2 .\" Sun Microsystems, Inc. gratefully acknowledges The Open Group for
3 .\" permission to reproduce portions of its copyrighted documentation.
4 .\" Original documentation from The Open Group can be obtained online at
5 .\" http://www.opengroup.org/bookstore/.
7 .\" The Institute of Electrical and Electronics Engineers and The Open
8 .\" Group, have given us permission to reprint portions of their
11 .\" In the following statement, the phrase ``this text'' refers to portions
12 .\" of the system documentation.
14 .\" Portions of this text are reprinted and reproduced in electronic form
15 .\" in the SunOS Reference Manual, from IEEE Std 1003.1, 2004 Edition,
16 .\" Standard for Information Technology -- Portable Operating System
17 .\" Interface (POSIX), The Open Group Base Specifications Issue 6,
18 .\" Copyright (C) 2001-2004 by the Institute of Electrical and Electronics
19 .\" Engineers, Inc and The Open Group. In the event of any discrepancy
20 .\" between these versions and the original IEEE and The Open Group
21 .\" Standard, the original IEEE and The Open Group Standard is the referee
22 .\" document. The original Standard can be obtained online at
23 .\" http://www.opengroup.org/unix/online.html.
25 .\" This notice shall appear on any product containing this material.
27 .\" The contents of this file are subject to the terms of the
28 .\" Common Development and Distribution License (the "License").
29 .\" You may not use this file except in compliance with the License.
31 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
32 .\" or http://www.opensolaris.org/os/licensing.
33 .\" See the License for the specific language governing permissions
34 .\" and limitations under the License.
36 .\" When distributing Covered Code, include this CDDL HEADER in each
37 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
38 .\" If applicable, add the following below this CDDL HEADER, with the
39 .\" fields enclosed by brackets "[]" replaced with your own identifying
40 .\" information: Portions Copyright [yyyy] [name of copyright owner]
43 .\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved
44 .\" Copyright 2016 Joyent, Inc.
46 .TH DLADM 8 "Dec 16, 2016"
48 dladm \- administer data links
52 \fBdladm show-link\fR [\fB-P\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIlink\fR]
53 \fBdladm rename-link\fR [\fB-R\fR \fIroot-dir\fR] \fIlink\fR \fInew-link\fR
58 \fBdladm delete-phys\fR \fIphys-link\fR
59 \fBdladm show-phys\fR [\fB-m\fR | \fB-H\fR | \fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIphys-link\fR]
64 \fBdladm create-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR \fIpolicy\fR] [\fB-L\fR \fImode\fR]
65 [\fB-T\fR \fItime\fR] [\fB-u\fR \fIaddress\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...] \fIaggr-link\fR
66 \fBdladm modify-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR \fIpolicy\fR] [\fB-L\fR \fImode\fR]
67 [\fB-T\fR \fItime\fR] [\fB-u\fR \fIaddress\fR] \fIaggr-link\fR
68 \fBdladm delete-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIaggr-link\fR
69 \fBdladm add-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...]
71 \fBdladm remove-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...]
73 \fBdladm show-aggr\fR [\fB-PLx\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]]
79 \fBdladm create-bridge\fR [\fB-P\fR \fIprotect\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR \fIpriority\fR]
80 [\fB-m\fR \fImax-age\fR] [\fB-h\fR \fIhello-time\fR] [\fB-d\fR \fIforward-delay\fR] [\fB-f\fR \fIforce-protocol\fR]
81 [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR
86 \fBdladm modify-bridge\fR [\fB-P\fR \fIprotect\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR \fIpriority\fR]
87 [\fB-m\fR \fImax-age\fR] [\fB-h\fR \fIhello-time\fR] [\fB-d\fR \fIforward-delay\fR] [\fB-f\fR \fIforce-protocol\fR]
93 \fBdladm delete-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fIbridge-name\fR
98 \fBdladm add-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR [\fB-l\fR \fIlink\fR...]\fIbridge-name\fR
103 \fBdladm remove-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR
108 \fBdladm show-bridge\fR [\fB-flt\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [[\fB-p\fR] \fB-o\fR \fIfield\fR,...]
114 \fBdladm create-vlan\fR [\fB-ft\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIether-link\fR \fB-v\fR \fIvid\fR [\fIvlan-link\fR]
115 \fBdladm delete-vlan\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIvlan-link\fR
116 \fBdladm show-vlan\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIvlan-link\fR]
121 \fBdladm scan-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIwifi-link\fR]
122 \fBdladm connect-wifi\fR [\fB-e\fR \fIessid\fR] [\fB-i\fR \fIbssid\fR] [\fB-k\fR \fIkey\fR,...]
123 [\fB-s\fR none | wep | wpa ] [\fB-a\fR open | shared] [\fB-b\fR bss | ibss] [\fB-c\fR]
124 [\fB-m\fR a | b | g] [\fB-T\fR \fItime\fR] [\fIwifi-link\fR]
125 \fBdladm disconnect-wifi\fR [\fB-a\fR] [\fIwifi-link\fR]
126 \fBdladm show-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIwifi-link\fR]
131 \fBdladm show-ether\fR [\fB-x\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIether-link\fR]
136 \fBdladm set-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] \fIlink\fR
137 \fBdladm reset-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR \fIprop\fR[,...]] \fIlink\fR
138 \fBdladm show-linkprop\fR [\fB-P\fR] [[\fB-c\fR] \fB-o\fR \fIfield\fR[,...]] [\fB-p\fR \fIprop\fR[,...]] [\fIlink\fR]
143 \fBdladm create-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-f\fR \fIfile\fR] \fB-c\fR \fIclass\fR \fIsecobj\fR
144 \fBdladm delete-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIsecobj\fR[,...]
145 \fBdladm show-secobj\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIsecobj\fR,...]
150 \fBdladm create-vnic\fR [\fB-t\fR] \fB-l\fR \fIlink\fR [\fB-R\fR \fIroot-dir\fR] [\fB-m\fR \fIvalue\fR | auto |
151 {factory \fB-n\fR \fIslot-identifier\fR]} | {random [\fB-r\fR \fIprefix\fR]}]
152 [\fB-v\fR \fIvlan-id\fR] [\fB-p\fR \fIprop\fR=\fIvalue\fR[,...]] \fIvnic-link\fR
153 \fBdladm delete-vnic\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIvnic-link\fR
154 \fBdladm show-vnic\fR [\fB-pP\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [\fB-o\fR \fIfield\fR[,...]]
155 [\fB-l\fR \fIlink\fR] [\fIvnic-link\fR]
160 \fBdladm create-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIetherstub\fR
161 \fBdladm delete-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIetherstub\fR
162 \fBdladm show-etherstub\fR [\fIetherstub\fR]
167 \fBdladm create-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-T\fR \fItype\fR
168 [-a {local|remote}=<addr>[,...]] \fIiptun-link\fR
169 \fBdladm modify-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [-a {local|remote}=<addr>[,...]]
171 \fBdladm delete-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIiptun-link\fR
172 \fBdladm show-iptun\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIiptun-link\fR]
177 \fBdladm show-usage\fR [\fB-a\fR] \fB-f\fR \fIfilename\fR [\fB-p\fR \fIplotfile\fR \fB-F\fR \fIformat\fR] [\fB-s\fR \fItime\fR]
178 [\fB-e\fR \fItime\fR] [\fIlink\fR]
183 The \fBdladm\fR command is used to administer data-links. A data-link is
184 represented in the system as a \fBSTREAMS DLPI\fR (v2) interface which can be
185 plumbed under protocol stacks such as \fBTCP/IP\fR. Each data-link relies on
186 either a single network device or an aggregation of devices to send packets to
187 or receive packets from a network.
190 Each \fBdladm\fR subcommand operates on one of the following objects:
198 A datalink, identified by a name. In general, the name can use any alphanumeric
199 characters (or the underscore, \fB_\fR), but must start with an alphabetic
200 character and end with a number. A datalink name can be at most 31 characters,
201 and the ending number must be between 0 and 4294967294 (inclusive). The ending
202 number must not begin with a zero. Datalink names between 3 and 8 characters
205 Some subcommands operate only on certain types or classes of datalinks. For
206 those cases, the following object names are used:
210 \fB\fBphys-link\fR\fR
220 \fB\fBvlan-link\fR\fR
230 \fB\fBaggr-link\fR\fR
234 An aggregation datalink (or a key; see NOTES).
240 \fB\fBether-link\fR\fR
244 A physical Ethernet datalink.
250 \fB\fBwifi-link\fR\fR
260 \fB\fBvnic-link\fR\fR
264 A virtual network interface created on a link or an \fBetherstub\fR. It is a
265 pseudo device that can be treated as if it were an network interface card on a
272 \fB\fBiptun-link\fR\fR
288 A network device, identified by concatenation of a driver name and an instance
295 \fB\fBetherstub\fR\fR
299 An Ethernet stub can be used instead of a physical NIC to create VNICs. VNICs
300 created on an \fBetherstub\fR will appear to be connected through a virtual
301 switch, allowing complete virtual networks to be built without physical
312 A bridge instance, identified by an administratively-chosen name. The name may
313 use any alphanumeric characters or the underscore, \fB_\fR, but must start and
314 end with an alphabetic character. A bridge name can be at most 31 characters.
315 The name \fBdefault\fR is reserved, as are all names starting with \fBSUNW\fR.
317 Note that appending a zero (\fB0\fR) to a bridge name produces a valid link
318 name, used for observability.
328 A secure object, identified by an administratively-chosen name. The name can
329 use any alphanumeric characters, as well as underscore (\fB_\fR), period
330 (\fB\&.\fR), and hyphen (\fB-\fR). A secure object name can be at most 32
336 Each \fBdladm\fR subcommand has its own set of options. However, many of the
337 subcommands have the following as a common option:
341 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
345 Specifies an alternate root directory where the operation-such as creation,
346 deletion, or renaming-should apply.
351 The following subcommands are supported:
355 \fB\fBdladm show-link\fR [\fB-P\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]]
356 [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]][\fIlink\fR]\fR
360 Show link configuration information (the default) or statistics, either for all
361 datalinks or for the specified link \fIlink\fR. By default, the system is
362 configured with one datalink for each known network device.
366 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR
370 A case-insensitive, comma-separated list of output fields to display. When not
371 modified by the \fB-s\fR option (described below), the field name must be one
372 of the fields listed below, or the special value \fBall\fR to display all
373 fields. By default (without \fB-o\fR), \fBshow-link\fR displays all fields.
381 The name of the datalink.
391 The class of the datalink. \fBdladm\fR distinguishes between the following
400 A physical datalink. The \fBshow-phys\fR subcommand displays more detail for
401 this class of datalink.
411 An IEEE 802.3ad link aggregation. The \fBshow-aggr\fR subcommand displays more
412 detail for this class of datalink.
422 A VLAN datalink. The \fBshow-vlan\fR subcommand displays more detail for this
433 A virtual network interface. The \fBshow-vnic\fR subcommand displays more
434 detail for this class of datalink.
446 The maximum transmission unit size for the datalink being displayed.
456 The link state of the datalink. The state can be \fBup\fR, \fBdown\fR, or
467 The name of the bridge to which this link is assigned, if any.
477 The physical datalink(s) over which the datalink is operating. This applies to
478 \fBaggr\fR, \fBbridge\fR, and \fBvlan\fR classes of datalinks. A VLAN is
479 created over a single physical datalink, a bridge has multiple attached links,
480 and an aggregation is comprised of one or more physical datalinks.
483 When the \fB-o\fR option is used in conjunction with the \fB-s\fR option, used
484 to display link statistics, the field name must be one of the fields listed
485 below, or the special value \fBall\fR to display all fields
493 The name of the datalink.
503 Number of packets received on this link.
513 Number of bytes received on this link.
523 Number of input errors.
533 Number of packets sent on this link.
543 Number of bytes sent on this link.
553 Number of output errors.
561 \fB\fB-p\fR, \fB--parsable\fR\fR
565 Display using a stable machine-parsable format. The \fB-o\fR option is
566 required with \fB-p\fR. See "Parsable Output Format", below.
572 \fB\fB-P\fR, \fB--persistent\fR\fR
576 Display the persistent link configuration.
582 \fB\fB-s\fR, \fB--statistics\fR\fR
586 Display link statistics.
592 \fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR
596 Used with the \fB-s\fR option to specify an interval, in seconds, at which
597 statistics should be displayed. If this option is not specified, statistics
598 will be displayed only once.
606 \fB\fBdladm rename-link\fR [\fB-R\fR \fIroot-dir\fR] \fIlink\fR
611 Rename \fIlink\fR to \fInew-link\fR. This is used to give a link a meaningful
612 name, or to associate existing link configuration such as link properties of a
613 removed device with a new device. See the \fBEXAMPLES\fR section for specific
614 examples of how this subcommand is used.
618 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
622 See "Options," above.
630 \fB\fBdladm delete-phys\fR \fIphys-link\fR\fR
634 This command is used to delete the persistent configuration of a link
635 associated with physical hardware which has been removed from the system. See
636 the \fBEXAMPLES\fR section.
642 \fB\fBdladm show-phys\fR [\fB-m\fR | \fB-H\fR | \fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]]
647 Show the physical device and attributes of all physical links, or of the named
648 physical link. Without \fB-P\fR, only physical links that are available on the
649 running system are displayed.
657 Show hardware resource usage, as returned by the NIC driver. Output from
658 \fB-H\fR displays the following elements:
666 A physical device corresponding to a NIC driver.
676 A collection of rings.
682 \fB\fBGROUPTYPE\fR\fR
686 RX or TX. All rings in a group are of the same group type.
696 A hardware resource used by a data link, subject to assignment by a driver to
707 MAC clients that are using the rings within a group.
719 Show MAC addresses and related information. Output from \fB-m\fR
720 displays the following elements:
728 A physical device corresponding to a NIC driver.
737 When a given physical device has multiple factory MAC addresses, this
738 indicates the slot of the corresponding MAC address which can be used as
739 part of a call to \fBcreate-vnic\fR.
748 Displays the MAC address of the device.
757 Displays whether or not a MAC Address is actively being used.
766 MAC clients that are using the address.
772 \fB\fB-o\fR \fIfield\fR, \fB--output\fR=\fIfield\fR\fR
776 A case-insensitive, comma-separated list of output fields to display. The field
777 name must be one of the fields listed below, or the special value \fBall\fR, to
778 display all fields. Note that if either \fB-H\fR or \fB-m\fR are specified, then
779 the valid options are those described in their respective sections. For each
780 link, the following fields can be displayed:
788 The name of the datalink.
798 The media type provided by the physical datalink.
808 The state of the link. This can be \fBup\fR, \fBdown\fR, or \fBunknown\fR.
818 The current speed of the link, in megabits per second.
828 For Ethernet links, the full/half duplex status of the link is displayed if the
829 link state is \fBup\fR. The duplex is displayed as \fBunknown\fR in all other
840 The name of the physical device under this link.
848 \fB\fB-p\fR, \fB--parsable\fR\fR
852 Display using a stable machine-parsable format. The \fB-o\fR option is
853 required with \fB-p\fR. See "Parsable Output Format", below.
859 \fB\fB-P\fR, \fB--persistent\fR\fR
863 This option displays persistent configuration for all links, including those
864 that have been removed from the system. The output provides a \fBFLAGS\fR
865 column in which the \fBr\fR flag indicates that the physical device associated
866 with a physical link has been removed. For such links, \fBdelete-phys\fR can be
867 used to purge the link's configuration from the system.
875 \fB\fBdladm create-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR
876 \fIpolicy\fR] [\fB-L\fR \fImode\fR] [\fB-T\fR \fItime\fR] [\fB-u\fR
877 \fIaddress\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...]
882 Combine a set of links into a single IEEE 802.3ad link aggregation named
883 \fIaggr-link\fR. The use of an integer \fIkey\fR to generate a link name for
884 the aggregation is also supported for backward compatibility. Many of the
885 \fB*\fR\fB-aggr\fR subcommands below also support the use of a \fIkey\fR to
886 refer to a given aggregation, but use of the aggregation link name is
887 preferred. See the \fBNOTES\fR section for more information on keys.
889 \fBdladm\fR supports a number of port selection policies for an aggregation of
890 ports. (See the description of the \fB-P\fR option, below.) If you do not
891 specify a policy, \fBcreate-aggr\fR uses the default, the L4 policy, described
892 under the \fB-P\fR option.
896 \fB\fB-l\fR \fIether-link\fR, \fB--link\fR=\fIether-link\fR\fR
900 Each Ethernet link (or port) in the aggregation is specified using an \fB-l\fR
901 option followed by the name of the link to be included in the aggregation.
902 Multiple links are included in the aggregation by specifying multiple \fB-l\fR
903 options. For backward compatibility with previous versions of Solaris, the
904 \fBdladm\fR command also supports the using the \fB-d\fR option (or
905 \fB--dev\fR) with a device name to specify links by their underlying device
906 name. The other \fB*\fR\fB-aggr\fR subcommands that take \fB-l\fRoptions also
913 \fB\fB-t\fR, \fB--temporary\fR\fR
917 Specifies that the aggregation is temporary. Temporary aggregations last until
924 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
928 See "Options," above.
934 \fB\fB-P\fR \fIpolicy\fR, \fB--policy\fR=\fIpolicy\fR\fR
942 Specifies the port selection policy to use for load spreading of outbound
943 traffic. The policy specifies which \fIdev\fR object is used to send packets. A
944 policy is a list of one or more layers specifiers separated by commas. A layer
945 specifier is one of the following:
953 Select outbound device according to source and destination \fBMAC\fR addresses
964 Select outbound device according to source and destination \fBIP\fR addresses
975 Select outbound device according to the upper layer protocol information
976 contained in the packet. For \fBTCP\fR and \fBUDP\fR, this includes source and
977 destination ports. For IPsec, this includes the \fBSPI\fR (Security Parameters
981 For example, to use upper layer protocol information, the following policy can
991 Note that policy L4 is the default.
993 To use the source and destination \fBMAC\fR addresses as well as the source and
994 destination \fBIP\fR addresses, the following policy can be used:
1008 \fB\fB-L\fR \fImode\fR, \fB--lacp-mode\fR=\fImode\fR\fR
1012 Specifies whether \fBLACP\fR should be used and, if used, the mode in which it
1013 should operate. Supported values are \fBoff\fR, \fBactive\fR or \fBpassive\fR.
1019 \fB\fB-T\fR \fItime\fR, \fB--lacp-timer\fR=\fItime\fR\fR
1027 Specifies the \fBLACP\fR timer value. The supported values are \fBshort\fR or
1034 \fB\fB-u\fR \fIaddress\fR, \fB--unicast\fR=\fIaddress\fR\fR
1038 Specifies a fixed unicast hardware address to be used for the aggregation. If
1039 this option is not specified, then an address is automatically chosen from the
1040 set of addresses of the component devices.
1048 \fB\fBdladm modify-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR
1049 \fIpolicy\fR] [\fB-L\fR \fImode\fR] [\fB-T\fR \fItime\fR] [\fB-u\fR
1050 \fIaddress\fR] \fIaggr-link\fR\fR
1054 Modify the parameters of the specified aggregation.
1058 \fB\fB-t\fR, \fB--temporary\fR\fR
1062 Specifies that the modification is temporary. Temporary aggregations last until
1069 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
1073 See "Options," above.
1079 \fB\fB-P\fR \fIpolicy\fR, \fB--policy\fR=\fIpolicy\fR\fR
1083 Specifies the port selection policy to use for load spreading of outbound
1084 traffic. See \fBdladm create-aggr\fR for a description of valid policy values.
1090 \fB\fB-L\fR \fImode\fR, \fB--lacp-mode\fR=\fImode\fR\fR
1094 Specifies whether \fBLACP\fR should be used and, if used, the mode in which it
1095 should operate. Supported values are \fBoff\fR, \fBactive\fR, or \fBpassive\fR.
1101 \fB\fB-T\fR \fItime\fR, \fB--lacp-timer\fR=\fItime\fR\fR
1109 Specifies the \fBLACP\fR timer value. The supported values are \fBshort\fR or
1116 \fB\fB-u\fR \fIaddress\fR, \fB--unicast\fR=\fIaddress\fR\fR
1120 Specifies a fixed unicast hardware address to be used for the aggregation. If
1121 this option is not specified, then an address is automatically chosen from the
1122 set of addresses of the component devices.
1130 \fB\fBdladm delete-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
1135 Deletes the specified aggregation.
1139 \fB\fB-t\fR, \fB--temporary\fR\fR
1143 Specifies that the deletion is temporary. Temporary deletions last until the
1150 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
1154 See "Options," above.
1162 \fB\fBdladm add-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR
1163 \fIether-link1\fR [\fB--link\fR=\fIether-link2\fR...] \fIaggr-link\fR\fR
1167 Adds links to the specified aggregation.
1171 \fB\fB-l\fR \fIether-link\fR, \fB--link\fR=\fIether-link\fR\fR
1175 Specifies an Ethernet link to add to the aggregation. Multiple links can be
1176 added by supplying multiple \fB-l\fR options.
1182 \fB\fB-t\fR, \fB--temporary\fR\fR
1186 Specifies that the additions are temporary. Temporary additions last until the
1193 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
1197 See "Options," above.
1205 \fB\fBdladm remove-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR
1206 \fIether-link1\fR [\fB--l\fR=\fIether-link2\fR...] \fIaggr-link\fR\fR
1210 Removes links from the specified aggregation.
1214 \fB\fB-l\fR \fIether-link\fR, \fB--link\fR=\fIether-link\fR\fR
1218 Specifies an Ethernet link to remove from the aggregation. Multiple links can
1219 be added by supplying multiple \fB-l\fR options.
1225 \fB\fB-t\fR, \fB--temporary\fR\fR
1229 Specifies that the removals are temporary. Temporary removal last until the
1236 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
1240 See "Options," above.
1248 \fB\fBdladm show-aggr\fR [\fB-PLx\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]]
1249 [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIaggr-link\fR]\fR
1253 Show aggregation configuration (the default), \fBLACP\fR information, or
1254 statistics, either for all aggregations or for the specified aggregation.
1256 By default (with no options), the following fields can be displayed:
1264 The name of the aggregation link.
1274 The LACP policy of the aggregation. See the \fBcreate-aggr\fR \fB-P\fR option
1275 for a description of the possible values.
1281 \fB\fBADDRPOLICY\fR\fR
1285 Either \fBauto\fR, if the aggregation is configured to automatically configure
1286 its unicast MAC address (the default if the \fB-u\fR option was not used to
1287 create or modify the aggregation), or \fBfixed\fR, if \fB-u\fR was used to set
1288 a fixed MAC address.
1294 \fB\fBLACPACTIVITY\fR\fR
1298 The LACP mode of the aggregation. Possible values are \fBoff\fR, \fBactive\fR,
1299 or \fBpassive\fR, as set by the \fB-l\fR option to \fBcreate-aggr\fR or
1306 \fB\fBLACPTIMER\fR\fR
1310 The LACP timer value of the aggregation as set by the \fB-T\fR option of
1311 \fBcreate-aggr\fR or \fBmodify-aggr\fR.
1321 A set of state flags associated with the aggregation. The only possible flag is
1322 \fBf\fR, which is displayed if the administrator forced the creation the
1323 aggregation using the \fB-f\fR option to \fBcreate-aggr\fR. Other flags might
1324 be defined in the future.
1327 The \fBshow-aggr\fR command accepts the following options:
1331 \fB\fB-L\fR, \fB--lacp\fR\fR
1335 Displays detailed \fBLACP\fR information for the aggregation link and each
1336 underlying port. Most of the state information displayed by this option is
1337 defined by IEEE 802.3. With this option, the following fields can be displayed:
1345 The name of the aggregation link.
1355 The name of one of the underlying aggregation ports.
1361 \fB\fBAGGREGATABLE\fR\fR
1365 Whether the port can be added to the aggregation.
1375 If \fByes\fR, the system considers the port to be synchronized and part of the
1386 If \fByes\fR, collection of incoming frames is enabled on the associated port.
1396 If \fByes\fR, distribution of outgoing frames is enabled on the associated
1403 \fB\fBDEFAULTED\fR\fR
1407 If \fByes\fR, the port is using defaulted partner information (that is, has not
1408 received LACP data from the LACP partner).
1418 If \fByes\fR, the receive state of the port is in the \fBEXPIRED\fR state.
1426 \fB\fB-x\fR, \fB--extended\fR\fR
1430 Display additional aggregation information including detailed information on
1431 each underlying port. With \fB-x\fR, the following fields can be displayed:
1439 The name of the aggregation link.
1449 The name of one of the underlying aggregation ports.
1459 The speed of the link or port in megabits per second.
1469 The full/half duplex status of the link or port is displayed if the link state
1470 is \fBup\fR. The duplex status is displayed as \fBunknown\fR in all other
1481 The link state. This can be \fBup\fR, \fBdown\fR, or \fBunknown\fR.
1491 The MAC address of the link or port.
1497 \fB\fBPORTSTATE\fR\fR
1501 This indicates whether the individual aggregation port is in the \fBstandby\fR
1502 or \fBattached\fR state.
1510 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR
1514 A case-insensitive, comma-separated list of output fields to display. The field
1515 name must be one of the fields listed above, or the special value \fBall\fR, to
1516 display all fields. The fields applicable to the \fB-o\fR option are limited to
1517 those listed under each output mode. For example, if using \fB-L\fR, only the
1518 fields listed under \fB-L\fR, above, can be used with \fB-o\fR.
1524 \fB\fB-p\fR, \fB--parsable\fR\fR
1528 Display using a stable machine-parsable format. The \fB-o\fR option is
1529 required with \fB-p\fR. See "Parsable Output Format", below.
1535 \fB\fB-P\fR, \fB--persistent\fR\fR
1539 Display the persistent aggregation configuration rather than the state of the
1546 \fB\fB-s\fR, \fB--statistics\fR\fR
1550 Displays aggregation statistics.
1556 \fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR
1560 Used with the \fB-s\fR option to specify an interval, in seconds, at which
1561 statistics should be displayed. If this option is not specified, statistics
1562 will be displayed only once.
1570 \fB\fBdladm create-bridge\fR [ \fB-P\fR \fIprotect\fR] [\fB-R\fR
1571 \fIroot-dir\fR] [ \fB-p\fR \fIpriority\fR] [ \fB-m\fR \fImax-age\fR] [ \fB-h\fR
1572 \fIhello-time\fR] [ \fB-d\fR \fIforward-delay\fR] [ \fB-f\fR
1573 \fIforce-protocol\fR] [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR
1577 Create an 802.1D bridge instance and optionally assign one or more network
1578 links to the new bridge. By default, no bridge instances are present on the
1581 In order to bridge between links, you must create at least one bridge instance.
1582 Each bridge instance is separate, and there is no forwarding connection between
1587 \fB\fB-P\fR \fIprotect\fR, \fB--protect\fR=\fIprotect\fR\fR
1591 Specifies a protection method. The defined protection methods are \fBstp\fR for
1592 the Spanning Tree Protocol and trill for \fBTRILL\fR, which is used on
1593 RBridges. The default value is \fBstp\fR.
1599 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
1603 See "Options," above.
1609 \fB\fB-p\fR \fIpriority\fR, \fB--priority\fR=\fIpriority\fR\fR
1613 Specifies the Bridge Priority. This sets the IEEE STP priority value for
1614 determining the root bridge node in the network. The default value is
1615 \fB32768\fR. Valid values are \fB0\fR (highest priority) to \fB61440\fR (lowest
1616 priority), in increments of 4096.
1618 If a value not evenly divisible by 4096 is used, the system silently rounds
1619 downward to the next lower value that is divisible by 4096.
1625 \fB\fB-m\fR \fImax-age\fR, \fB--max-age\fR=\fImax-age\fR\fR
1629 Specifies the maximum age for configuration information in seconds. This sets
1630 the STP Bridge Max Age parameter. This value is used for all nodes in the
1631 network if this node is the root bridge. Bridge link information older than
1632 this time is discarded. It defaults to 20 seconds. Valid values are from 6 to
1633 40 seconds. See the \fB-d\fR \fIforward-delay\fR parameter for additional
1640 \fB\fB-h\fR \fIhello-time\fR, \fB--hello-time\fR=\fIhello-time\fR\fR
1644 Specifies the STP Bridge Hello Time parameter. When this node is the root node,
1645 it sends Configuration BPDUs at this interval throughout the network. The
1646 default value is 2 seconds. Valid values are from 1 to 10 seconds. See the
1647 \fB-d\fR \fIforward-delay\fR parameter for additional constraints.
1653 \fB\fB-d\fR \fIforward-delay\fR, \fB--forward-delay\fR=\fIforward-delay\fR\fR
1657 Specifies the STP Bridge Forward Delay parameter. When this node is the root
1658 node, then all bridges in the network use this timer to sequence the link
1659 states when a port is enabled. The default value is 15 seconds. Valid values
1660 are from 4 to 30 seconds.
1662 Bridges must obey the following two constraints:
1666 2 * (\fIforward-delay\fR - 1.0) >= \fImax-age\fR
1668 \fImax-age\fR >= 2 * (\fIhello-time\fR + 1.0)
1673 Any parameter setting that would violate those constraints is treated as an
1674 error and causes the command to fail with a diagnostic message. The message
1675 provides valid alternatives to the supplied values.
1681 \fB\fB-f\fR \fIforce-protocol\fR,
1682 \fB--force-protocol\fR=\fIforce-protocol\fR\fR
1686 Specifies the MSTP forced maximum supported protocol. The default value is 3.
1687 Valid values are non-negative integers. The current implementation does not
1688 support RSTP or MSTP, so this currently has no effect. However, to prevent MSTP
1689 from being used in the future, the parameter may be set to \fB0\fR for STP only
1690 or \fB2\fR for STP and RSTP.
1696 \fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR
1700 Specifies one or more links to add to the newly-created bridge. This is similar
1701 to creating the bridge and then adding one or more links, as with the
1702 \fBadd-bridge\fR subcommand. However, if any of the links cannot be added, the
1703 entire command fails, and the new bridge itself is not created. To add multiple
1704 links on the same command line, repeat this option for each link. You are
1705 permitted to create bridges without links. For more information about link
1706 assignments, see the \fBadd-bridge\fR subcommand.
1709 Bridge creation and link assignment require the \fBPRIV_SYS_DL_CONFIG\fR
1710 privilege. Bridge creation might fail if the optional bridging feature is not
1711 installed on the system.
1717 \fB\fBdladm modify-bridge\fR [ \fB-P\fR \fIprotect\fR] [\fB-R\fR
1718 \fIroot-dir\fR] [ \fB-p\fR \fIpriority\fR] [ \fB-m\fR \fImax-age\fR] [ \fB-h\fR
1719 \fIhello-time\fR] [ \fB-d\fR \fIforward-delay\fR] [ \fB-f\fR
1720 \fIforce-protocol\fR] [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR
1724 Modify the operational parameters of an existing bridge. The options are the
1725 same as for the \fBcreate-bridge\fR subcommand, except that the \fB-l\fR option
1726 is not permitted. To add links to an existing bridge, use the \fBadd-bridge\fR
1729 Bridge parameter modification requires the \fBPRIV_SYS_DL_CONFIG\fR privilege.
1735 \fB\fBdladm delete-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fIbridge-name\fR\fR
1739 Delete a bridge instance. The bridge being deleted must not have any attached
1740 links. Use the \fBremove-bridge\fR subcommand to deactivate links before
1743 Bridge deletion requires the \fBPRIV_SYS_DL_CONFIG\fR privilege.
1745 The \fB-R\fR (\fB--root-dir\fR) option is the same as for the
1746 \fBcreate-bridge\fR subcommand.
1752 \fB\fBdladm add-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR
1753 [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR
1757 Add one or more links to an existing bridge. If multiple links are specified,
1758 and adding any one of them results in an error, the command fails and no
1759 changes are made to the system.
1761 Link addition to a bridge requires the \fBPRIV_SYS_DL_CONFIG\fR privilege.
1763 A link may be a member of at most one bridge. An error occurs when you attempt
1764 to add a link that already belongs to another bridge. To move a link from one
1765 bridge instance to another, remove it from the current bridge before adding it
1768 The links assigned to a bridge must not also be VLANs, VNICs, or tunnels. Only
1769 physical Ethernet datalinks, aggregation datalinks, wireless links, and
1770 Ethernet stubs are permitted to be assigned to a bridge.
1772 Links assigned to a bridge must all have the same MTU. This is checked when the
1773 link is assigned. The link is added to the bridge in a deactivated form if it
1774 is not the first link on the bridge and it has a differing MTU.
1776 Note that systems using bridging should not set the \fBeeprom\fR(8)
1777 \fBlocal-mac-address?\fR variable to false.
1779 The options are the same as for the \fBcreate-bridge\fR subcommand.
1785 \fB\fBdladm remove-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR
1786 [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR
1790 Remove one or more links from a bridge instance. If multiple links are
1791 specified, and removing any one of them would result in an error, the command
1792 fails and none are removed.
1794 Link removal from a bridge requires the \fBPRIV_SYS_DL_CONFIG\fR privilege.
1796 The options are the same as for the \fBcreate-bridge\fR subcommand.
1802 \fB\fBdladm show-bridge\fR [\fB-flt\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]]
1803 [[\fB-p\fR] \fB-o\fR \fIfield\fR,...] [\fIbridge-name\fR]\fR
1807 Show the running status and configuration of bridges, their attached links,
1808 learned forwarding entries, and \fBTRILL\fR nickname databases. When showing
1809 overall bridge status and configuration, the bridge name can be omitted to show
1810 all bridges. The other forms require a specified bridge.
1812 The show-bridge subcommand accepts the following options:
1816 \fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR
1820 Used with the \fB-s\fR option to specify an interval, in seconds, at which
1821 statistics should be displayed. If this option is not specified, statistics
1822 will be displayed only once.
1828 \fB\fB-s\fR, \fB--statistics\fR\fR
1832 Display statistics for the specified bridges or for a given bridge's attached
1833 links. This option cannot be used with the \fB-f\fR and \fB-t\fR options.
1839 \fB\fB-p\fR, \fB--parsable\fR\fR
1843 Display using a stable machine-parsable format. See "Parsable Output Format,"
1850 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR
1854 A case-insensitive, comma-separated list of output fields to display. The field
1855 names are described below. The special value all displays all fields. Each set
1856 of fields has its own default set to display when \fB-o\fR is not specified.
1859 By default, the \fBshow-bridge\fR subcommand shows bridge configuration. The
1860 following fields can be shown:
1868 The name of the bridge.
1878 The Bridge Unique Identifier value (MAC address).
1884 \fB\fBPRIORITY\fR\fR
1888 Configured priority value; set by \fB-p\fR with \fBcreate-bridge\fR and
1889 \fBmodify-bridge\fR.
1899 Configured bridge maximum age; set by \fB-m\fR with \fBcreate-bridge\fR and
1900 \fBmodify-bridge\fR.
1906 \fB\fBBHELLOTIME\fR\fR
1910 Configured bridge hello time; set by \fB-h\fR with \fBcreate-bridge\fR and
1911 \fBmodify-bridge\fR.
1917 \fB\fBBFWDDELAY\fR\fR
1921 Configured forwarding delay; set by \fB-d\fR with \fBcreate-bridge\fR and
1922 \fBmodify-bridge\fR.
1928 \fB\fBFORCEPROTO\fR\fR
1932 Configured forced maximum protocol; set by \fB-f\fR with \fBcreate-bridge\fR
1933 and \fBmodify-bridge\fR.
1943 Time, in seconds, since last topology change.
1953 Count of the number of topology changes.
1963 This indicates that a topology change was detected.
1973 Bridge Identifier of the root node.
1979 \fB\fBROOTCOST\fR\fR
1983 Cost of the path to the root node.
1989 \fB\fBROOTPORT\fR\fR
1993 Port number used to reach the root node.
2003 Maximum age value from the root node.
2009 \fB\fBHELLOTIME\fR\fR
2013 Hello time value from the root node.
2019 \fB\fBFWDDELAY\fR\fR
2023 Forward delay value from the root node.
2029 \fB\fBHOLDTIME\fR\fR
2033 Minimum BPDU interval.
2036 By default, when the \fB-o\fR option is not specified, only the \fBBRIDGE\fR,
2037 \fBADDRESS\fR, \fBPRIORITY\fR, and \fBDESROOT\fR fields are shown.
2039 When the \fB-s\fR option is specified, the \fBshow-bridge\fR subcommand shows
2040 bridge statistics. The following fields can be shown:
2058 Number of packets dropped due to resource problems.
2064 \fB\fBFORWARDS\fR\fR
2068 Number of packets forwarded from one link to another.
2078 Number of multicast and broadcast packets handled by the bridge.
2088 Number of packets received on all attached links.
2098 Number of packets sent on all attached links.
2108 Number of packets handled that have an unknown destination. Such packets are
2112 By default, when the \fB-o\fR option is not specified, only the \fBBRIDGE\fR,
2113 \fBDROPS\fR, and \fBFORWARDS\fR fields are shown.
2115 The \fBshow-bridge\fR subcommand also accepts the following options:
2119 \fB\fB-l\fR, \fB--link\fR\fR
2123 Displays link-related status and statistics information for all links attached
2124 to a single bridge instance. By using this option and without the \fB-s\fR
2125 option, the following fields can be displayed for each link:
2143 Port (link) index number on the bridge.
2153 State of the link. The state can be \fBdisabled\fR, \fBdiscarding\fR,
2154 \fBlearning\fR, \fBforwarding\fR, \fBnon-stp\fR, or \fBbad-mtu\fR.
2164 Number of seconds since the last reset or initialization.
2170 \fB\fBOPERCOST\fR\fR
2174 Actual cost in use (1-65535).
2184 This indicates whether point-to-point (\fBP2P\fR) mode been detected.
2190 \fB\fBOPEREDGE\fR\fR
2194 This indicates whether edge mode has been detected.
2204 The Root Bridge Identifier that has been seen on this port.
2214 Path cost to the network root node through the designated port.
2220 \fB\fBDESBRIDGE\fR\fR
2224 Bridge Identifier for this port.
2234 The ID and priority of the port used to transmit configuration messages for
2245 This indicates whether Topology Change Acknowledge has been seen.
2248 When the \fB-l\fR option is specified without the \fB-o\fR option, only the
2249 \fBLINK\fR, \fBSTATE\fR, \fBUPTIME\fR, and \fBDESROOT\fR fields are shown.
2251 When the \fB-l\fR option is specified, the \fB-s\fR option can be used to
2252 display the following fields for each link:
2270 Number of configuration BPDUs received.
2280 Number of topology change BPDUs received.
2286 \fB\fBRSTPBPDU\fR\fR
2290 Number of Rapid Spanning Tree BPDUs received.
2300 Number of BPDUs transmitted.
2310 Number of packets dropped due to resource problems.
2320 Number of packets received by the bridge.
2330 Number of packets sent by the bridge.
2333 When the \fB-o\fR option is not specified, only the \fBLINK\fR, \fBDROPS\fR,
2334 \fBRECV\fR, and \fBXMIT\fR fields are shown.
2340 \fB\fB-f\fR, \fB--forwarding\fR\fR
2344 Displays forwarding entries for a single bridge instance. With this option, the
2345 following fields can be shown for each forwarding entry:
2353 Destination MAC address.
2363 Age of entry in seconds and milliseconds. Omitted for local entries.
2373 The \fBL\fR (local) flag is shown if the MAC address belongs to an attached
2374 link or to a VNIC on one of the attached links.
2384 For local entries, this is the name of the attached link that has the MAC
2385 address. Otherwise, for bridges that use Spanning Tree Protocol, this is the
2386 output interface name. For RBridges, this is the output \fBTRILL\fR nickname.
2389 When the \fB-o\fR option is not specified, the \fBDEST\fR, \fBAGE\fR,
2390 \fBFLAGS\fR, and \fBOUTPUT\fR fields are shown.
2396 \fB\fB-t\fR, \fB--trill\fR\fR
2400 Displays \fBTRILL\fR nickname entries for a single bridge instance. With this
2401 option, the following fields can be shown for each \fBTRILL\fR nickname entry:
2409 \fBTRILL\fR nickname for this RBridge, which is a number from 1 to 65535.
2419 The \fBL\fR flag is shown if the nickname identifies the local system.
2429 Link name for output when sending messages to this RBridge.
2439 MAC address of the next hop RBridge that is used to reach the RBridge with this
2443 When the \fB-o\fR option is not specified, the \fBNICK\fR, \fBFLAGS\fR,
2444 \fBLINK\fR, and \fBNEXTHOP\fR fields are shown.
2452 \fB\fBdladm create-vlan\fR [\fB-ft\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR
2453 \fIether-link\fR \fB-v\fR \fIvid\fR [\fIvlan-link\fR]\fR
2457 Create a tagged VLAN link with an ID of \fIvid\fR over Ethernet link
2458 \fIether-link\fR. The name of the VLAN link can be specified as
2459 \fIvlan\fR-\fIlink\fR. If the name is not specified, a name will be
2460 automatically generated (assuming that \fIether-link\fR is \fIname\fR\fIPPA\fR)
2465 <\fIname\fR><1000 * \fIvlan-tag\fR + \fIPPA\fR>
2470 For example, if \fIether-link\fR is \fBbge1\fR and \fIvid\fR is 2, the name
2471 generated is \fBbge2001\fR.
2475 \fB\fB-f\fR, \fB--force\fR\fR
2479 Force the creation of the VLAN link. Some devices do not allow frame sizes
2480 large enough to include a VLAN header. When creating a VLAN link over such a
2481 device, the \fB-f\fR option is needed, and the MTU of the IP interfaces on the
2482 resulting VLAN must be set to 1496 instead of 1500.
2488 \fB\fB-l\fR \fIether-link\fR\fR
2492 Specifies Ethernet link over which VLAN is created.
2498 \fB\fB-t\fR, \fB--temporary\fR\fR
2502 Specifies that the VLAN link is temporary. Temporary VLAN links last until the
2509 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
2513 See "Options," above.
2521 \fB\fBdladm delete-vlan\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
2526 Delete the VLAN link specified.
2528 The \fBdelete-vlan\fR subcommand accepts the following options:
2532 \fB\fB-t\fR, \fB--temporary\fR\fR
2536 Specifies that the deletion is temporary. Temporary deletions last until the
2543 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
2547 See "Options," above.
2555 \fB\fBdladm show-vlan\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]]
2556 [\fIvlan-link\fR]\fR
2560 Display VLAN configuration for all VLAN links or for the specified VLAN link.
2562 The \fBshow-vlan\fR subcommand accepts the following options:
2566 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR
2570 A case-insensitive, comma-separated list of output fields to display. The field
2571 name must be one of the fields listed below, or the special value \fBall\fR, to
2572 display all fields. For each VLAN link, the following fields can be displayed:
2580 The name of the VLAN link.
2590 The ID associated with the VLAN.
2600 The name of the physical link over which this VLAN is configured.
2610 A set of flags associated with the VLAN link. Possible flags are:
2618 The VLAN was created using the \fB-f\fR option to \fBcreate-vlan\fR.
2628 The VLAN was implicitly created when the DLPI link was opened. These VLAN links
2629 are automatically deleted on last close of the DLPI link (for example, when the
2630 IP interface associated with the VLAN link is unplumbed).
2633 Additional flags might be defined in the future.
2641 \fB\fB-p\fR, \fB--parsable\fR\fR
2645 Display using a stable machine-parsable format. The \fB-o\fR option is
2646 required with \fB-p\fR. See "Parsable Output Format", below.
2652 \fB\fB-P\fR, \fB--persistent\fR\fR
2656 Display the persistent VLAN configuration rather than the state of the running
2665 \fB\fBdladm scan-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]]
2666 [\fIwifi-link\fR]\fR
2670 Scans for \fBWiFi\fR networks, either on all \fBWiFi\fR links, or just on the
2671 specified \fIwifi-link\fR.
2673 By default, currently all fields but \fBBSSTYPE\fR are displayed.
2677 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR
2681 A case-insensitive, comma-separated list of output fields to display. The field
2682 name must be one of the fields listed below, or the special value \fBall\fR to
2683 display all fields. For each \fBWiFi\fR network found, the following fields can
2692 The name of the link the \fBWiFi\fR network is on.
2702 The \fBESSID\fR (name) of the \fBWiFi\fR network.
2712 Either the hardware address of the \fBWiFi\fR network's Access Point (for
2713 \fBBSS\fR networks), or the \fBWiFi\fR network's randomly generated unique
2714 token (for \fBIBSS\fR networks).
2724 Either \fBnone\fR for a \fBWiFi\fR network that uses no security, \fBwep\fR for
2725 a \fBWiFi\fR network that requires WEP (Wired Equivalent Privacy), or \fBwpa\fR
2726 for a WiFi network that requires WPA (Wi-Fi Protected Access).
2736 The supported connection modes: one or more of \fBa\fR, \fBb\fR, or \fBg\fR.
2742 \fB\fBSTRENGTH\fR\fR
2746 The strength of the signal: one of \fBexcellent\fR, \fBvery good\fR,
2747 \fBgood\fR, \fBweak\fR, or \fBvery weak\fR.
2757 The maximum speed of the \fBWiFi\fR network, in megabits per second.
2767 Either \fBbss\fR for \fBBSS\fR (infrastructure) networks, or \fBibss\fR for
2768 \fBIBSS\fR (ad-hoc) networks.
2776 \fB\fB-p\fR, \fB--parsable\fR\fR
2780 Display using a stable machine-parsable format. The \fB-o\fR option is
2781 required with \fB-p\fR. See "Parsable Output Format", below.
2789 \fB\fBdladm connect-wifi\fR [\fB-e\fR \fIessid\fR] [\fB-i\fR \fIbssid\fR]
2790 [\fB-k\fR \fIkey\fR,...] [\fB-s\fR \fBnone\fR | \fBwep\fR | \fBwpa\fR]
2791 [\fB-a\fR \fBopen\fR|\fBshared\fR] [\fB-b\fR \fBbss\fR|\fBibss\fR] [\fB-c\fR]
2792 [\fB-m\fR \fBa\fR|\fBb\fR|\fBg\fR] [\fB-T\fR \fItime\fR] [\fIwifi-link\fR]\fR
2796 Connects to a \fBWiFi\fR network. This consists of four steps: \fIdiscovery\fR,
2797 \fIfiltration\fR, \fIprioritization\fR, and \fIassociation\fR. However, to
2798 enable connections to non-broadcast \fBWiFi\fR networks and to improve
2799 performance, if a \fBBSSID\fR or \fBESSID\fR is specified using the \fB-e\fR or
2800 \fB-i\fR options, then the first three steps are skipped and \fBconnect-wifi\fR
2801 immediately attempts to associate with a \fBBSSID\fR or \fBESSID\fR that
2802 matches the rest of the provided parameters. If this association fails, but
2803 there is a possibility that other networks matching the specified criteria
2804 exist, then the traditional discovery process begins as specified below.
2806 The discovery step finds all available \fBWiFi\fR networks on the specified
2807 WiFi link, which must not yet be connected. For administrative convenience, if
2808 there is only one \fBWiFi\fR link on the system, \fIwifi-link\fR can be
2811 Once discovery is complete, the list of networks is filtered according to the
2812 value of the following options:
2816 \fB\fB-e\fR \fIessid,\fR \fB--essid\fR=\fIessid\fR\fR
2820 Networks that do not have the same \fIessid\fR are filtered out.
2826 \fB\fB-b\fR \fBbss\fR|\fBibss\fR, \fB--bsstype\fR=\fBbss\fR|\fBibss\fR\fR
2830 Networks that do not have the same \fBbsstype\fR are filtered out.
2836 \fB\fB-m\fR \fBa\fR|\fBb\fR|\fBg\fR, \fB--mode\fR=\fBa\fR|\fBb\fR|\fBg\fR\fR
2840 Networks not appropriate for the specified 802.11 mode are filtered out.
2846 \fB\fB-k\fR \fIkey,...\fR, \fB--key\fR=\fIkey, ...\fR\fR
2850 Use the specified \fBsecobj\fR named by the key to connect to the network.
2851 Networks not appropriate for the specified keys are filtered out.
2857 \fB\fB-s\fR \fBnone\fR|\fBwep\fR|\fBwpa\fR,
2858 \fB--sec\fR=\fBnone\fR|\fBwep\fR|\fBwpa\fR\fR
2862 Networks not appropriate for the specified security mode are filtered out.
2865 Next, the remaining networks are prioritized, first by signal strength, and
2866 then by maximum speed. Finally, an attempt is made to associate with each
2867 network in the list, in order, until one succeeds or no networks remain.
2869 In addition to the options described above, the following options also control
2870 the behavior of \fBconnect-wifi\fR:
2874 \fB\fB-a\fR \fBopen\fR|\fBshared\fR, \fB--auth\fR=\fBopen\fR|\fBshared\fR\fR
2878 Connect using the specified authentication mode. By default, \fBopen\fR and
2879 \fBshared\fR are tried in order.
2885 \fB\fB-c\fR, \fB--create-ibss\fR\fR
2889 Used with \fB-b ibss\fR to create a new ad-hoc network if one matching the
2890 specified \fBESSID\fR cannot be found. If no \fBESSID\fR is specified, then
2891 \fB-c -b ibss\fR always triggers the creation of a new ad-hoc network.
2897 \fB\fB-T\fR \fItime\fR, \fB--timeout\fR=\fItime\fR\fR
2901 Specifies the number of seconds to wait for association to succeed. If
2902 \fItime\fR is \fBforever\fR, then the associate will wait indefinitely. The
2903 current default is ten seconds, but this might change in the future. Timeouts
2904 shorter than the default might not succeed reliably.
2910 \fB\fB-k\fR \fIkey,...\fR, \fB--key\fR=\fIkey,...\fR\fR
2914 In addition to the filtering previously described, the specified keys will be
2915 used to secure the association. The security mode to use will be based on the
2916 key class; if a security mode was explicitly specified, it must be compatible
2917 with the key class. All keys must be of the same class.
2919 For security modes that support multiple key slots, the slot to place the key
2920 will be specified by a colon followed by an index. Therefore, \fB-k mykey:3\fR
2921 places \fBmykey\fR in slot 3. By default, slot 1 is assumed. For security modes
2922 that support multiple keys, a comma-separated list can be specified, with the
2923 first key being the active key.
2931 \fB\fBdladm disconnect-wifi\fR [\fB-a\fR] [\fIwifi-link\fR]\fR
2935 Disconnect from one or more \fBWiFi\fR networks. If \fIwifi-link\fR specifies a
2936 connected \fBWiFi\fR link, then it is disconnected. For administrative
2937 convenience, if only one \fBWiFi\fR link is connected, \fIwifi-link\fR can be
2942 \fB\fB-a\fR, \fB--all-links\fR\fR
2946 Disconnects from all connected links. This is primarily intended for use by
2955 \fB\fBdladm show-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR,...]
2956 [\fIwifi-link\fR]\fR
2960 Shows \fBWiFi\fR configuration information either for all \fBWiFi\fR links or
2961 for the specified link \fIwifi-link\fR.
2965 \fB\fB-o\fR \fIfield,...\fR, \fB--output\fR=\fIfield\fR\fR
2969 A case-insensitive, comma-separated list of output fields to display. The field
2970 name must be one of the fields listed below, or the special value \fBall\fR, to
2971 display all fields. For each \fBWiFi\fR link, the following fields can be
2980 The name of the link being displayed.
2990 Either \fBconnected\fR if the link is connected, or \fBdisconnected\fR if it is
2991 not connected. If the link is disconnected, all remaining fields have the value
3002 The \fBESSID\fR (name) of the connected \fBWiFi\fR network.
3012 Either the hardware address of the \fBWiFi\fR network's Access Point (for
3013 \fBBSS\fR networks), or the \fBWiFi\fR network's randomly generated unique
3014 token (for \fBIBSS\fR networks).
3024 Either \fBnone\fR for a \fBWiFi\fR network that uses no security, \fBwep\fR for
3025 a \fBWiFi\fR network that requires WEP, or \fBwpa\fR for a WiFi network that
3036 The supported connection modes: one or more of \fBa\fR, \fBb\fR, or \fBg\fR.
3042 \fB\fBSTRENGTH\fR\fR
3046 The connection strength: one of \fBexcellent\fR, \fBvery good\fR, \fBgood\fR,
3047 \fBweak\fR, or \fBvery weak\fR.
3057 The connection speed, in megabits per second.
3067 Either \fBopen\fR or \fBshared\fR (see \fBconnect-wifi\fR).
3077 Either \fBbss\fR for \fBBSS\fR (infrastructure) networks, or \fBibss\fR for
3078 \fBIBSS\fR (ad-hoc) networks.
3081 By default, currently all fields but \fBAUTH\fR, \fBBSSID\fR, \fBBSSTYPE\fR are
3088 \fB\fB-p\fR, \fB--parsable\fR\fR
3092 Displays using a stable machine-parsable format. The \fB-o\fR option is
3093 required with \fB-p\fR. See "Parsable Output Format", below.
3101 \fB\fBdladm show-ether\fR [\fB-x\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR,...]
3102 [\fIether-link\fR]\fR
3106 Shows state information either for all physical Ethernet links or for a
3107 specified physical Ethernet link.
3109 The \fBshow-ether\fR subcommand accepts the following options:
3113 \fB\fB-o\fR \fIfield\fR,..., \fB--output\fR=\fIfield\fR\fR
3117 A case-insensitive, comma-separated list of output fields to display. The field
3118 name must be one of the fields listed below, or the special value \fBall\fR to
3119 display all fields. For each link, the following fields can be displayed:
3127 The name of the link being displayed.
3137 Parameter type, where \fBcurrent\fR indicates the negotiated state of the link,
3138 \fBcapable\fR indicates capabilities supported by the device, \fBadv\fR
3139 indicates the advertised capabilities, and \fBpeeradv\fR indicates the
3140 capabilities advertised by the link-partner.
3150 The state of the link.
3160 A \fByes\fR/\fBno\fR value indicating whether auto-negotiation is advertised.
3166 \fB\fBSPEED-DUPLEX\fR\fR
3170 Combinations of speed and duplex values available. The units of speed are
3171 encoded with a trailing suffix of \fBG\fR (Gigabits/s) or \fBM\fR (Mb/s).
3172 Duplex values are encoded as \fBf\fR (full-duplex) or \fBh\fR (half-duplex).
3182 Flow control information. Can be \fBno\fR, indicating no flow control is
3183 available; \fBtx\fR, indicating that the end-point can transmit pause frames,
3184 but ignores any received pause frames; \fBrx\fR, indicating that the end-point
3185 receives and acts upon received pause frames; or \fBbi\fR, indicating
3186 bi-directional flow-control.
3192 \fB\fBREM_FAULT\fR\fR
3196 Fault detection information. Valid values are \fBnone\fR or \fBfault\fR.
3199 By default, all fields except \fBREM_FAULT\fR are displayed for the "current"
3206 \fB\fB-p\fR, \fB--parsable\fR\fR
3210 Displays using a stable machine-parsable format. The \fB-o\fR option is
3211 required with \fB-p\fR. See "Parsable Output Format", below.
3217 \fB\fB-x\fR, \fB--extended\fR\fR
3221 Extended output is displayed for \fBPTYPE\fR values of \fBcurrent\fR,
3222 \fBcapable\fR, \fBadv\fR and \fBpeeradv\fR.
3230 \fB\fBdladm set-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-p\fR
3231 \fIprop\fR=\fIvalue\fR[,...] \fIlink\fR\fR
3235 Sets the values of one or more properties on the link specified. The list of
3236 properties and their possible values depend on the link type, the network
3237 device driver, and networking hardware. These properties can be retrieved using
3238 \fBshow-linkprop\fR.
3242 \fB\fB-t\fR, \fB--temporary\fR\fR
3246 Specifies that the changes are temporary. Temporary changes last until the next
3253 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3257 See "Options," above.
3263 \fB\fB-p\fR \fIprop\fR=\fIvalue\fR[,...], \fB--prop\fR
3264 \fIprop\fR=\fIvalue\fR[,...]\fR
3272 A comma-separated list of properties to set to the specified values.
3275 Note that when the persistent value is set, the temporary value changes to the
3282 \fB\fBdladm reset-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR
3283 \fIprop\fR,...] \fIlink\fR\fR
3287 Resets one or more properties to their values on the link specified. Properties
3288 are reset to the values they had at startup. If no properties are specified,
3289 all properties are reset. See \fBshow-linkprop\fR for a description of
3294 \fB\fB-t\fR, \fB--temporary\fR\fR
3298 Specifies that the resets are temporary. Values are reset to default values.
3299 Temporary resets last until the next reboot.
3305 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3309 See "Options," above.
3315 \fB\fB-p\fR \fIprop, ...\fR, \fB--prop\fR=\fIprop, ...\fR\fR
3319 A comma-separated list of properties to reset.
3322 Note that when the persistent value is reset, the temporary value changes to
3329 \fB\fBdladm show-linkprop\fR [\fB-P\fR] [[\fB-c\fR] \fB-o\fR
3330 \fIfield\fR[,...]][\fB-p\fR \fIprop\fR[,...]] [\fIlink\fR]\fR
3334 Show the current or persistent values of one or more properties, either for all
3335 datalinks or for the specified link. By default, current values are shown. If
3336 no properties are specified, all available link properties are displayed. For
3337 each property, the following fields are displayed:
3341 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR\fR
3345 A case-insensitive, comma-separated list of output fields to display. The field
3346 name must be one of the fields listed below, or the special value \fBall\fR to
3347 display all fields. For each link, the following fields can be displayed:
3355 The name of the datalink.
3361 \fB\fBPROPERTY\fR\fR
3365 The name of the property.
3375 The read/write permissions of the property. The value shown is one of \fBro\fR
3386 The current (or persistent) property value. If the value is not set, it is
3387 shown as \fB--\fR. If it is unknown, the value is shown as \fB?\fR. Persistent
3388 values that are not set or have been reset will be shown as \fB--\fR and will
3389 use the system \fBDEFAULT\fR value (if any).
3399 The default value of the property. If the property has no default value,
3406 \fB\fBPOSSIBLE\fR\fR
3410 A comma-separated list of the values the property can have. If the values span
3411 a numeric range, \fImin\fR - \fImax\fR might be shown as shorthand. If the
3412 possible values are unknown or unbounded, \fB--\fR is shown.
3415 The list of properties depends on the link type and network device driver, and
3416 the available values for a given property further depends on the underlying
3417 network hardware and its state. General link properties are documented in the
3418 \fBLINK PROPERTIES\fR section. However, link properties that begin with
3419 "\fB_\fR" (underbar) are specific to a given link or its underlying network
3420 device and subject to change or removal. See the appropriate network device
3421 driver man page for details.
3427 \fB\fB-c\fR, \fB--parsable\fR\fR
3431 Display using a stable machine-parsable format. The \fB-o\fR option is
3432 required with this option. See "Parsable Output Format", below.
3438 \fB\fB-P\fR, \fB--persistent\fR\fR
3442 Display persistent link property information
3448 \fB\fB-p\fR \fIprop, ...\fR, \fB--prop\fR=\fIprop, ...\fR\fR
3452 A comma-separated list of properties to show. See the sections on link
3453 properties following subcommand descriptions.
3461 \fB\fBdladm create-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-f\fR
3462 \fIfile\fR] \fB-c\fR \fIclass\fR \fIsecobj\fR\fR
3466 Create a secure object named \fIsecobj\fR in the specified \fIclass\fR to be
3467 later used as a WEP or WPA key in connecting to an encrypted network. The value
3468 of the secure object can either be provided interactively or read from a file.
3469 The sequence of interactive prompts and the file format depends on the class of
3472 Currently, the classes \fBwep\fR and \fBwpa\fR are supported. The \fBWEP\fR
3473 (Wired Equivalent Privacy) key can be either 5 or 13 bytes long. It can be
3474 provided either as an \fBASCII\fR or hexadecimal string -- thus, \fB12345\fR
3475 and \fB0x3132333435\fR are equivalent 5-byte keys (the \fB0x\fR prefix can be
3476 omitted). A file containing a \fBWEP\fR key must consist of a single line using
3477 either \fBWEP\fR key format. The WPA (Wi-Fi Protected Access) key must be
3478 provided as an ASCII string with a length between 8 and 63 bytes.
3480 This subcommand is only usable by users or roles that belong to the "Network
3481 Link Security" \fBRBAC\fR profile.
3485 \fB\fB-c\fR \fIclass\fR, \fB--class\fR=\fIclass\fR\fR
3489 \fIclass\fR can be \fBwep\fR or \fBwpa\fR. See preceding discussion.
3495 \fB\fB-t\fR, \fB--temporary\fR\fR
3499 Specifies that the creation is temporary. Temporary creation last until the
3506 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3510 See "Options," above.
3516 \fB\fB-f\fR \fIfile\fR, \fB--file\fR=\fIfile\fR\fR
3520 Specifies a file that should be used to obtain the secure object's value. The
3521 format of this file depends on the secure object class. See the \fBEXAMPLES\fR
3522 section for an example of using this option to set a \fBWEP\fR key.
3530 \fB\fBdladm delete-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
3531 \fIsecobj\fR[,...]\fR
3535 Delete one or more specified secure objects. This subcommand is only usable by
3536 users or roles that belong to the "Network Link Security" \fBRBAC\fR profile.
3540 \fB\fB-t\fR, \fB--temporary\fR\fR
3544 Specifies that the deletions are temporary. Temporary deletions last until the
3551 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3555 See "Options," above.
3563 \fB\fBdladm show-secobj\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]]
3564 [\fIsecobj\fR,...]\fR
3568 Show current or persistent secure object information. If one or more secure
3569 objects are specified, then information for each is displayed. Otherwise, all
3570 current or persistent secure objects are displayed.
3572 By default, current secure objects are displayed, which are all secure objects
3573 that have either been persistently created and not temporarily deleted, or
3574 temporarily created.
3576 For security reasons, it is not possible to show the value of a secure object.
3580 \fB\fB-o\fR \fIfield\fR[,...] , \fB--output\fR=\fIfield\fR[,...]\fR
3584 A case-insensitive, comma-separated list of output fields to display. The field
3585 name must be one of the fields listed below. For displayed secure object, the
3586 following fields can be shown:
3594 The name of the secure object.
3604 The class of the secure object.
3612 \fB\fB-p\fR, \fB--parsable\fR\fR
3616 Display using a stable machine-parsable format. The \fB-o\fR option is
3617 required with \fB-p\fR. See "Parsable Output Format", below.
3623 \fB\fB-P\fR, \fB--persistent\fR\fR
3627 Display persistent secure object information
3635 \fB\fBdladm create-vnic\fR [\fB-t\fR] \fB-l\fR \fIlink\fR [\fB-R\fR
3636 \fIroot-dir\fR] [\fB-m\fR \fIvalue\fR | auto | {factory [\fB-n\fR
3637 \fIslot-identifier\fR]} | {random [\fB-r\fR \fIprefix\fR]}] [\fB-v\fR
3638 \fIvlan-id\fR] [\fB-p\fR \fIprop\fR=\fIvalue\fR[,...]] \fIvnic-link\fR\fR
3642 Create a VNIC with name \fIvnic-link\fR over the specified link.
3646 \fB\fB-t\fR, \fB--temporary\fR\fR
3650 Specifies that the VNIC is temporary. Temporary VNICs last until the next
3657 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3661 See "Options," above.
3667 \fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR
3671 \fIlink\fR can be a physical link or an \fBetherstub\fR.
3677 \fB\fB-m\fR \fIvalue\fR | \fIkeyword\fR, \fB--mac-address\fR=\fIvalue\fR |
3682 Sets the VNIC's MAC address based on the specified value or keyword. If
3683 \fIvalue\fR is not a keyword, it is interpreted as a unicast MAC address, which
3684 must be valid for the underlying NIC. The following special keywords can be
3689 \fBfactory [\fB-n\fR \fIslot-identifier\fR],\fR
3693 \fBfactory [\fB--slot\fR=\fIslot-identifier\fR]\fR
3697 Assign a factory MAC address to the VNIC. When a factory MAC address is
3698 requested, \fB-m\fR can be combined with the \fB-n\fR option to specify a MAC
3699 address slot to be used. If \fB-n\fR is not specified, the system will choose
3700 the next available factory MAC address. The \fB-m\fR option of the
3701 \fBshow-phys\fR subcommand can be used to display the list of factory MAC
3702 addresses, their slot identifiers, and their availability.
3712 \fBrandom [\fB-r\fR \fIprefix\fR],\fR
3716 \fBrandom [\fB--mac-prefix\fR=\fIprefix\fR]\fR
3720 Assign a random MAC address to the VNIC. A default prefix consisting of a valid
3721 IEEE OUI with the local bit set will be used. That prefix can be overridden
3722 with the \fB-r\fR option.
3732 Try and use a factory MAC address first. If none is available, assign a random
3733 MAC address. \fBauto\fR is the default action if the \fB-m\fR option is not
3740 \fB\fB-v\fR \fIvlan-id\fR\fR
3744 Enable VLAN tagging for this VNIC. The VLAN tag will have id \fIvlan-id\fR.
3752 \fB\fB-p\fR \fIprop\fR=\fIvalue\fR,..., \fB--prop\fR
3753 \fIprop\fR=\fIvalue\fR,...\fR
3757 A comma-separated list of properties to set to the specified values.
3765 \fB\fBdladm delete-vnic\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
3770 Deletes the specified VNIC.
3774 \fB\fB-t\fR, \fB--temporary\fR\fR
3778 Specifies that the deletion is temporary. Temporary deletions last until the
3785 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3789 See "Options," above.
3797 \fB\fBdladm show-vnic\fR [\fB-pP\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]]
3798 [\fB-o\fR \fIfield\fR[,...]] [\fB-l\fR \fIlink\fR] [\fIvnic-link\fR]\fR
3802 Show VNIC configuration information (the default) or statistics, for all VNICs,
3803 all VNICs on a link, or only the specified \fIvnic-link\fR.
3807 \fB\fB-o\fR \fIfield\fR[,...] , \fB--output\fR=\fIfield\fR[,...]\fR
3811 A case-insensitive, comma-separated list of output fields to display. The field
3812 name must be one of the fields listed below. The field name must be one of the
3813 fields listed below, or the special value \fBall\fR to display all fields. By
3814 default (without \fB-o\fR), \fBshow-vnic\fR displays all fields.
3822 The name of the VNIC.
3832 The name of the physical link over which this VNIC is configured.
3842 The maximum speed of the VNIC, in megabits per second.
3848 \fB\fBMACADDRESS\fR\fR
3852 MAC address of the VNIC.
3858 \fB\fBMACADDRTYPE\fR\fR
3862 MAC address type of the VNIC. \fBdladm\fR distinguishes among the following MAC
3871 A random address assigned to the VNIC.
3881 A factory MAC address used by the VNIC.
3891 \fB\fB-p\fR, \fB--parsable\fR\fR
3895 Display using a stable machine-parsable format. The \fB-o\fR option is
3896 required with \fB-p\fR. See "Parsable Output Format", below.
3902 \fB\fB-P\fR, \fB--persistent\fR\fR
3906 Display the persistent VNIC configuration.
3912 \fB\fB-s\fR, \fB--statistics\fR\fR
3916 Displays VNIC statistics.
3922 \fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR
3926 Used with the \fB-s\fR option to specify an interval, in seconds, at which
3927 statistics should be displayed. If this option is not specified, statistics
3928 will be displayed only once.
3934 \fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR
3938 Display information for all VNICs on the named link.
3950 \fB\fBdladm create-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
3955 Create an etherstub with the specified name.
3959 \fB\fB-t\fR, \fB--temporary\fR\fR
3963 Specifies that the etherstub is temporary. Temporary etherstubs do not persist
3970 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
3974 See "Options," above.
3977 VNICs can be created on top of etherstubs instead of physical NICs. As with
3978 physical NICs, such a creation causes the stack to implicitly create a virtual
3979 switch between the VNICs created on top of the same etherstub.
3989 \fB\fBdladm delete-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
3994 Delete the specified etherstub.
3998 \fB\fB-t\fR, \fB--temporary\fR\fR
4002 Specifies that the deletion is temporary. Temporary deletions last until the
4009 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
4013 See "Options," above.
4021 \fB\fBdladm show-etherstub\fR [\fIetherstub\fR]\fR
4025 Show all configured etherstubs by default, or the specified etherstub if
4026 \fIetherstub\fR is specified.
4032 \fB\fBdladm create-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-T\fR
4033 \fItype\fR [-a {local|remote}=<addr>[,...]] \fIiptun-link\fR\fR
4037 Create an IP tunnel link named \fIiptun-link\fR. Such links can additionally be
4038 protected with IPsec using \fBipsecconf\fR(8).
4040 An IP tunnel is conceptually comprised of two parts: a virtual link between two
4041 or more IP nodes, and an IP interface above this link that allows the system to
4042 transmit and receive IP packets encapsulated by the underlying link. This
4043 subcommand creates a virtual link. The \fBifconfig\fR(8) command is used to
4044 configure IP interfaces above the link.
4048 \fB\fB-t\fR, \fB--temporary\fR\fR
4052 Specifies that the IP tunnel link is temporary. Temporary tunnels last until
4059 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
4063 See "Options," above.
4069 \fB\fB-T\fR \fItype\fR, \fB--tunnel-type\fR=\fItype\fR\fR
4073 Specifies the type of tunnel to be created. The type must be one of the
4082 A point-to-point, IP-over-IP tunnel between two IPv4 nodes. This type of tunnel
4083 requires IPv4 source and destination addresses to function. IPv4 and IPv6
4084 interfaces can be plumbed above such a tunnel to create IPv4-over-IPv4 and
4085 IPv6-over-IPv4 tunneling configurations.
4095 A point-to-point, IP-over-IP tunnel between two IPv6 nodes as defined in IETF
4096 RFC 2473. This type of tunnel requires IPv6 source and destination addresses to
4097 function. IPv4 and IPv6 interfaces can be plumbed above such a tunnel to create
4098 IPv4-over-IPv6 and IPv6-over-IPv6 tunneling configurations.
4108 A 6to4, point-to-multipoint tunnel as defined in IETF RFC 3056. This type of
4109 tunnel requires an IPv4 source address to function. An IPv6 interface is
4110 plumbed on such a tunnel link to configure a 6to4 router.
4118 \fB\fB-a\fR \fBlocal=\fR\fIaddr\fR
4122 Literal IP address or hostname corresponding to the tunnel source. If a
4123 hostname is specified, it will be resolved to IP addresses, and one of those IP
4124 addresses will be used as the tunnel source. Because IP tunnels are created
4125 before naming services have been brought online during the boot process, it is
4126 important that any hostname used be included in \fB/etc/hosts\fR.
4132 \fB\fB-a\fR \fBremote=\fR\fIaddr\fR
4136 Literal IP address or hostname corresponding to the tunnel destination.
4144 \fB\fBdladm modify-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
4145 [-a {local|remote}=<addr>[,...]] \fIiptun-link\fR\fR
4149 Modify the parameters of the specified IP tunnel.
4153 \fB\fB-t\fR, \fB--temporary\fR\fR
4157 Specifies that the modification is temporary. Temporary modifications last
4158 until the next reboot.
4164 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
4168 See "Options," above.
4174 \fB\fB-a\fR \fBlocal=\fR\fIaddr\fR
4178 Specifies a new tunnel source address. See \fBcreate-iptun\fR for a
4185 \fB\fB-a\fR \fBremote=\fR\fIaddr\fR
4189 Specifies a new tunnel destination address. See \fBcreate-iptun\fR for a
4198 \fB\fBdladm delete-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR]
4203 Delete the specified IP tunnel link.
4207 \fB\fB-t\fR, \fB--temporary\fR\fR
4211 Specifies that the deletion is temporary. Temporary deletions last until the
4218 \fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR
4222 See "Options," above.
4230 \fB\fBdladm show-iptun\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]]
4231 [\fIiptun-link\fR]\fR
4235 Show IP tunnel link configuration for a single IP tunnel or all IP tunnels.
4239 \fB\fB-P\fR, \fB--persistent\fR\fR
4243 Display the persistent IP tunnel configuration.
4249 \fB\fB-p\fR, \fB--parsable\fR\fR
4253 Display using a stable machine-parsable format. The -o option is required with
4254 -p. See "Parsable Output Format", below.
4260 \fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR
4264 A case-insensitive, comma-separated list of output fields to display. The field
4265 name must be one of the fields listed below, or the special value \fBall\fR, to
4266 display all fields. By default (without \fB-o\fR), \fBshow-iptun\fR displays
4275 The name of the IP tunnel link.
4285 Type of tunnel as specified by the \fB-T\fR option of \fBcreate-iptun\fR.
4295 A set of flags associated with the IP tunnel link. Possible flags are:
4303 The IP tunnel link is protected by IPsec policy. To display the IPsec policy
4304 associated with the tunnel link, enter:
4308 # \fBipsecconf -ln -i \fItunnel-link\fR\fR
4313 See \fBipsecconf\fR(8) for more details on how to configure IPsec policy.
4323 The IP tunnel link was implicitly created with \fBifconfig\fR(8), and will be
4324 automatically deleted when it is no longer referenced (that is, when the last
4325 IP interface over the tunnel is unplumbed). See \fBifconfig\fR(8) for details
4326 on implicit tunnel creation.
4338 The tunnel source address.
4344 \fB\fBDESTINATION\fR\fR
4348 The tunnel destination address.
4358 \fB\fBdladm show-usage\fR [\fB-a\fR] \fB-f\fR \fIfilename\fR [\fB-p\fR
4359 \fIplotfile\fR \fB-F\fR \fIformat\fR] [\fB-s\fR \fItime\fR] [\fB-e\fR
4360 \fItime\fR] [\fIlink\fR]\fR
4364 Show the historical network usage from a stored extended accounting file.
4365 Configuration and enabling of network accounting through \fBacctadm\fR(8) is
4366 required. The default output will be the summary of network usage for the
4367 entire period of time in which extended accounting was enabled.
4375 Display all historical network usage for the specified period of time during
4376 which extended accounting is enabled. This includes the usage information for
4377 the links that have already been deleted.
4383 \fB\fB-f\fR \fIfilename\fR, \fB--file\fR=\fIfilename\fR\fR
4387 Read extended accounting records of network usage from \fIfilename\fR.
4393 \fB\fB-F\fR \fIformat\fR, \fB--format\fR=\fIformat\fR\fR
4397 Specifies the format of \fIplotfile\fR that is specified by the \fB-p\fR
4398 option. As of this release, \fBgnuplot\fR is the only supported format.
4404 \fB\fB-p\fR \fIplotfile\fR, \fB--plot\fR=\fIplotfile\fR\fR
4408 Write network usage data to a file of the format specified by the \fB-F\fR
4409 option, which is required.
4415 \fB\fB-s\fR \fItime\fR, \fB--start\fR=\fItime\fR\fR
4419 \fB\fB-e\fR \fItime\fR, \fB--stop\fR=\fItime\fR\fR
4423 Start and stop times for data display. Time is in the format
4424 \fIMM\fR/\fIDD\fR/\fIYYYY\fR,\fIhh\fR:\fImm\fR:\fIss\fR.
4434 If specified, display the network usage only for the named link. Otherwise,
4435 display network usage for all links.
4440 .SS "Parsable Output Format"
4442 Many \fBdladm\fR subcommands have an option that displays output in a
4443 machine-parsable format. The output format is one or more lines of colon
4444 (\fB:\fR) delimited fields. The fields displayed are specific to the subcommand
4445 used and are listed under the entry for the \fB-o\fR option for a given
4446 subcommand. Output includes only those fields requested by means of the
4447 \fB-o\fR option, in the order requested.
4450 When you request multiple fields, any literal colon characters are escaped by a
4451 backslash (\fB\e\fR) before being output. Similarly, literal backslash
4452 characters will also be escaped (\fB\e\e\fR). This escape format is parsable
4453 by using shell \fBread\fR(1) functions with the environment variable
4454 \fBIFS=:\fR (see \fBEXAMPLES\fR, below). Note that escaping is not done when
4455 you request only a single field.
4456 .SS "General Link Properties"
4458 The following general link properties are supported:
4462 \fB\fBallowed-ips\fR\fR
4466 A comma-separated list of IP addresses that are allowed on the interface.
4468 An address in CIDR format with no host address specified is used to indicate
4469 that any address on that subnet is allowed (e.g. 192.168.10.0/24 means any
4470 address in the range 192.168.10.0 - 192.168.10.255 is allowed).
4476 \fB\fBautopush\fR\fR
4480 Specifies the set of STREAMS modules to push on the stream associated with a
4481 link when its DLPI device is opened. It is a space-delimited list of modules.
4483 The optional special character sequence \fB[anchor]\fR indicates that a STREAMS
4484 anchor should be placed on the stream at the module previously specified in the
4485 list. It is an error to specify more than one anchor or to have an anchor first
4488 The \fBautopush\fR property is preferred over the more general
4489 \fBautopush\fR(8) command.
4499 Bind the processing of packets for a given data link to a processor or a set of
4500 processors. The value can be a comma-separated list of one or more processor
4501 ids. If the list consists of more than one processor, the processing will
4502 spread out to all the processors. Connection to processor affinity and packet
4503 ordering for any individual connection will be maintained.
4505 The processor or set of processors are not exclusively reserved for the link.
4506 Only the kernel threads and interrupts associated with processing of the link
4507 are bound to the processor or the set of processors specified. In case it is
4508 desired that processors be dedicated to the link, \fBpsrset\fR(8) can be used
4509 to create a processor set and then specifying the processors from the processor
4510 set to bind the link to.
4512 If the link was already bound to processor or set of processors due to a
4513 previous operation, the binding will be removed and the new set of processors
4514 will be used instead.
4516 The default is no CPU binding, which is to say that the processing of packets
4517 is not bound to any specific processor or processor set.
4523 \fB\fBlearn_limit\fR\fR
4527 Limits the number of new or changed MAC sources to be learned over a bridge
4528 link. When the number exceeds this value, learning on that link is temporarily
4529 disabled. Only non-VLAN, non-VNIC type links have this property.
4531 The default value is \fB1000\fR. Valid values are greater or equal to 0.
4537 \fB\fBlearn_decay\fR\fR
4541 Specifies the decay rate for source changes limited by \fBlearn_limit\fR. This
4542 number is subtracted from the counter for a bridge link every 5 seconds. Only
4543 non-VLAN, non-VNIC type links have this property.
4545 The default value is \fB200\fR. Valid values are greater or equal to 0.
4555 Sets the full duplex bandwidth for the link. The bandwidth is specified as an
4556 integer with one of the scale suffixes (\fBK\fR, \fBM\fR, or \fBG\fR for Kbps,
4557 Mbps, and Gbps). If no units are specified, the input value will be read as
4558 Mbps. The default is no bandwidth limit.
4564 \fB\fBpriority\fR\fR
4568 Sets the relative priority for the link. The value can be given as one of the
4569 tokens \fBhigh\fR, \fBmedium\fR, or \fBlow\fR. The default is \fBhigh\fR.
4579 Enables or disables Spanning Tree Protocol on a bridge link. Setting this value
4580 to \fB0\fR disables Spanning Tree, and puts the link into forwarding mode with
4581 BPDU guarding enabled. This mode is appropriate for point-to-point links
4582 connected only to end nodes. Only non-VLAN, non-VNIC type links have this
4583 property. The default value is \fB1\fR, to enable STP.
4593 Enables or disables forwarding for a VLAN. Setting this value to \fB0\fR
4594 disables bridge forwarding for a VLAN link. Disabling bridge forwarding removes
4595 that VLAN from the "allowed set" for the bridge. The default value is \fB1\fR,
4596 to enable bridge forwarding for configured VLANs.
4602 \fB\fBdefault_tag\fR\fR
4606 Sets the default VLAN ID that is assumed for untagged packets sent to and
4607 received from this link. Only non-VLAN, non-VNIC type links have this property.
4608 Setting this value to \fB0\fR disables the bridge forwarding of untagged
4609 packets to and from the port. The default value is \fBVLAN ID 1\fR. Valid
4610 values values are from 0 to 4094.
4616 \fB\fBpromisc-filtered\fR\fR
4620 Enables or disables the default filtering of promiscuous mode for certain
4621 classes of links. By default, VNICs will only see unicast traffic destined for it
4622 in promiscuous mode. Not all the unicast traffic from the underlying device
4623 makes it to the VNIC. Disabling this would cause a VNIC, for example, to be able
4624 to see all unicast traffic from the device it is created over. The default value
4631 \fB\fBstp_priority\fR\fR
4635 Sets the STP and RSTP Port Priority value, which is used to determine the
4636 preferred root port on a bridge. Lower numerical values are higher priority.
4637 The default value is \fB128\fR. Valid values range from 0 to 255.
4643 \fB\fBstp_cost\fR\fR
4647 Sets the STP and RSTP cost for using the link. The default value is \fBauto\fR,
4648 which sets the cost based on link speed, using \fB100\fR for 10Mbps, \fB19\fR
4649 for 100Mbps, \fB4\fR for 1Gbps, and \fB2\fR for 10Gbps. Valid values range from
4656 \fB\fBstp_edge\fR\fR
4660 Enables or disables bridge edge port detection. If set to \fB0\fR (false), the
4661 system assumes that the port is connected to other bridges even if no bridge
4662 PDUs of any type are seen. The default value is \fB1\fR, which detects edge
4663 ports automatically.
4673 Sets bridge point-to-point operation mode. Possible values are \fBtrue\fR,
4674 \fBfalse\fR, and \fBauto\fR. When set to \fBauto\fR, point-to-point connections
4675 are automatically discovered. When set to \fBtrue\fR, the port mode is forced
4676 to use point-to-point. When set to \fBfalse\fR, the port mode is forced to use
4677 normal multipoint mode. The default value is \fBauto\fR.
4683 \fB\fBstp_mcheck\fR\fR
4687 Triggers the system to run the RSTP \fBForce BPDU Migration Check\fR procedure
4688 on this link. The procedure is triggered by setting the property value to
4689 \fB1\fR. The property is automatically reset back to \fB0\fR. This value cannot
4690 be set unless the following are true:
4701 The bridge is protected by Spanning Tree
4707 The bridge \fBforce-protocol\fR value is at least 2 (RSTP)
4709 The default value is 0.
4719 Specifies the zone to which the link belongs. This property can be modified
4720 only temporarily through \fBdladm\fR, and thus the \fB-t\fR option must be
4721 specified. To modify the zone assignment such that it persists across reboots,
4722 please use \fBzonecfg\fR(8). Possible values consist of any exclusive-IP zone
4723 currently running on the system. By default, the zone binding is as per
4727 .SS "Wifi Link Properties"
4729 The following \fBWiFi\fR link properties are supported. Note that the ability
4730 to set a given property to a given value depends on the driver and hardware.
4738 Specifies the channel to use. This property can be modified only by certain
4739 \fBWiFi\fR links when in \fBIBSS\fR mode. The default value and allowed range
4740 of values varies by regulatory domain.
4746 \fB\fBpowermode\fR\fR
4750 Specifies the power management mode of the \fBWiFi\fR link. Possible values are
4751 \fBoff\fR (disable power management), \fBmax\fR (maximum power savings), and
4752 \fBfast\fR (performance-sensitive power management). Default is \fBoff\fR.
4762 Specifies the radio mode of the \fBWiFi\fR link. Possible values are \fBon\fR
4763 or \fBoff\fR. Default is \fBon\fR.
4773 Specifies a fixed speed for the \fBWiFi\fR link, in megabits per second. The
4774 set of possible values depends on the driver and hardware (but is shown by
4775 \fBshow-linkprop\fR); common speeds include 1, 2, 11, and 54. By default, there
4779 .SS "Ethernet Link Properties"
4781 The following MII Properties, as documented in \fBieee802.3\fR(5), are
4782 supported in read-only mode:
4799 \fBadv_autoneg_cap\fR
4805 \fBadv_10gfdx_cap\fR
4811 \fBadv_1000fdx_cap\fR
4817 \fBadv_1000hdx_cap\fR
4823 \fBadv_100fdx_cap\fR
4829 \fBadv_100hdx_cap\fR
4845 Each \fBadv_\fR property (for example, \fBadv_10fdx_cap\fR) also has a
4846 read/write counterpart \fBen_\fR property (for example, \fBen_10fdx_cap\fR)
4847 controlling parameters used at auto-negotiation. In the absence of Power
4848 Management, the \fBadv\fR* speed/duplex parameters provide the values that are
4849 both negotiated and currently effective in hardware. However, with Power
4850 Management enabled, the speed/duplex capabilities currently exposed in hardware
4851 might be a subset of the set of bits that were used in initial link parameter
4852 negotiation. Thus the MII \fBadv_\fR* parameters are marked read-only, with an
4853 additional set of \fBen_\fR* parameters for configuring speed and duplex
4854 properties at initial negotiation.
4857 Note that the \fBadv_autoneg_cap\fR does not have an \fBen_autoneg_cap\fR
4858 counterpart: the \fBadv_autoneg_cap\fR is a 0/1 switch that turns off/on
4859 auto-negotiation itself, and therefore cannot be impacted by Power Management.
4862 In addition, the following Ethernet properties are reported:
4870 (read-only) The operating speed of the device, in Mbps.
4880 The maximum client SDU (Send Data Unit) supported by the device. Valid range is
4887 \fB\fBflowctrl\fR\fR
4891 Establishes flow-control modes that will be advertised by the device. Valid
4900 No flow control enabled.
4910 Receive, and act upon incoming pause frames.
4920 Transmit pause frames to the peer when congestion occurs, but ignore received
4931 Bidirectional flow control.
4934 Note that the actual settings for this value are constrained by the
4935 capabilities allowed by the device and the link partner.
4941 \fB\fBsecondary-macs\fR\fR
4945 A comma-separated list of additional MAC addresses that are allowed on the
4956 This link property controls the conditions in which 802.1Q VLAN tags will be
4957 inserted in packets being transmitted on the link. Two mode values can be
4958 assigned to this property:
4965 Insert a VLAN tag in outgoing packets under the following conditions:
4970 The packet belongs to a VLAN.
4976 The user requested priority tagging.
4983 \fB\fBvlanonly\fR\fR
4986 Insert a VLAN tag only when the outgoing packet belongs to a VLAN. If a tag is
4987 being inserted in this mode and the user has also requested a non-zero
4988 priority, the priority is honored and included in the VLAN tag.
4991 The default value is \fBvlanonly\fR.
4994 .SS "IP Tunnel Link Properties"
4996 The following IP tunnel link properties are supported.
5000 \fB\fBhoplimit\fR\fR
5004 Specifies the IPv4 TTL or IPv6 hop limit for the encapsulating outer IP header
5005 of a tunnel link. This property exists for all tunnel types. The default value
5012 \fB\fBencaplimit\fR\fR
5016 Specifies the IPv6 encapsulation limit for an IPv6 tunnel as defined in RFC
5017 2473. This value is the tunnel nesting limit for a given tunneled packet. The
5018 default value is 4. A value of 0 disables the encapsulation limit.
5023 \fBExample 1 \fRConfiguring an Aggregation
5026 To configure a data-link over an aggregation of devices \fBbge0\fR and
5027 \fBbge1\fR with key 1, enter the following command:
5032 # \fBdladm create-aggr -d bge0 -d bge1 1\fR
5038 \fBExample 2 \fRConnecting to a WiFi Link
5041 To connect to the most optimal available unsecured network on a system with a
5042 single \fBWiFi\fR link (as per the prioritization rules specified for
5043 \fBconnect-wifi\fR), enter the following command:
5048 # \fBdladm connect-wifi\fR
5054 \fBExample 3 \fRCreating a WiFi Key
5057 To interactively create the \fBWEP\fR key \fBmykey\fR, enter the following
5063 # \fBdladm create-secobj -c wep mykey\fR
5070 Alternatively, to non-interactively create the \fBWEP\fR key \fBmykey\fR using
5071 the contents of a file:
5077 # \fBcat >/tmp/mykey.$$ <<EOF\fR
5080 # \fBdladm create-secobj -c wep -f /tmp/mykey.$$ mykey\fR
5081 # \fBrm /tmp/mykey.$$\fR
5087 \fBExample 4 \fRConnecting to a Specified Encrypted WiFi Link
5090 To use key \fBmykey\fR to connect to \fBESSID\fR \fBwlan\fR on link \fBath0\fR,
5091 enter the following command:
5096 # \fBdladm connect-wifi -k mykey -e wlan ath0\fR
5102 \fBExample 5 \fRChanging a Link Property
5105 To set \fBpowermode\fR to the value \fBfast\fR on link \fBpcwl0\fR, enter the
5111 # \fBdladm set-linkprop -p powermode=fast pcwl0\fR
5117 \fBExample 6 \fRConnecting to a WPA-Protected WiFi Link
5120 Create a WPA key \fBpsk\fR and enter the following command:
5125 # \fBdladm create-secobj -c wpa psk\fR
5132 To then use key \fBpsk\fR to connect to ESSID \fBwlan\fR on link \fBath0\fR,
5133 enter the following command:
5138 # \fBdladm connect-wifi -k psk -e wlan ath0\fR
5144 \fBExample 7 \fRRenaming a Link
5147 To rename the \fBbge0\fR link to \fBmgmt0\fR, enter the following command:
5152 # \fBdladm rename-link bge0 mgmt0\fR
5158 \fBExample 8 \fRReplacing a Network Card
5161 Consider that the \fBbge0\fR device, whose link was named \fBmgmt0\fR as shown
5162 in the previous example, needs to be replaced with a \fBce0\fR device because
5163 of a hardware failure. The \fBbge0\fR NIC is physically removed, and replaced
5164 with a new \fBce0\fR NIC. To associate the newly added \fBce0\fR device with
5165 the \fBmgmt0\fR configuration previously associated with \fBbge0\fR, enter the
5171 # \fBdladm rename-link ce0 mgmt0\fR
5177 \fBExample 9 \fRRemoving a Network Card
5180 Suppose that in the previous example, the intent is not to replace the
5181 \fBbge0\fR NIC with another NIC, but rather to remove and not replace the
5182 hardware. In that case, the \fBmgmt0\fR datalink configuration is not slated to
5183 be associated with a different physical device as shown in the previous
5184 example, but needs to be deleted. Enter the following command to delete the
5185 datalink configuration associated with the \fBmgmt0\fR datalink, whose physical
5186 hardware (\fBbge0\fR in this case) has been removed:
5191 # \fBdladm delete-phys mgmt0\fR
5197 \fBExample 10 \fRUsing Parsable Output to Capture a Single Field
5200 The following assignment saves the MTU of link \fBnet0\fR to a variable named
5206 # \fBmtu=`dladm show-link -p -o mtu net0`\fR
5212 \fBExample 11 \fRUsing Parsable Output to Iterate over Links
5215 The following script displays the state of each link on the system.
5220 # \fBdladm show-link -p -o link,state | while IFS=: read link state; do
5221 print "Link $link is in state $state"
5228 \fBExample 12 \fRConfiguring VNICs
5231 Create two VNICs with names \fBhello0\fR and \fBtest1\fR over a single physical
5237 # \fBdladm create-vnic -l bge0 hello0\fR
5238 # \fBdladm create-vnic -l bge0 test1\fR
5244 \fBExample 13 \fRConfiguring VNICs and Allocating Bandwidth and Priority
5247 Create two VNICs with names \fBhello0\fR and \fBtest1\fR over a single physical
5248 link \fBbge0\fR and make \fBhello0\fR a high priority VNIC with a
5249 factory-assigned MAC address with a maximum bandwidth of 50 Mbps. Make
5250 \fBtest1\fR a low priority VNIC with a random MAC address and a maximum
5251 bandwidth of 100Mbps.
5256 # \fBdladm create-vnic -l bge0 -m factory -p maxbw=50,priority=high hello0\fR
5257 # \fBdladm create-vnic -l bge0 -m random -p maxbw=100M,priority=low test1\fR
5263 \fBExample 14 \fRConfiguring a VNIC with a Factory MAC Address
5266 First, list the available factory MAC addresses and choose one of them:
5271 # \fBdladm show-phys -m bge0\fR
5272 LINK SLOT ADDRESS INUSE CLIENT
5273 bge0 primary 0:e0:81:27:d4:47 yes bge0
5274 bge0 1 8:0:20:fe:4e:a5 no
5275 bge0 2 8:0:20:fe:4e:a6 no
5276 bge0 3 8:0:20:fe:4e:a7 no
5283 Create a VNIC named \fBhello0\fR and use slot 1's address:
5288 # \fBdladm create-vnic -l bge0 -m factory -n 1 hello0\fR
5289 # \fBdladm show-phys -m bge0\fR
5290 LINK SLOT ADDRESS INUSE CLIENT
5291 bge0 primary 0:e0:81:27:d4:47 yes bge0
5292 bge0 1 8:0:20:fe:4e:a5 yes hello0
5293 bge0 2 8:0:20:fe:4e:a6 no
5294 bge0 3 8:0:20:fe:4e:a7 no
5300 \fBExample 15 \fRCreating a VNIC with User-Specified MAC Address, Binding it to
5304 Create a VNIC with name \fBhello0\fR, with a user specified MAC address, and a
5305 processor binding \fB0, 1, 2, 3\fR.
5310 # \fBdladm create-vnic -l bge0 -m 8:0:20:fe:4e:b8 -p cpus=0,1,2,3 hello0\fR
5316 \fBExample 16 \fRCreating a Virtual Network Without a Physical NIC
5319 First, create an etherstub with name \fBstub1\fR:
5324 # \fBdladm create-etherstub stub1\fR
5331 Create two VNICs with names \fBhello0\fR and \fBtest1\fR on the etherstub. This
5332 operation implicitly creates a virtual switch connecting \fBhello0\fR and
5338 # \fBdladm create-vnic -l stub1 hello0\fR
5339 # \fBdladm create-vnic -l stub1 test1\fR
5345 \fBExample 17 \fRShowing Network Usage
5348 Network usage statistics can be stored using the extended accounting facility,
5354 # \fBacctadm -e basic -f /var/log/net.log net\fR
5356 Network accounting: active
5357 Network accounting file: /var/log/net.log
5358 Tracked Network resources: basic
5359 Untracked Network resources: src_ip,dst_ip,src_port,dst_port,protocol,
5367 The saved historical data can be retrieved in summary form using the
5368 \fBshow-usage\fR subcommand:
5373 # \fBdladm show-usage -f /var/log/net.log\fR
5374 LINK DURATION IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH
5375 e1000g0 80 1031 546908 0 0 2.44 Kbps
5381 \fBExample 18 \fRDisplaying Bridge Information
5384 The following commands use the \fBshow-bridge\fR subcommand with no and various
5390 # \fBdladm show-bridge\fR
5391 BRIDGE PROTECT ADDRESS PRIORITY DESROOT
5392 foo stp 32768/8:0:20:bf:f 32768 8192/0:d0:0:76:14:38
5393 bar stp 32768/8:0:20:e5:8 32768 8192/0:d0:0:76:14:38
5395 # \fBdladm show-bridge -l foo\fR
5396 LINK STATE UPTIME DESROOT
5397 hme0 forwarding 117 8192/0:d0:0:76:14:38
5398 qfe1 forwarding 117 8192/0:d0:0:76:14:38
5400 # \fBdladm show-bridge -s foo\fR
5401 BRIDGE DROPS FORWARDS
5404 # \fBdladm show-bridge -ls foo\fR
5405 LINK DROPS RECV XMIT
5407 qfe1 0 322311 356852
5409 # \fBdladm show-bridge -f foo\fR
5410 DEST AGE FLAGS OUTPUT
5411 8:0:20:bc:a7:dc 10.860 -- hme0
5412 8:0:20:bf:f9:69 -- L hme0
5413 8:0:20:c0:20:26 17.420 -- hme0
5414 8:0:20:e5:86:11 -- L qfe1
5420 \fBExample 19 \fRCreating an IPv4 Tunnel
5423 The following sequence of commands creates and then displays a persistent IPv4
5424 tunnel link named \fBmytunnel0\fR between 66.1.2.3 and 192.4.5.6:
5429 # \fBdladm create-iptun -T ipv4 -s 66.1.2.3 -d 192.4.5.6 mytunnel0\fR
5430 # \fBdladm show-iptun mytunnel0\fR
5431 LINK TYPE FLAGS SOURCE DESTINATION
5432 mytunnel0 ipv4 -- 66.1.2.3 192.4.5.6
5439 A point-to-point IP interface can then be created over this tunnel link:
5444 # \fBifconfig mytunnel0 plumb 10.1.0.1 10.1.0.2 up\fR
5451 As with any other IP interface, configuration persistence for this IP interface
5452 is achieved by placing the desired \fBifconfig\fR commands (in this case, the
5453 command for "\fB10.1.0.1 10.1.0.2\fR") into \fB/etc/hostname.mytunnel0\fR.
5456 \fBExample 20 \fRCreating a 6to4 Tunnel
5459 The following command creates a 6to4 tunnel link. The IPv4 address of the 6to4
5460 router is 75.10.11.12.
5465 # \fBdladm create-iptun -T 6to4 -s 75.10.11.12 sitetunnel0\fR
5466 # \fBdladm show-iptun sitetunnel0\fR
5467 LINK TYPE FLAGS SOURCE DESTINATION
5468 sitetunnel0 6to4 -- 75.10.11.12 --
5475 The following command plumbs an IPv6 interface on this tunnel:
5480 # \fBifconfig sitetunnel0 inet6 plumb up\fR
5481 # \fBifconfig sitetunnel0 inet6\fR
5482 sitetunnel0: flags=2200041 <UP,RUNNING,NONUD,IPv6> mtu 65515 index 3
5483 inet tunnel src 75.10.11.12
5485 inet6 2002:4b0a:b0c::1/16
5492 Note that the system automatically configures the IPv6 address on the 6to4 IP
5493 interface. See \fBifconfig\fR(8) for a description of how IPv6 addresses are
5494 configured on 6to4 tunnel links.
5498 See \fBattributes\fR(5) for descriptions of the following attributes:
5509 ATTRIBUTE TYPE ATTRIBUTE VALUE
5511 Interface Stability Committed
5524 ATTRIBUTE TYPE ATTRIBUTE VALUE
5526 Interface Stability Committed
5531 \fBacctadm\fR(8), \fBautopush\fR(8), \fBifconfig\fR(8), \fBipsecconf\fR(8),
5532 \fBndd\fR(8), \fBpsrset\fR(8), \fBwpad\fR(8), \fBzonecfg\fR(8),
5533 \fBattributes\fR(5), \fBieee802.3\fR(5), \fBdlpi\fR(7P)
5536 The preferred method of referring to an aggregation in the aggregation
5537 subcommands is by its link name. Referring to an aggregation by its integer
5538 \fIkey\fR is supported for backward compatibility, but is not necessary. When
5539 creating an aggregation, if a \fIkey\fR is specified instead of a link name,
5540 the aggregation's link name will be automatically generated by \fBdladm\fR as
5541 \fBaggr\fR\fIkey\fR.