iproute/iproute2-3.19.0-diff.patch
2015-04-10 12:36:06 +02:00

1622 lines
60 KiB
Diff

diff --git a/man/man8/Makefile b/man/man8/Makefile
index e998928..152747a 100644
--- a/man/man8/Makefile
+++ b/man/man8/Makefile
@@ -6,7 +6,7 @@ MAN8PAGES = $(TARGETS) ip.8 arpd.8 lnstat.8 routel.8 rtacct.8 rtmon.8 ss.8 \
tc-mqprio.8 tc-netem.8 tc-pfifo.8 tc-pfifo_fast.8 tc-prio.8 tc-red.8 \
tc-sfb.8 tc-sfq.8 tc-stab.8 tc-tbf.8 \
bridge.8 rtstat.8 ctstat.8 nstat.8 routef.8 \
- ip-addrlabel.8 ip-l2tp.8 \
+ ip-addrlabel.8 ip-fou.8 ip-gue.8 ip-l2tp.8 \
ip-maddress.8 ip-monitor.8 ip-mroute.8 ip-neighbour.8 \
ip-netns.8 ip-ntable.8 ip-rule.8 ip-tunnel.8 ip-xfrm.8 \
ip-tcp_metrics.8 ip-netconf.8 ip-token.8
diff --git a/man/man8/arpd.8 b/man/man8/arpd.8
index fc99b97..5050a98 100644
--- a/man/man8/arpd.8
+++ b/man/man8/arpd.8
@@ -35,7 +35,7 @@ Suppress sending broadcast queries by the kernel. This option only makes sense t
Specifies the timeout of the negative cache. When resolution fails, arpd suppresses further attempts to resolve for this period. This option only makes sense together with option '-k'. This timeout should not be too much longer than the boot time of a typical host not supporting gratuitous ARP. Default value is 60 seconds.
.TP
-p <TIME>
-The time to wait in seconds between polling attempts to the kernel ARP table. TIME may be a floating point number. The default value is 30.
+The time to wait in seconds between polling attempts to the kernel ARP table. TIME may be a floating point number. The default value is 30.
.TP
-R <RATE>
Maximal steady rate of broadcasts sent by arpd in packets per second. Default value is 1.
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index e344db2..4135d01 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -40,7 +40,8 @@ bridge \- show / manipulate bridge addresses and devices
.BR learning " { " on " | " off " } ] [ "
.BR learning_sync " { " on " | " off " } ] [ "
.BR flood " { " on " | " off " } ] [ "
-.BR hwmode " { " vepa " | " veb " } ] "
+.BR hwmode " { " vepa " | " veb " } ] [ "
+.BR self " ] [ " master " ] "
.ti -8
.BR "bridge link" " [ " show " ] [ "
@@ -53,7 +54,7 @@ bridge \- show / manipulate bridge addresses and devices
.B dev
.IR DEV " { "
.BR local " | " temp " } { "
-.BR self " } { " embedded " } { " router " } [ "
+.BR self " } { " router " } [ "
.B dst
.IR IPADDR " ] [ "
.B vni
@@ -110,7 +111,7 @@ utility and exit.
.TP
.BR "\-s" , " \-stats", " \-statistics"
-output more information. If this option
+output more information. If this option
is given multiple times, the amount of information increases.
As a rule, the information is statistics or some time values.
@@ -168,9 +169,9 @@ and
(or
.B list
) objects, but some objects do not allow all of these operations
-or have some additional commands. The
+or have some additional commands. The
.B help
-command is available for all objects. It prints
+command is available for all objects. It prints
out a list of available commands and argument syntax conventions.
.sp
If no command is given, some default command is assumed.
@@ -200,68 +201,70 @@ the STP path cost of the specified port.
.TP
.BI priority " PRIO "
-the STP port priority. The priority value is an unsigned 8-bit quantity
-(number between 0 and 255). This metric is used in the designated port an
+the STP port priority. The priority value is an unsigned 8-bit quantity
+(number between 0 and 255). This metric is used in the designated port an
droot port selectio algorithms.
.TP
.BI state " STATE "
-the operation state of the port. This is primarily used by user space STP/RSTP
-implementation. The following is a list of valid values:
+the operation state of the port. This is primarily used by user space STP/RSTP
+implementation. One may enter a lowercased port state name, or one of the
+numbers below. Negative inputs are ignored, and unrecognized names return an
+error.
.B 0
-- port is DISABLED. Make this port completely inactive.
+- port is DISABLED. Make this port completely inactive.
.sp
.B 1
-- STP LISTENING state. Only valid if STP is enabled on the brige. In this
+- STP LISTENING state. Only valid if STP is enabled on the brige. In this
state the port for list for STP BPDUs and drop all other traffic.
.sp
.B 2
-- STP LEARNING state. Only valid if STP is enabled on the bridge. In this
+- STP LEARNING state. Only valid if STP is enabled on the bridge. In this
state the port will accept traffic only for the purpose of updating MAC
adress tables.
.sp
.B 3
-- STP FORWARDING state. Port is fully active.
+- STP FORWARDING state. Port is fully active.
.sp
.B 4
-- STP BLOCKING state. Only valid if STP is enabled on the bridge. This state
-is used during the STP election process. In this state, port will only process
+- STP BLOCKING state. Only valid if STP is enabled on the bridge. This state
+is used during the STP election process. In this state, port will only process
STP BPDUs.
.sp
.TP
.BR "guard on " or " guard off "
-Controls whether STP BPUDs will be processed by the bridge port. By default,
-the flag is turned off allowed BPDU processing. Turning this flag on will
+Controls whether STP BPUDs will be processed by the bridge port. By default,
+the flag is turned off allowed BPDU processing. Turning this flag on will
cause the port to stop processing STP BPDUs.
.TP
.BR "hairpin on " or " hairpin off "
Controls whether traffic may be send back out of the port on which it was
-received. By default, this flag is turned off and the bridge will not forward
+received. By default, this flag is turned off and the bridge will not forward
traffic back out of the receiving port.
.TP
.BR "fastleave on " or " fastleave off "
This flag allows the bridge to immediately stop multicast traffic on a port
-that receives IGMP Leave message. It is only used with IGMP snooping is
-enabled on the bridge. By default the flag is off.
+that receives IGMP Leave message. It is only used with IGMP snooping is
+enabled on the bridge. By default the flag is off.
.TP
.BR "root_block on " or " root_block off "
-Controls whether a given port is allowed to become root port or not. Only used
-when STP is enabled on the bridge. By default the flag is off.
+Controls whether a given port is allowed to become root port or not. Only used
+when STP is enabled on the bridge. By default the flag is off.
.TP
.BR "learning on " or " learning off "
Controls whether a given port will learn MAC addresses from received traffic or
-not. If learning if off, the bridge will end up flooding any traffic for which
-it has no FDB entry. By default this flag is on.
+not. If learning if off, the bridge will end up flooding any traffic for which
+it has no FDB entry. By default this flag is on.
.TP
.BR "learning_sync on " or " learning_sync off "
@@ -270,12 +273,12 @@ bridge FDB.
.TP
.BR "flooding on " or " flooding off "
-Controls whether a given port will flood unicast traffic for which there is no FDB entry. By default this flag is on.
+Controls whether a given port will flood unicast traffic for which there is no FDB entry. By default this flag is on.
.TP
.BI hwmode
Some network interface cards support HW bridge functionality and they may be
-configured in different modes. Currently support modes are:
+configured in different modes. Currently support modes are:
.B vepa
- Data sent between HW ports is sent on the wire to the external
@@ -284,6 +287,15 @@ switch.
.B veb
- bridging happens in hardware.
+.TP
+.BI self
+link setting is configured on specified physical device
+
+.TP
+.BI master
+link setting is configured on the software bridge (default)
+
+
.SS bridge link show - list bridge port configuration.
This command displays the current bridge port configuration and flags.
@@ -314,10 +326,6 @@ the interface to which this address is associated.
- the address is associated with a software fdb (default)
.sp
-.B embedded
-- the address is associated with an offloaded fdb
-.sp
-
.B router
- the destination address is associated with a router.
Valid if the referenced device is a VXLAN type device and has
@@ -381,7 +389,7 @@ This command displays the current forwarding table.
.PP
With the
.B -statistics
-option, the command becomes verbose. It prints out the last updated
+option, the command becomes verbose. It prints out the last updated
and last used time for each entry.
.SH bridge mdb - multicast group database management
@@ -444,7 +452,7 @@ bridge interfaces.
.PP
With the
.B -details
-option, the command becomes verbose. It prints out the ports known to have
+option, the command becomes verbose. It prints out the ports known to have
a connected router.
.SH bridge vlan - VLAN filter list
@@ -479,7 +487,7 @@ the vlan specified is to be treated as untagged on egress.
.TP
.BI self
-the vlan is configured on the specified physical device. Required if the
+the vlan is configured on the specified physical device. Required if the
device is the bridge device.
.TP
@@ -505,7 +513,7 @@ This command displays the current VLAN filter table.
The
.B bridge
utility can monitor the state of devices and addresses
-continuously. This option has a slightly different format.
+continuously. This option has a slightly different format.
Namely, the
.B monitor
command is the first in the command line and then the object list follows:
@@ -527,7 +535,7 @@ described in previous sections.
.P
If a file name is given, it does not listen on RTNETLINK,
but opens the file containing RTNETLINK messages saved in binary format
-and dumps them. Such a history file can be generated with the
+and dumps them. Such a history file can be generated with the
.SH NOTES
diff --git a/man/man8/ip-address.8.in b/man/man8/ip-address.8.in
index d33b1ed..6e46af8 100644
--- a/man/man8/ip-address.8.in
+++ b/man/man8/ip-address.8.in
@@ -80,7 +80,7 @@ the name of the device to add the address to.
.BI local " ADDRESS " (default)
the address of the interface. The format of the address depends
on the protocol. It is a dotted quad for IP and a sequence of
-hexadecimal halfwords separated by colons for IPv6. The
+hexadecimal halfwords separated by colons for IPv6. The
.I ADDRESS
may be followed by a slash and a decimal number which encodes
the network prefix length.
@@ -91,8 +91,8 @@ the address of the remote endpoint for pointopoint interfaces.
Again, the
.I ADDRESS
may be followed by a slash and a decimal number, encoding the network
-prefix length. If a peer address is specified, the local address
-cannot have a prefix length. The network prefix is associated
+prefix length. If a peer address is specified, the local address
+cannot have a prefix length. The network prefix is associated
with the peer rather than with the local address.
.TP
@@ -103,7 +103,7 @@ It is possible to use the special symbols
.B '+'
and
.B '-'
-instead of the broadcast address. In this case, the broadcast address
+instead of the broadcast address. In this case, the broadcast address
is derived by setting/resetting the host bits of the interface prefix.
.TP
@@ -139,7 +139,7 @@ valid inside this site.
.B Arguments:
coincide with the arguments of
.B ip addr add.
-The device name is a required argument. The rest are optional.
+The device name is a required argument. The rest are optional.
If no arguments are given, the first address is deleted.
.SS ip address show - look at protocol addresses
@@ -221,14 +221,14 @@ The difference is that it does not run when no arguments are given.
.B Warning:
This command (and other
.B flush
-commands described below) is pretty dangerous. If you make a mistake,
+commands described below) is pretty dangerous. If you make a mistake,
it will not forgive it, but will cruelly purge all the addresses.
.PP
With the
.B -statistics
option, the command becomes verbose. It prints out the number of deleted
-addresses and the number of rounds made to flush the address list. If
+addresses and the number of rounds made to flush the address list. If
this option is given twice,
.B ip address flush
also dumps all the deleted addresses in the format described in the
diff --git a/man/man8/ip-addrlabel.8 b/man/man8/ip-addrlabel.8
index fefc3ef..5fc18fe 100644
--- a/man/man8/ip-addrlabel.8
+++ b/man/man8/ip-addrlabel.8
@@ -35,7 +35,7 @@ ip-addrlabel \- protocol address label management
.SH "DESCRIPTION"
IPv6 address labels are used for address selection;
-they are described in RFC 3484. Precedence is managed by userspace,
+they are described in RFC 3484. Precedence is managed by userspace,
and only the label itself is stored in the kernel.
.SS ip addrlabel add - add an address label
diff --git a/man/man8/ip-l2tp.8 b/man/man8/ip-l2tp.8
index 2efda9f..1738035 100644
--- a/man/man8/ip-l2tp.8
+++ b/man/man8/ip-l2tp.8
@@ -356,16 +356,16 @@ the recipient expects to receive ethernet frames exactly as
transmitted. In such cases, it is important that frames leaving the
tunnel are reassembled back into a single frame before being
forwarded on. To do so, enable netfilter connection tracking
-(conntrack) or manually load the Linux netfilter degrag modules at
+(conntrack) or manually load the Linux netfilter defrag modules at
each tunnel endpoint.
.PP
.nf
-site-A:# modprobe nf_degrag_ipv4
+site-A:# modprobe nf_defrag_ipv4
-site-B:# modprobe nf_degrag_ipv4
+site-B:# modprobe nf_defrag_ipv4
.fi
.PP
-If L2TP is being used over IPv6, use the IPv6 degrag module.
+If L2TP is being used over IPv6, use the IPv6 defrag module.
.SH INTEROPERABILITY
.PP
Unmanaged (static) L2TPv3 tunnels are supported by some network
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 239f764..5ad372c 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -72,7 +72,10 @@ ip-link \- network device configuration
.BR gre " |"
.BR gretap " |"
.BR ip6gre " |"
-.BR ip6gretap " ]"
+.BR ip6gretap " |"
+.BR vti " |"
+.BR nlmon " |"
+.BR ipvlan " ]"
.ti -8
.BI "ip link delete " DEVICE
@@ -228,6 +231,15 @@ Link types:
.sp
.BR ip6gretap
- Virtual L2 tunnel interface GRE over IPv6
+.sp
+.BR vti
+- Virtual tunnel interface
+.sp
+.BR nlmon
+- Netlink monitoring device
+.sp
+.BR ipvlan
+- Interface for L3 (IPv6/IPv4) based VLANs
.in -8
.TP
@@ -276,6 +288,8 @@ the following additional arguments are supported:
.BI ageing " SECONDS "
.R " ] [ "
.BI maxaddress " NUMBER "
+.R " ] [ "
+.B gbp
.R " ]"
.in +8
@@ -298,7 +312,7 @@ parameter.
.BI remote " IPADDR"
- specifies the unicast destination IP address to use in outgoing packets
when the destination link layer address is not known in the VXLAN device
-forwarding database. This parameter cannot be specified with the
+forwarding database. This parameter cannot be specified with the
.B group
parameter.
@@ -348,6 +362,49 @@ are entered into the VXLAN device forwarding database.
.BI maxaddress " NUMBER"
- specifies the maximum number of FDB entries.
+.sp
+.B gbp
+- enables the Group Policy extension (VXLAN-GBP).
+
+.in +4
+Allows to transport group policy context across VXLAN network peers.
+If enabled, includes the mark of a packet in the VXLAN header for outgoing
+packets and fills the packet mark based on the information found in the
+VXLAN header for incomming packets.
+
+Format of upper 16 bits of packet mark (flags);
+
+.in +2
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+.br
+|-|-|-|-|-|-|-|-|-|D|-|-|A|-|-|-|
+.br
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+.B D :=
+Don't Learn bit. When set, this bit indicates that the egress
+VTEP MUST NOT learn the source address of the encapsulated frame.
+
+.B A :=
+Indicates that the group policy has already been applied to
+this packet. Policies MUST NOT be applied by devices when the A bit is set.
+.in -2
+
+Format of lower 16 bits of packet mark (policy ID):
+
+.in +2
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+.br
+| Group Policy ID |
+.br
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+.in -2
+
+Example:
+ iptables -A OUTPUT [...] -j MARK --set-mark 0x800FF
+
+.in -4
+
.in -8
.TP
@@ -476,7 +533,7 @@ flag calculates checksums for outgoing packets.
The
.B icsum
flag requires that all input packets have the correct
-checksum. The
+checksum. The
.B csum
flag is equivalent to the combination
.BR "icsum ocsum" .
@@ -487,7 +544,7 @@ flag is equivalent to the combination
.sp
.BI encaplimit " ELIM"
-- specifies a fixed encapsulation limit. Default is 4.
+- specifies a fixed encapsulation limit. Default is 4.
.sp
.BI flowlabel " FLOWLABEL"
@@ -554,7 +611,7 @@ device.
.BI group " GROUP "
.I GROUP
has a dual role: If both group and dev are present, then move the device to the
-specified group. If only a group is specified, then the command operates on
+specified group. If only a group is specified, then the command operates on
all devices in that group.
.TP
@@ -580,11 +637,13 @@ flag on the device.
.BR "dynamic on " or " dynamic off"
change the
.B DYNAMIC
-flag on the device.
+flag on the device. Indicates that address can change when interface goes down (currently
+.B NOT
+used by the Linux).
.TP
.BI name " NAME"
-change the name of the device. This operation is not
+change the name of the device. This operation is not
recommended if the device is running or has some addresses
already configured.
@@ -615,14 +674,29 @@ the interface is
.IR "POINTOPOINT" .
.TP
-.BI netns " PID"
-move the device to the network namespace associated with the process
-.IR "PID".
-
-.TP
-.BI netns " NETNSNAME"
+.BI netns " NETNSNAME " \fR| " PID"
move the device to the network namespace associated with name
-.IR "NETNSNAME".
+.IR "NETNSNAME " or
+.RI process " PID".
+
+Some devices are not allowed to change network namespace: loopback, bridge,
+ppp, wireless. These are network namespace local devices. In such case
+.B ip
+tool will return "Invalid argument" error. It is possible to find out if device is local
+to a single network namespace by checking
+.B netns-local
+flag in the output of the
+.BR ethtool ":"
+
+.in +8
+.B ethtool -k
+.I DEVICE
+.in -8
+
+To change network namespace for wireless devices the
+.B iw
+tool can be used. But it allows to change network namespace only for physical devices and by process
+.IR PID .
.TP
.BI alias " NAME"
@@ -720,7 +794,7 @@ If multiple parameter changes are requested,
aborts immediately after any of the changes have failed.
This is the only case when
.B ip
-can move the system to an unpredictable state. The solution
+can move the system to an unpredictable state. The solution
is to avoid changing several parameters with one
.B ip link set
call.
@@ -779,6 +853,12 @@ print human readable rates in IEC units (ie. 1K = 1024).
.I "TYPE"
specifies which help of link type to dislpay.
+.SS
+.I GROUP
+may be a number or a string from the file
+.B /etc/iproute2/group
+which can be manually filled.
+
.SH "EXAMPLES"
.PP
ip link show
@@ -832,7 +912,8 @@ and the outer UDP checksum and remote checksum offload are enabled.
.SH SEE ALSO
.br
-.BR ip (8)
+.BR ip (8),
+.BR ip-netns (8)
.SH AUTHOR
Original Manpage by Michail Litvak <mci@owl.openwall.com>
diff --git a/man/man8/ip-maddress.8 b/man/man8/ip-maddress.8
index 288d5cc..f3432bb 100644
--- a/man/man8/ip-maddress.8
+++ b/man/man8/ip-maddress.8
@@ -39,7 +39,7 @@ the device name.
These commands attach/detach a static link-layer multicast address
to listen on the interface.
Note that it is impossible to join protocol multicast groups
-statically. This command only manages link-layer addresses.
+statically. This command only manages link-layer addresses.
.RS
.TP
diff --git a/man/man8/ip-monitor.8 b/man/man8/ip-monitor.8
index 544b625..1de0ca9 100644
--- a/man/man8/ip-monitor.8
+++ b/man/man8/ip-monitor.8
@@ -33,7 +33,7 @@ Prints short timestamp before the event message on the same line in format:
The
.B ip
utility can monitor the state of devices, addresses
-and routes continuously. This option has a slightly different format.
+and routes continuously. This option has a slightly different format.
Namely, the
.B monitor
command is the first in the command line and then the object list follows:
@@ -49,7 +49,7 @@ command is the first in the command line and then the object list follows:
is the list of object types that we want to monitor.
It may contain
.BR link ", " address ", " route ", " mroute ", " prefix ", "
-.BR neigh " and " netconf "."
+.BR neigh ", " netconf " and " rule "."
If no
.B file
argument is given,
@@ -65,7 +65,7 @@ but opens the given file, and dumps its contents. The file
should contain RTNETLINK messages saved in binary format.
Such a file can be generated with the
.B rtmon
-utility. This utility has a command line syntax similar to
+utility. This utility has a command line syntax similar to
.BR "ip monitor" .
Ideally,
.B rtmon
diff --git a/man/man8/ip-mroute.8 b/man/man8/ip-mroute.8
index 3b708cf..e89b6b2 100644
--- a/man/man8/ip-mroute.8
+++ b/man/man8/ip-mroute.8
@@ -28,7 +28,7 @@ or
Due to the limitations of the current interface to the multicast routing
engine, it is impossible to change
.B mroute
-objects administratively, so we can only display them. This limitation
+objects administratively, so we can only display them. This limitation
will be removed in the future.
.SS ip mroute show - list mroute cache entries
diff --git a/man/man8/ip-neighbour.8 b/man/man8/ip-neighbour.8
index d6adc65..b0fc0dd 100644
--- a/man/man8/ip-neighbour.8
+++ b/man/man8/ip-neighbour.8
@@ -152,7 +152,7 @@ only list neighbour entries in this state.
.I NUD_STATE
takes values listed below or the special value
.B all
-which means all states. This option may occur more than once.
+which means all states. This option may occur more than once.
If this option is absent,
.B ip
lists all entries except for
@@ -176,9 +176,9 @@ and
.PP
With the
.B -statistics
-option, the command becomes verbose. It prints out the number of
+option, the command becomes verbose. It prints out the number of
deleted neighbours and the number of rounds made to flush the
-neighbour table. If the option is given
+neighbour table. If the option is given
twice,
.B ip neigh flush
also dumps all the deleted neighbours.
diff --git a/man/man8/ip-netns.8 b/man/man8/ip-netns.8
index 8e6999c..80a4ad1 100644
--- a/man/man8/ip-netns.8
+++ b/man/man8/ip-netns.8
@@ -24,6 +24,10 @@ ip-netns \- process network namespace management
.RI "[ " NETNSNAME " ]"
.ti -8
+.BR "ip netns" " { " set " } "
+.I NETNSNAME NETNSID
+
+.ti -8
.BR "ip netns identify"
.RI "[ " PID " ]"
@@ -42,12 +46,15 @@ ip-netns \- process network namespace management
A network namespace is logically another copy of the network stack,
with its own routes, firewall rules, and network devices.
+By default a process inherits its network namespace from its parent. Initially all
+the processes share the same default network namespace from the init process.
+
By convention a named network namespace is an object at
.BR "/var/run/netns/" NAME
-that can be opened. The file descriptor resulting from opening
+that can be opened. The file descriptor resulting from opening
.BR "/var/run/netns/" NAME
-refers to the specified network namespace. Holding that file
-descriptor open keeps the network namespace alive. The file
+refers to the specified network namespace. Holding that file
+descriptor open keeps the network namespace alive. The file
descriptor can be used with the
.B setns(2)
system call to change the network namespace associated with a task.
@@ -83,15 +90,55 @@ network namespace and assigns NAME.
.B ip [-all] netns delete [ NAME ] - delete the name of a network namespace(s)
.sp
If NAME is present in /var/run/netns it is umounted and the mount
-point is removed. If this is the last user of the network namespace the
-network namespace will be freed, otherwise the network namespace
-persists until it has no more users. ip netns delete may fail if
-the mount point is in use in another mount namespace.
+point is removed. If this is the last user of the network namespace the
+network namespace will be freed and all physical devices will be moved to the
+default one, otherwise the network namespace persists until it has no more
+users. ip netns delete may fail if the mount point is in use in another mount
+namespace.
If
.B -all
option was specified then all the network namespace names will be removed.
+It is possible to lose the physical device when it was moved to netns and
+then this netns was deleted with a running process:
+
+.RS 10
+$ ip netns add net0
+.RE
+.RS 10
+$ ip link set dev eth0 netns net0
+.RE
+.RS 10
+$ ip netns exec net0 SOME_PROCESS_IN_BACKGROUND
+.RE
+.RS 10
+$ ip netns del net0
+.RE
+
+.RS
+and eth0 will appear in the default netns only after SOME_PROCESS_IN_BACKGROUND
+will exit or will be killed. To prevent this the processes running in net0
+should be killed before deleting the netns:
+
+.RE
+.RS 10
+$ ip netns pids net0 | xargs kill
+.RE
+.RS 10
+$ ip netns del net0
+.RE
+
+.TP
+.B ip netns set NAME NETNSID - assign an id to a peer network namespace
+.sp
+This command assigns a id to a peer network namespace. This id is valid
+only in the current network namespace.
+This id will be used by the kernel in some netlink messages. If no id is
+assigned when the kernel needs it, it will be automatically assigned by
+the kernel.
+Once it is assigned, it's not possible to change it.
+
.TP
.B ip netns identify [PID] - Report network namespaces names for process
.sp
@@ -111,7 +158,7 @@ the named network namespace as their primary network namespace.
This command allows applications that are network namespace unaware
to be run in something other than the default network namespace with
all of the configuration for the specified network namespace appearing
-in the customary global locations. A network namespace and bind mounts
+in the customary global locations. A network namespace and bind mounts
are used to move files from their network namespace specific location
to their default locations without affecting other processes.
diff --git a/man/man8/ip-route.8.in b/man/man8/ip-route.8.in
index 89960c1..d53cc76 100644
--- a/man/man8/ip-route.8.in
+++ b/man/man8/ip-route.8.in
@@ -116,7 +116,9 @@ replace " } "
.B features
.IR FEATURES " ] [ "
.B quickack
-.IR BOOL " ]"
+.IR BOOL " ] [ "
+.B congctl
+.IR NAME " ]"
.ti -8
.IR TYPE " := [ "
@@ -160,7 +162,7 @@ by the route prefix.
.sp
.B unreachable
-- these destinations are unreachable. Packets are discarded and the
+- these destinations are unreachable. Packets are discarded and the
ICMP message
.I host unreachable
is generated.
@@ -170,47 +172,47 @@ error.
.sp
.B blackhole
-- these destinations are unreachable. Packets are discarded silently.
+- these destinations are unreachable. Packets are discarded silently.
The local senders get an
.I EINVAL
error.
.sp
.B prohibit
-- these destinations are unreachable. Packets are discarded and the
+- these destinations are unreachable. Packets are discarded and the
ICMP message
.I communication administratively prohibited
-is generated. The local senders get an
+is generated. The local senders get an
.I EACCES
error.
.sp
.B local
-- the destinations are assigned to this host. The packets are looped
+- the destinations are assigned to this host. The packets are looped
back and delivered locally.
.sp
.B broadcast
-- the destinations are broadcast addresses. The packets are sent as
+- the destinations are broadcast addresses. The packets are sent as
link broadcasts.
.sp
.B throw
- a special control route used together with policy rules. If such a
route is selected, lookup in this table is terminated pretending that
-no route was found. Without policy routing it is equivalent to the
-absence of the route in the routing table. The packets are dropped
+no route was found. Without policy routing it is equivalent to the
+absence of the route in the routing table. The packets are dropped
and the ICMP message
.I net unreachable
-is generated. The local senders get an
+is generated. The local senders get an
.I ENETUNREACH
error.
.sp
.B nat
-- a special NAT route. Destinations covered by the prefix
+- a special NAT route. Destinations covered by the prefix
are considered to be dummy (or external) addresses which require translation
-to real (or internal) ones before forwarding. The addresses to translate to
+to real (or internal) ones before forwarding. The addresses to translate to
are selected with the attribute
.BR "via" .
.B Warning:
@@ -221,7 +223,7 @@ Route NAT is no longer supported in Linux 2.6.
.RI "- " "not implemented"
the destinations are
.I anycast
-addresses assigned to this host. They are mainly equivalent
+addresses assigned to this host. They are mainly equivalent
to
.B local
with one difference: such addresses are invalid when used
@@ -229,7 +231,7 @@ as the source address of any packet.
.sp
.B multicast
-- a special type used for multicast routing. It is not present in
+- a special type used for multicast routing. It is not present in
normal routing tables.
.in -8
@@ -245,10 +247,10 @@ Values (0, 253, 254, and 255) are reserved for built-in use.
.sp
Actually, one other table always exists, which is invisible but
-even more important. It is the
+even more important. It is the
.B local
-table (ID 255). This table
-consists of routes for local and broadcast addresses. The kernel maintains
+table (ID 255). This table
+consists of routes for local and broadcast addresses. The kernel maintains
this table automatically and the administrator usually need not modify it
or even look at it.
@@ -268,7 +270,7 @@ change or add new one
.RS
.TP
.BI to " TYPE PREFIX " (default)
-the destination prefix of the route. If
+the destination prefix of the route. If
.I TYPE
is omitted,
.B ip
@@ -279,9 +281,9 @@ Other values of
are listed above.
.I PREFIX
is an IP or IPv6 address optionally followed by a slash and the
-prefix length. If the length of the prefix is missing,
+prefix length. If the length of the prefix is missing,
.B ip
-assumes a full-length host route. There is also a special
+assumes a full-length host route. There is also a special
.I PREFIX
.B default
- which is equivalent to IP
@@ -293,9 +295,9 @@ or to IPv6
.BI tos " TOS"
.TP
.BI dsfield " TOS"
-the Type Of Service (TOS) key. This key has no associated mask and
+the Type Of Service (TOS) key. This key has no associated mask and
the longest match is understood as: First, compare the TOS
-of the route and of the packet. If they are not equal, then the packet
+of the route and of the packet. If they are not equal, then the packet
may still match a route with a zero TOS.
.I TOS
is either an 8 bit hexadecimal number or an identifier
@@ -332,12 +334,12 @@ the output device name.
.TP
.BI via " ADDRESS"
-the address of the nexthop router. Actually, the sense of this field
-depends on the route type. For normal
+the address of the nexthop router. Actually, the sense of this field
+depends on the route type. For normal
.B unicast
routes it is either the true next hop router or, if it is a direct
route installed in BSD compatibility mode, it can be a local address
-of the interface. For NAT routes it is the first address of the block
+of the interface. For NAT routes it is the first address of the block
of translated IP destinations.
.TP
@@ -356,10 +358,10 @@ may be a number or a string from the file
.BI mtu " MTU"
.TP
.BI "mtu lock" " MTU"
-the MTU along the path to the destination. If the modifier
+the MTU along the path to the destination. If the modifier
.B lock
is not used, the MTU may be updated by the kernel due to
-Path MTU Discovery. If the modifier
+Path MTU Discovery. If the modifier
.B lock
is used, no path MTU discovery will be tried, all packets
will be sent without the DF bit in IPv4 case or fragmented
@@ -368,7 +370,7 @@ to MTU for IPv6.
.TP
.BI window " NUMBER"
the maximal window for TCP to advertise to these destinations,
-measured in bytes. It limits maximal data bursts that our TCP
+measured in bytes. It limits maximal data bursts that our TCP
peers are allowed to send to us.
.TP
@@ -389,7 +391,7 @@ above.
.TP
.BI rto_min " TIME " "(2.6.23+ only)"
the minimum TCP Retransmission TimeOut to use when communicating with this
-destination. Values are specified as with
+destination. Values are specified as with
.BI rtt
above.
@@ -399,7 +401,7 @@ an estimate for the initial slow start threshold.
.TP
.BI cwnd " NUMBER " "(2.3.15+ only)"
-the clamp for congestion window. It is ignored if the
+the clamp for congestion window. It is ignored if the
.B lock
flag is not used.
@@ -418,7 +420,7 @@ The default value is zero, meaning to use Slow Start value.
.TP
.BI features " FEATURES " (3.18+ only)
-Enable or disable per-route features. Only available feature at this
+Enable or disable per-route features. Only available feature at this
time is
.B ecn
to enable explicit congestion notification when initiating connections to the
@@ -433,9 +435,24 @@ sysctl is set to 0.
Enable or disable quick ack for connections to this destination.
.TP
+.BI congctl " NAME " "(3.20+ only)"
+.TP
+.BI "congctl lock" " NAME " "(3.20+ only)"
+Sets a specific TCP congestion control algorithm only for a given destination.
+If not specified, Linux keeps the current global default TCP congestion control
+algorithm, or the one set from the application. If the modifier
+.B lock
+is not used, an application may nevertheless overwrite the suggested congestion
+control algorithm for that destination. If the modifier
+.B lock
+is used, then an application is not allowed to overwrite the specified congestion
+control algorithm for that destination, thus it will be enforced/guaranteed to
+use the proposed algorithm.
+
+.TP
.BI advmss " NUMBER " "(2.3.15+ only)"
the MSS ('Maximal Segment Size') to advertise to these
-destinations when establishing TCP connections. If it is not given,
+destinations when establishing TCP connections. If it is not given,
Linux uses a default value calculated from the first hop device MTU.
(If the path to these destination is asymmetric, this guess may be wrong.)
@@ -498,7 +515,7 @@ If the routing protocol ID is not given,
.B ip assumes protocol
.B boot
(i.e. it assumes the route was added by someone who doesn't
-understand what they are doing). Several protocol values have
+understand what they are doing). Several protocol values have
a fixed interpretation.
Namely:
@@ -547,7 +564,7 @@ but their semantics are a bit different.
Key values
.RB "(" to ", " tos ", " preference " and " table ")"
-select the route to delete. If optional attributes are present,
+select the route to delete. If optional attributes are present,
.B ip
verifies that they coincide with the attributes of the route to delete.
If no route with the given key and attributes was found,
@@ -604,7 +621,7 @@ only select routes with the given TOS.
.TP
.BI table " TABLEID"
-show the routes from this table(s). The default setting is to show table
+show the routes from this table(s). The default setting is to show table
.BR main "."
.I TABLEID
may either be the ID of a real table or one of the special values:
@@ -678,7 +695,7 @@ this command flushes routes selected by some criteria.
.sp
The arguments have the same syntax and semantics as the arguments of
.BR "ip route show" ,
-but routing tables are not listed but purged. The only difference is
+but routing tables are not listed but purged. The only difference is
the default action:
.B show
dumps all the IP main routing table but
@@ -740,7 +757,7 @@ Note that this operation is not equivalent to
.B show
shows existing routes.
.B get
-resolves them and creates new clones if necessary. Essentially,
+resolves them and creates new clones if necessary. Essentially,
.B get
is equivalent to sending a packet along this path.
If the
@@ -750,7 +767,7 @@ to output packets towards the requested destination.
This is equivalent to pinging the destination
with a subsequent
.BR "ip route ls cache" ,
-however, no packets are actually sent. With the
+however, no packets are actually sent. With the
.B iif
argument, the kernel pretends that a packet arrived from this interface
and searches for a path to forward the packet.
@@ -774,8 +791,8 @@ This command expects to read a data stream as returned from
.BR "ip route save" .
It will attempt to restore the routing table information exactly as
it was at the time of the save, so any translation of information
-in the stream (such as device indexes) must be done first. Any existing
-routes are left unchanged. Any routes specified in the data stream that
+in the stream (such as device indexes) must be done first. Any existing
+routes are left unchanged. Any routes specified in the data stream that
already exist in the table will be ignored.
.RE
diff --git a/man/man8/ip-rule.8 b/man/man8/ip-rule.8
index 62df3b0..dd925be 100644
--- a/man/man8/ip-rule.8
+++ b/man/man8/ip-rule.8
@@ -86,7 +86,7 @@ and an
The RPDB is scanned in order of decreasing priority. The selector
of each rule is applied to {source address, destination address, incoming
interface, tos, fwmark} and, if the selector matches the packet,
-the action is performed. The action predicate may return with success.
+the action is performed. The action predicate may return with success.
In this case, it will either give a route or failure indication
and the RPDB lookup is terminated. Otherwise, the RPDB program
continues with the next rule.
@@ -131,18 +131,18 @@ table
(ID 253).
The
.B default
-table is empty. It is reserved for some post-processing if no previous
+table is empty. It is reserved for some post-processing if no previous
default rules selected the packet.
This rule may also be deleted.
.P
Each RPDB entry has additional
-attributes. F.e. each rule has a pointer to some routing
-table. NAT and masquerading rules have an attribute to select new IP
-address to translate/masquerade. Besides that, rules have some
+attributes. F.e. each rule has a pointer to some routing
+table. NAT and masquerading rules have an attribute to select new IP
+address to translate/masquerade. Besides that, rules have some
optional attributes, which routes have, namely
.BR "realms" .
-These values do not override those contained in the routing tables. They
+These values do not override those contained in the routing tables. They
are only used if the route did not select any attributes.
.sp
@@ -175,7 +175,7 @@ of the IP packet into some other value.
.RS
.TP
.BI type " TYPE " (default)
-the type of this rule. The list of valid types was given in the previous
+the type of this rule. The list of valid types was given in the previous
subsection.
.TP
@@ -188,14 +188,14 @@ select the destination prefix to match.
.TP
.BI iif " NAME"
-select the incoming device to match. If the interface is loopback,
-the rule only matches packets originating from this host. This means
+select the incoming device to match. If the interface is loopback,
+the rule only matches packets originating from this host. This means
that you may create separate routing tables for forwarded and local
packets and, hence, completely segregate them.
.TP
.BI oif " NAME"
-select the outgoing device to match. The outgoing interface is only
+select the outgoing device to match. The outgoing interface is only
available for packets originating from local sockets that are bound to
a device.
@@ -213,7 +213,7 @@ value to match.
.TP
.BI priority " PREFERENCE"
-the priority of this rule. Each rule should have an explicitly
+the priority of this rule. Each rule should have an explicitly
set
.I unique
priority value.
@@ -236,7 +236,7 @@ group GROUP.
.TP
.BI realms " FROM/TO"
Realms to select if the rule matched and the routing table lookup
-succeeded. Realm
+succeeded. Realm
.I TO
is only used if the route did not select any realm.
@@ -253,7 +253,7 @@ Using map-to instead of nat means the same thing.
.B Warning:
Changes to the RPDB made with these commands do not become active
-immediately. It is assumed that after a script finishes a batch of
+immediately. It is assumed that after a script finishes a batch of
updates, it flushes the routing cache with
.BR "ip route flush cache" .
.RE
diff --git a/man/man8/ip-tunnel.8 b/man/man8/ip-tunnel.8
index fc2d6bd..c97c28c 100644
--- a/man/man8/ip-tunnel.8
+++ b/man/man8/ip-tunnel.8
@@ -86,7 +86,7 @@ objects are tunnels, encapsulating packets in IP packets and then
sending them over the IP infrastructure.
The encapsulating (or outer) address family is specified by the
.B -f
-option. The default is IPv4.
+option. The default is IPv4.
.TP
.B ip tunnel add
@@ -168,7 +168,7 @@ changes.
.TP
.B nopmtudisc
disable Path MTU Discovery on this tunnel.
-It is enabled by default. Note that a fixed ttl is incompatible
+It is enabled by default. Note that a fixed ttl is incompatible
with this option: tunneling with a fixed ttl always makes pmtu
discovery.
@@ -199,7 +199,7 @@ flag calculates checksums for outgoing packets.
The
.B icsum
flag requires that all input packets have the correct
-checksum. The
+checksum. The
.B csum
flag is equivalent to the combination
.BR "icsum ocsum" .
@@ -223,7 +223,7 @@ flag is equivalent to the combination
.TP
.BI encaplim " ELIM"
.RB ( " only IPv6 tunnels " )
-set a fixed encapsulation limit. Default is 4.
+set a fixed encapsulation limit. Default is 4.
.TP
.BI flowlabel " FLOWLABEL"
diff --git a/man/man8/ip.8 b/man/man8/ip.8
index 016e8c6..4cd71de 100644
--- a/man/man8/ip.8
+++ b/man/man8/ip.8
@@ -56,7 +56,7 @@ If there were any errors during execution of the commands, the application retur
.TP
.BR "\-s" , " \-stats" , " \-statistics"
-Output more information. If the option
+Output more information. If the option
appears twice or more, the amount of information increases.
As a rule, the information is statistics or some time values.
@@ -67,7 +67,7 @@ Output more detailed information.
.TP
.BR "\-l" , " \-loops " <COUNT>
Specify maximum number of loops the 'ip addr flush' logic
-will attempt before giving up. The default is 10.
+will attempt before giving up. The default is 10.
Zero (0) means loop until all addresses are removed.
.TP
@@ -77,7 +77,7 @@ Specifies the protocol family to use. The protocol family identifier can be one
or
.BR link .
If this option is not present,
-the protocol family is guessed from other arguments. If the rest
+the protocol family is guessed from other arguments. If the rest
of the command line does not give enough information to guess the
family,
.B ip
@@ -254,9 +254,9 @@ and
(or
.B list
) objects, but some objects do not allow all of these operations
-or have some additional commands. The
+or have some additional commands. The
.B help
-command is available for all objects. It prints
+command is available for all objects. It prints
out a list of available commands and argument syntax conventions.
.sp
If no command is given, some default command is assumed.
diff --git a/man/man8/rtmon.8 b/man/man8/rtmon.8
index c9359d8..0538752 100644
--- a/man/man8/rtmon.8
+++ b/man/man8/rtmon.8
@@ -34,7 +34,7 @@ Show summary of options.
.TP
.B file FILE [ all | LISTofOBJECTS ]
Log output to FILE. LISTofOBJECTS is the list of object types that we
-want to monitor. It may contain 'link', 'address', 'route'
+want to monitor. It may contain 'link', 'address', 'route'
and 'all'. 'link' specifies the network device, 'address' the protocol
(IP or IPv6) address on a device, 'route' the routing table entry
and 'all' does what the name says.
diff --git a/man/man8/ss.8 b/man/man8/ss.8
index 450649a..b7fbaef 100644
--- a/man/man8/ss.8
+++ b/man/man8/ss.8
@@ -84,6 +84,9 @@ context of the creating process, however the context shown will reflect
any policy role, type and/or range transition rules applied,
and is therefore a useful reference.
.TP
+.B \-N NSNAME, \-\-net=NSNAME
+Switch to the specified network namespace name.
+.TP
.B \-b, \-\-bpf
Show socket BPF filters (only administrators are allowed to get these information).
.TP
diff --git a/man/man8/tc-cbq-details.8 b/man/man8/tc-cbq-details.8
index f43dca8..ddaf3ca 100644
--- a/man/man8/tc-cbq-details.8
+++ b/man/man8/tc-cbq-details.8
@@ -58,8 +58,8 @@ interval timeconstant
.SH DESCRIPTION
Class Based Queueing is a classful qdisc that implements a rich
-linksharing hierarchy of classes. It contains shaping elements as
-well as prioritizing capabilities. Shaping is performed using link
+linksharing hierarchy of classes. It contains shaping elements as
+well as prioritizing capabilities. Shaping is performed using link
idle time calculations based on the timing of dequeue events and
underlying link bandwidth.
diff --git a/man/man8/tc-cbq.8 b/man/man8/tc-cbq.8
index 4b371a0..b900e1c 100644
--- a/man/man8/tc-cbq.8
+++ b/man/man8/tc-cbq.8
@@ -60,8 +60,8 @@ interval timeconstant
.SH DESCRIPTION
Class Based Queueing is a classful qdisc that implements a rich
-linksharing hierarchy of classes. It contains shaping elements as
-well as prioritizing capabilities. Shaping is performed using link
+linksharing hierarchy of classes. It contains shaping elements as
+well as prioritizing capabilities. Shaping is performed using link
idle time calculations based on the timing of dequeue events and
underlying link bandwidth.
diff --git a/man/man8/tc-choke.8 b/man/man8/tc-choke.8
index 9d1081f..1916a3d 100644
--- a/man/man8/tc-choke.8
+++ b/man/man8/tc-choke.8
@@ -22,12 +22,12 @@ chance
CHOKe (CHOose and Keep for responsive flows, CHOose and Kill for unresponsive flows)
is a classless qdisc designed to both identify and penalize flows that monopolize the
-queue. CHOKe is a variation of RED, and the configuration is similar to RED.
+queue. CHOKe is a variation of RED, and the configuration is similar to RED.
.SH ALGORITHM
Once the queue hits a certain average length, a random packet is drawn from the
-queue. If both the to-be-queued and the drawn packet belong to the same flow,
-both packets are dropped. Otherwise, if the queue length is still below the maximum length,
+queue. If both the to-be-queued and the drawn packet belong to the same flow,
+both packets are dropped. Otherwise, if the queue length is still below the maximum length,
the new packet has a configurable chance of being marked (which may mean dropped).
If the queue length exceeds
.BR max ,
diff --git a/man/man8/tc-codel.8 b/man/man8/tc-codel.8
index 61f163f..a0e50a4 100644
--- a/man/man8/tc-codel.8
+++ b/man/man8/tc-codel.8
@@ -69,10 +69,10 @@ is used to ensure that the measured minimum delay does not become too stale. The
minimum delay must be experienced in the last epoch of length
.B interval.
It should be set on the order of the worst-case RTT through the bottleneck to
-give endpoints sufficient time to react. Default value is 100ms.
+give endpoints sufficient time to react. Default value is 100ms.
.SS ecn | noecn
-can be used to mark packets instead of dropping them. If
+can be used to mark packets instead of dropping them. If
.B ecn
has been enabled,
.B noecn
diff --git a/man/man8/tc-drr.8 b/man/man8/tc-drr.8
index 29daed8..f550a35 100644
--- a/man/man8/tc-drr.8
+++ b/man/man8/tc-drr.8
@@ -23,9 +23,9 @@ Each class is assigned a deficit counter, initialized to
.B quantum.
DRR maintains an (internal) ''active'' list of classes whose qdiscs are
-non-empty. This list is used for dequeuing. A packet is dequeued from
+non-empty. This list is used for dequeuing. A packet is dequeued from
the class at the head of the list if the packet size is smaller or equal
-to the deficit counter. If the counter is too small, it is increased by
+to the deficit counter. If the counter is too small, it is increased by
.B quantum
and the scheduler moves on to the next class in the active list.
@@ -34,7 +34,7 @@ and the scheduler moves on to the next class in the active list.
.TP
quantum
Amount of bytes a flow is allowed to dequeue before the scheduler moves to
-the next class. Defaults to the MTU of the interface. The minimum value is 1.
+the next class. Defaults to the MTU of the interface. The minimum value is 1.
.SH EXAMPLE & USAGE
@@ -54,9 +54,9 @@ You also need to add at least one filter to classify packets.
.P
Like SFQ, DRR is only useful when it owns the queue \-\- it is a pure scheduler and does
-not delay packets. Attaching non-work-conserving qdiscs like tbf to it does not make
+not delay packets. Attaching non-work-conserving qdiscs like tbf to it does not make
sense \-\- other qdiscs in the active list will also become inactive until the dequeue
-operation succeeds. Embed DRR within another qdisc like HTB or HFSC to ensure it owns the queue.
+operation succeeds. Embed DRR within another qdisc like HTB or HFSC to ensure it owns the queue.
.P
You can mimic SFQ behavior by assigning packets to the attached classes using the
flow filter:
diff --git a/man/man8/tc-fq_codel.8 b/man/man8/tc-fq_codel.8
index adeacd6..a80389a 100644
--- a/man/man8/tc-fq_codel.8
+++ b/man/man8/tc-fq_codel.8
@@ -47,7 +47,7 @@ has the same semantics as
.B codel
and is the acceptable minimum
standing/persistent queue delay. This minimum delay is identified by tracking
-the local minimum queue delay that packets experience. Default value is 5ms.
+the local minimum queue delay that packets experience. Default value is 5ms.
.SS interval
has the same semantics as
@@ -55,7 +55,7 @@ has the same semantics as
and is used to ensure that the measured minimum delay does not become too stale.
The minimum delay must be experienced in the last epoch of length .B interval.
It should be set on the order of the worst-case RTT through the bottleneck to
-give endpoints sufficient time to react. Default value is 100ms.
+give endpoints sufficient time to react. Default value is 100ms.
.SS quantum
is the number of bytes used as 'deficit' in the fair queuing algorithm. Default
@@ -65,7 +65,7 @@ header length of 14 bytes.
.SS ecn | noecn
has the same semantics as
.B codel
-and can be used to mark packets instead of dropping them. If
+and can be used to mark packets instead of dropping them. If
.B ecn
has been enabled,
.B noecn
diff --git a/man/man8/tc-hfsc.8 b/man/man8/tc-hfsc.8
index c5ff331..5444118 100644
--- a/man/man8/tc-hfsc.8
+++ b/man/man8/tc-hfsc.8
@@ -32,7 +32,7 @@ For description of BYTE, BPS and SEC \- please see \fBUNITS\fR
section of \fBtc\fR(8).
.
.SH DESCRIPTION (qdisc)
-HFSC qdisc has only one optional parameter \- \fBdefault\fR. CLASSID specifies
+HFSC qdisc has only one optional parameter \- \fBdefault\fR. CLASSID specifies
the minor part of the default classid, where packets not classified by other
means (e.g. u32 filter, CLASSIFY target of iptables) will be enqueued. If
\fBdefault\fR is not specified, unclassified packets will be dropped.
diff --git a/man/man8/tc-netem.8 b/man/man8/tc-netem.8
index b0b7864..53c4de9 100644
--- a/man/man8/tc-netem.8
+++ b/man/man8/tc-netem.8
@@ -151,7 +151,7 @@ header compression scheme. The third parameter - an unsigned value - specify
the cellsize. Cellsize can be used to simulate link layer schemes. ATM for
example has an payload cellsize of 48 bytes and 5 byte per cell header. If a
packet is 50 byte then ATM must use two cells: 2 * 48 bytes payload including 2
-* 5 byte header, thus consume 106 byte on the wire. The last optional value
+* 5 byte header, thus consume 106 byte on the wire. The last optional value
.I CELLOVERHEAD
can be used to specify per cell overhead - for our ATM example 5.
.I CELLOVERHEAD
diff --git a/man/man8/tc-pie.8 b/man/man8/tc-pie.8
index 536c381..278293b 100644
--- a/man/man8/tc-pie.8
+++ b/man/man8/tc-pie.8
@@ -49,7 +49,7 @@ the deviation between the current and target latency changes probability. beta e
additional adjustments depending on the latency trend.
The drop probabilty is used to mark packets in ecn mode. However, as in RED,
-beyond 10% packets are dropped based on this probability. The bytemode is used
+beyond 10% packets are dropped based on this probability. The bytemode is used
to drop packets proportional to the packet size.
Additional details can be found in the paper cited below.
diff --git a/man/man8/tc-red.8 b/man/man8/tc-red.8
index f410d15..d001c49 100644
--- a/man/man8/tc-red.8
+++ b/man/man8/tc-red.8
@@ -112,7 +112,7 @@ ecn
As mentioned before, RED can either 'mark' or 'drop'. Explicit Congestion
Notification allows RED to notify remote hosts that their rate exceeds the
amount of bandwidth available. Non-ECN capable hosts can only be notified by
-dropping a packet. If this parameter is specified, packets which indicate
+dropping a packet. If this parameter is specified, packets which indicate
that their hosts honor ECN will only be marked and not dropped, unless the
queue size hits
.B limit
@@ -156,7 +156,7 @@ Adaptive RED : http://icir.org/floyd/papers/adaptiveRed.pdf
.SH AUTHORS
Alexey N. Kuznetsov, <kuznet@ms2.inr.ac.ru>, Alexey Makarenko
<makar@phoenix.kharkov.ua>, J Hadi Salim <hadi@nortelnetworks.com>,
-Eric Dumazet <eric.dumazet@gmail.com>.
+Eric Dumazet <eric.dumazet@gmail.com>.
This manpage maintained by bert hubert <ahu@ds9a.nl>
diff --git a/man/man8/tc-sfb.8 b/man/man8/tc-sfb.8
index e7634d2..aad19e1 100644
--- a/man/man8/tc-sfb.8
+++ b/man/man8/tc-sfb.8
@@ -35,7 +35,7 @@ tries to determine the ideal marking probability automatically.
The
.B BLUE
algorithm maintains a probability which is used to mark or drop packets
-that are to be queued. If the queue overflows, the mark/drop probability
+that are to be queued. If the queue overflows, the mark/drop probability
is increased. If the queue becomes empty, the probability is decreased. The
.B Stochastic Fair Blue
(SFB) algorithm is designed to protect TCP flows against non-responsive flows.
@@ -44,8 +44,8 @@ This SFB implementation maintains 8 levels of 16 bins each for accounting.
Each flow is mapped into a bin of each level using a per-level hash value.
Every bin maintains a marking probability, which gets increased or decreased
-based on bin occupancy. If the number of packets exceeds the size of that
-bin, the marking probability is increased. If the number drops to zero, it
+based on bin occupancy. If the number of packets exceeds the size of that
+bin, the marking probability is increased. If the number drops to zero, it
is decreased.
The marking probability is based on the minimum value of all bins a flow is
@@ -63,7 +63,7 @@ with a non-responsive flow, causing the responsive flow to be misidentified as
being non-responsive.
The probability of a responsive flow to be misidentified is dependent on
-the number of non-responsive flows, M. It is (1 - (1 - (1 / 16.0)) ** M) **8,
+the number of non-responsive flows, M. It is (1 - (1 - (1 / 16.0)) ** M) **8,
so for example with 10 non-responsive flows approximately 0.2% of responsive flows
will be misidentified.
@@ -89,7 +89,7 @@ implementation maintains a second set of levels/bins as described in section
4.4 of the SFB reference.
While one set is used to manage the queue, a second set is warmed up:
Whenever a flow is then determined to be non-responsive, the marking
-probabilities in the second set are updated. When the rehashing
+probabilities in the second set are updated. When the rehashing
happens, these bins will be used to manage the queue and all non-responsive
flows can be rate-limited immediately.
This value determines how much time has to pass before the 2nd set
@@ -100,19 +100,19 @@ rehash.
.TP
limit
Hard limit on the real (not average) total queue size in packets.
-Further packets are dropped. Defaults to the transmit queue length of the
+Further packets are dropped. Defaults to the transmit queue length of the
device the qdisc is attached to.
.TP
max
Maximum length of a buckets queue, in packets, before packets start being
-dropped. Should be sightly larger than
+dropped. Should be sightly larger than
.B target
, but should not be set to values exceeding 1.5 times that of
.B target .
Defaults to 25.
.TP
target
-The desired average bin length. If the bin queue length reaches this value,
+The desired average bin length. If the bin queue length reaches this value,
the marking probability is increased by
.B increment.
The default value depends on the
@@ -123,11 +123,11 @@ will default to 20.
.TP
increment
A value used to increase the marking probability when the queue appears
-to be over-used. Must be between 0 and 1.0. Defaults to 0.00050.
+to be over-used. Must be between 0 and 1.0. Defaults to 0.00050.
.TP
decrement
Value used to decrease the marking probability when the queue is found
-to be empty. Must be between 0 and 1.0.
+to be empty. Must be between 0 and 1.0.
Defaults to 0.00005.
.TP
penalty_rate
@@ -153,7 +153,7 @@ The number of packets dropped before a per-flow queue was full.
ratedrop
The number of packets dropped because of rate-limiting.
If this value is high, there are many non-reactive flows being
-sent through sfb. In such cases, it might be better to
+sent through sfb. In such cases, it might be better to
embed sfb within a classful qdisc to better control such
flows using a different, shaping qdisc.
.TP
@@ -163,7 +163,7 @@ High bucketdrop may point to a high number of aggressive, short-lived
flows.
.TP
queuedrop
-The number of packets dropped due to reaching limit. This should normally be 0.
+The number of packets dropped due to reaching limit. This should normally be 0.
.TP
marked
The number of packets marked with ECN.
@@ -172,7 +172,7 @@ maxqlen
The length of the current longest per-flow (virtual) queue.
.TP
maxprob
-The maximum per-flow drop probability. 1 means that some
+The maximum per-flow drop probability. 1 means that some
flows have been detected as non-reactive.
.SH NOTES
diff --git a/man/man8/tc-sfq.8 b/man/man8/tc-sfq.8
index 5a651ff..9afb5b2 100644
--- a/man/man8/tc-sfq.8
+++ b/man/man8/tc-sfq.8
@@ -150,7 +150,7 @@ ecn
RED can either 'mark' or 'drop'. Explicit Congestion
Notification allows RED to notify remote hosts that their rate exceeds the
amount of bandwidth available. Non-ECN capable hosts can only be notified by
-dropping a packet. If this parameter is specified, packets which indicate
+dropping a packet. If this parameter is specified, packets which indicate
that their hosts honor ECN will only be marked and not dropped, unless the
queue size hits
.B depth
diff --git a/man/man8/tc-tbf.8 b/man/man8/tc-tbf.8
index 18ef7b4..fc2c837 100644
--- a/man/man8/tc-tbf.8
+++ b/man/man8/tc-tbf.8
@@ -102,7 +102,7 @@ Furthermore, if a peakrate is desired, the following parameters are available:
.TP
peakrate
-Maximum depletion rate of the bucket. The peakrate does not
+Maximum depletion rate of the bucket. The peakrate does not
need to be set, it is only necessary if perfect millisecond timescale
shaping is required.
diff --git a/man/man8/tc.8 b/man/man8/tc.8
index a6aed0a..ea4d445 100644
--- a/man/man8/tc.8
+++ b/man/man8/tc.8
@@ -250,23 +250,33 @@ attached to that class. Check qdisc specific manpages for details, however.
All qdiscs, classes and filters have IDs, which can either be specified
or be automatically assigned.
-IDs consist of a major number and a minor number, separated by a colon.
-Both major and minor number are limited to 16 bits. There are two special
-values: root is signified by major and minor of all ones, and unspecified
-is all zeros.
+IDs consist of a
+.BR major " number and a " minor
+number, separated by a colon -
+.BR major ":" minor "."
+Both
+.BR major " and " minor
+are hexadecimal numbers and are limited to 16 bits. There are two special
+values: root is signified by
+.BR major " and " minor
+of all ones, and unspecified is all zeros.
.TP
QDISCS
-A qdisc, which potentially can have children,
-gets assigned a major number, called a 'handle', leaving the minor
+A qdisc, which potentially can have children, gets assigned a
+.B major
+number, called a 'handle', leaving the
+.B minor
number namespace available for classes. The handle is expressed as '10:'.
-It is customary to explicitly assign a handle to qdiscs expected to have
-children.
+It is customary to explicitly assign a handle to qdiscs expected to have children.
.TP
CLASSES
-Classes residing under a qdisc share their qdisc major number, but each have
-a separate minor number called a 'classid' that has no relation to their
+Classes residing under a qdisc share their qdisc
+.B major
+number, but each have a separate
+.B minor
+number called a 'classid' that has no relation to their
parent classes, only to their parent qdisc. The same naming custom as for
qdiscs applies.