1.\" $OpenBSD: options.4,v 1.132 2003/09/18 09:34:45 jmc Exp $ 2.\" $NetBSD: options.4,v 1.21 1997/06/25 03:13:00 thorpej Exp $ 3.\" 4.\" Copyright (c) 1998 Theo de Raadt 5.\" Copyright (c) 1998 Todd Miller 6.\" Copyright (c) 1998 Gene Skonicki 7.\" Copyright (c) 1996 8.\" Perry E. Metzger. All rights reserved. 9.\" 10.\" Redistribution and use in source and binary forms, with or without 11.\" modification, are permitted provided that the following conditions 12.\" are met: 13.\" 1. Redistributions of source code must retain the above copyright 14.\" notice, this list of conditions and the following disclaimer. 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in the 17.\" documentation and/or other materials provided with the distribution. 18.\" 3. All advertising materials mentioning features or use of this software 19.\" must display the following acknowledgment: 20.\" This product includes software developed for the NetBSD Project 21.\" by Perry E. Metzger. 22.\" 4. The name of the author may not be used to endorse or promote products 23.\" derived from this software without specific prior written permission. 24.\" 25.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 26.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 27.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 28.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 29.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 30.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 31.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 32.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" 36.\" 37.Dd August 17, 1997 38.Dt OPTIONS 4 39.Os 40.Sh NAME 41.Nm options 42.Nd miscellaneous kernel configuration options 43.Sh SYNOPSIS 44.Cd option ... 45.Sh DESCRIPTION 46This manual page describes a number of miscellaneous kernel 47configuration options that may be specified in a kernel config file. 48See 49.Xr config 8 50for information on how to configure and build kernels. 51.Em Note: 52options are passed to the compile process as 53.Fl D 54flags to the C compiler. 55.Ss Compatibility Options 56.Bl -ohang 57.It Cd option COMPAT_23 58Enables compatibility with 59.Ox 2.3 . 60This makes it possible to run binaries that use old versions of the 61.Xr msgctl 2 , 62.Xr shmctl 2 63and 64.Xr semctl 2 65system calls which changed semantics in 66.Ox 2.4 . 67.It Cd option COMPAT_25 68Enables compatibility with 69.Ox 2.5 . 70This makes it possible to run binaries that use old versions of the 71.Xr statfs 2 , 72.Xr fstatfs 2 73and 74.Xr getfsstat 2 75system calls which were replaced in 76.Ox 2.6 77when 78.Li struct stat 79was expanded. 80.It Cd option COMPAT_SVR4 81On those architectures that support it, this enables binary 82compatibility with 83.At V.4 84binaries built for the same architecture. 85This currently includes the sparc and i386. 86Possibly the most widely known operating system 87based on this binary architecture is Sun's Solaris 2.x. 88See 89.Xr compat_svr4 8 . 90.It Cd option COMPAT_BSDOS 91On those architectures that support it, this enables binary 92compatibility with 93.Em BSD/OS 94applications. 95This option is supported on the i386 architecture. 96See 97.Xr compat_bsdos 8 . 98It also requires the use of 99.Cm option COMPAT_43 100for proper operation. 101.It Cd option COMPAT_LINUX 102On those architectures that support it, this enables binary 103compatibility with 104.Em Linux 105ELF and a.out 106applications built for the same architecture. 107This option is supported on the i386 architecture. 108See 109.Xr compat_linux 8 . 110.It Cd option COMPAT_SUNOS 111On those architectures that support it, this enables binary 112compatibility with 113.Em SunOS 4.x 114applications built for the same architecture. 115This option is supported on sparc and all m68k architectures. 116See 117.Xr compat_sunos 8 . 118.It Cd option COMPAT_ULTRIX 119On those architectures that support it, this enables binary 120compatibility with 121.Tn Ultrix 122applications built for the same architecture. 123This option is available on the vax architecture. 124See 125.Xr compat_ultrix 8 . 126.It Cd option COMPAT_FREEBSD 127On those architectures that support it, this enables binary 128compatibility with 129.Em FreeBSD 130applications built for the same architecture. 131This option is available on the i386 architecture. 132See 133.Xr compat_freebsd 8 . 134.It Cd option COMPAT_HPUX 135On those architectures that support it, this enables binary 136compatibility with 137.Em HP-UX 138applications built for the same architecture. 139This option is available on some m68k architectures. 140See 141.Xr compat_hpux 8 . 142.It Cd option COMPAT_IBCS2 143On those architectures that support it, this enables binary 144compatibility with 145.Em iBCS2 146applications built for the same architecture. 147This option is available on the i386 architecture. 148See 149.Xr compat_ibcs2 8 . 150.It Cd option COMPAT_NETBSD 151On those architectures that support it, this enables binary 152compatibility with 153.Em NetBSD 154applications built for the same architecture. 155See 156.Xr compat_freebsd 8 . 157.It Cd option COMPAT_OSF1 158On those architectures that support it, this enables binary 159compatibility with 160.Em Digital UNIX 161(formerly 162.Em OSF/1 ) 163applications built for the same architecture. 164This option is available on the alpha architecture. 165See 166.Xr compat_osf1 8 . 167.It Cd option COMPAT_AOUT 168On those ELF architectures that require it, this enables 169full compatibility with old a.out binaries, by allowing the 170a.out dynamic linking system to reside under 171.Pa /emul/a.out . 172This option is available on the i386 architecture. 173See 174.Xr compat_aout 8 . 175.It Cd option COMPAT_43 176Use of this option is discouraged. 177It enables compatibility with 178.Bx 4.3 . 179It adds an old syscall for 180.Fn lseek 181as well as ioctls for 182.Dv TIOCGETP 183and 184.Dv TIOCSETP . 185The return values for the 186.Xr getpid 2 , 187.Xr getgid 2 , 188and 189.Xr getuid 2 190system calls are modified as well, to return the parent's PID and UID as well 191as the current process's. 192It also enables the deprecated 193.Dv NTTYDISC 194terminal line discipline. 195It provides backwards compatibility with the 196.Dq old 197SIOC[GS]IF{ADDR,DSTADDR,BRDADDR,NETMASK} interface ioctls, including 198binary compatibility for code written before the introduction of the 199.Li sa_len 200field in sockaddrs. 201It also enables support for some older pre BSD 4.4 socket calls. 202.El 203.Ss Debugging Options 204.Bl -ohang 205.It Cd option DDB 206Compiles in a kernel debugger for diagnosing kernel problems. 207See 208.Xr ddb 4 209for details. 210.Em Note: 211not available on all architectures. 212.It Cd option DDB_SAFE_CONSOLE 213Allows a break into the kernel debugger during boot. 214Useful when debugging problems that can cause init(8) to fail. 215.It Cd option KGDB 216Compiles in a remote kernel debugger stub for diagnosing kernel problems 217using the 218.Dq remote target 219feature of gdb. 220See 221.Xr kgdb 7 222for details. 223.Em Note: 224not available on all architectures. 225.It Cd makeoptions DEBUG="-g" 226The 227.Fl g 228flag causes 229.Pa bsd.gdb 230to be built in addition to 231.Pa bsd . 232.Pa bsd.gdb 233is useful for debugging kernels and their crash dumps with gdb. 234Note that 235.Xr gdb 1 Ns 's 236.Fl k 237flag is obsolete and should not be used. 238Instead, a crash dump can be debugged by starting 239.Xr gdb 1 240with the kernel name as an argument (no core file) and then use the 241.Xr gdb 1 242command 243.Dq target kcore COREFILE . 244.It Cd option DEBUG 245Turns on miscellaneous kernel debugging. 246Since options are turned into preprocessor defines (see above), 247.Cm option DEBUG 248is equivalent to doing a 249.Em #define DEBUG 250throughout the kernel. 251Much of the kernel has 252.Em #ifdef DEBUG 253conditional debugging code. 254Note that many parts of the kernel (typically device drivers) include their own 255.Em #ifdef XXX_DEBUG 256conditionals instead. 257This option also turns on certain other options, notably 258.Cm option KMEMSTATS , 259which may decrease system performance. 260.It Cd option DIAGNOSTIC 261Adds code to the kernel that does internal consistency checks. 262This code will cause the kernel to panic if corruption of internal data 263structures is detected. 264.It Cd option SMALL_KERNEL 265Removes some optimizations from the kernel to reduce the size of the 266resulting kernel binary. 267This option can decrease system performance. 268.It Cd option NO_PROPOLICE 269Do not compile the kernel with the propolice stack protection. 270See 271.Xr gcc-local 1 272for more information about propolice. 273.It Cd option GPROF 274Adds code to the kernel for kernel profiling with 275.Xr kgmon 8 . 276.It Cd makeoptions PROF="-pg" 277The 278.Fl pg 279flag causes the kernel to be compiled with support for profiling. 280The 281.Cm option GPROF 282is required for the kernel compile to succeed. 283.It Cd option KTRACE 284Adds hooks for the system call tracing facility, which allows users to 285watch the system call invocation behavior of processes. 286See 287.Xr ktrace 1 288for details. 289.It Cd option PTRACE 290Adds hooks for the process tracing facility, allowing a process to 291control and observe another process. 292See 293.Xr ptrace 2 294for details. 295.It Cd option RAIDDEBUG 296Be verbose on what RAIDframe does. 297See 298.Xr raid 4 299for details. 300.El 301.Ss File Systems 302.Bl -ohang 303.It Cd option FFS 304Includes code implementing the Berkeley Fast File System 305.Em ( FFS ) . 306Most machines need this if they are not running diskless. 307.It Cd option ADOSFS 308Includes code implementing the AmigaDOS Fast File System 309.Em ( ADOSFS ) . 310Note that the Professional and Smart File Systems are 311.Em not 312supported. 313See 314.Xr mount_ados 8 315for details. 316.It Cd option EXT2FS 317Includes code implementing the Second Extended File System 318.Em ( EXT2FS ) . 319This is the most commonly used file system on the Linux operating system, 320and is provided here for compatibility. 321Some specific features of 322.Em EXT2FS 323like the "behavior on errors" are not implemented. 324This file system 325can't be used with 326.Li uid_t 327or 328.Li gid_t 329values greater than 65535. 330Also, the filesystem will not function correctly on architectures with 331differing byte-orders. 332That is, a big-endian machine will not be able to read an 333ext2fs filesystem created on an i386 or other little-endian machine. 334See 335.Xr mount_ext2fs 8 336for details. 337.It Cd option MFS 338Include the memory file system 339.Em ( MFS ) . 340This file system stores files in swappable memory, and produces 341notable performance improvements when it is used as the file store 342for 343.Pa /tmp 344or similar mount points. 345See 346.Xr mount_mfs 8 347for details. 348.It Cd option NFSCLIENT 349Include the client side of the 350.Em NFS 351(Network File System) remote file sharing protocol. 352Although the bulk of the code implementing 353.Em NFS 354is kernel based, several user level daemons are needed for it to work. 355See 356.Xr mount_nfs 8 357for details on NFS. 358.It Cd option CD9660 359Includes code for the ISO 9660 + Rock Ridge file system, which is the 360standard file system used on many CD-ROMs. 361It also supports Joliet extensions. 362See 363.Xr mount_cd9660 8 364for details. 365.It Cd option MSDOSFS 366Includes support for the 367.Tn MS-DOS 368FAT file system. 369The kernel also implements the 370.Tn Windows 95 371extensions which permit the use of longer, mixed-case file names. 372See 373.Xr mount_msdos 8 374and 375.Xr fsck_msdos 8 376for details. 377.It Cd option NTFS 378Includes support for reading NTFS file systems. 379Experimental and read only. 380See 381.Xr mount_ntfs 8 382for details. 383.It Cd option FDESC 384Includes code for a file system which can be mounted on 385.Pa /dev/fd . 386This filesystem permits access to the per-process file descriptor 387space via special files in the file system. 388See 389.Xr mount_fdesc 8 390for details. 391Note that this facility is redundant, and thus unneeded on most 392.Ox 393systems, since the 394.Xr fd 4 395pseudo-device driver already provides identical functionality. 396On most systems, instances of 397.Xr fd 4 398are mknoded under 399.Pa /dev/fd/ 400and on 401.Pa /dev/stdin , 402.Pa /dev/stdout , 403and 404.Pa /dev/stderr . 405.It Cd option KERNFS 406Includes code which permits the mounting of a special file system 407(normally mounted on 408.Pa /kern ) 409in which files representing various kernel variables and parameters 410may be found. 411See 412.Xr mount_kernfs 8 413for details. 414.It Cd option NULLFS 415Includes code for a loopback file system. 416This permits portions of the file hierarchy to be re-mounted in other places. 417The code really exists to provide an example of a stackable file system layer. 418See 419.Xr mount_null 8 420for details. 421.It Cd option PORTAL 422Includes the (experimental) portal filesystem. 423This permits interesting tricks like opening TCP sockets by opening files in 424the file system. 425The portal file system is conventionally mounted on 426.Pa /p 427and is partially implemented by a special daemon. 428See 429.Xr mount_portal 8 430for details. 431.It Cd option PROCFS 432Includes code for a special file system (conventionally mounted on 433.Pa /proc ) 434in which the process space becomes visible in the file system. 435Among other things, the memory spaces of processes running on the system are 436visible as files, and signals may be sent to processes by writing to 437.Pa ctl 438files in the procfs namespace. 439See 440.Xr mount_procfs 8 441for details. 442.It Cd option UMAPFS 443Includes a loopback file system in which user and group IDs may be 444remapped -- this can be useful when mounting alien file systems with 445different uids and gids than the local system (eg, remote NFS). 446See 447.Xr mount_umap 8 448for details. 449.It Cd option UNION 450Includes code for the union file system, which permits directories to 451be mounted on top of each other in such a way that both file systems 452remain visible -- this permits tricks like allowing writing (and the 453deleting of files) on a read-only file system like a CD-ROM by 454mounting a local writable file system on top of the read-only file 455system. 456This filesystem is still experimental and is known to be somewhat unstable. 457See 458.Xr mount_union 8 459for details. 460.It Cd option XFS 461Includes the kernel support for the AFS-compatible Arla filesystem. 462Since the xfs interface is simple and generic it can be used for other 463filesystems as well. 464See 465.Xr mount_xfs 8 466for details. 467.El 468.Ss File System Options 469.Bl -ohang 470.It Cd option FFS_SOFTUPDATES 471Enables a scheme that uses partial ordering of buffer cache operations 472to allow metadata updates in FFS to happen asynchronously, increasing write 473performance significantly. 474Normally, the FFS filesystem writes metadata updates synchronously which exacts 475a performance penalty in favor of filesystem integrity. 476With soft updates, the performance of asynchronous writes is gained while 477retaining the safety of synchronous metadata updates. 478.Pp 479Soft updates must be enabled on a per-filesystem basis. 480See 481.Xr mount 8 482for details. 483.Pp 484Processors with a small kernel address space, such as the sun4 and sun4c, do 485not have enough kernel memory to support soft updates. 486Attempts to use this option with these CPUs will cause a kernel hang or panic 487after a short period of use as the kernel will quickly run out of memory. 488This is not related to the amount of physical memory present in the machine -- 489it is a limitation of the CPU architecture itself. 490.It Cd option BUFCACHEPERCENT=integer 491Percentage of RAM to use as a file system buffer. 492It defaults to 5. 493.It Cd option NFSSERVER 494Include the server side of the 495.Em NFS 496(Network File System) remote file sharing protocol. 497Although the bulk of the code implementing 498.Em NFS 499is kernel based, several user level daemons are needed for it to 500work. 501See 502.Xr mountd 8 503and 504.Xr nfsd 8 505for details. 506.It Cd option QUOTA 507Enables kernel support for file system quotas. 508See 509.Xr quotaon 8 , 510.Xr edquota 8 , 511.Xr repquota 8 , 512and 513.Xr quota 1 514for details. 515Note that quotas only work on 516.Dq ffs 517file systems, although 518.Xr rpc.rquotad 8 519permits them to be accessed over 520.Em NFS . 521.It Cd option FIFO 522Adds support for 523.At V 524style FIFOs (i.e., 525.Dq named pipes ) . 526This option is recommended in almost all cases as many programs use these. 527.It Cd option EXT2FS_SYSTEM_FLAGS 528This option changes the behavior of the APPEND and IMMUTABLE flags 529for a file on an 530.Em EXT2FS 531filesystem. 532Without this option, the superuser or owner of the file can set and clear them. 533With this option, only the superuser can set them, and they can't be cleared 534if the securelevel is greater than 0. 535See also 536.Xr chflags 1 . 537.It Cd option UFS_EXTATTR 538This option enables Extended Attribute support for UFS filesystems. 539.It Cd option UFS_EXTATTR_AUTOSTART 540This option causes Extended Attributes to be started and enabled when each 541UFS filesystem is mounted. 542The attribute storage is expected to be (relative to mount point) 543.Pa /.attribute/{system|user}/<attrname> 544.El 545.Ss Miscellaneous Options 546.Bl -ohang 547.It Cd option PCIVERBOSE 548Makes the boot process more verbose for PCI peripherals 549(vendor names and other information is printed, etc.). 550.It Cd option EISAVERBOSE 551Makes the boot process more verbose for EISA peripherals. 552.It Cd option PCMCIAVERBOSE 553Makes the boot process more verbose for PCMCIA peripherals. 554.It Cd option MACOBIOVERBOSE 555Makes the boot process more verbose for Mac OBIO peripherals. 556.It Cd option APERTURE 557Provide in-kernel support for controlling VGA framebuffer mapping 558and PCI configuration registers by user-processes 559(such as an X Window System server). 560This option is supported on the 561.Va alpha , 562.Va i386 , 563.Va macppc 564and 565.Va sparc64 566architectures. 567.It Cd option LKM 568Enables support for loadable kernel modules. 569See 570.Xr lkm 4 571for details. 572.Em Note: 573This option is not yet available on all architectures. 574.It Cd option CRYPTO 575Enables support for the kernel cryptographic framework. 576See 577.Xr crypto 9 578for details. 579While not IP specific, this option is usually used in conjunction with option 580.Em IPSEC . 581.It Cd option INSECURE 582Hardwires the kernel security level at \-1. 583This means that the system always runs in securelevel 0 mode, even when 584running multiuser. 585See 586.Xr init 8 587for details on the implications of this. 588The kernel secure level may be manipulated by the superuser by altering the 589.Em kern.securelevel 590sysctl variable. 591(It should be noted that the securelevel may only be lowered by a call from 592process ID 1, i.e., 593.Xr init 8 . ) 594See also 595.Xr sysctl 8 596and 597.Xr sysctl 3 . 598.It Cd option CCDNBUF=integer 599The 600.Xr ccd 4 601device driver uses 602.Dq component buffers 603to distribute I/O requests to the components of a concatenated disk. 604It keeps a freelist of buffer 605headers in order to reduce use of the kernel memory allocator. 606.Em CCDNBUF 607is the number of buffer headers allocated on the freelist for 608each component buffer. 609It defaults to 8. 610.It Cd option KMEMSTATS 611The kernel memory allocator, 612.Xr malloc 9 , 613will keep statistics on its performance if this option is enabled. 614Unfortunately, this option therefore essentially disables 615.Fn MALLOC 616and 617.Fn FREE 618forms of the memory allocator, which are used to enhance the 619performance of certain critical sections of code in the kernel. 620This option therefore can lead to a significant decrease in the performance 621of certain code in the kernel if enabled. 622Examples of such code include the 623.Fn namei 624routine, the 625.Xr ccd 4 626driver, 627the 628.Xr ncr 4 629driver, and much of the networking code. 630Note that this option is silently turned on by the 631.Em DEBUG 632option. 633.It Cd option BOOT_CONFIG 634Adds support for the 635.Fl c 636boot option (User Kernel Config). 637Allows modification of kernel settings (e.g., device parameters) before 638booting the system. 639.It Cd option RAID_AUTOCONFIG 640Adds support for auto-configuring the RAIDframe devices during the kernel 641initialization. 642See 643.Xr raid 4 644and 645.Xr raidctl 8 646for details. 647.It Cd option UVM_SWAP_ENCRYPT 648Enables kernel support for encrypting pages that are written out to 649swap storage. 650Swap encryption prevents sensitive data from remaining 651on the disk even after the operating system has been shut down. 652This option should be turned on if cryptographic filesystems are used. 653The sysctl variable 654.Em vm.swapencrypt.enable 655controls its behaviour. 656See 657.Xr sysctl 8 658and 659.Xr sysctl 3 660for details. 661.It Cd option USER_PCICONF 662Enables the user level access to the PCI bus configuration space 663through ioctls on the 664.Pa /dev/pci 665device. 666It's used by the 667.Xr XFree86 1 668server on some architectures. 669See 670.Xr pci 4 671for details. 672.It Cd option PCIAGP 673Enables 674.Xr ioctl 2 675access to the AGP GART on the supported chipsets. 676It's used by the 677.Xr XFree86 1 678server on some architectures. 679See 680.Xr vga 4 681for details. 682.El 683.Ss Networking Options 684.Bl -ohang 685.It Cd option GATEWAY 686Enables 687.Em IPFORWARDING 688and (on most architectures) increases the size of 689.Em NMBCLUSTERS . 690In general, 691.Em GATEWAY 692is used to indicate that a system should act as a router, and 693.Em IPFORWARDING 694is not invoked directly. 695(Note that 696.Em GATEWAY 697has no impact on protocols other than IP, such as CLNP or XNS.) 698.It Cd option IPFORWARDING 699Enables IP routing behavior. 700With this option enabled, the machine 701will forward IP datagrams between its interfaces that are destined for 702other machines. 703Note that even without this option, the kernel will 704still forward some packets (such as source routed packets) -- removing 705.Em GATEWAY 706and 707.Em IPFORWARDING 708is insufficient to stop all routing through a bastion host on a 709firewall -- source routing is controlled independently. 710Note that IP 711forwarding may be turned on and off independently of the setting of the 712.Em IPFORWARDING 713option through the use of the 714.Em net.inet.ip.forwarding 715sysctl variable. 716If 717.Em net.inet.ip.forwarding 718is 1, IP forwarding is on. 719See 720.Xr sysctl 8 721and 722.Xr sysctl 3 723for details. 724.It Cd option MROUTING 725Includes support for IP multicast routers. 726.Em INET 727should be set along with this. 728Multicast routing is controlled by the 729.Xr mrouted 8 730daemon. 731.It Cd option INET 732Includes support for the TCP/IP protocol stack. 733This option is currently required. 734See 735.Xr inet 4 736for details. 737.It Cd option INET6 738Includes support for the 739.Tn IPv6 740protocol stack. 741See 742.Xr inet6 4 743for details. 744Unlike 745.Em INET , 746.Em INET6 747enables multicast routing code as well. 748This option requires 749.Em INET 750at this moment, but it should not. 751.It Cd option ND6_DEBUG 752The option sets the default value of 753.Em net.inet6.icmp6.nd6_debug 754to 1, 755for debugging IPv6 neighbor discovery protocol handling. 756See 757.Xr sysctl 3 758for details. 759.It Cd option NS 760Include support for the Xerox XNS protocol stack. 761See 762.Xr ns 4 763for details. 764.It Cd option ISO,TPIP 765Include support for the ubiquitous OSI protocol stack. 766See 767.Xr iso 4 768for details. 769.It Cd option EON 770Include support for OSI tunneling over IP. 771.It Cd option CCITT,LLC,HDLC 772Include support for the X.25 protocol stack. 773The state of this code is currently unknown. 774It probably contains bugs. 775.It Cd option IPX, IPXIP 776Include support for Internetwork Packet Exchange protocol commonly in 777use by 778.Tn Novell NetWare . 779.It Cd option NETATALK 780Include kernel support for the AppleTalk family of protocols. 781This suite of supporting code is sometimes called 782.Em netatalk 783support. 784.It Cd option TCP_COMPAT_42 785Use of this option is 786.Em extremely 787discouraged, so it should not be enabled. 788If any other machines on the network require enabling this, it's 789recommended that 790.Em they 791be disconnected from the network. 792.Pp 793TCP bug compatibility with 794.Bx 4.2 . 795In 796.Bx 4.2 , 797TCP sequence numbers 798were 32-bit signed values. 799Modern implementations of TCP use unsigned values. 800This option clamps the initial sequence number to start in 801the range 2^31 rather than the full unsigned range of 2^32. 802Also, under 803.Bx 4.2 , 804keepalive packets must contain at least one byte or else 805the remote end will not respond. 806.It Cd option TCP_SACK 807Turns on selective acknowledgements. 808Additional information about 809segments already received can be transmitted back to the sender, 810thus indicating segments that have been lost and allowing for 811a swifter recovery. 812Both communication endpoints need to support 813.Em SACK . 814The fallback behaviour is NewReno fast recovery phase, which allows 815one lost segment to be recovered per round trip time. 816When more than one segment has been dropped per window, the transmission can 817continue without waiting for a retransmission timeout. 818.It Cd option TCP_FACK 819Turns on forward acknowledgements allowing a more precise estimate of 820outstanding data during the fast recovery phase by using 821.Em SACK 822information. 823This option can only be used together with 824.Em TCP_SACK . 825.It Cd option TCP_ECN 826Turns on Explicit Congestion Notification (RFC 3168). 827.Em ECN 828allows intermediate routers to use the Congestion Experienced 829codepoint in the IP header as an indication of congestion, and allows 830TCP to adjust the transmission rate using this signal. 831Both communication endpoints negotiate enabling 832.Em ECN 833functionality at the TCP connection establishment. 834.It Cd option TCP_SIGNATURE 835Turns on support for the TCP MD5 Signature option (RFC 2385). 836This is used by 837Internet backbone routers to provide per-packet authentication for the TCP 838packets used to communicate BGP routing information. 839You will also need a 840routing daemon that supports this option in order to actually use it. 841.It Cd option PPP_FILTER 842This option turns on 843.Xr pcap 3 844based filtering for ppp connections. 845This option is used by 846.Xr pppd 8 847which needs to be compiled with 848.Em PPP_FILTER 849defined (the current default). 850.It Cd option PPP_BSDCOMP 851Enables BSD compressor for PPP connections. 852.It Cd option PPP_DEFLATE 853For use in conjunction with PPP_BSDCOMP; provides an interface to zlib for PPP 854for deflate compression/decompression. 855.It Cd option IPSEC 856This option enables IP security protocol support. 857See 858.Xr ipsec 4 859for more details. 860.It Cd option ENCDEBUG 861This option enables debugging information to be conditionally logged 862in case IPSEC encounters errors. 863The option 864.Em IPSEC 865is required along with this option. 866Debug logging can be turned on/off through the use of the 867.Em net.inet.ip.encdebug 868sysctl variable. 869If 870.Em net.ipsec.encap.encdebug 871is 1, debug logging is on. 872See 873.Xr sysctl 8 874and 875.Xr sysctl 3 876for details. 877.It Cd option KEY 878Enables PFKEYv2 (RFC 2367) support. 879While not IP specific, this option is usually used in conjunction with option 880.Em IPSEC . 881.It Cd option ALTQ 882Enables ALTQ (Alternate Queuing). 883See 884.Xr pfctl 8 885and 886.Xr pf.conf 5 887to set up the interface transmission rate and queueing disciplines. 888.Em ALTQ_CBQ , 889.Em ALTQ_RED , 890.Em ALTQ_PRIQ 891and 892.Em ALTQ_HFSC 893are enabled by default with option 894.Em ALTQ 895in 896.Ox . 897See 898.Xr altq 9 899for details on ALTQ. 900.It Cd option ALTQ_RIO 901Enables ALTQ's RIO (RED with In/Out) module. 902The original RIO has 2 sets of RED parameters; one for in-profile 903packets and the other for out-of-profile packets. 904At the ingress of the network, profile meters tag packets as IN or 905OUT based on contracted profiles for customers. 906Inside the network, IN packets receive preferential treatment by 907the RIO dropper. 908ALTQ/RIO has 3 drop precedence levels defined for the Assured Forwarding 909PHB of DiffServ (RFC 2597). 910.It Cd option ALTQ_NOPCC 911Disables use of processor cycle counter (e.g., Pentium TSC on i386 and 912PCC on alpha) to measure time in ALTQ. 913This option should be defined for a non-Pentium i386 CPU which does not 914have TSC, SMP (per-CPU counters are not in sync), or power management 915which affects processor cycle counter. 916.El 917.Ss SCSI Subsystem Options 918.Bl -ohang 919.It Cd option SCSITERSE 920Terser SCSI error messages. 921This omits the table for decoding ASC/ASCQ info, saving about 8KB. 922.It Cd option SCSIDEBUG 923Prints extra debugging info for the SCSI subsystem to the console. 924.El 925.Ss System V IPC Options 926.Bl -ohang 927.It Cd option SYSVMSG 928Includes support for 929.At V 930style message queues. 931See 932.Xr msgctl 2 , 933.Xr msgget 2 , 934.Xr msgrcv 2 , 935.Xr msgsnd 2 . 936.It Cd option SYSVSEM 937Includes support for 938.At V 939style semaphores. 940See 941.Xr semctl 2 , 942.Xr semget 2 , 943.Xr semop 2 . 944.It Cd option SYSVSHM 945Includes support for 946.At V 947style shared memory. 948See 949.Xr shmat 2 , 950.Xr shmctl 2 , 951.Xr shmdt 2 , 952.Xr shmget 2 . 953.It Cd option SHMMAXPGS=value 954Sets the maximum number of 955.At V 956style shared memory pages that are available through the 957.Xr shmget 2 958system call. 959Default value is 1024 on most architectures. 960See 961.Pa /usr/include/machine/vmparam.h 962for the default. 963.It Cd option SEMMNI=value 964Number of semaphore identifiers (also called semaphore handles 965and semaphore sets) available in the system. 966Default value is 10. 967The kernel allocates memory for the control structures at startup, 968so arbitrarily large values should be avoided. 969.It Cd option SEMMNS=value 970Maximum number of semaphores in all sets in the system. 971Default value is 60. 972.It Cd option SEMMNU=value 973Maximum number of semaphore undo structures in the system. 974Default value is 30. 975.It Cd option SEMUME=value 976Maximum number of per-process undo operation entries in the 977system. 978Semaphore undo operations are invoked by the kernel when 979.Xr semop 2 980is called with the SEM_UNDO flag and the process holding 981the semaphores terminates unexpectedly. 982Default value is 10. 983.El 984.Ss Operation Related Options 985.Bl -ohang 986.It Cd option NMBCLUSTERS=value 987Size of kernel mbuf cluster map, 988.Em mb_map , 989in MCLBYTES-sized (default: 2048 bytes) logical pages. 990NMBCLUSTERS defaults to 2048 on hppa and i386, to 1024 on powerpc and sparc64, 991to 256 on vax, and to 512 on other architectures. 992If its value is not 2048, it is doubled if 993.Dq option GATEWAY 994is used. 995See 996.Pa /usr/include/machine/param.h 997for exact default information. 998Increase this value if 999.Dq mclpool limit reached 1000messages appear. 1001.It Cd option NKMEMPAGES=value 1002.It Cd option NKMEMPAGES_MIN=value 1003.It Cd option NKMEMPAGES_MAX=value 1004Size of kernel malloc area in PAGE_SIZE-sized logical pages. 1005This area is covered by the kernel submap 1006.Em kmem_map . 1007The kernel attempts to auto-size this map based on the amount of 1008physical memory in the system. 1009Platform-specific code may place bounds on this computed size, 1010which may be viewed with the 1011.Xr sysctl 8 1012variable 1013.Em vm.nkmempages . 1014See 1015.Pa /usr/include/machine/param.h 1016for the default upper and lower bounds. 1017The related options 1018.Sq NKMEMPAGES_MIN 1019and 1020.Sq NKMEMPAGES_MAX 1021allow the bounds to be overridden in the kernel configuration file. 1022These options are provided in the event the computed value is 1023insufficient resulting in an 1024.Dq out of space in kmem_map 1025panic. 1026.It Cd option NBUF=value 1027.It Cd option BUFPAGES=value 1028These options set the number of pages available for the buffer cache. 1029Their default value is a machine dependent value, often calculated as 1030between 5% and 10% of total available RAM. 1031.It Cd option APM_NOPRINT 1032This option is supported on the i386 architecture. 1033When enabled, kernel messages regarding the status of the automatic power 1034management system 1035.Tn ( APM ) 1036are suppressed. 1037.Tn APM 1038status can still be obtained using 1039.Xr apm 8 1040and/or 1041.Xr apmd 8 . 1042.It Cd option \&"TIMEZONE=value\&" 1043.Ar value 1044indicates the timezone offset of hardware realtime clock device, in minutes, 1045from UTC. 1046It is useful when hardware realtime clock device is configured with local time, 1047when dual-booting 1048.Ox 1049with other operating systems on a single machine. 1050For instance, if hardware realtime clock is set to Tokyo time, 1051.Ar value 1052should be 1053.Li \&-540 1054as Tokyo local time is 9 hours ahead of UTC. 1055Double quotes are needed when specifying a negative 1056.Ar value . 1057.El 1058.\" The following requests should be uncommented and used where appropriate. 1059.\" .Sh FILES 1060.\" .Sh EXAMPLES 1061.Sh SEE ALSO 1062.Xr gcc-local 1 , 1063.Xr gdb 1 , 1064.Xr ktrace 1 , 1065.Xr quota 1 , 1066.Xr gettimeofday 2 , 1067.Xr i386_iopl 2 , 1068.Xr msgctl 2 , 1069.Xr msgget 2 , 1070.Xr msgrcv 2 , 1071.Xr msgsnd 2 , 1072.Xr ptrace 2 , 1073.Xr semctl 2 , 1074.Xr semget 2 , 1075.Xr semop 2 , 1076.Xr shmat 2 , 1077.Xr shmctl 2 , 1078.Xr shmdt 2 , 1079.Xr shmget 2 , 1080.Xr sysctl 3 , 1081.Xr ddb 4 , 1082.Xr inet 4 , 1083.Xr ipsec 4 , 1084.Xr iso 4 , 1085.Xr lkm 4 , 1086.Xr ns 4 , 1087.Xr pci 4 , 1088.Xr xf86 4 , 1089.Xr X 7 , 1090.Xr apm 8 , 1091.Xr apmd 8 , 1092.Xr config 8 , 1093.Xr edquota 8 , 1094.Xr init 8 , 1095.Xr mount_cd9660 8 , 1096.Xr mount_fdesc 8 , 1097.Xr mount_kernfs 8 , 1098.Xr mount_mfs 8 , 1099.Xr mount_msdos 8 , 1100.Xr mount_nfs 8 , 1101.Xr mount_null 8 , 1102.Xr mount_portal 8 , 1103.Xr mount_procfs 8 , 1104.Xr mount_umap 8 , 1105.Xr mount_union 8 , 1106.Xr mrouted 8 , 1107.Xr quotaon 8 , 1108.Xr rpc.rquotad 8 , 1109.Xr sysctl 8 , 1110.Xr altq 9 1111.Sh HISTORY 1112The 1113.Nm 1114man page first appeared in 1115.Ox 2.3 . 1116.Sh BUGS 1117The 1118.Em INET 1119option should not be required. 1120