1 .\" $NetBSD: ifconfig.8,v 1.109 2014/10/20 14:50:09 roy Exp $
3 .\" Copyright (c) 1983, 1991, 1993
4 .\" The Regents of the University of California. All rights reserved.
6 .\" Redistribution and use in source and binary forms, with or without
7 .\" modification, are permitted provided that the following conditions
9 .\" 1. Redistributions of source code must retain the above copyright
10 .\" notice, this list of conditions and the following disclaimer.
11 .\" 2. Redistributions in binary form must reproduce the above copyright
12 .\" notice, this list of conditions and the following disclaimer in the
13 .\" documentation and/or other materials provided with the distribution.
14 .\" 3. Neither the name of the University nor the names of its contributors
15 .\" may be used to endorse or promote products derived from this software
16 .\" without specific prior written permission.
18 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 .\" @(#)ifconfig.8 8.4 (Berkeley) 6/1/94
37 .Nd configure network interface parameters
41 .Ar interface address_family
50 .Op Ar protocol_family
54 .Op Ar protocol_family
68 is used to assign an address
69 to a network interface and/or configure
70 network interface parameters.
72 must be used at boot time to define the network address
73 of each interface present on a machine; it may also be used at
74 a later time to redefine an interface's address
75 or other operating parameters.
77 Available operands for
84 the address is either a host name present in the host name data
89 Internet address expressed in the Internet standard
91 For the Xerox Network Systems(tm) family,
96 is the assigned network number
98 and each of the six bytes of the host number,
102 are specified in hexadecimal.
103 The host number may be omitted on Ethernet interfaces,
104 which use the hardware physical address,
105 and on interfaces other than the first.
108 family, addresses are specified as a long hexadecimal string,
109 as in the Xerox family.
110 However, two consecutive dots imply a zero
111 byte, and the dots are optional, if the user wishes to
113 count out long strings of digits in network byte order.
114 .It Ar address_family
117 which affects interpretation of the remaining parameters.
118 Since an interface can receive transmissions in differing protocols
119 with different naming schemes, specifying the address family is recommended.
120 The address or protocol families currently
131 parameter is a string of the form
137 The following parameters may be set with
139 .Bl -tag -width dest_addressxx
141 This keyword applies when
143 adds or modifies any link-layer address.
149 Activation makes an address the default source for transmissions
151 You may not delete the active address from an interface.
152 You must activate some other address, first.
156 pseudo-device, set the base advertisement interval to
159 This ia an 8-bit number; the default value is 1 second.
163 pseudo-device, skew the advertisement interval by
165 This is an 8-bit number; the default value is 0.
169 indicate how frequently, in seconds, the host will advertise the fact that it
170 considers itself the master of the virtual host.
176 If the master does not advertise within three times this interval, this host
177 will begin advertising as master.
179 Establish an additional network address for this interface.
180 This is sometimes useful when changing network numbers, and
181 one wishes to accept packets addressed to the old interface.
183 Remove the specified network address alias.
185 Enable the use of the Address Resolution Protocol in mapping
186 between network level addresses and link level addresses
188 This is currently implemented for mapping between
191 addresses and Ethernet addresses.
193 Disable the use of the Address Resolution Protocol.
196 Set the IPv6 anycast address bit.
199 Clear the IPv6 anycast address bit.
200 .It Cm broadcast Ar mask
202 Specify the address to use to represent broadcasts to the
204 The default broadcast address is the address with a host part of all 1's.
205 .It Cm carpdev Ar iface
208 pseudo-device, attach it to
210 If not specified, the kernel will attempt to select an interface with
211 a subnet matching that of the carp interface.
213 Enable driver dependent debugging code; usually, this turns on
214 extra console error logging.
216 Disable driver dependent debugging code.
218 Remove the network address specified.
219 This would be used if you incorrectly specified an alias, or it
220 was no longer needed.
221 If you have incorrectly set an NS address having the side effect
222 of specifying the host portion, removing all NS addresses will
223 allow you to respecify the host portion.
225 does not work for IPv6 addresses.
228 with explicit IPv6 address instead.
230 Specify the address of the correspondent on the other end
231 of a point to point link.
233 Mark an interface ``down''.
235 marked ``down'', the system will not attempt to
236 transmit messages through that interface.
237 If possible, the interface will be reset to disable reception as well.
238 This action does not automatically disable routes using the interface.
240 This is used to specify an Internet host who is willing to receive
241 ip packets encapsulating NS packets bound for a remote network.
242 An apparent point to point link is constructed, and
243 the address specified will be taken as the NS address and network
247 packets is done differently.
249 Set the media type of the interface to
251 Some interfaces support the mutually exclusive use of one of several
252 different physical media connectors.
253 For example, a 10Mb/s Ethernet
254 interface might support the use of either
256 or twisted pair connectors.
257 Setting the media type to
261 would change the currently active connector to the AUI port.
266 would activate twisted pair.
267 Refer to the interfaces' driver
268 specific man page for a complete list of the available types
271 manual page for a list of media types.
275 .It Cm mediaopt Ar opts
276 Set the specified media options on the interface.
278 is a comma delimited list of options to apply to the interface.
279 Refer to the interfaces' driver specific man page for a complete
280 list of available options.
283 manual page for a list of media options.
284 .It Fl mediaopt Ar opts
285 Disable the specified media options on the interface.
287 If the driver supports the media selection system, set the specified
288 operating mode on the interface to
290 For IEEE 802.11 wireless interfaces that support multiple operating modes
291 this directive is used to select between 802.11a
298 .It Cm instance Ar minst
299 Set the media instance to
301 This is useful for devices which have multiple physical layer interfaces
303 Setting the instance on such devices may not be strictly required
304 by the network interface driver as the driver may take care of this
305 automatically; see the driver's manual page for more information.
307 Set the routing metric of the interface to
310 The routing metric is used by the routing protocol
312 Higher metrics have the effect of making a route
313 less favorable; metrics are counted as addition hops
314 to the destination network or host.
316 Set the maximum transmission unit of the interface to
318 Most interfaces don't support this option.
319 .It Cm netmask Ar mask
320 .Pq inet, inet6, and ISO
321 Specify how much of the address to reserve for subdividing
322 networks into sub-networks.
323 The mask includes the network part of the local address
324 and the subnet part, which is taken from the host field of the address.
325 The mask can be specified as a single hexadecimal number
326 with a leading 0x, with a dot-notation Internet address,
327 or with a pseudo-network name listed in the network table
329 The mask contains 1's for the bit positions in the 32-bit address
330 which are to be used for the network and subnet parts,
331 and 0's for the host part.
332 The mask should contain at least the standard network portion,
333 and the subnet field should be contiguous with the network
336 For INET and INET6 addresses, the netmask can also be given with
337 slash-notation after the address
338 .Pq e.g 192.168.17.3/24 .
341 .It Cm nsellength Ar n
344 This specifies a trailing number of bytes for a received
346 used for local identification, the remaining leading part of which is
349 .Pq Network Entity Title .
350 The default value is 1, which is conformant to US
352 When an ISO address is set in an ifconfig command,
355 which is being specified.
358 20 hex digits should be
361 to be assigned to the interface.
362 There is some evidence that a number different from 1 may be useful
366 .It Cm state Ar state
369 pseudo-device to enter this state.
375 .It Cm frag Ar threshold
376 .Pq IEEE 802.11 devices only
377 Configure the fragmentation threshold for IEEE 802.11-based wireless
379 .It Cm rts Ar threshold
380 .Pq IEEE 802.11 devices only
381 Configure the RTS/CTS threshold for IEEE 802.11-based wireless
383 This controls the number of bytes used for the RTS/CTS handshake boundary.
386 can be any value between 0 and 2347.
387 The default is 2347, which indicates the RTS/CTS mechanism should not be used.
389 .Pq IEEE 802.11 devices only
390 Configure the Service Set Identifier (a.k.a. the network name)
391 for IEEE 802.11-based wireless network interfaces.
394 can either be any text string up to 32 characters in length,
395 or a series of up to 64 hexadecimal digits preceded by
399 to the empty string allows the interface to connect to any available
405 .Pq IEEE 802.11 devices only
406 When operating as an access point, do not broadcast the SSID
407 in beacon frames or respond to probe request frames unless
408 they are directed to the ap (i.e., they include the ap's SSID).
409 By default, the SSID is included in beacon frames and
410 undirected probe request frames are answered.
412 .Pq IEEE 802.11 devices only
413 When operating as an access point, broadcast the SSID
414 in beacon frames and answer and respond to undirected probe
415 request frames (default).
417 .Pq IEEE 802.11 devices only
418 Enable WEP encryption for IEEE 802.11-based wireless network interfaces
423 can either be a string, a series of hexadecimal digits preceded by
425 or a set of keys in the form
429 specifies which of keys will be used for all transmitted packets,
434 are configured as WEP keys.
435 Note that the order must be match within same network if multiple keys
437 For IEEE 802.11 wireless network, the length of each key is restricted to
438 40 bits, i.e. 5-character string or 10 hexadecimal digits,
439 while the WaveLAN/IEEE Gold cards accept the 104 bits
442 .It Cm nwkey Cm persist
443 .Pq IEEE 802.11 devices only
444 Enable WEP encryption for IEEE 802.11-based wireless network interfaces
445 with the persistent key written in the network card.
446 .It Cm nwkey Cm persist: Ns Ar key
447 .Pq IEEE 802.11 devices only
450 to the persistent memory of the network card, and
451 enable WEP encryption for IEEE 802.11-based wireless network interfaces
455 .Pq IEEE 802.11 devices only
456 Disable WEP encryption for IEEE 802.11-based wireless network interfaces.
458 .Pq IEEE 802.11 devices only
459 When operating as an access point, pass packets between
460 wireless clients directly (default).
462 .Pq IEEE 802.11 devices only
463 When operating as an access point, pass packets through
464 the system so that they can be forwared using some other mechanism.
465 Disabling the internal bridging is useful when traffic
466 is to be processed with packet filtering.
467 .It Cm pass Ar passphrase
470 pseudo-device, set the authentication key to
472 There is no passphrase by default
474 .Pq IEEE 802.11 devices only
475 Enable 802.11 power saving mode.
477 .Pq IEEE 802.11 devices only
478 Disable 802.11 power saving mode.
479 .It Cm powersavesleep Ar duration
480 .Pq IEEE 802.11 devices only
481 Set the receiver sleep duration in milliseconds for 802.11 power saving mode.
482 .It Cm bssid Ar bssid
483 .Pq IEEE 802.11 devices only
484 Set the desired BSSID for IEEE 802.11-based wireless network interfaces.
486 .Pq IEEE 802.11 devices only
487 Unset the desired BSSID for IEEE 802.11-based wireless network interfaces.
488 The interface will automatically select a BSSID in this mode, which is
491 .Pq IEEE 802.11 devices only
494 to be used for IEEE 802.11-based wireless network interfaces.
496 .Pq IEEE 802.11 devices only
497 Unset the desired channel to be used
498 for IEEE 802.11-based wireless network interfaces.
499 It doesn't affect the channel to be created for IBSS or hostap mode.
501 .Pq IEEE 802.11 devices only
502 Display the access points and/or ad-hoc neighbors
503 located in the vicinity.
506 flag may be used to display long SSIDs.
508 also causes received information elements to be displayed symbolically.
509 The interface must be up before any scanning operation.
510 Only the super-user can use this command.
511 .It Cm tunnel Ar src_addr Ns Oo Ar ,src_port Oc Ar dest_addr Ns Oo Ar ,dest_port
513 .Pq IP tunnel devices only
514 Configure the physical source and destination address for IP tunnel
515 interfaces, including
521 are interpreted as the outer source/destination for the encapsulating
526 interface in UDP mode, the arguments
530 are interpreted as the outer source/destination port for the encapsulating
533 Unconfigure the physical source and destination address for IP tunnel
534 interfaces previously configured with
537 Create the specified network pseudo-device.
539 Destroy the specified network pseudo-device.
542 Set preferred lifetime for the address.
543 .It Cm prefixlen Ar n
544 .Pq inet and inet6 only
547 but you can specify by prefix length by digits.
550 Set the IPv6 deprecated address bit.
553 Clear the IPv6 deprecated address bit.
557 .Pq lowermost 64bit of an IPv6 address
560 Enable special processing of the link level of the interface.
561 These three options are interface specific in actual effect, however,
562 they are in general used to select special modes of operation.
564 of this is to enable SLIP compression, or to select the connector type
565 for some Ethernet cards.
566 Refer to the man page for the specific driver
567 for more information.
569 Disable special processing at the link level with the specified interface.
571 Set a link-level string parameter for the interface.
572 This functionality varies from interface to interface.
573 Refer to the man page for the specific driver
574 for more information.
576 Remove an interface link-level string parameter.
578 Mark an interface ``up''.
579 This may be used to enable an interface after an ``ifconfig down.''
580 It happens automatically when setting the first address on an interface.
581 If the interface was reset when previously marked down,
582 the hardware will be re-initialized.
586 pseudo-device, set the virtual host ID to
588 Acceptable values are 1 to 255.
590 If the interface is a
592 pseudo-interface, set the VLAN identifier to
594 These are the first 12 bits (0-4095) from a 16-bit integer used
595 to create an 802.1Q VLAN header for packets sent from the
602 must be set at the same time.
603 .It Cm vlanif Ar iface
604 If the interface is a
606 pseudo-interface, associate the physical interface
609 Packets transmitted through the
611 interface will be diverted to the specified physical interface
613 with 802.1Q VLAN encapsulation.
614 Packets with 802.1Q encapsulation received
615 by the physical interface with the correct VLAN tag will be diverted to the
619 The VLAN interface is assigned a copy of the physical
620 interface's flags and
625 interface already has a physical interface associated with it, this command
627 To change the association to another physical interface, the
628 existing association must be cleared first.
633 must be set at the same time.
634 .It Cm -vlanif Ar iface
640 .It Cm agrport Ar iface
646 .It Cm -agrport Ar iface
654 Set valid lifetime for the address.
657 .Dq ip4csum-tx ip4csum-rx
660 .Dq -ip4csum-tx -ip4csum-rx
663 .Dq tcp4csum-tx tcp4csum-rx
666 .Dq -tcp4csum-tx -tcp4csum-rx
669 .Dq udp4csum-tx udp4csum-rx
672 .Dq -udp4csum-tx -udp4csum-rx
675 .Dq tcp6csum-tx tcp6csum-rx
678 .Dq -tcp6csum-tx -tcp6csum-rx
681 .Dq udp6csum-tx udp6csum-rx
684 .Dq -udp6csum-tx -udp6csum-rx
686 Enable hardware-assisted IPv4 header checksums for the out-bound direction.
688 Disable hardware-assisted IPv4 header checksums for the out-bound direction.
690 Enable hardware-assisted IPv4 header checksums for the in-bound direction.
692 Disable hardware-assisted IPv4 header checksums for the in-bound direction.
694 Enable hardware-assisted TCP/IPv4 checksums for the out-bound direction.
696 Disable hardware-assisted TCP/IPv4 checksums for the out-bound direction.
698 Enable hardware-assisted TCP/IPv4 checksums for the in-bound direction.
700 Disable hardware-assisted TCP/IPv4 checksums for the in-bound direction.
702 Enable hardware-assisted UDP/IPv4 checksums for the out-bound direction.
704 Disable hardware-assisted UDP/IPv4 checksums for the out-bound direction.
706 Enable hardware-assisted UDP/IPv4 checksums for the in-bound direction.
708 Disable hardware-assisted UDP/IPv4 checksums for the in-bound direction.
710 Enable hardware-assisted TCP/IPv6 checksums for the out-bound direction.
712 Disable hardware-assisted TCP/IPv6 checksums for the out-bound direction.
714 Enable hardware-assisted TCP/IPv6 checksums for the in-bound direction.
716 Disable hardware-assisted TCP/IPv6 checksums for the in-bound direction.
718 Enable hardware-assisted UDP/IPv6 checksums for the out-bound direction.
720 Disable hardware-assisted UDP/IPv6 checksums for the out-bound direction.
722 Enable hardware-assisted UDP/IPv6 checksums for the in-bound direction.
724 Disable hardware-assisted UDP/IPv6 checksums for the in-bound direction.
726 Enable hardware-assisted TCP/IPv4 segmentation on interfaces that
729 Disable hardware-assisted TCP/IPv4 segmentation on interfaces that
732 Enable hardware-assisted TCP/IPv6 segmentation on interfaces that
735 Disable hardware-assisted TCP/IPv6 segmentation on interfaces that
740 pseudo-device, indicate the maximum number
741 of updates for a single state which can be collapsed into one.
742 This is an 8-bit number; the default value is 128.
743 .It Cm syncdev Ar iface
746 pseudo-device, use the specified interface
747 to send and receive pfsync state synchronisation messages.
751 pseudo-device, stop sending pfsync state
752 synchronisation messages over the network.
753 .It Cm syncpeer Ar peer_address
756 pseudo-device, make the pfsync link point-to-point rather than using
757 multicast to broadcast the state synchronisation messages.
758 The peer_address is the IP address of the other host taking part in
762 traffic can be protected using
767 pseudo-device, broadcast the packets using multicast.
771 displays the current configuration for a network interface
772 when no optional parameters are supplied.
773 If a protocol family is specified,
775 will report only the details specific to that protocol
780 flag is passed before an interface name,
782 will attempt to query the interface for its media status.
784 interface supports reporting media status, and it reports that it does
785 not appear to be connected to a network,
787 will exit with status of 1
789 otherwise, it will exit with a
793 Not all interface drivers support media
798 flag is passed before an interface name,
800 will display all of the supported media for the specified interface.
803 flag is supplied, address lifetime is displayed for IPv6 addresses,
804 as time offset string.
808 flag may be used instead of an interface name.
811 to display information about all interfaces in the system.
812 This is also the default behaviour when no arguments are given to
817 is used, the output can be modified by adding more flags:
819 limits this to interfaces that are down,
821 limits this to interfaces that are up,
823 limits this to broadcast interfaces, and
825 omits interfaces which appear not to be connected to a network.
829 flag may be used to list all available interfaces on the system, with
830 no other additional information.
831 Use of this flag is mutually exclusive
832 with all other flags and commands, except for
834 .Pq only list interfaces that are down ,
836 .Pq only list interfaces that are up ,
838 .Pq only list interfaces that may be connected ,
840 .Pq only list broadcast interfaces .
844 flag may be used to list all of the interface cloners available on
845 the system, with no additional information.
847 mutually exclusive with all other flags and commands.
851 flag prints statistics on packets sent and received on the given
855 is used in conjunction with
857 the byte statistics will be printed in "human-readable" format.
860 flag is identical to the
862 flag except that it zeros the interface input and output statistics
867 flag may be used to wait
871 flag to be removed from all addresses.
872 0 seconds means to wait indefinitely until all addresses no longer have the
878 flag is just the opposite of the
886 to try to resolve numbers to hostnames or to service names.
889 behavior is to print numbers instead of names.
891 Only the super-user may modify the configuration of a network interface.
893 Add a link-layer (MAC) address to an Ethernet:
895 .Ic ifconfig sip0 link 00:11:22:33:44:55
897 Add and activate a link-layer (MAC) address:
899 .Ic ifconfig sip0 link 00:11:22:33:44:55 active
901 Messages indicating the specified interface does not exist, the
902 requested address is unknown, or the user is not privileged and
903 tried to alter an interface's configuration.