, click the <guilabel>Team</guilabel> entry and proceed to <xref linkend="sec-Creating_a_Network_Team_Using_a_GUI" />
+ <para>Team connections, click the <guilabel>Team</guilabel> entry and proceed to <xref linkend="sec-Creating_a_Network_Team_Using_a_GUI" />.
</para>
</listitem>
</itemizedlist>
@@ -161,7 +161,7 @@
<para>Select the <guilabel>Identity</guilabel> menu entry on the left. The <guilabel>Network</guilabel> window changes to the identity view.</para>
</step>
<step>
- <para>Select <guilabel>Connect automatically</guilabel> to cause <application>NetworkManager</application> to auto-connect to the connection whenever <application>NetworkManager</application> detects that it is available. Unselect the check box if you do not want <application>NetworkManager</application> to connect automatically. If the box is unselected, you will have to select that connection manually in the network applet menu to cause it to connect.</para>
+ <para>Select <guilabel>Connect automatically</guilabel> to cause <application>NetworkManager</application> to auto-connect to the connection whenever <application>NetworkManager</application> detects that it is available. Clear the check box if you do not want <application>NetworkManager</application> to connect automatically. If the check box is clear, you will have to select that connection manually in the network applet menu to cause it to connect.</para>
</step>
</procedure>
</section>
@@ -170,18 +170,18 @@
id="sec-System-wide_and_Private_Connection_Profiles">
<title>System-wide and Private Connection Profiles</title>
<para>
- <application>NetworkManager</application> stores all <firstterm>connection profiles</firstterm>. A profile is a named collection of settings that can be applied to an interface. <application>NetworkManager</application> stores these connection profiles for system-wide use (<firstterm>system connections</firstterm>) as well as all <firstterm>user connection</firstterm> profiles. Access to the connection profiles is controlled by permissions which are stored by <application>NetworkManager</application>. See man <filename>nm-settings(5)</filename> for more information on the <option>connection</option> settings <option>permissions</option> property. The permissions correspond to the <command>USERS</command> directive in the <filename>ifcfg</filename> files. If the <command>USERS</command> directive is not present, the network profile will be available to all users. As an example, the following command in an <filename>ifcfg</filename> file will make the connection availa
ble only to the users listed:
+ <application>NetworkManager</application> stores all <firstterm>connection profiles</firstterm>. A profile is a named collection of settings that can be applied to an interface. <application>NetworkManager</application> stores these connection profiles for system-wide use (<firstterm>system connections</firstterm>), as well as all <firstterm>user connection</firstterm> profiles. Access to the connection profiles is controlled by permissions which are stored by <application>NetworkManager</application>. See the <filename>nm-settings(5)</filename> man page for more information on the <option>connection</option> settings <option>permissions</option> property. The permissions correspond to the <command>USERS</command> directive in the <filename>ifcfg</filename> files. If the <command>USERS</command> directive is not present, the network profile will be available to all users. As an example, the following command in an <filename>ifcfg</filename> file will make the connect
ion available only to the users listed:
<synopsis>USERS="joe bob alice"</synopsis>
- This can also be set using graphical user interface tools. In <application>nm-connection-editor</application> there is the corresponding <guilabel>All users may connect to this network</guilabel> checkbox on the <guilabel>General</guilabel> tab and in the GNOME <application>control-center</application> Network settings Identity window there is the <guilabel>Make available to other users</guilabel> checkbox.
+ This can also be set using graphical user interface tools. In <application>nm-connection-editor</application>, there is the corresponding <guilabel>All users may connect to this network</guilabel> check box on the <guilabel>General</guilabel> tab, and in the GNOME <application>control-center</application> Network settings Identity window, there is the <guilabel>Make available to other users</guilabel> check box.
</para>
<para>
- <application>NetworkManager</application>'s default policy is to allow all users to create and modify system-wide connections. Profiles that should be available at boot time cannot be private because they will not be visible until the user logs in. For example, if user <systemitem class="username">joe</systemitem> creates a connection profile <literal>joe-em2</literal> with the <guilabel>Connect Automatically</guilabel> checkbox selected but the <guilabel>Make available to other users</guilabel> unselected, then the connection will not be available at boot time.</para>
+ <application>NetworkManager</application>'s default policy is to allow all users to create and modify system-wide connections. Profiles that should be available at boot time cannot be private because they will not be visible until the user logs in. For example, if user <systemitem class="username">user</systemitem> creates a connection profile <literal>user-em2</literal> with the <guilabel>Connect Automatically</guilabel> check box selected but with the <guilabel>Make available to other users</guilabel> not selected, then the connection will not be available at boot time.</para>
<para>
-To restrict a connections and networking, there are two options which can be used alone or in combination:
+To restrict connections and networking, there are two options which can be used alone or in combination:
<itemizedlist>
<listitem>
<para>
- Unselect the <guilabel>Make available to other users</guilabel> box, which changes the connection to be modifiable and usable only by the user doing the changing.
+ Clear the <guilabel>Make available to other users</guilabel> check box, which changes the connection to be modifiable and usable only by the user doing the changing.
</para>
</listitem>
<listitem>
@@ -190,7 +190,7 @@ To restrict a connections and networking, there are two options which can be use
</para>
</listitem>
</itemizedlist>
- The combination of these two options provides fine-grained security and control over networking. See man <filename>polkit(8)</filename> for more information on <application>polkit</application>.
+ The combination of these two options provides fine-grained security and control over networking. See the <filename>polkit(8)</filename> man page for more information on <application>polkit</application>.
</para>
<para>
@@ -213,8 +213,8 @@ To restrict a connections and networking, there are two options which can be use
<para>Select the <guilabel>Identity</guilabel> menu entry on the left. The <guilabel>Network</guilabel> window changes to the identity view.</para>
</step>
<step>
- <para>Select the <guilabel>Make available to other users</guilabel> check box to cause <application>NetworkManager</application> to make the connection a system-wide connection. Depending on system policy, you may then be prompted for the root password by the <application>PolicyKit</application> application. If so, enter the <systemitem class="username">root</systemitem> password to finalize the change.</para>
- <para>Conversely, unselect the <guilabel>Make available to other users</guilabel> check box to make the connection user-specific.</para>
+ <para>Select the <guilabel>Make available to other users</guilabel> check box to cause <application>NetworkManager</application> to make the connection available system-wide. Depending on system policy, you may then be prompted for the root password by the <application>PolicyKit</application> application. If so, enter the <systemitem class="username">root</systemitem> password to finalize the change.</para>
+ <para>Conversely, clear the <guilabel>Make available to other users</guilabel> check box to make the connection user-specific.</para>
</step>
</procedure>
</section>
@@ -243,7 +243,7 @@ To restrict a connections and networking, there are two options which can be use
</listitem>
<listitem>
<para>
- <guilabel>MAC Address</guilabel> — Select the MAC address of the interface this profile must be applied too.
+ <guilabel>MAC Address</guilabel> — Select the MAC address of the interface this profile must be applied to.
</para>
</listitem>
<listitem>
@@ -283,12 +283,12 @@ To restrict a connections and networking, there are two options which can be use
id="bh-Saving_Your_New_or_Modified_Connection_and_Making_Further_Configurations-Wired">Saving Your New (or Modified) Connection and Making Further Configurations</bridgehead>
<para>Once you have finished editing your wired connection, click the <guibutton>Apply</guibutton> button and <application>NetworkManager</application> will immediately save your customized configuration. Given a correct configuration, you can connect to your new or customized connection by selecting it from the network Notification Area applet. See <xref
linkend="sec-Connecting_to_a_Network_Using_a_GUI"/> for information on using your new or altered connection.</para>
- <para>You can further configure an existing connection by selecting it in the <guilabel>Network</guilabel> window and clicking gear wheel icon to return to the editing dialog.</para>
+ <para>You can further configure an existing connection by selecting it in the <guilabel>Network</guilabel> window and clicking the gear wheel icon to return to the editing dialog.</para>
<para>Then, to configure:</para>
<itemizedlist>
<listitem>
- <para>port-based Network Access Control (PNAC), click the <guilabel>802.1x Security</guilabel> tab and proceed to <xref
- linkend="sec-Configuring_802.1x_Security"/>;
+ <para>port-based Network Access Control (PNAC), click the <guilabel>802.1X Security</guilabel> tab and proceed to <xref
+ linkend="sec-Configuring_802.1X_Security"/>;
</para>
</listitem>
<listitem>
@@ -315,7 +315,7 @@ To restrict a connections and networking, there are two options which can be use
id="bh-Quickly_Connecting_to_an_Available_Access_Point">Quickly Connecting to an Available Access Point</bridgehead>
<para>The easiest way to connect to an available access point is to click on the network icon to activate the Notification Area applet, locate the <firstterm>Service Set Identifier</firstterm> (<acronym>SSID</acronym>) of the access point in the list of <guilabel>Wi-Fi</guilabel> networks, and click on it. A padlock symbol indicates the access point requires authentication. If the access point is secured, a dialog prompts you for an authentication key or password.</para>
<para>
- <application>NetworkManager</application> tries to auto-detect the type of security used by the access point. If there are multiple possibilities, <application>NetworkManager</application> guesses the security type and presents it in the <guilabel>Wi-Fi security</guilabel> dropdown menu. To see if there are multiple choices, click the <guilabel>Wi-Fi security</guilabel> dropdown menu and select the type of security the access point is using. If you are unsure, try connecting to each type in turn. Finally, enter the key or passphrase in the <guilabel>Password</guilabel> field. Certain password types, such as a 40-bit WEP or 128-bit WPA key, are invalid unless they are of a requisite length. The <guilabel>Connect</guilabel> button will remain inactive until you enter a key of the length required for the selected security type. To learn more about wireless security, see <xref
+ <application>NetworkManager</application> tries to auto-detect the type of security used by the access point. If there are multiple possibilities, <application>NetworkManager</application> guesses the security type and presents it in the <guilabel>Wi-Fi security</guilabel> drop-down menu. To see if there are multiple choices, click the <guilabel>Wi-Fi security</guilabel> drop-down menu and select the type of security the access point is using. If you are unsure, try connecting to each type in turn. Finally, enter the key or passphrase in the <guilabel>Password</guilabel> field. Certain password types, such as a 40-bit WEP or 128-bit WPA key, are invalid unless they are of a requisite length. The <guilabel>Connect</guilabel> button will remain inactive until you enter a key of the length required for the selected security type. To learn more about wireless security, see <xref
linkend="sec-Configuring_Wi-Fi_Security"/>.</para>
@@ -713,7 +713,7 @@ To restrict a connections and networking, there are two options which can be use
<step>
<para>Select your provider from the list or enter it manually. Click the <guilabel>Continue</guilabel> button.</para>
</step>
- <step><para>Select your payment plan from the dropdown menu and confirm the <firstterm>Access Point Name</firstterm> (<acronym>APN</acronym>) is correct. Click the <guilabel>Continue</guilabel> button.</para>
+ <step><para>Select your payment plan from the drop-down menu and confirm the <firstterm>Access Point Name</firstterm> (<acronym>APN</acronym>) is correct. Click the <guilabel>Continue</guilabel> button.</para>
</step>
<step>
<para>Review and confirm the settings and then click the <guilabel>Apply</guilabel> button.</para>
@@ -764,7 +764,7 @@ To restrict a connections and networking, there are two options which can be use
</listitem>
<listitem>
<para>
- <guilabel>Firewall Zone</guilabel> — Select the Firewall Zone from the dropdown menu.
+ <guilabel>Firewall Zone</guilabel> — Select the Firewall Zone from the drop-down menu.
</para>
</listitem>
</itemizedlist>
@@ -956,7 +956,7 @@ To restrict a connections and networking, there are two options which can be use
</listitem>
<listitem>
<para>
- <guilabel>Firewall Zone</guilabel> — Select the Firewall Zone from the dropdown menu.
+ <guilabel>Firewall Zone</guilabel> — Select the Firewall Zone from the drop-down menu.
</para>
</listitem>
</itemizedlist>
@@ -1059,11 +1059,11 @@ To restrict a connections and networking, there are two options which can be use
</step>
<step>
<para>
- From the dropdown menu select one of the following security methods: <guimenuitem>LEAP</guimenuitem>, <guimenuitem>Dynamic WEP (802.1x)</guimenuitem>, or <guimenuitem>WPA & WPA2 Enterprise</guimenuitem>.</para>
+ From the drop-down menu select one of the following security methods: <guimenuitem>LEAP</guimenuitem>, <guimenuitem>Dynamic WEP (802.1X)</guimenuitem>, or <guimenuitem>WPA & WPA2 Enterprise</guimenuitem>.</para>
</step>
<step>
<para>Refer to <xref
- linkend="sec-Configuring_TLS_Transport_Layer_Security_Settings"/> for descriptions of which <firstterm>extensible authentication protocol</firstterm> (<acronym>EAP</acronym>) types correspond to your selection in the <guilabel>Security</guilabel> dropdown menu.</para>
+ linkend="sec-Configuring_TLS_Transport_Layer_Security_Settings"/> for descriptions of which <firstterm>extensible authentication protocol</firstterm> (<acronym>EAP</acronym>) types correspond to your selection in the <guilabel>Security</guilabel> drop-down menu.</para>
</step>
</procedure>
<section
@@ -1169,7 +1169,7 @@ To restrict a connections and networking, there are two options which can be use
<guilabel>PAC provisioning</guilabel>
</term>
<listitem>
- <para>Select the checkbox to enable and then select from <guimenu>Anonymous</guimenu>, <guimenu>Authenticated</guimenu>, and <guimenu>Both</guimenu>.</para>
+ <para>Select the check box to enable and then select from <guimenu>Anonymous</guimenu>, <guimenu>Authenticated</guimenu>, and <guimenu>Both</guimenu>.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -1342,11 +1342,11 @@ To restrict a connections and networking, there are two options which can be use
<para>
<guimenuitem>LEAP</guimenuitem> — Lightweight Extensible Authentication Protocol, from Cisco Systems.</para>
<para>
- <guimenuitem>Dynamic WEP (802.1x)</guimenuitem> — WEP keys are changed dynamically. Use with <xref linkend="sec-Configuring_TLS_Transport_Layer_Security_Settings" /> </para>
+ <guimenuitem>Dynamic WEP (802.1X)</guimenuitem> — WEP keys are changed dynamically. Use with <xref linkend="sec-Configuring_TLS_Transport_Layer_Security_Settings" /> </para>
<para>
<guimenuitem>WPA & WPA2 Personal</guimenuitem> — Wi-Fi Protected Access (WPA), from the draft IEEE 802.11i standard. A replacement for WEP. Wi-Fi Protected Access II (WPA2), from the 802.11i-2004 standard. Personal mode uses a pre-shared key (WPA-PSK).</para>
<para>
- <guimenuitem>WPA & WPA2 Enterprise</guimenuitem> — WPA for use with a RADUIS authentication server to provide IEEE 802.1x network access control. Use with <xref linkend="sec-Configuring_TLS_Transport_Layer_Security_Settings" /></para>
+ <guimenuitem>WPA & WPA2 Enterprise</guimenuitem> — WPA for use with a RADIUS authentication server to provide IEEE 802.1X network access control. Use with <xref linkend="sec-Configuring_TLS_Transport_Layer_Security_Settings" /></para>
</listitem>
</varlistentry>
<varlistentry>
@@ -1423,7 +1423,7 @@ To restrict a connections and networking, there are two options which can be use
<variablelist
id="varlist-Available_IPv4_Methods_by_Connection_Type">
<title>Available IPv4 Methods by Connection Type</title>
- <para>When you click the <guilabel>Method</guilabel> dropdown menu, depending on the type of connection you are configuring, you are able to select one of the following <systemitem class="protocol">IPv4</systemitem> connection methods. All of the methods are listed here according to which connection type, or types, they are associated with:</para>
+ <para>When you click the <guilabel>Method</guilabel> drop-down menu, depending on the type of connection you are configuring, you are able to select one of the following <systemitem class="protocol">IPv4</systemitem> connection methods. All of the methods are listed here according to which connection type, or types, they are associated with:</para>
<varlistentry>
<term>
<guilabel>Method</guilabel>
@@ -1543,7 +1543,7 @@ To restrict a connections and networking, there are two options which can be use
<para>
<guimenuitem>Gateway</guimenuitem> — The <systemitem class="protocol">IP</systemitem> address of the gateway leading to the remote network, sub-net, or host entered above.</para>
<para>
- <guimenuitem>Metric</guimenuitem> — A network cost, that is to say a preference value to give to this route. Lower values will be preferred over higher values.</para>
+ <guimenuitem>Metric</guimenuitem> — A network cost, a preference value to give to this route. Lower values will be preferred over higher values.</para>
</listitem>
</varlistentry>
<varlistentry>
@@ -1559,7 +1559,7 @@ To restrict a connections and networking, there are two options which can be use
<guilabel>Use this connection only for resources on its network</guilabel>
</term>
<listitem>
- <para>Select this check box to prevent the connection from becoming the default route. Typical examples are where a connection is a VPN tunnel or a leased line to a head office and you do not want any Internet bound traffic to pass over the connection. Selecting this option means that only traffic specifically destined for routes learned automatically over the connection or entered here manually will be routed over the connection.</para>
+ <para>Select this check box to prevent the connection from becoming the default route. Typical examples are where a connection is a VPN tunnel or a leased line to a head office and you do not want any Internet-bound traffic to pass over the connection. Selecting this option means that only traffic specifically destined for routes learned automatically over the connection or entered here manually will be routed over the connection.</para>
</listitem>
</varlistentry>
</variablelist>
@@ -2074,7 +2074,7 @@ To make a profile usable for all compatible Ethernet interfaces, issue a command
</varlistentry>
<varlistentry>
-<term><ulink url="http://www.rfc-editor.org/info/rfc3330"><citetitle pubwork="webpage">RFC 3330</citetitle></ulink> — Special-Use IPv4 Addresses</term>
+<term><ulink url="http://www.rfc-editor.org/info/rfc3330"><citetitle pubwork="webpage">RFC 3330</citetitle></ulink> — Special-Use IPv4 Addresses</term>
<listitem>
<para>
Describes the global and other specialized <systemitem class="protocol">IPv4</systemitem> address blocks that have been assigned by the Internet Assigned Numbers Authority (IANA).
9 years, 9 months
- 1
- 0
[networking-guide] master: Add mention of System Administrator's Guide (665ca90)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 665ca90cba7190c8a16b3e1ee90d0c6817ab9dee
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 22:17:23 2014 +0200
Add mention of System Administrator's Guide
>---------------------------------------------------------------
en-US/Introduction_to_Fedora_Networking.xml | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/en-US/Introduction_to_Fedora_Networking.xml b/en-US/Introduction_to_Fedora_Networking.xml
index 5080a01..7cbcf99 100644
--- a/en-US/Introduction_to_Fedora_Networking.xml
+++ b/en-US/Introduction_to_Fedora_Networking.xml
@@ -74,6 +74,7 @@
<para>
<application>NetworkManager</application> is installed by default on &MAJOROS;. If necessary, to ensure that it is, run the following command as the <systemitem class="username">root</systemitem> user:</para>
<screen>~]# <command>yum install NetworkManager</command></screen>
+ <para>For information on user privileges and gaining privileges, see the <citetitle pubwork="book">&MAJOROSVER; System Administrator's Guide</citetitle>.</para>
<section
id="sec-The_NetworkManager_Daemon">
<title>The NetworkManager Daemon</title>
9 years, 9 months
- 1
- 0
[networking-guide] master: Remove markup tags from Fedora (3412dba)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 3412dba26c44532b717f21ddfb6124a5af016c38
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Mon Jul 28 22:16:50 2014 +0200
Remove markup tags from Fedora
>---------------------------------------------------------------
en-US/Configure_802_1Q_VLAN_Tagging.xml | 2 +-
en-US/Configure_Network_Bridging.xml | 2 +-
en-US/Introduction_to_Fedora_Networking.xml | 8 ++++----
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/en-US/Configure_802_1Q_VLAN_Tagging.xml b/en-US/Configure_802_1Q_VLAN_Tagging.xml
index 368fbf7..353cb8e 100644
--- a/en-US/Configure_802_1Q_VLAN_Tagging.xml
+++ b/en-US/Configure_802_1Q_VLAN_Tagging.xml
@@ -164,7 +164,7 @@
<section id="sec-Configure_802_1Q_VLAN_Tagging_Using_the_Command_Line">
<title>Configure 802.1Q VLAN Tagging Using the Command Line</title>
<para>
- In <application>Fedora</application>, the <systemitem class="resource">8021q</systemitem> module is loaded by default. If necessary, you can make sure that the module is loaded by issuing the following command as <systemitem class="username">root</systemitem>:
+ In Fedora, the <systemitem class="resource">8021q</systemitem> module is loaded by default. If necessary, you can make sure that the module is loaded by issuing the following command as <systemitem class="username">root</systemitem>:
<screen>~]# <command>modprobe --first-time 8021q</command>
modprobe: ERROR: could not insert '8021q': Module already in kernel</screen>
To display information about the module, issue the following command:
diff --git a/en-US/Configure_Network_Bridging.xml b/en-US/Configure_Network_Bridging.xml
index 9833cc0..067d8cc 100644
--- a/en-US/Configure_Network_Bridging.xml
+++ b/en-US/Configure_Network_Bridging.xml
@@ -232,7 +232,7 @@
<section id="sec-Check_if_Bridging_Kernel_Module_is_Installed">
<title>Check if Bridging Kernel Module is Installed</title>
<para>
- In <application>Fedora</application>, the bridging module is loaded by default. If necessary, you can make sure that the module is loaded by issuing the following command as <systemitem class="username">root</systemitem>:
+ In Fedora, the bridging module is loaded by default. If necessary, you can make sure that the module is loaded by issuing the following command as <systemitem class="username">root</systemitem>:
<screen>~]# <command>modprobe --first-time bridge</command>
modprobe: ERROR: could not insert 'bridge': Module already in kernel</screen>
To display information about the module, issue the following command:
diff --git a/en-US/Introduction_to_Fedora_Networking.xml b/en-US/Introduction_to_Fedora_Networking.xml
index 3cbe9d4..5080a01 100644
--- a/en-US/Introduction_to_Fedora_Networking.xml
+++ b/en-US/Introduction_to_Fedora_Networking.xml
@@ -25,7 +25,7 @@
<title>Introduction to NetworkManager</title>
<para>
- As of <application>Fedora 20</application>, the default networking service is provided by <systemitem class="service">NetworkManager</systemitem>, which is a dynamic network control and configuration daemon that attempts to keep network devices and connections up and active when they are available. The traditional <filename>ifcfg</filename> type configuration files are still supported. See <xref linkend="sec-NetworkManager_and_the_Network_Scripts" /> for more information.</para>
+ As of Fedora 20, the default networking service is provided by <systemitem class="service">NetworkManager</systemitem>, which is a dynamic network control and configuration daemon that attempts to keep network devices and connections up and active when they are available. The traditional <filename>ifcfg</filename> type configuration files are still supported. See <xref linkend="sec-NetworkManager_and_the_Network_Scripts" /> for more information.</para>
<table id="tb-A_Summary_of_Networking_Tools_and_Applications" frame='all'>
<title>A Summary of Networking Tools and Applications</title>
<tgroup cols='2' align='left' colsep='1' rowsep='1'>
@@ -91,7 +91,7 @@ NetworkManager.service - Network Manager
<section
id="sec-Interacting_with_NetworkManager">
<title>Interacting with NetworkManager</title>
- <para>Users do not interact with the <application>NetworkManager</application> system service directly. Instead, users perform network configuration tasks via graphical and command line user interface tools. The following tools are available in <application>Fedora</application>:</para>
+ <para>Users do not interact with the <application>NetworkManager</application> system service directly. Instead, users perform network configuration tasks via graphical and command line user interface tools. The following tools are available in Fedora:</para>
<para>
<orderedlist>
<listitem>
@@ -220,7 +220,7 @@ The file <filename>/etc/sysconfig/network</filename> is for global settings. Inf
</para>
<para>
- In <application>Fedora</application>, when you edit an <filename>ifcfg</filename> file, <application>NetworkManager</application> is not automatically aware of the change and has to be prompted to notice the change. If you use one of the tools to update <application>NetworkManager</application> profile settings, then <application>NetworkManager</application> does not implement those changes until you reconnect using that profile. For example, if configuration files have been changed using an editor, <application>NetworkManager</application> must be told to read the configuration files again. To do that, issue the following command as <systemitem class="username">root</systemitem>:
+ In Fedora, when you edit an <filename>ifcfg</filename> file, <application>NetworkManager</application> is not automatically aware of the change and has to be prompted to notice the change. If you use one of the tools to update <application>NetworkManager</application> profile settings, then <application>NetworkManager</application> does not implement those changes until you reconnect using that profile. For example, if configuration files have been changed using an editor, <application>NetworkManager</application> must be told to read the configuration files again. To do that, issue the following command as <systemitem class="username">root</systemitem>:
<screen>~]# <command>nmcli connection reload</command></screen>
The above command reads all connection profiles. Alternatively, to reload only one changed file, <filename>ifcfg-<replaceable>ifname</replaceable></filename>, issue a command as follows:
<screen>~]# <command>nmcli con load /etc/sysconfig/network-scripts/ifcfg-<replaceable>ifname</replaceable></command></screen>
@@ -283,7 +283,7 @@ The file <filename>/etc/sysconfig/network</filename> is for global settings. Inf
<title>Additional Resources</title>
<para>
- The following sources of information provide additional resources regarding networking for <application>Fedora</application>.
+ The following sources of information provide additional resources regarding networking for Fedora.
</para>
<section id="sec-Introduction_to_Fedora_Networking-docs-inst">
<title>Installed Documentation</title>
9 years, 9 months
- 1
- 0
[networking-guide] master: Configure dhcrelay as a DHCPv4 and BOOTP relay agent (1d2cc6a)
by stephenw
Repository : http://git.fedorahosted.org/cgit/docs/networking-guide.git
On branch : master
>---------------------------------------------------------------
commit 1d2cc6a7013c65d0e75f58ceae01063504c5176d
Author: Stephen Wadeley <swadeley(a)redhat.com>
Date: Sat Jul 26 15:22:33 2014 +0200
Configure dhcrelay as a DHCPv4 and BOOTP relay agent
Thanks to jpopelka for this section.
>---------------------------------------------------------------
en-US/DHCP_Servers.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 48 insertions(+), 0 deletions(-)
diff --git a/en-US/DHCP_Servers.xml b/en-US/DHCP_Servers.xml
index 1e2dcc5..5cf12e9 100644
--- a/en-US/DHCP_Servers.xml
+++ b/en-US/DHCP_Servers.xml
@@ -309,9 +309,57 @@ Then, as the <systemitem class="username">root</systemitem> user, restart the se
<para>The DHCP Relay Agent listens for DHCP requests on all interfaces unless the interfaces are specified in <filename>/etc/sysconfig/dhcrelay</filename> with the <computeroutput>INTERFACES</computeroutput> directive.</para>
+ <para>
+ <application>dhcrelay</application> can either be run as a <systemitem class="protocol">DHCPv4</systemitem> and <systemitem class="protocol">BOOTP</systemitem> relay agent (by default) or as a <systemitem class="protocol">DHCPv6</systemitem> relay agent (with <option>-6</option> argument). To see the usage message, issue the command <command>dhcrelay -h</command>.
+ </para>
+
<para>To start the DHCP Relay Agent, use the following command:</para>
<screen><command>systemctl start dhcrelay.service</command></screen>
</section>
+
+<section id="Configure_dhcrelay_as_a_DHCPv4_and_BOOTP_relay_agent">
+ <title>Configure dhcrelay as a DHCPv4 and BOOTP relay agent</title>
+<para>
+ To run <application>dhcrelay</application> in <systemitem class="protocol">DHCPv4</systemitem> and <systemitem class="protocol">BOOTP</systemitem> mode specify the servers to which the requests should be forwarded to.
+Copy and then edit the <filename>dhcrelay.service</filename> file as the <systemitem class="username">root</systemitem> user:
+<screen>~]# <command>cp /lib/systemd/system/dhcrelay.service /etc/systemd/system/</command>
+~]# <command>vi /etc/systemd/system/dhcrelay.service</command></screen>
+</para>
+<para>
+Edit the <option>ExecStart</option> option under section [Service] and add one or more server <systemitem class="protocol">IPv4</systemitem> addresses to the end of the line, for example:
+<synopsis>ExecStart=/usr/sbin/dhcrelay -d --no-pid 192.168.1.1</synopsis>
+</para>
+<para>
+If you also want to specify interfaces where the DHCP Relay Agent listens for <systemitem class="protocol">DHCP</systemitem> requests, add them to the <option>ExecStart</option> option with <option>-i</option> argument, for example:
+<synopsis>ExecStart=/usr/sbin/dhcrelay -d --no-pid 192.168.1.1 -i em1</synopsis>
+For other options see the <filename>dhcrelay(8)</filename> man page.
+</para>
+ <para>
+To activate the changes made, as the <systemitem class="username">root</systemitem> user, restart the service:
+<screen>~]# <command>systemctl --system daemon-reload</command>
+~]# <command>systemctl restart dhcrelay</command></screen>
+</para>
+ </section>
+ <section id="Configure_dhcrelay_as_a_DHCPv6_relay_agent">
+ <title>Configure dhcrelay as a DHCPv6 relay agent</title>
+<para>
+ To run <application>dhcrelay</application> in <systemitem class="protocol">DHCPv6</systemitem> mode add the <option>-6</option> argument and specify the <quote>lower interface</quote> (on which queries will be received from clients or from other relay agents) and the <quote>upper interface</quote> (to which queries from clients and other relay agents should be forwarded).
+
+Copy <filename>dhcrelay.service</filename> to <filename>dhcrelay6.service</filename> and edit it as the <systemitem class="username">root</systemitem> user:
+<screen>~]# <command>cp /lib/systemd/system/dhcrelay.service /etc/systemd/system/dhcrelay6.service</command>
+~]# <command>vi /etc/systemd/system/dhcrelay6.service</command></screen>
+</para>
+<para>
+Edit the <option>ExecStart</option> option under section [Service] add <option>-6</option> argument and add the <quote>lower interface</quote> and <quote>upper interface</quote> interface, for example:
+<synopsis>ExecStart=/usr/sbin/dhcrelay -d --no-pid -6 -l em1 -u em2</synopsis>
+For other options see the <filename>dhcrelay(8)</filename> man page.
+</para>
+ <para>
+To activate the changes made, as the <systemitem class="username">root</systemitem> user, restart the service:
+<screen>~]# <command>systemctl --system daemon-reload</command>
+~]# <command>systemctl restart dhcrelay6</command></screen>
+</para>
+ </section>
</section>
<section
9 years, 9 months
- 1
- 0