Network configuration using systemd-networkd

Last change on 2021-10-05 • Created on 2020-05-18

Please note

With systemd version 238 net naming schemes were introduced. This means that if you're using predictable network interface names, network interfaces may be named differently depending on the booted systemd version.

Fortunately, if you are using systemd-networkd, you can use MAC addresses to identify network cards instead of relying on network interface names.

With our Installimage and our automated installations, we usually try to stick with a distributions default network configuration method. But since implementations like ifupdown and network-scripts require interface names to be specified, we currently also use systemd-networkd to setup CentOS and Debian systems using predictable network interface names.

.network configuration file syntax

You can find information on the .network files used by systemd-networkd here: https://www.freedesktop.org/software/systemd/man/systemd.network.html.

Main IP addresses

Dedicated root servers

A dedicated root server's main IP usually is taken from a larger subnet, but to prevent IP address spoofing, systems are only allowed to talk to their gateway.

This means that when you're configuring the actual subnet mask of an IPv4, for example /27, other systems in the same subnet would be unreachable.

To be able to reach systems in your subnet, you will need to configure your main IPv4 address as a /32 address. Since the gateway then would be outside of the IP's network, you need to tell the system how to reach the gateway.

IPv4

The following example configuration sets up the main IP 1.2.3.4 and the gateway 4.3.2.1 for the network interface with the MAC address 12:34:56:78:9a:bc.

The main IP is configured as a /32 address using a separate [Address] section, where Peer=<Gateway> tells the system that it can reach the gateway via the interface the address is configured for. See Dedicated servers for information on why you should use this setup for dedicated root servers.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
Gateway=4.3.2.1

[Address]
Address=1.2.3.4 # Main IP, /32 suffix is optional
Peer=4.3.2.1/32 # Gateway

IPv6

You can configure IPv6 by specifying the IP Address and the Gateway.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
Address=1:2:3:4::5/64
Gateway=fe80::1

IPv4 and IPv6

The following dualstack configuration is basically a combination of the IPv4 and the IPv6 configurations above.

Please check the Dedicated servers and the IPv4 section for information on why a dedicated servers main IPv4 should be configured as a /32 address and on why the Peer setup is required to talk to subnet neighbors.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
Address=1:2:3:4::5/64
Gateway=4.3.2.1
Gateway=fe80::1

[Address]
Address=1.2.3.4 # Main IP, /32 suffix is optional
Peer=4.3.2.1/32 # Gateway

CX servers

IPv4

You should use DHCP for IPv4 so you can use future features without needing to adjust your configuration.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
DHCP=ipv4

IPv6

You can configure IPv6 in the same way as for Dedicated servers. You just need to specify the IP Address and the Gateway.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
Address=1:2:3:4::5/64
Gateway=fe80::1

IPv4 and IPv6

You can configure IPv4 and IPv6 by combining DHCP for IPv4 and a static IPv6 configuration.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
DHCP=ipv4
Address=1:2:3:4::5/64
Gateway=fe80::1

CX servers using NAT networking

When using DHCP, CX servers using NAT networking need no special configuration.

Additional IPs / subnets

You can configure additional IPs / subnets by adding Address=keywords to a .network files [Network] section.

# Config file /etc/systemd/network/10-mainif.network
[Match]
MACAddress=12:34:56:78:9a:bc # Main network interface MAC

[Network]
Address=1:2:3:4::5/64
Gateway=4.3.2.1
Gateway=fe80::1
Address=5.6.7.8 # Additional single IP
Address=9.10.11.12/29 # Additional /29 subnet IP
Address=6:7:8:9::10/64 # Additional IPv6
[Address]
Address=1.2.3.4 # Main IP, /32 suffix is optional
Peer=4.3.2.1/32 # Gateway
Table of Contents