options —
Miscellaneous kernel configuration options
cinclude ...
config ...
[no] file-system ...
ident ...
include ...
[no] makeoptions ...
maxusers ...
[no] options ...
[no] pseudo-device ...
This manual page describes a number of miscellaneous kernel configuration
  options that may be specified in a kernel config file. See
  config(1) and
  config(5) for information on how
  to configure and build kernels.
The no form removes a previously specified
    option.
The following keywords are recognized in a kernel configuration file:
  - cinclude
    “filename”
- Conditionally includes another kernel configuration file whose name is
      filename, which may be double-quoted and may be an
      explicit path or relative to the kernel source directory. Failure to open
      the named file is ignored.
- config exec_name
    root on rootdev [type
    fstype] [dumps on dumpdev]
- Defines a configuration whose kernel executable is named
      exec_name, normally “netbsd”, with its
      root file system of type fstype on the device
      rootdev, and optionally specifying the location of
      kernel core dumps on the device dumpdev.
      dev or dumpdev and
      fstype may be specified as “?”, which
      is a wild card. The root fstype and
      dumpdev are optional and assumed to be wild carded
      if they are not specified.
- device_instance at
    attachment [locators value
    [...]] [flags value]
- Define an instance of the device driver
      device_instance that attaches to the bus or device
      named attachment. An
      attachment may require additional information on
      where the device can be found, such as an address, channel, function,
      offset, and/or slot, referred to as locators, whose
      value often may be a wild card, “?”.
      Some device drivers have one or more flags that can
      be adjusted to affect the way they operate.
- file-system fs_name [,
    fs_name [...]]
- Include support for the file-system fs_name.
- ident “string”
- Sets the kernel identification string to
    string.
- include
    “filename”
- Functions the same as cinclude, except failure to
      open filename produces a fatal error.
- makeoptions name=value
- Defines a make(1) macro
      name with the value value in
      the kernel Makefile.
- maxusers integer
- Set the maxusers variable in the kernel.
- no keyword
    name [arguments [...]]
- For the config(1)
      keywords file-system, makeoptions, options, and
      pseudo-device, no removes the file-system,
      makeoption, options, or pseudo-device, name. This is
      useful when a kernel configuration file includes another which has
      undesired options.
    For example, a local configuration file that wanted the
        kitchen sink, but not COMPAT_09 or bridging, might be: 
    
include "arch/i386/conf/GENERIC"
no options COMPAT_09
no pseudo-device bridge
    
 
- options option_name [,
    option_name=value [...]]
- Specifies (or sets) the option, or comma-separated list of options,
      option_name. Some options expect to be assigned a
      value, which may be an integer, a double-quoted word, a bare word, or an
      empty string (“”). Note that those are eventually handled by
      the C compiler, so the rules of that language apply.
    Note: Options that are not defined by device
        definition files are passed to the compile process as
        -Dflags to the C compiler.
 
- pseudo-device name
    [N]
- Includes support for the pseudo-device name. Some
      pseudo-devices can have multiple or N
    instances.
Note that compatibility options for older NetBSD
  releases includes support for newer releases as well. This means that
  typically only one of these is necessary, with theCOMPAT_09 option enabling all
  NetBSD compatibility. This does not include the
  COMPAT_43 or COMPAT_44
  options.
  - options COMPAT_09
- Enable binary compatibility with NetBSD 0.9. This
      enables support for 16-bit user, group, and process IDs (following
      revisions support 32-bit identifiers). It also allows the use of the
      deprecated
      getdomainname(3),
      setdomainname(3), and
      uname(3) syscalls. This
      option also allows using numeric file system identifiers rather than
      strings. Post NetBSD 0.9 versions use string
      identifiers.
- options COMPAT_10
- Enable binary compatibility with NetBSD 1.0. This
      option allows the use of the file system name of “ufs” as an
      alias for “ffs”. The name “ffs” should be used
      post 1.0 in /etc/fstab and other files. It also
      adds old syscalls for the AT&T System V
      UNIX shared memory interface. This was changed post 1.0 to work on
      64-bit architectures. This option also enables “sgtty”
      compatibility, without which programs using the old interface produce an
      “inappropriate ioctl” error, and
      /dev/io only works when this option is set in the
      kernel, see io(4) on ports that
      support it.
- options COMPAT_11
- Enable binary compatibility with NetBSD 1.1. This
      allows binaries running on the i386 port to gain direct access to the io
      ports by opening /dev/io read/write. This
      functionality was replaced by
      i386_iopl(2) post 1.1. On
      the Atari port, the location of the disk label was moved after 1.1. When
      the COMPAT_11 option is set, the kernel will read (pre)
      1.1 style disk labels as a last resort. When a disk label is re-written,
      the old style label will be replaced with a post 1.1 style label. This
      also enables the EXEC_ELF_NOTELESS option.
- options COMPAT_12
- Enable binary compatibility with NetBSD 1.2. This
      allows the use of old syscalls for reboot() andswapon(). The syscall numbers were changed post
      1.2 to add functionality to the
      reboot(2) syscall, and the
      new swapctl(2) interface
      was introduced. This also enables the EXEC_ELF_NOTELESS
      option.
- options COMPAT_13
- Enable binary compatibility with NetBSD 1.3. This
      allows the use of old syscalls for sigaltstack(),
      and also enables the old
      swapctl(2) commandSWAP_STATS(now calledSWAP_OSTATS), which does not include the
      se_path member of struct
      swapent.
- options COMPAT_14
- Enable binary compatibility with NetBSD 1.4. This
      allows some old ioctl(2) on
      wscons(4) to be performed,
      and allows the NFSSVC_BIODmode of the
      nfssvc(2) system call to be
      used for compatibility with the deprecated nfsiod program.
- options COMPAT_15
- Enable binary compatibility with NetBSD 1.5. Since
      there were no API changes from NetBSD 1.5 and
      NetBSD 1.6, this option does nothing.
- options COMPAT_16
- Enable binary compatibility with NetBSD 1.6. This
      allows the use of old signal trampoline code which has been deprecated
      with the addition of
      siginfo(2).
- options COMPAT_20
- Enable binary compatibility with NetBSD 2.0. This
      allows the use of old syscalls for statfs(),fstatfs(),getfsstat() andfhstatfs(), which have been deprecated with the
      addition of the statvfs(2),
      fstatvfs(2),
      getvfsstat(2) and
      fhstatvfs(2) system
      calls.
- options COMPAT_30
- Enable binary compatibility with NetBSD 3.0. See
      compat_30(8) for details
      about the changes made after the NetBSD 3.0
      release.
- options COMPAT_40
- Enable binary compatibility with NetBSD 4.0. This
      allows the use of old
      ptrace(2) calls for the SH3
      platform. It also enables the old
      mount(2) system call that did
      not include the data length parameter. The power_event_t structure's
      pev_switch is filled in.
- options COMPAT_43
- Enables compatibility with 4.3BSD. This adds an
      old syscall for lseek(2). It
      also adds the ioctls for TIOCGETPandTIOCSETP. The return values for
      getpid(2),
      getgid(2), and
      getuid(2) syscalls are
      modified as well, to return the parent's PID and UID as well as the
      current process's. It also enables the deprecatedNTTYDISCterminal line discipline. It also
      provides backwards compatibility with “old”
      SIOC[GS]IF{ADDR,DSTADDR,BRDADDR,NETMASK} interface ioctls, including
      binary compatibility with code written before the introduction of the
      sa_len field in sockaddrs. It also enables support for some older pre
      4.4BSD socket calls.
- options COMPAT_50
- Enable binary compatibility with NetBSD 5.0. This
      enables support for the old time_t and
      dev_t types as 32 bit, and all the associated kernel
      interface changes. It also enables old
      gpio(4) and
      rnd(4) interfaces.
- options COMPAT_60
- Enable binary compatibility with NetBSD 6.0. This
      provides old ccd(4) interfaces,
      enables support for old
      cpuctl(8) microcode
      interfaces, and support for the old ptmget
      structure.
- options COMPAT_70
- Enable binary compatibility with NetBSD 7.0. This
      provides support for old
      route(4) interfaces.
- options COMPAT_80
- Enable binary compatibility with NetBSD 8.0.
- options COMPAT_90
- Enable binary compatibility with NetBSD 9.0.
- options COMPAT_BSDPTY
- This option is currently on by default and enables the pty multiplexer
      ptm(4) and
      ptmx(4) to find and use ptys
      named /dev/ptyXX (master) and
      /dev/ttyXX (slave). Eventually this option will
      become optional as ptyfs based pseudo-ttys become the default, see
      mount_ptyfs(8).
- options COMPAT_LINUX
- On those architectures that support it, this enables binary compatibility
      with Linux ELF and a.out(5)
      applications built for the same architecture. This currently includes the
      alpha, arm, i386, m68k, mips, powerpc and x86_64 ports.
- options COMPAT_LINUX32
- On those 64 bit architectures that support it, this enables binary
      compatibility with 32 bit Linux binaries. For now this is limited to
      running i386 ELF Linux binaries on amd64.
- options COMPAT_SUNOS
- On those architectures that support it, this enables binary compatibility
      with SunOS 4.1 applications built for the same architecture. This
      currently includes the sparc, sparc64 and most or all m68k ports. Note
      that the sparc64 requires the COMPAT_NETBSD32 option for
      64-bit kernels, in addition to this option.
- options COMPAT_ULTRIX
- On those architectures that support it, this enables binary compatibility
      with ULTRIX applications built for the same architecture. This currently
      is limited to the pmax. The functionality of this option is unknown.
- options COMPAT_FREEBSD
- On those architectures that support it, this enables binary compatibility
      with FreeBSD applications built for the same
      architecture. At the moment this is limited to the i386 port.
- options COMPAT_NOMID
- Enable compatibility with
      a.out(5) executables that
      lack a machine ID. This includes NetBSD 0.8's
      ZMAGIC format, and 386BSD and BSDI's QMAGIC, NMAGIC, and OMAGIC
      a.out(5) formats.
- options COMPAT_NETBSD32
- On those architectures that support it, this enables binary compatibility
      with 32-bit applications built for the same architecture. This is
      currently limited to the amd64 and sparc64 ports, and only applicable for
      64-bit kernels.
- options COMPAT_AOUT_M68K
- On m68k architectures which have switched to ELF, this enables binary
      compatibility with NetBSD/m68k
      a.out(5) executables on
      NetBSD/m68k ELF kernels. This handles alignment
      incompatibility of m68k ABI between a.out and ELF which causes the
      structure padding differences. Currently only some system calls which use
      struct stat are adjusted and some binaries which use
      sysctl(3) to retrieve
      network details would not work properly.
- options EMUL_NATIVEROOT=string
- Just like emulated binaries first try looking up files in an emulation
      root (e.g. /emul/linux) before looking them up in
      real root, this option causes native binaries to first look up files in an
      "emulation" directory too. This can be useful to test an amd64
      kernel on top of an i386 system before full migration: by unpacking the
      amd64 distribution in e.g. /emul/netbsd64 and
      specifying that location as EMUL_NATIVEROOT,
      native amd64 binaries can be run while the root file system remains
      populated with i386 binaries. Beware of /dev
      incompatibilities between i386 and amd64 if you do this.
- options EXEC_ELF_NOTELESS
- Run unidentified ELF binaries as NetBSD binaries.
      This might be needed for very old NetBSD ELF
      binaries on some archs. These old binaries didn't contain an appropriate
      .note.netbsd.identsection, and thus can't be
      identified by the kernel as NetBSD binaries
      otherwise. Beware - if this option is on, the kernel would run
      any unknown ELF binaries as if they were
      NetBSD binaries.
  - options DDB
- Compiles in a kernel debugger for diagnosing kernel problems. See
      ddb(4) for details.
      NOTE: not available on all architectures.
- options DDB_FROMCONSOLE=integer
- If set to non-zero, DDB may be entered by sending a break on a serial
      console or by a special key sequence on a graphics console. A value of
      "0" ignores console breaks or key sequences. If not explicitly
      specified, the default value is "1". Note that this sets the
      value of the ddb.fromconsole
      sysctl(3) variable which may
      be changed at run time — see
      sysctl(8) for details.
- options DDB_HISTORY_SIZE=integer
- If this is non-zero, enable history editing in the kernel debugger and set
      the size of the history to this value.
- options DDB_ONPANIC
- The default if not specified is “1” - just enter into DDB.
      If set to “0” the kernel will attempt to print out a stack
      trace and reboot the system. If set to “-1” then neither a
      stack trace is printed or DDB entered - it is as if DDB were not compiled
      into the kernel. Note that this sets the value of the
      ddb.onpanic
      sysctl(3) variable which may
      be changed at run time — see
      sysctl(8) for details.
- options DDB_COMMANDONENTER=string
- This option specify commands which will be executed on each entry to DDB.
      This sets the default value of the ddb.commandonenter
      sysctl(3) variable which may
      be changed at run time.
- options DDB_BREAK_CHAR=integer
- This option overrides using break to enter the kernel debugger on the
      serial console. The value given is the ASCII value to be used instead.
      This is currently only supported by the com driver.
- options CNMAGIC=string
- This option overrides the
      cnmagic(9) string used to
      enter the kernel debugger.
- options DDB_VERBOSE_HELP
- This option adds more verbose descriptions to the help
      command.
- options DDB_PANICSTACKFRAMES=integer
- Number of stack frames to display on panic. Useful to avoid scrolling away
      the interesting frames on a glass tty. Default value is
      65535(all frames), useful value around10.
- options KGDB
- Compiles in a remote kernel debugger stub for diagnosing kernel problems
      using the “remote target” feature of gdb. See
      gdb(1) for details.
      NOTE: not available on all architectures.
- options KGDB_DEV
- Device number (as a dev_t) of kgdb device.
- options KGDB_DEVADDR
- Memory address of kgdb device.
- options KGDB_DEVMODE
- Permissions of kgdb device.
- options KGDB_DEVNAME
- Device name of kgdb device.
- options KGDB_DEVRATE
- Baud rate of kgdb device.
- makeoptions DEBUG="-g"
- The -gflag causes
      netbsd.gdb to be built in addition to
      netbsd. netbsd.gdb is
      useful for debugging kernel crash dumps with gdb. See
      gdb(1) for details.
- options DEBUG
- Turns on miscellaneous kernel debugging. Since options are turned into
      preprocessor defines (see above), options DEBUG is
      equivalent to doing a #define DEBUG throughout the
      kernel. Much of the kernel has #ifdef DEBUG
      conditionalized debugging code. Note that many parts of the kernel
      (typically device drivers) include their own #ifdef
      XXX_DEBUG conditionals instead. This option also turns on certain
      other options, which may decrease system performance. Systems with this
      option are not suitable for regular use, and are intended only for
      debugging or looking for bugs.
- options DIAGNOSTIC
- Adds code to the kernel that does internal consistency checks. This code
      will cause the kernel to panic if corruption of internal data structures
      is detected. Historically, the performance degradation is sufficiently
      small that it is reasonable for systems with options
      DIAGNOSTIC to be in production use, with the real consideration not
      being performance but instead a preference for more panics versus
      continued operation with undetected problems.
- options LOCKDEBUG
- Adds code to the kernel to detect incorrect use of locking primitives
      (mutex, rwlock). This code will cause the kernel to check for dead lock
      conditions. It will also check for memory being freed to not contain
      initialised lock primitives. Functions for use in
      ddb(4) to check lock chains
      etc. are also enabled. These checks are very expensive and can decrease
      performance on multi-processor machines by a factor of three.
- options KDTRACE_HOOKS
- Adds hooks for the DTrace tracing facility, which allows users to analyze
      many aspects of system and application behavior. See
      dtrace(1) for details.
- options KSTACK_CHECK_MAGIC
- Check kernel stack usage and panic if stack overflow is detected. This
      check is performance sensitive because it scans stack on each context
      switch.
- options KTRACE
- Add hooks for the system call tracing facility, which allows users to
      watch the system call invocation behavior of processes. See
      ktrace(1) for details.
- options MSGBUFSIZE=integer
- This option sets the size of the kernel message buffer in bytes. This
      buffer holds the kernel output of printf() when
      not (yet) read by
      syslogd(8). This is
      particularly useful when the system has crashed and you wish to lookup the
      kernel output from just before the crash. Also, since the autoconfig
      output becomes more and more verbose, it sometimes happens that the
      message buffer overflows before
      syslogd(8) was able to read
      it. Note that not all systems are capable of obtaining a variable sized
      message buffer. There are also some systems on which memory contents are
      not preserved across reboots.
- options KERNHIST
- Enables the kernel history logs, which create in-memory traces of various
      kernel activities. These logs can be displayed by using
      show kernhistfrom DDB. See the kernel source file
      sys/kern/kern_history.c and the
      kernhist(9) manual for
      details.
- options KERNHIST_PRINT
- Prints the kernel history logs on the system console as entries are added.
      Note that the output is extremely voluminous, so this
      option is really only useful for debugging the very earliest parts of
      kernel initialization.
- options UVMHIST
- Like KERNHIST, it enables the UVM history logs. These
      logs can be displayed by using show kernhistfrom
      DDB. See the kernel source file sys/uvm/uvm_stat.c
      for details.
- options UVMHIST_PRINT
- Like UVMHIST, it prints the UVM history logs on the
      system console as entries are added. Note that the output is
      extremely voluminous, so this option is really only
      useful for debugging the very earliest parts of kernel
    initialization.
- options UVMHIST_MAPHIST_SIZE
- Set the size of the “maphist” kernel history. The default is
      100. This option depends upon the UVMHIST option.
- options UVMHIST_PDHIST_SIZE
- Set the size of the “pdhist” kernel history. The default is
      100. This option depends upon the UVMHIST option.
- options BIOHIST
- Like KERNHIST, it enables the BIO history logs. These
      logs can be displayed by using show kernhistfrom
      DDB, and can help in debugging problems with Buffered I/O operations. See
      the kernel source file sys/kern/vfs_vio.c for
      details.
- options BIOHIST_PRINT
- Like BIOHIST, it prints the BIO history logs on the
      system console as entries are added. Note that the output is
      extremely voluminous, so this option is really only
      useful for debugging the very earliest parts of kernel
    initialization.
- options BIOHIST_SIZE
- Set the size of the “biohist” kernel history. The default is
      500. This option depends upon the BIOHIST option.
  - file-system FFS
- Includes code implementing the Berkeley Fast File System
      (FFS). Most machines need this if they are not running
      diskless.
- file-system EXT2FS
- Includes code implementing the Second Extended File System
      (ext2), revision 0 and revision 1 with the
      filetype, sparse_super and
      large_file options. This is the most commonly used file
      system on the Linux operating system, and is provided here for
      compatibility. Some of the specific features of ext2
      like the "behavior on errors" are not implemented. See
      mount_ext2fs(8) for
      details.
- file-system LFS
- [EXPERIMENTAL] Include the Log-structured File System
      (LFS). See
      mount_lfs(8) and
      newfs_lfs(8) for
    details.
- file-system MFS
- Include the Memory File System (MFS). This file system
      stores files in swappable memory, and produces notable performance
      improvements when it is used as the file store for
      /tmp and similar file systems. See
      mount_mfs(8) for
    details.
- file-system NFS
- Include the client side of the Network File System (NFS) remote file
      sharing protocol. Although the bulk of the code implementing NFS is kernel
      based, several user level daemons are needed for it to work. See
      mount_nfs(8) for
    details.
- file-system CD9660
- Includes code for the ISO 9660 + Rock Ridge file system, which is the
      standard file system on many CD-ROM discs. Useful primarily if you have a
      CD-ROM drive. See
      mount_cd9660(8) for
      details.
- file-system MSDOSFS
- Includes the MS-DOS FAT file system, which is reportedly still used by
      unfortunate people who have not heard about
      NetBSD. Also implements the Windows 95 extensions
      to the same, which permit the use of longer, mixed case file names. See
      mount_msdos(8) and
      fsck_msdos(8) for
      details.
- file-system NTFS
- [EXPERIMENTAL] Includes code for the Microsoft Windows
      NT file system. See
      mount_ntfs(8) for
      details.
- file-system FDESC
- Includes code for a file system, conventionally mounted on
      /dev/fd, which permits access to the per-process
      file descriptor space via special files in the file system. See
      mount_fdesc(8) for
      details. Note that this facility is redundant, and thus unneeded on most
      NetBSD systems, since the
      fd(4) pseudo-device driver
      already provides identical functionality. On most
      NetBSD systems, instances of
      fd(4) are mknoded under
      /dev/fd/ and on
      /dev/stdin, /dev/stdout,
      and /dev/stderr.
- file-system KERNFS
- Includes code which permits the mounting of a special file system
      (normally mounted on /kern) in which files
      representing various kernel variables and parameters may be found. See
      mount_kernfs(8) for
      details.
- file-system NULLFS
- Includes code for a loopback file system. This permits portions of the
      file hierarchy to be re-mounted in other places. The code really exists to
      provide an example of a stackable file system layer. See
      mount_null(8) for
      details.
- file-system OVERLAY
- Includes code for a file system filter. This permits the overlay file
      system to intercept all access to an underlying file system. This file
      system is intended to serve as an example of a stacking file system which
      has a need to interpose itself between an underlying file system and all
      other access. See
      mount_overlay(8) for
      details.
- file-system PROCFS
- Includes code for a special file system (conventionally mounted on
      /proc) in which the process space becomes visible
      in the file system. Among other things, the memory spaces of processes
      running on the system are visible as files, and signals may be sent to
      processes by writing to ctl files in the procfs
      namespace. See
      mount_procfs(8) for
      details.
- file-system UDF
- Includes code for the UDF file system commonly found on CD and DVD media
      but also on USB sticks and harddiscs for interchange and backup. Supports
      read and write access for all formats on discs and on rewritable and
      recordable CD/DVD/BD media. It has a somewhat limited write support for
      UDF 2.50 as it can't expand the metadata partion. See
      mount_udf(8) and
      fsck_udf(8) for
    details.
- file-system UMAPFS
- Includes a loopback file system in which user and group IDs may be
      remapped — this can be useful when mounting alien file systems with
      different UIDs and GIDs than the local system. See
      mount_umap(8) for
      details.
- file-system UNION
- [EXPERIMENTAL] Includes code for the union file system,
      which permits directories to be mounted on top of each other in such a way
      that both file systems remain visible — this permits tricks like
      allowing writing (and the deleting of files) on a read-only file system
      like a CD-ROM by mounting a local writable file system on top of the
      read-only file system. See
      mount_union(8) for
      details.
- file-system CODA
- [EXPERIMENTAL] Includes code for the Coda file system.
      Coda is a distributed file system like NFS and AFS. It is freely
      available, like NFS, but it functions much like AFS in being a
      “stateful” file system. Both Coda and AFS cache files on
      your local machine to improve performance. Then Coda goes a step further
      than AFS by letting you access the cached files when there is no available
      network, viz. disconnected laptops and network outages. In Coda, both the
      client and server are outside the kernel which makes them easier to
      experiment with. Coda is available for several UNIX and non-UNIX
      platforms. See
      http://www.coda.cs.cmu.edu
      for more details. NOTE: You also need to enable the
      pseudo-device, vcoda, for the Coda file system to work.
- file-system PTYFS
- Includes code for a special file system (normally mounted on
      /dev/pts) in which pseudo-terminal slave devices
      become visible in the file system. See
      mount_ptyfs(8) for
      details.
- file-system TMPFS
- Includes code for the efficient memory file system, normally used over
      /tmp. See
      mount_tmpfs(8) for
      details.
- file-system PUFFS
- Includes kernel support for the pass-to-userspace framework file system.
      It can be used to implement file system functionality in userspace. See
      puffs(3) for more details.
      This enables for example sshfs:
      mount_psshfs(8).
  - options DISKLABEL_EI
- Enable “Endian-Independent”
      disklabel(5) support.
      This allows a system to recognize a disklabel written in the other byte
      order. For writing, when a label already exists, its byte order is
      preserved. Otherwise, a new label is written in the native byte order. To
      specify the byte order explicitly, the -Foption
      of disklabel(8) should be
      used with the-Boption in order to avoid using
      ioctl(2), which results in
      the default behavior explained above. At the moment this option is
      restricted to the following ports: amd64, bebox, emips, epoc32, evbarm,
      i386, ibmnws, landisk, mvmeppc, prep, rs6000, sandpoint, xen, and zaurus;
      also to machines of the evbmips and evbppc ports that support Master Boot
      Record (MBR).
- options MAGICLINKS
- Enables the expansion of special strings (beginning with
      “@”) when traversing symbolic links. See
      symlink(7) for a list of
      supported strings. Note that this option only controls the enabling of
      this feature by the kernel at boot-up. This feature can still be
      manipulated with the
      sysctl(8) command regardless
      of the setting of this option.
- options NFSSERVER
- Include the server side of the NFS (Network File System)
      remote file sharing protocol. Although the bulk of the code implementing
      NFS is kernel based, several user level daemons are
      needed for it to work. See
      mountd(8) and
      nfsd(8) for details.
- options NVNODE=integer
- This option sets the size of the cache used by the name-to-inode
      translation routines, (a.k.a. the namei() cache,
      though called by many other names in the kernel source). By default, this
      cache has (NPROC + NTEXT + 100) entries (NPROC set
      as 20 + 16 * MAXUSERS and NTEXT as 80 + NPROC / 8). A reasonable way to
      derive a value ofNVNODE, should you notice a
      large number of namei cache misses with a tool such as
      systat(1), is to examine
      your system's current computed value with
      sysctl(8), (which calls this
      parameter "kern.maxvnodes") and to increase this value until
      either the namei cache hit rate improves or it is determined that your
      system does not benefit substantially from an increase in the size of the
      namei cache.
- options NAMECACHE_ENTER_REVERSE
- Causes the namei cache to always enter a reverse mapping (vnode ->
      name) as well as a normal one. Normally, this is already done for
      directory vnodes, to speed up the getcwd operation. This option will cause
      longer hash chains in the reverse cache, and thus slow down getcwd
      somewhat. However, it does make vnode -> path translations possible in
      some cases. For now, only useful if strict
      /proc/#/maps emulation for Linux binaries is
      required.
  - options APPLE_UFS
- Enable support for UFS file systems created on Mac OS X.
- options FFS_EI
- Enable “Endian-Independent” FFS support. This allows a
      system to mount an FFS file system created for another architecture, at a
      small performance cost for all FFS file systems. See also
      newfs(8),
      fsck_ffs(8),
      dumpfs(8) for file system
      byte order status and manipulation.
- options FFS_NO_SNAPSHOT
- Disable support for the creation of file system internal snapshot of FFS
      file systems. Maybe useful for install media kernels, small memory systems
      and embedded systems which don't require the snapshot support.
- options QUOTA
- Enables kernel support for traditional quotas in FFS. Traditional quotas
      store the quota information in external files and require
      quotacheck(8) and
      quotaon(8) at boot time.
      Traditional quotas are limited to 32-bit sizes and are at this point
      considered a legacy feature.
- options QUOTA2
- Enables kernel support for in-volume quotas in FFS. The quota information
      is file system metadata maintained by
      fsck(8) and/or WAPBL
      journaling. MFS volumes can also use QUOTA2quotas; see mount_mfs(8)
      for more information.
- options UFS_DIRHASH
- Increase lookup performance by maintaining in-core hash tables for large
      directories.
- options UFS_EXTATTR
- Enable extended attribute support for UFS1 file systems.
- options WAPBL
- Enable “Write Ahead Physical Block Logging file system
      journaling”. This provides rapid file system consistency checking
      after a system outage. It also provides better general use performance
      over regular FFS. See also
      wapbl(4).
  - options LFS_EI
- Enable “Endian-Independent” LFS support. This allows (at a
      small performance cost) mounting an LFS file system created for another
      architecture.
- options LFS_DIRHASH
- Increase lookup performance by maintaining in-core hash tables for large
      directories.
  - options EXT2FS_SYSTEM_FLAGS
- This option changes the behavior of the APPEND and IMMUTABLE flags for a
      file on an ext2 file system. Without this option, the
      superuser or owner of the file can set and clear them. With this option,
      only the superuser can set them, and they can't be cleared if the
      securelevel is greater than 0. See also
      chflags(1) and
      secmodel_securelevel(9).
  - options NFS_BOOT_BOOTP
- Enable use of the BOOTP protocol (RFCs 951 and 1048) to get configuration
      information if NFS is used to mount the root file system. See
      diskless(8) for
    details.
- options NFS_BOOT_BOOTSTATIC
- Enable use of static values defined as
      “NFS_BOOTSTATIC_MYIP”, “NFS_BOOTSTATIC_GWIP”,
      “NFS_BOOTSTATIC_SERVADDR”, and
      “NFS_BOOTSTATIC_SERVER” in kernel options to get
      configuration information if NFS is used to mount the root file
    system.
- options NFS_BOOT_DHCP
- Same as “NFS_BOOT_BOOTP”, but use the DHCP extensions to the
      BOOTP protocol (RFC 1541).
- options NFS_BOOT_BOOTP_REQFILE
- Specifies the string sent in the bp_file field of the BOOTP/DHCP request
      packet.
- options NFS_BOOT_BOOTPARAM
- Enable use of the BOOTPARAM protocol, consisting of RARP and BOOTPARAM
      RPC, to get configuration information if NFS is used to mount the root
      file system. See
      diskless(8) for
    details.
- options NFS_BOOT_RWSIZE=value
- Set the initial NFS read and write sizes for diskless-boot requests. The
      normal default is 8Kbytes. This option provides a way to lower the value
      (e.g., to 1024 bytes) as a workaround for buggy network interface cards or
      boot PROMs. Once booted, the read and write request sizes can be increased
      by remounting the file system. See
      mount_nfs(8) for
    details.
- options NFS_V2_ONLY
- Reduce the size of the NFS client code by omitting code that's only
      required for NFSv3 and NQNFS support, leaving only that code required to
      use NFSv2 servers.
- options NFS_BOOT_UDP
- Use NFS over UDP instead of the default TCP, for mounting root.
The following options enable alternative buffer queue strategies.
  - options BUFQ_READPRIO
- Enable alternate buffer queue strategy for disk I/O. In the default
      strategy, outstanding disk requests are ordered by sector number and sent
      to the disk, regardless of whether the operation is a read or write; this
      option gives priority to issuing read requests over write requests.
      Although requests may therefore be issued out of sector-order, causing
      more seeks and thus lower overall throughput, interactive system
      responsiveness under heavy disk I/O load may be improved, as processes
      blocking on disk reads are serviced sooner (file writes typically don't
      cause applications to block). The performance effect varies greatly
      depending on the hardware, drive firmware, file system configuration,
      workload, and desired performance trade-off. Systems using drive
      write-cache (most modern IDE disks, by default) are unlikely to benefit
      and may well suffer; such disks acknowledge writes very quickly, and
      optimize them internally according to physical layout. Giving these disks
      as many requests to work with as possible (the standard strategy) will
      typically produce the best results, especially if the drive has a large
      cache; the drive will silently complete writes from cache as it seeks for
      reads. Disks that support a large number of concurrent tagged requests
      (SCSI disks and many hardware RAID controllers) expose this internal
      scheduling with tagged responses, and don't block for reads; such disks
      may not see a noticeable difference with either strategy. However, if IDE
      disks are run with write-cache disabled for safety, writes are not
      acknowledged until actually completed, and only one request can be
      outstanding; a large number of small writes in one locality can keep the
      disk busy, starving reads elsewhere on the disk. Such systems are likely
      to see the most benefit from this option. Finally, the performance
      interaction of this option with ffs soft dependencies can be subtle, as
      that mechanism can drastically alter the workload for file system metadata
      writes.
- options BUFQ_PRIOCSCAN
- Enable another buffer queue strategy for disk I/O, per-priority cyclical
      scan.
- options NEW_BUFQ_STRATEGY
- Synonym of BUFQ_READPRIO.
  - options CPU_UCODE
- Support cpu microcode loading via
      cpuctl(8).
- options MEMORY_DISK_DYNAMIC
- This option makes the md(4) RAM
      disk size dynamically sized. It is incompatible with
      mdsetimage(8).
- options MEMORY_DISK_HOOKS
- This option allows for some machine dependent functions to be called when
      the md(4) RAM disk driver is
      configured. This can result in automatically loading a RAM disk from
      floppy on open (among other things).
- options MEMORY_DISK_IS_ROOT
- Forces the md(4) RAM disk to be
      the root device. This can only be overridden when the kernel is booted in
      the 'ask-for-root' mode.
- options MEMORY_DISK_ROOT_SIZE=integer
- Allocates the given number of 512 byte blocks as memory for the
      md(4) RAM disk, to be populated
      with mdsetimage(8).
- options MEMORY_DISK_SERVER=0
- Do not include the interface to a userland memory disk server process. Per
      default, this option is set to 1, including the support code. Useful for
      install media kernels.
- options MEMORY_DISK_RBFLAGS=value
- This option sets the
      reboot(2) flags used when
      booting with a memory disk as root file system. Possible values include
      RB_AUTOBOOT(boot in the usual fashion - default
      value), andRB_SINGLE(boot in single-user
    mode).
- options MODULAR
- Enables the framework for kernel modules (see
      module(7)).
- options MODULAR_DEFAULT_AUTOLOAD
- Enables the autoloading of kernel modules by default. This sets the
      default value of the kern.module.autoload
      sysctl(3) variable which may
      be changed at run time.
- options MODULAR_DEFAULT_VERBOSE
- Enables verbose debug messages of kernel modules by default. This sets the
      default value of the kern.module.verbose
      sysctl(3) variable which may
      be changed at run time.
- options VND_COMPRESSION
- Enables the vnd(4) driver to
      also handle compressed images. See
      vndcompress(1),
      vnd(4) and
      vnconfig(8) for more
      information.
- options SELFRELOC
- Make the kernel able to self relocate at bootstrap, so that it can run
      whatever its load address is. This is intented to be used withe the
      relocboostrap command documented in
      x86/boot(8), to workaround
      UEFI bugs, and is only available on amd64.
- options SPLDEBUG
- Help the kernel programmer find bugs related to the interrupt priority
      level. When spllower() orsplraise() changes the current CPU's interrupt
      priority level to or fromIPL_HIGH, record a
      backtrace. Read
      i386/return_address(9)
      for caveats about collecting backtraces. This feature is experimental, and
      it is only available on i386. See
      sys/kern/subr_spldebug.c.
- options TFTPROOT
- Download the root memory disk through TFTP at root mount time. This
      enables the use of a root RAM disk without requiring it to be embedded in
      the kernel using
      mdsetimage(8). The RAM
      disk name is obtained using DHCP's filename parameter. This option
      requires MEMORY_DISK_HOOKS and
      MEMORY_DISK_DYNAMIC. It is incompatible with
      MEMORY_DISK_ROOT_SIZE.
- options HZ=integer
- On ports that support it, set the system clock frequency (see
      hz(9)) to the supplied value.
      Handle with care.
- options NTP
- Turns on in-kernel precision timekeeping support used by software
      implementing NTP (Network Time Protocol, RFC 1305). The
      NTP option adds an in-kernel Phase-Locked Loop (PLL) for
      normal NTP operation, and a Frequency-Locked Loop (FLL)
      for intermittently-connected operation.
      ntpd(8) will employ a
      user-level PLL when kernel support is unavailable, but the in-kernel
      version has lower latency and more precision, and so typically keeps much
      better time.
    The interface to the kernel NTP support is
        provided by the
        ntp_adjtime(2) and
        ntp_gettime(2) system
        calls, which are intended for use by
        ntpd(8) and are enabled by
        the option. On systems with sub-microsecond resolution timers, or where
        (HZ/100000) is not an integer, the NTP option also
        enables extended-precision arithmetic to keep track of fractional clock
        ticks at NTP time-format precision. 
- options PPS_SYNC
- This option enables a kernel serial line discipline for receiving time
      phase signals from an external reference clock such as a radio clock. (The
      NTP option (which see) must be on if the
      PPS_SYNC option is used). Some reference clocks generate
      a Pulse Per Second (PPS) signal in phase with their time source. The
      PPS line discipline receives this signal on either the
      data leads or the DCD control lead of a serial port.
    NTP uses the PPS signal to discipline the
        local clock oscillator to a high degree of precision (typically less
        than 50 microseconds in time and 0.1 ppm in accuracy).
        PPS can also generate a serial output pulse when the
        system receives a PPS interrupt. This can be used to measure the system
        interrupt latency and thus calibrate NTP to account
        for it. Using PPS usually requires a gadget box to
        convert from TTL to RS-232 signal levels. The gadget box and PPS are
        described in more detail in the HTML documentation for
        ntpd(8) in
        /usr/share/doc/html/ntp. NetBSD currently supports this option
        in com(4) and
        zsc(4). 
- options SETUIDSCRIPTS
- Allows scripts with the setuid bit set to execute as the effective user
      rather than the real user, just like binary executables.
    NOTE: Using this option will also enable
        options FDSCRIPTS 
- options FDSCRIPTS
- Allows execution of scripts with the execute bit set, but not the read
      bit, by opening the file and passing the file descriptor to the shell,
      rather than the filename.
    NOTE: Execute only (non-readable) scripts
        will have argv[0] set to
        /dev/fd/*. What this option allows as far as
        security is concerned, is the ability to safely ensure that the correct
        script is run by the interpreter, as it is passed as an already open
        file. 
- options RTC_OFFSET=integer
- The kernel (and typically the hardware battery backed-up clock on those
      machines that have one) keeps time in UTC (Universal
      Coordinated Time, once known as GMT, or Greenwich Mean
      Time) and not in the time of the local time zone. The
      RTC_OFFSET option is used on some ports (such as the
      i386) to tell the kernel that the hardware clock is offset from
      UTC by the specified number of minutes. This is
      typically used when a machine boots several operating systems and one of
      them wants the hardware clock to run in the local time zone and not in
      UTC, e.g. RTC_OFFSET=300 means the
      hardware clock is set to US Eastern Time (300 minutes behind
      UTC), and not UTC. (Note:
      RTC_OFFSET is used to initialize a kernel variable named
      rtc_offset which is the source actually used to
      determine the clock offset, and which may be accessed via the
      kern.rtc_offset sysctl variable. See
      sysctl(8) and
      sysctl(3) for details. Since
      the kernel clock is initialized from the hardware clock very early in the
      boot process, it is not possible to meaningfully change
      rtc_offset in system initialization scripts.
      Changing this value currently may only be done at kernel compile time or
      by patching the kernel and rebooting).
    NOTE: Unfortunately, in many cases where the
        hardware clock is kept in local time, it is adjusted for Daylight
        Savings Time; this means that attempting to use
        RTC_OFFSET to let NetBSD
        coexist with such an operating system, like Windows, would necessitate
        changing RTC_OFFSET twice a year. As such, this
        solution is imperfect. 
- options MAXUPRC=integer
- Sets the soft RLIMIT_NPROCresource limit, which
      specifies the maximum number of simultaneous processes a user is permitted
      to run, for process 0; this value is inherited by its child processes. It
      defaults to CHILD_MAX, which is currently defined to be
      160. Setting MAXUPRC to a value less than
      CHILD_MAX is not permitted, as this would result in a
      violation of the semantics of IEEE Std 1003.1-1990
      (“POSIX.1”).
- options NOFILE=integer
- Sets the soft RLIMIT_NOFILEresource limit, which
      specifies the maximum number of open file descriptors for each process;
      this value is inherited by its child processes. It defaults to
      OPEN_MAX, which is currently defined to be 128.
- options MAXFILES=integer
- Sets the default value of the kern.maxfiles sysctl
      variable, which indicates the maximum number of files that may be open in
      the system.
- options DEFCORENAME=string
- Sets the default value of the kern.defcorename sysctl
      variable, otherwise it is set to %n.core. See
      sysctl(8) and
      sysctl(3) for details.
- options RASOPS_CLIPPING
- Enables clipping within the rasopsraster-console
      output system. NOTE: only available on architectures
      that userasopsfor console output.
- options RASOPS_SMALL
- Removes optimized character writing code from the
      rasopsraster-console output system.
      NOTE: only available on architectures that userasopsfor console output.
- options INCLUDE_CONFIG_FILE
- Embeds the kernel config file used to define the kernel in the kernel
      binary itself. The embedded data also includes any files directly included
      by the config file itself, e.g. GENERIC.local or
      std.$MACHINE. The embedded config file can be
      extracted from the resulting kernel with
      config(1)
      -x, or by the following command:
    
strings netbsd | sed -n 's/^_CFG_//p' | unvis
    
 
- options INCLUDE_JUST_CONFIG
- Similar to the above option, but includes just the actual config file, not
      any included files.
- options PIPE_SOCKETPAIR
- Use slower, but smaller socketpair(2)-based pipe implementation instead of
      default faster, but bigger one. Primarily useful for installation
    kernels.
- options USERCONF
- Compiles in the in-kernel device configuration manager. See
      userconf(4) for
    details.
- options SCDEBUG_DEFAULT
- Used with the options SYSCALL_DEBUGdescribed
      below to choose which types of events are displayed.
    
      - SCDEBUG_CALLS
- Show system call entry points.
- SCDEBUG_RETURNS
- Show system call exit points.
- SCDEBUG_ALL
- Show all system call requests, including unimplemented calls.
- SCDEBUG_SHOWARGS
- Show the arguments provided.
- SCDEBUG_KERNHIST
- Store a restricted form of the system call debug in a kernel history
          instead of printing it to the console. This option relies upon
          options KERNHIST.
 
 The default value is
        (SCDEBUG_CALLS|SCDEBUG_RETURNS|SCDEBUG_SHOWARGS).
 
- options SYSCALL_DEBUG
- Useful for debugging system call issues, usually in early single user
      bringup. By default, writes entries to the system console for most system
      call events. Can be configured with the options
      SCDEBUG_DEFAULToption to to use theoptions
      KERNHISTfacility instead.
- options SYSCALL_STATS
- Count the number of times each system call number is called. The values
      can be read through the sysctl interface and displayed using
      systat(1).
      NOTE: not yet available on all architectures.
- options SYSCALL_TIMES
- Count the time spent (using cpu_counter32()) in
      each system call. NOTE: Using this option will also
      enableoptions SYSCALL_STATS.
- options SYSCALL_TIMES_HASCOUNTER
- Force use of cpu_counter32() even ifcpu_hascounter() reports false. Useful for systems
      where the cycle counter doesn't run at a constant rate (e.g. Soekris
      boxes).
- options XSERVER_DDB
- A supplement to XSERVER that adds support for entering
      ddb(4) while in X11.
- options FILEASSOC
- Support for fileassoc(9).
      Required for options PAX_SEGVGUARDandpseudo-device veriexec.
- options FILEASSOC_NHOOKS=integer
- Number of storage slots per file for
      fileassoc(9). Default is
      4.
  - options GATEWAY
- Enables IPFORWARDING and (on most ports) increases the
      size of NMBCLUSTERS. In general,
      GATEWAY is used to indicate that a system should act as
      a router, and IPFORWARDING is not invoked directly.
      (Note that GATEWAY has no impact on protocols other than
      IP). GATEWAY option also compiles IPv4 and IPv6 fast
      forwarding code into the kernel.
- options IPFORWARDING=value
- If value is 1 this enables IP routing behavior. If
      value is 0 (the default), it disables it. The
      GATEWAY option sets this to 1 automatically. With this
      option enabled, the machine will forward IP datagrams destined for other
      machines between its interfaces. Note that even without this option, the
      kernel will still forward some packets (such as source routed packets)
      — removing GATEWAY and
      IPFORWARDING is insufficient to stop all routing through
      a bastion host on a firewall — source routing is controlled
      independently. Note that IP forwarding may be turned on and off
      independently of the setting of the IPFORWARDING option
      through the use of the net.inet.ip.forwarding sysctl
      variable. If net.inet.ip.forwarding is 1, IP forwarding
      is on. See sysctl(8) and
      sysctl(3) for details.
- options IFA_STATS
- Tells the kernel to maintain per-address statistics on bytes sent and
      received over (currently) Internet and AppleTalk addresses. The option is
      not recommended as it degrades system stability.
- options IFQ_MAXLEN=value
- Increases the allowed size of the network interface packet queues. The
      default queue size is 50 packets, and you do not normally need to increase
      it.
- options IPSELSRC
- Includes support for source-address selection policies. See
      in_getifa(9).
- options MROUTING
- Includes support for IP multicast routers. You certainly want
      INET with this. Multicast routing is controlled by the
      mrouted(8) daemon. See also
      option PIM.
- options PIM
- Includes support for Protocol Independent Multicast (PIM) routing. You
      need MROUTING and INET with this.
      Software using this can be found e.g. in
      pkgsrc/net/xorp.
- options INET
- Includes support for the TCP/IP protocol stack. You almost certainly want
      this. See inet(4) for
    details.
- options INET6
- Includes support for the IPv6 protocol stack. See
      inet6(4) for details. Unlike
      INET, INET6 enables multicast routing
      code as well. This option requires INET at this moment,
      but it should not.
- options ND6_DEBUG
- The option sets the default value of net.inet6.icmp6.nd6_debug to 1, for
      debugging IPv6 neighbor discovery protocol handling. See
      sysctl(3) for details.
- options IPSEC
- Includes support for the IPsec protocol, using the implementation derived
      from OpenBSD, relying on
      opencrypto(9) to carry
      out cryptographic operations. See
      ipsec(4) for details.
- options IPSEC_DEBUG
- Enables debugging code in IPsec stack. See
      ipsec(4) for details. The
      IPSECoption includes support for IPsec Network
      Address Translator traversal (NAT-T), as described in RFCs 3947 and 3948.
      This feature might be patent-encumbered in some countries.
- options ALTQ
- Enabled ALTQ (Alternate Queueing). For simple rate-limiting, use
      tbrconfig(8) to set up
      the interface transmission rate. To use queueing disciplines, their
      appropriate kernel options should also be defined (documented below).
      Queueing disciplines are managed by
      altqd(8). See
      altq(9) for details.
- options ALTQ_HFSC
- Include support for ALTQ-implemented HFSC (Hierarchical Fair Service
      Curve) module. HFSC supports both link-sharing and guaranteed real-time
      services. HFSC employs a service curve based QoS model, and its unique
      feature is an ability to decouple delay and bandwidth allocation. Requires
      ALTQ_RED to use the RED queueing discipline on HFSC
      classes, or ALTQ_RIO to use the RIO queueing discipline
      on HFSC classes. This option assumes ALTQ.
- options ALTQ_PRIQ
- Include support for ALTQ-implemented PRIQ (Priority Queueing). PRIQ
      implements a simple priority-based queueing discipline. A higher priority
      class is always served first. Requires ALTQ_RED to use
      the RED queueing discipline on HFSC classes, or ALTQ_RIO
      to use the RIO queueing discipline on HFSC classes. This option assumes
      ALTQ.
- options ALTQ_WFQ
- Include support for ALTQ-implemented WFQ (Weighted Fair Queueing). WFQ
      implements a weighted-round robin scheduler for a set of queues. A weight
      can be assigned to each queue to give a different proportion of the link
      capacity. A hash function is used to map a flow to one of a set of queues.
      This option assumes ALTQ.
- options ALTQ_FIFOQ
- Include support for ALTQ-implemented FIFO queueing. FIFOQ is a simple
      drop-tail FIFO (First In, First Out) queueing discipline. This option
      assumes ALTQ.
- options ALTQ_RIO
- Include support for ALTQ-implemented RIO (RED with In/Out). The original
      RIO has 2 sets of RED parameters; one for in-profile packets and the other
      for out-of-profile packets. At the ingress of the network, profile meters
      tag packets as IN or OUT based on contracted profiles for customers.
      Inside the network, IN packets receive preferential treatment by the RIO
      dropper. ALTQ/RIO has 3 drop precedence levels defined for the Assured
      Forwarding PHB of DiffServ (RFC 2597). This option assumes
      ALTQ.
- options ALTQ_BLUE
- Include support for ALTQ-implemented Blue buffer management. Blue is
      another active buffer management mechanism. This option assumes
      ALTQ.
- options ALTQ_FLOWVALVE
- Include support for ALTQ-implemented Flowvalve. Flowvalve is a simple
      implementation of a RED penalty box that identifies and punishes
      misbehaving flows. This option requires ALTQ_RED and
      assumes ALTQ.
- options ALTQ_CDNR
- Include support for ALTQ-implemented CDNR (diffserv traffic conditioner)
      packet marking/manipulation. Traffic conditioners are components to meter,
      mark, or drop incoming packets according to some rules. As opposed to
      queueing disciplines, traffic conditioners handle incoming packets at an
      input interface. This option assumes ALTQ.
- options ALTQ_NOPCC
- Disables use of processor cycle counter to measure time in ALTQ. This
      option should be defined for a non-Pentium i386 CPU which does not have
      TSC, SMP (per-CPU counters are not in sync), or power management which
      affects processor cycle counter. This option assumes
      ALTQ.
- options ALTQ_IPSEC
- Include support for IPsec in IPv4 ALTQ. This option assumes
      ALTQ.
- options ALTQ_JOBS
- Include support for ALTQ-implemented JoBS (Joint Buffer Management and
      Scheduling). This option assumes ALTQ.
- options ALTQ_AFMAP
- Include support for an undocumented ALTQ feature that is used to map an IP
      flow to an ATM VC (Virtual Circuit). This option assumes
      ALTQ.
- options ALTQ_LOCALQ
- Include support for ALTQ-implemented local queues. Its practical use is
      undefined. Assumes ALTQ.
- options SUBNETSARELOCAL
- Sets default value for net.inet.ip.subnetsarelocal variable, which
      controls whether non-directly-connected subnets of connected networks are
      considered "local" for purposes of choosing the MSS for a TCP
      connection. This is mostly present for historic reasons and completely
      irrelevant if you enable Path MTU discovery.
- options HOSTZEROBROADCAST
- Sets default value for net.inet.ip.hostzerobroadcast variable, which
      controls whether the zeroth host address of each connected subnet is also
      considered a broadcast address. Default value is "1", for
      compatibility with old systems; if this is set to zero on all hosts on a
      subnet, you should be able to fit an extra host per subnet on the
      ".0" address.
- options MCLSHIFT=value
- This option is the base-2 logarithm of the size of mbuf clusters. The
      BSD networking stack keeps network packets in a
      linked list, or chain, of kernel buffer objects called mbufs. The system
      provides larger mbuf clusters as an optimization for large packets,
      instead of using long chains for large packets. The mbuf cluster size, or
      MCLBYTES, must be a power of two, and is computed as two
      raised to the power MCLSHIFT. On systems with Ethernet
      network adapters, MCLSHIFT is often set to 11, giving
      2048-byte mbuf clusters, large enough to hold a 1500-byte Ethernet frame
      in a single cluster. Systems with network interfaces supporting larger
      frame sizes like ATM, FDDI, or HIPPI may perform better with
      MCLSHIFT set to 12 or 13, giving mbuf cluster sizes of
      4096 and 8192 bytes, respectively.
- options NETATALK
- Include support for the AppleTalk protocol stack. The kernel provides
      provision for the Datagram Delivery Protocol (DDP),
      providing SOCK_DGRAM support and AppleTalk routing. This stack is used by
      the NETATALK package, which adds support for AppleTalk
      server services via user libraries and applications.
- options BLUETOOTH
- Include support for the Bluetooth protocol stack. See
      bluetooth(4) for
    details.
- options IPNOPRIVPORTS
- Normally, only root can bind a socket descriptor to a so-called
      “privileged” TCP port, that is, a port number in the range
      0-1023. This option eliminates those checks from the kernel. This can be
      useful if there is a desire to allow daemons without privileges to bind
      those ports, e.g., on firewalls. The security tradeoffs in doing this are
      subtle. This option should only be used by experts.
- options TCP_DEBUG
- Record the last TCP_NDEBUG TCP packets with SO_DEBUG
      set, and decode to the console if tcpconsdebug is
    set.
- options TCP_NDEBUG
- Number of packets to record for TCP_DEBUG. Defaults to
      100.
- options TCP_SENDSPACE=value
- options TCP_RECVSPACE=value
- These options set the max TCP window size to other sizes than the default.
      The TCP window sizes can be altered via
      sysctl(8) as well.
- options TCP_INIT_WIN=value
- This option sets the initial TCP window size for non-local connections,
      which is used when the transmission starts. The default size is 1, but if
      the machine should act more aggressively, the initial size can be set to
      some other value. The initial TCP window size can be set via
      sysctl(8) as well.
- options TCP_SIGNATURE
- Enable MD5 TCP signatures (RFC 2385) to protect BGP sessions.
- options IPFILTER_LOG
- This option, in conjunction with pseudo-device ipfilter,
      enables logging of IP packets using IP-Filter.
- options IPFILTER_LOOKUP
- This option enables the IP-Filter
      ippool(8) functionality to
      be enabled.
- options IPFILTER_COMPAT
- This option enables older IP-Filter binaries to work.
- options IPFILTER_DEFAULT_BLOCK
- This option sets the default policy of IP-Filter. If it is set, IP-Filter
      will block packets by default.
- options MBUFTRACE
- This option can help track down mbuf leaks. When enabled, mbufs are tagged
      with the devices and protocols using them. This can significantly decrease
      network performance, particularly on MP systems. This additional
      information can be viewed with
      netstat(1):
    netstat-mssv
 Not all devices or protocols support this option.
  - options SYSCTL_DISALLOW_CREATE
- Disallows the creation or deletion of nodes from the sysctl tree, as well
      as the assigning of descriptions to nodes that lack them, by any process.
      These operations are still available to kernel sub-systems, including
      loadable kernel modules.
- options SYSCTL_DISALLOW_KWRITE
- Prevents processes from adding nodes to the sysctl tree that make existing
      kernel memory areas writable. Sections of kernel memory can still be read
      and new nodes that own their own data may still be writable.
- options SYSCTL_DEBUG_SETUP
- Causes the SYSCTL_SETUP routines to print a brief message when they are
      invoked. This is merely meant as an aid in determining the order in which
      sections of the tree are created.
- options SYSCTL_DEBUG_CREATE
- Prints a message each time sysctl_create(), the
      function that adds nodes to the tree, is called.
- options SYSCTL_INCLUDE_DESCR
- Causes the kernel to include short, human readable descriptions for nodes
      in the sysctl tree. The descriptions can be retrieved programmatically
      (see sysctl(3)), or by the
      sysctl binary itself (see
      sysctl(8)). The descriptions
      are meant to give an indication of the purpose and/or effects of a given
      node's value, not replace the documentation for the given subsystem as a
      whole.
  - options SYSVMSG
- Includes support for AT&T System V UNIX
      style message queues. See
      msgctl(2),
      msgget(2),
      msgrcv(2),
      msgsnd(2).
- options SYSVSEM
- Includes support for AT&T System V UNIX
      style semaphores. See
      semctl(2),
      semget(2),
      semop(2).
- options SEMMNI=value
- Sets the number of AT&T System V UNIX
      style semaphore identifiers. The GENERIC config file for your port will
      have the default.
- options SEMMNS=value
- Sets the number of AT&T System V UNIX
      style semaphores in the system. The GENERIC config file for your port will
      have the default.
- options SEMUME=value
- Sets the maximum number of undo entries per process for
      AT&T System V UNIX style semaphores.
      The GENERIC config file for your port will have the default.
- options SEMMNU=value
- Sets the number of undo structures in the system for
      AT&T System V UNIX style semaphores.
      The GENERIC config file for your port will have the default.
- options SYSVSHM
- Includes support for AT&T System V UNIX
      style shared memory. See
      shmat(2),
      shmctl(2),
      shmdt(2),
      shmget(2).
- options SHMMAXPGS=value
- Sets the maximum number of AT&T System V
      UNIX style shared memory pages that are available through the
      shmget(2) system call.
      Default value is 1024 on most ports. See
      /usr/include/machine/vmparam.h for the
    default.
  - options NMBCLUSTERS=value
- The number of mbuf clusters the kernel supports. Mbuf clusters are
      MCLBYTES in size (usually 2k). The default value is calculated from the
      amount of physical memory. Architectures without direct mapping also limit
      it based on the kmem_map size, which is used as backing store. Some archs
      limit the value with ‘NMBCLUSTERS_MAX’. See
      /usr/include/machine/param.h for those archs. This
      value can be accessed via the kern.mbuf.nmbclusters sysctl variable.
      Increase this value if you get “mclpool limit reached”
      messages.
- options NMBCLUSTERS_MAX=value
- The upper limit of NMBCLUSTERS.
- options NKMEMPAGES=value
- options NKMEMPAGES_MIN=value
- options NKMEMPAGES_MAX=value
- Size of kernel VM map kmem_map, in PAGE_SIZE-sized
      chunks (the VM page size; this value may be read from the
      sysctl(8) variable
      hw.pagesize ). This VM map is used to map the kernel
      malloc arena. The kernel attempts to auto-size this map based on the
      amount of physical memory in the system. Platform-specific code may place
      bounds on this computed size, which may be viewed with the
      sysctl(8) variable
      vm.nkmempages. See
      /usr/include/machine/param.h for the default upper
      and lower bounds. The related options ‘NKMEMPAGES_MIN’ and
      ‘NKMEMPAGES_MAX’ allow the bounds to be overridden in the
      kernel configuration file. These options are provided in the event the
      computed value is insufficient resulting in an “out of space in
      kmem_map” panic.
- options SB_MAX=value
- Sets the max size in bytes that a socket buffer is allowed to occupy. The
      default is 256k, but sometimes it needs to be increased, for example when
      using large TCP windows. This option can be changed via
      sysctl(8) as well.
- options SOMAXKVA=value
- Sets the maximum size of kernel virtual memory that the socket buffers are
      allowed to use. The default is 16MB, but in situations where for example
      large TCP windows are used this value must also be increased. This option
      can be changed via sysctl(8)
      as well.
- options BUFCACHE=value
- Size of the buffer cache as a percentage of total available RAM. Ignored
      if BUFPAGES is also specified.
- options NBUF=value
- Sets the number of buffer headers available, i.e., the number of open
      files that may have a buffer cache entry. Each buffer header requires
      MAXBSIZE (machine dependent, but usually 65536) bytes. The default value
      is machine dependent, but is usually equal to the value of BUFPAGES.
- options BUFPAGES=value
- These options set the number of pages available for the buffer cache.
      Their default value is a machine dependent value, often calculated as
      between 5% and 10% of total available RAM.
- options MAXTSIZ=bytes
- Sets the maximum size limit of a process' text segment. See
      /usr/include/machine/vmparam.h for the
      port-specific default.
- options DFLDSIZ=bytes
- Sets the default size limit of a process' data segment, the value that
      will be returned as the soft limit for RLIMIT_DATA(as returned by
      getrlimit(2)). See
      /usr/include/machine/vmparam.h for the
      port-specific default.
- options MAXDSIZ=bytes
- Sets the maximum size limit of a process' data segment, the value that
      will be returned as the hard limit for RLIMIT_DATA(as returned by
      getrlimit(2)). See
      /usr/include/machine/vmparam.h for the
      port-specific default.
- options DFLSSIZ=bytes
- Sets the default size limit of a process' stack segment, the value that
      will be returned as the soft limit for
      RLIMIT_STACK(as returned by
      getrlimit(2)). See
      /usr/include/machine/vmparam.h for the
      port-specific default.
- options MAXSSIZ=bytes
- Sets the maximum size limit of a process' stack segment, the value that
      will be returned as the hard limit for
      RLIMIT_STACK(as returned by
      getrlimit(2)). See
      /usr/include/machine/vmparam.h for the
      port-specific default.
- options DUMP_ON_PANIC=integer
- Defaults to one. If set to zero, the kernel will not dump to the dump
      device when it panics, though dumps can still be forced via
      ddb(4) with the
      “sync” command. Note that this sets the value of the
      kern.dump_on_panic
      sysctl(3) variable which may
      be changed at run time — see
      sysctl(8) for details.
- options VMSWAP
- Enable paging device/file support. This option is on by default.
- options VMSWAP_DEFAULT_PLAINTEXT
- Store swap in plaintext, not encrypted, which may expose secrets if the
      underlying nonvolatile medium is disclosed. This option is off by default;
      it is available only for extremely slow machines where the performance
      impact of swapping early at boot outweighs the security risks. Swap
      encryption can still be turned on dynamically with the
      vm.swap_encrypt
      sysctl(7) knob.
- options PDPOLICY_CLOCKPRO
- Use CLOCK-Pro, an alternative page replace policy.
  - options INSECURE
- Initializes the kernel security level with -1 instead of 0. This means
      that the system always starts in secure level -1 mode, even when running
      multiuser, unless the securelevel variable is set to value > -1 in
      /etc/rc.conf. In this case the kernel security
      level will be raised to that value when the
      /etc/rc.d/securelevel script is run during system
      startup. See the manual page for
      init(8) for details on the
      implications of this. The kernel secure level may manipulated by the
      superuser by altering the kern.securelevel
      sysctl(3) variable (the
      secure level may only be lowered by a call from process ID 1, i.e.,
      init(8)). See also
      secmodel_securelevel(9),
      sysctl(8) and
      sysctl(3).
- options VERIFIED_EXEC_FP_SHA256
- Enables support for SHA256 hashes in Veriexec.
- options VERIFIED_EXEC_FP_SHA384
- Enables support for SHA384 hashes in Veriexec.
- options VERIFIED_EXEC_FP_SHA512
- Enables support for SHA512 hashes in Veriexec.
- options PAX_MPROTECT=value
- Enables PaX MPROTECT,
      mprotect(2) restrictions
      from the PaX project.
    The value is the default value for the
        global knob, see
        sysctl(3). If 0, PaX
        MPROTECT will be enabled only if explicitly set on programs using
        paxctl(8). If 1, PaX
        MPROTECT will be enabled for all programs. Programs can be exempted
        using paxctl(8). See
        security(7) for more
        details. 
- options PAX_SEGVGUARD=value
- Enables PaX Segvguard. Requires options FILEASSOC.The value is the default value for the
        global knob, see
        sysctl(3). If 0, PaX
        Segvguard will be enabled only if explicitly set on programs using
        paxctl(8). If 1, PaX
        Segvguard will be enabled to all programs, and exemption can be done
        using paxctl(8). See
        security(7) for more
        details. 
- options PAX_ASLR=value
- Enables PaX ASLR.
    The value is the default value for the
        global knob, see
        sysctl(3). If 0, PaX ASLR
        will be enabled only if explicitly set on programs using
        paxctl(8). If 1, PaX ASLR
        will be enabled to all programs, and exemption can be done using
        paxctl(8). See
        security(7) for more
        details. 
- options USER_VA0_DISABLE_DEFAULT=value
- Sets the initial value of the flag which controls whether user programs
      can map virtual address 0. The flag can be changed at runtime by
      sysctl(3).
- options KASAN
- Enables Kernel Address Sanitizer. NOTE: not available on
      all architectures.
- options KASLR
- Enables Kernel ASLR. This randomizes the location of the kernel image in
      memory. NOTE: not available on all architectures.
- options SVS
- Enables Separate Virtual Space. On architectures that are designed to
      function with a shared address space, this option explicitly isolates the
      kernel and user spaces. NOTE: not available on all
      architectures.
  - options BB060STUPIDROM
- When the bootloader (which passes AmigaOS ROM information) claims we have
      a 68060 CPU without FPU, go look into the Processor Configuration Register
      (PCR) to find out. You need this with Amiga ROMs up to (at least) V40.xxx
      (OS3.1), when you boot via the bootblocks and don't have a DraCo.
- options IOBZCLOCK=frequency
- The IOBlix boards come with two different serial master clocks: older ones
      use 24 MHz, newer ones use 22.1184 MHz. The driver normally assumes the
      latter. If your board uses 24 MHz, you can recompile your kernel with
      options IOBZCLOCK=24000000 or patch the kernel variable iobzclock to the
      same value.
- options LIMITMEM=value
- If there, limit the part of the first memory bank used by
      NetBSD to value megabytes. Default is
    unlimited.
- options P5PPC68KBOARD
- Add special support for Phase5 mixed 68k+PPC boards. Currently, this only
      affects rebooting from NetBSD and is only needed
      on 68040+PPC, not on 68060+PPC; without this, affected machines will hang
      after NetBSD has shut down and will only restart
      after a keyboard reset or a power cycle.
  - options DISKLABEL_AHDI
- Include support for AHDI (native Atari) disklabels.
- options DISKLABEL_NBDA
- Include support for NetBSD/atari labels. If you
      don't set this option, it will be set automatically.
      NetBSD/atari will not work without it.
- options FALCON_SCSI
- Include support for the 5380-SCSI configuration as found on the
    Falcon.
- options RELOC_KERNEL
- If set, the kernel will relocate itself to TT-RAM, if possible. This will
      give you a slightly faster system. Beware that on some
      TT030 systems, the system will frequently dump with MMU-faults with this
      option enabled.
- options SERCONSOLE
- Allow the modem1-port to act as the system-console. A carrier should be
      active on modem1 during system boot to active the console
    functionality.
- options TT_SCSI
- Include support for the 5380-SCSI configuration as found on the TT030 and
      Hades.
  - options CPURESET_DELAY=value
- Specifies the time (in millisecond) to wait before doing a hardware reset
      in the last phase of a reboot. This gives the user a chance to see error
      messages from the shutdown operations (like NFS unmounts, buffer cache
      flush, etc ...). Setting this to 0 will disable the delay. Default is 2
      seconds.
- options USER_LDT
- Include i386-specific system calls for modifying the local descriptor
      table, used by Windows emulators.
- options PAE
- Enable PAE (Physical Address Extension) mode. PAE permits up to 36 bits
      physical addressing (64GB of physical memory), and turns physical
      addresses to 64 bits entities in the memory management subsystem. Userland
      virtual address space remains at 32 bits (4GB). PAE mode is required to
      enable the NX/XD (No-eXecute/eXecute Disable) bit for pages, which allows
      marking certain ones as not being executable. Any attempt to execute code
      from such a page will raise an exception.
- options REALBASEMEM=integer
- Overrides the base memory size passed in from the boot block. (Value given
      in kilobytes.) Use this option only if the boot block reports the size
      incorrectly. (Note that some BIOSes put the extended BIOS data area at the
      top of base memory, and therefore report a smaller base memory size to
      prevent programs overwriting it. This is correct behavior, and you should
      not use the REALBASEMEM option to access this
    memory).
- options SPECTRE_V2_GCC_MITIGATION=1
- Enable GCC-specific Spectre variant 2 mitigations. For 32-bit kernels this
      means these options:
    
    
-mindirect-branch=thunk -mindirect-branch-register
    
 For 64-bit kernels this means these options: 
    
-mindirect-branch=thunk-inline -mindirect-branch-register
    
 
- options REALEXTMEM=integer
- Overrides the extended memory size passed in from the boot block. (Value
      given in kilobytes. Extended memory does not include the first megabyte.)
      Use this option only if the boot block reports the size incorrectly.
- options CYRIX_CACHE_WORKS
- Relevant only to the Cyrix 486DLC CPU. This option is used to turn on the
      cache in hold-flush mode. It is not turned on by default because it is
      known to have problems in certain motherboard implementations.
- options CYRIX_CACHE_REALLY_WORKS
- Relevant only to the Cyrix 486DLC CPU. This option is used to turn on the
      cache in write-back mode. It is not turned on by default because it is
      known to have problems in certain motherboard implementations. In order
      for this option to take effect, option CYRIX_CACHE_WORKS
      must also be specified.
- options PCIBIOS
- Enable support for initializing the PCI bus using information from the
      BIOS. See pcibios(4) for
      details.
- options MTRR
- Include support for accessing MTRR registers from user-space. See
      i386_get_mtrr(2).
- options BEEP_ONHALT
- Make the system speaker emit several beeps when it is completely safe to
      power down the computer after a
      halt(8) command. Requires
      sysbeep(4) support.
- options BEEP_ONHALT_COUNT=times
- Number of times to beep the speaker when options
      BEEP_ONHALTis enabled. Defaults to 3.
- options BEEP_ONHALT_PITCH=hz
- The tone frequency used when options BEEP_ONHALToption, in hertz. Defaults to 1500.
- options BEEP_ONHALT_PERIOD=msecs
- The duration of each beep when options BEEP_ONHALTis enabled, in milliseconds. Defaults to 250.
- options MULTIBOOT
- Makes the kernel Multiboot-compliant, allowing it to be booted through a
      Multiboot-compliant boot manager such as GRUB. See
      multiboot(8) for more
      information.
- options SPLASHSCREEN
- Display a splash screen during boot.
Options specific to isa(4) busses.
  - options PCIC_ISA_ALLOC_IOBASE=address,
    PCIC_ISA_ALLOC_IOSIZE=size
- Control the section of IO bus space used for PCMCIA bus space mapping.
      Ideally the probed defaults are satisfactory, however in practice that is
      not always the case. See
      pcmcia(4) for details.
- options PCIC_ISA_INTR_ALLOC_MASK=mask
- Controls the allowable interrupts that may be used for PCMCIA devices.
      This mask is a logical-or of power-of-2s of allowable interrupts:
    
    
IRQ Val      IRQ Val      IRQ Val       IRQ Val
 0  0x0001    4  0x0010    8  0x0100    12  0x1000
 1  0x0002    5  0x0020    9  0x0200    13  0x2000
 2  0x0004    6  0x0040   10  0x0400    14  0x4000
 3  0x0008    7  0x0080   11  0x0800    15  0x8000
    
 
- options PCKBC_CNATTACH_SELFTEST
- Perform a self test of the keyboard controller before attaching it as a
      console. This might be necessary on machines where we boot on cold iron,
      and pckbc refuses to talk until we request a self test. Currently only the
      netwinder port uses it.
- options PCKBD_CNATTACH_MAY_FAIL
- If this option is set the PS/2 keyboard will not be used as the console if
      it cannot be found during boot. This allows other keyboards, like USB, to
      be the console keyboard.
- options PCKBD_LAYOUT=layout
- Sets the default keyboard layout, see
      pckbd(4).
  - options FPU_EMULATE
- Include support for MC68881/MC68882 emulator.
- options FPSP
- Include support for 68040 floating point.
- options M68020,M68030,M68040,M68060
- Include support for a specific CPU, at least one (the one you are using)
      should be specified.
- options M060SP
- Include software support for 68060. This provides emulation of
      unimplemented integer instructions as well as emulation of unimplemented
      floating point instructions and data types and software support for
      floating point traps.
  - options PMAP_MEMLIMIT=value
- Limit the amount of memory seen by the kernel to
      value bytes.
- options PTEGCOUNT=value
- Specify the size of the page table as value PTE
      groups. Normally, one PTEG is allocated per physical page frame.
  - options AUDIO_DEBUG
- Enable simple event debugging of the logging of the
      audio(4) device.
- options BLINK
- Enable blinking of LED. Blink rate is full cycle every N seconds for N
      < then current load average. See
      getloadavg(3).
- options COUNT_SW_LEFTOVERS
- Count how many times the sw SCSI device has left 3, 2, 1 and 0 in the
      sw_3_leftover, sw_2_leftover, sw_1_leftover, and sw_0_leftover variables
      accessible from ddb(4). See
      sw(4).
- options DEBUG_ALIGN
- Adds debugging messages calls when user-requested alignment fault handling
      happens.
- options DEBUG_EMUL
- Adds debugging messages calls for emulated floating point and alignment
      fixing operations.
- options EXTREME_DEBUG
- Adds debugging functions callable from
      ddb(4). The debug_pagetables,
      test_region and print_fe_map functions print information about page tables
      for the SUN4M platforms only.
- options EXTREME_EXTREME_DEBUG
- Adds extra info to options EXTREME_DEBUG.
- options FPU_CONTEXT
- Make options COMPAT_SVR4 getcontext and setcontext
      include floating point registers.
- options MAGMA_DEBUG
- Adds debugging messages to the
      magma(4) device.
- options RASTERCONS_FULLSCREEN
- Use the entire screen for the console.
- options RASTERCONS_SMALLFONT
- Use the Fixed font on the console, instead of the normal font.
- options SUN4
- Support sun4 class machines.
- options SUN4C
- Support sun4c class machines.
- options SUN4M
- Support sun4m class machines.
- options SUN4_MMU3L
- Enable support for sun4 3-level MMU machines.
- options V9
- Enable SPARC V9 assembler in
      ddb(4).
  - options AUDIO_DEBUG
- Enable simple event debugging of the logging of the
      audio(4) device.
- options BLINK
- Enable blinking of LED. Blink rate is full cycle every N seconds for N
      < then current load average. See
      getloadavg(3).
  - options EXTENDED_MEMORY
- Include support for extended memory, e.g., TS-6BE16 and 060turbo
    on-board.
- options JUPITER
- Include support for Jupiter-X MPU accelerator
- options ZSCONSOLE,ZSCN_SPEED=value
- Use the built-in serial port as the system-console. Speed is specified in
      bps, defaults to 9600.
- options ITE_KERNEL_ATTR=value
- Set the kernel message attribute for ITE. Value, an integer, is a logical
      or of the following values:
    
    
      - 1
- color inversed
- 2
- underlined
- 4
- bolded
 
 
  - options NO_PCI_MSI_MSIX
- Disable support for MSI/MSIX in the kernel. See
      pci_msi(9) for details of
      MSI/MSIX support
- options NO_PREEMPTION
- Disables kpreempt(9)
      support in the kernel.
config(1),
  gcc(1),
  gdb(1),
  ktrace(1),
  quota(1),
  vndcompress(1),
  gettimeofday(2),
  i386_get_mtrr(2),
  i386_iopl(2),
  msgctl(2),
  msgget(2),
  msgrcv(2),
  msgsnd(2),
  ntp_adjtime(2),
  ntp_gettime(2),
  reboot(2),
  semctl(2),
  semget(2),
  semop(2),
  shmat(2),
  shmctl(2),
  shmdt(2),
  shmget(2),
  sysctl(3),
  apm(4),
  ddb(4),
  inet(4),
  md(4),
  pcibios(4),
  pcmcia(4),
  ppp(4),
  userconf(4),
  vnd(4),
  wscons(4),
  config(5),
  edquota(8),
  init(8),
  mdsetimage(8),
  mount_cd9660(8),
  mount_fdesc(8),
  mount_kernfs(8),
  mount_lfs(8),
  mount_mfs(8),
  mount_msdos(8),
  mount_nfs(8),
  mount_ntfs(8),
  mount_null(8),
  mount_portal(8),
  mount_procfs(8),
  mount_udf(8),
  mount_umap(8),
  mount_union(8),
  mrouted(8),
  newfs_lfs(8),
  ntpd(8),
  quotaon(8),
  rpc.rquotad(8),
  sysctl(8),
  cnmagic(9),
  in_getifa(9),
  kernhist(9)
Theoptions man page first appeared in
  NetBSD 1.3.