===========
Bond hooks
===========

Bond hooks are run with the "start" argument after a bond is started and
with the "stop" argument before it is stopped. A bond is considered
started after all connected IPs, CPE NAT IPs, routes, and leg PPP and
DHCP daemons have been started. The start hook does not wait until PPP
and DHCP daemons connect successfully.

After a bond hook has been added, you must restart the bond from the
management server or from the host command line to execute the hook the
first time.

Hook locations:

-  ``/etc/bonding/bond.d/all``: hooks to be run for all bonds
-  ``/etc/bonding/bond.d/<bond ID>``: hooks for individual bonds
-  ``/etc/bonding/bond.d/default``: hooks for bonds with no individual
   hook folder

An example bond hook is available at
``/usr/share/doc/bonding/examples/bond-hook``.

Environment variables
----------------------

Bond hooks are run with the following environment variables:

-  ID: the bond ID
-  AGGREGATOR_IP: IP address of aggregator
-  COMPRESSION: "True" if compression is enabled, otherwise "False"
-  QOS_PROFILE_ID: ID of the QoS profile used by this bonder; empty if
   there is no profile selected
-  TUNNEL_SUBNET: the /31 IP subnet assigned to the tunnel
-  TUNNEL_BONDER_IP: the IP address of the tunnel on the bonder
-  TUNNEL_AGGREGATOR_IP: the IP address of the tunnel on the
   aggregator
-  TUNNEL_LOCAL_IP: the IP address of the tunnel on the local host
-  TUNNEL_PEER_IP: the IP address of the tunnel on the remote host
-  CLAMP_TCP: "True" if TCP clamping is enabled, otherwise "False"
-  TUNNEL_SECURITY: type of security enabled. May be "none" if no
   security is enabled, "hmac" if tunnel HMAC authentication is enabled,
   or "encryption" if encryption is enabled (This replaces
   the TUNNEL_AUTHENTICATE option present until 2014.2)

-  ENCRYPTION_CIPHER: this contains the configured encryption cipher

-  AUTOMATIC_PING_TIMING: "True" if ping timing will be determined
   based on the latency of the links, otherwise "False"

-  ENCRYPTION_HANDSHAKE_INTERVAL: this contains the interval for
   encryption handshake renegotiation in seconds

-  ENCRYPTION_REPLAY_PROTECTION: "True" if encryption replay detection
   is enabled

-  FILTER_UNRECOGNIZED_TRAFFIC: "True" if the source address
   verification option is enabled, otherwise "False" (this option was
   called "filter unrecognized traffic" until 2014.2)

-  BRIDGE_ENABLED: "True" if the TCP proxy is enabled, otherwise
   "False"

-  BRIDGE_PORTS: The list of TCP ports going through the TCP proxy

-  BRIDGE_CONCURRENCY: The number of concurrent TCP connections the TCP
   proxy uses

-  BRIDGE_CONNECTION_TIMEOUT: The timeout for connecting to
   destination hosts

-  BRIDGE_FILE_DESCRIPTOR_LIMIT: The greatest number of file
   descriptors the TCP proxy process can open.

-  BRIDGE_CONGESTION_CONTROL_ALGORITHM: The TCP congestion control
   algorithm used between proxy peers

-  LEG_MTU_DETECTION: "True" if leg MTU detection is enabled,
   which automatically detects the path MTU of links

-  LEG_MTU_DETECTION_TIME: If leg MTU detection is enabled, repeat
   detection at this interval (hours)

-  PACKET_LOSS_DETECTION: "True" if packet loss detection is enabled,
   otherwise "False".

-  FLAP_DETECTION: "True" if flap detection is enabled, otherwise
   "False".

-  AUTOMATIC_REORDER_MAX_HOLD: "True" if automatic reorder max hold
   is enabled, otherwise "False".
