picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

man: always document both the ipv4 and the ipv6 sockopt

This commit is contained in:
Lennart Poettering 2020-09-10 16:35:31 +02:00
parent 5d0fe4233b
commit c6a7924513
2 changed files with 40 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
man/daemon.xml
View File

@ -448,37 +448,27 @@
<refsect2>
<title>Other Forms of Activation</title>
<para>Other forms of activation have been suggested and
implemented in some systems. However, there are often simpler or
better alternatives, or they can be put together of combinations
of the schemes above. Example: Sometimes, it appears useful to
start daemons or <filename>.socket</filename> units when a
specific IP address is configured on a network interface,
because network sockets shall be bound to the address. However,
an alternative to implement this is by utilizing the Linux
<constant>IP_FREEBIND</constant> socket option, as accessible
via <varname>FreeBind=yes</varname> in systemd socket files (see
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details). This option, when enabled, allows sockets to be
bound to a non-local, not configured IP address, and hence
allows bindings to a particular IP address before it actually
becomes available, making such an explicit dependency to the
configured address redundant. Another often suggested trigger
for service activation is low system load. However, here too, a
more convincing approach might be to make proper use of features
of the operating system, in particular, the CPU or I/O scheduler
of Linux. Instead of scheduling jobs from userspace based on
monitoring the OS scheduler, it is advisable to leave the
scheduling of processes to the OS scheduler itself. systemd
provides fine-grained access to the CPU and I/O schedulers. If a
process executed by the init system shall not negatively impact
the amount of CPU or I/O bandwidth available to other processes,
it should be configured with
<para>Other forms of activation have been suggested and implemented in some systems. However, there are
often simpler or better alternatives, or they can be put together of combinations of the schemes
above. Example: Sometimes, it appears useful to start daemons or <filename>.socket</filename> units
when a specific IP address is configured on a network interface, because network sockets shall be bound
to the address. However, an alternative to implement this is by utilizing the Linux
<constant>IP_FREEBIND</constant>/<constant>IPV6_FREEBIND</constant> socket option, as accessible via
<varname>FreeBind=yes</varname> in systemd socket files (see
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details). This option, when enabled, allows sockets to be bound to a non-local, not configured IP
address, and hence allows bindings to a particular IP address before it actually becomes available,
making such an explicit dependency to the configured address redundant. Another often suggested trigger
for service activation is low system load. However, here too, a more convincing approach might be to
make proper use of features of the operating system, in particular, the CPU or I/O scheduler of
Linux. Instead of scheduling jobs from userspace based on monitoring the OS scheduler, it is advisable
to leave the scheduling of processes to the OS scheduler itself. systemd provides fine-grained access
to the CPU and I/O schedulers. If a process executed by the init system shall not negatively impact the
amount of CPU or I/O bandwidth available to other processes, it should be configured with
<varname>CPUSchedulingPolicy=idle</varname> and/or
<varname>IOSchedulingClass=idle</varname>. Optionally, this may
be combined with timer-based activation to schedule background
jobs during runtime and with minimal impact on the system, and
remove it from the boot phase itself.</para>
<varname>IOSchedulingClass=idle</varname>. Optionally, this may be combined with timer-based activation
to schedule background jobs during runtime and with minimal impact on the system, and remove it from
the boot phase itself.</para>
</refsect2>
</refsect1>

45
man/systemd.socket.xml
View File

@ -568,26 +568,23 @@
<varlistentry>
<term><varname>IPTOS=</varname></term>
<listitem><para>Takes an integer argument controlling the IP
Type-Of-Service field for packets generated from this socket.
This controls the IP_TOS socket option (see
<citerefentry project='die-net'><refentrytitle>ip</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details.). Either a numeric string or one of
<option>low-delay</option>, <option>throughput</option>,
<option>reliability</option> or <option>low-cost</option> may
be specified.</para></listitem>
<listitem><para>Takes an integer argument controlling the IP Type-Of-Service field for packets
generated from this socket. This controls the <constant>IP_TOS</constant> socket option (see
<citerefentry
project='die-net'><refentrytitle>ip</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.). Either a numeric string or one of <option>low-delay</option>, <option>throughput</option>,
<option>reliability</option> or <option>low-cost</option> may be specified.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>IPTTL=</varname></term>
<listitem><para>Takes an integer argument controlling the IPv4
Time-To-Live/IPv6 Hop-Count field for packets generated from
this socket. This sets the IP_TTL/IPV6_UNICAST_HOPS socket
options (see
<citerefentry project='die-net'><refentrytitle>ip</refentrytitle><manvolnum>7</manvolnum></citerefentry>
and
<citerefentry project='die-net'><refentrytitle>ipv6</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details.)</para></listitem>
<listitem><para>Takes an integer argument controlling the IPv4 Time-To-Live/IPv6 Hop-Count field for
packets generated from this socket. This sets the
<constant>IP_TTL</constant>/<constant>IPV6_UNICAST_HOPS</constant> socket options (see <citerefentry
project='die-net'><refentrytitle>ip</refentrytitle><manvolnum>7</manvolnum></citerefentry> and
<citerefentry
project='die-net'><refentrytitle>ipv6</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
details.)</para></listitem>
</varlistentry>
<varlistentry>
@ -662,20 +659,18 @@
<varlistentry>
<term><varname>FreeBind=</varname></term>
<listitem><para>Takes a boolean value. Controls whether the
socket can be bound to non-local IP addresses. This is useful
to configure sockets listening on specific IP addresses before
those IP addresses are successfully configured on a network
interface. This sets the IP_FREEBIND socket option. For
robustness reasons it is recommended to use this option
whenever you bind a socket to a specific IP address. Defaults
to <option>false</option>.</para></listitem>
<listitem><para>Takes a boolean value. Controls whether the socket can be bound to non-local IP
addresses. This is useful to configure sockets listening on specific IP addresses before those IP
addresses are successfully configured on a network interface. This sets the
<constant>IP_FREEBIND</constant>/<constant>IPV6_FREEBIND</constant> socket option. For robustness
reasons it is recommended to use this option whenever you bind a socket to a specific IP
address. Defaults to <option>false</option>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>Transparent=</varname></term>
<listitem><para>Takes a boolean value. Controls the
IP_TRANSPARENT socket option. Defaults to
<constant>IP_TRANSPARENT</constant>/<constant>IPV6_TRANSPARENT</constant> socket option. Defaults to
<option>false</option>.</para></listitem>
</varlistentry>