ifconfig
is used to assign an address to a network
interface and/or configure network interface parameters.
ifconfig
must be used at boot time to define the
network address of each interface present on a machine; it may also be used at
a later time to redefine an interface's address or other operating parameters.
Available operands for ifconfig
:
- address
- For the DARPA-Internet family, the address is either a host name present
in the host name data base,
hosts(5), or a DARPA Internet
address expressed in the Internet standard “dot
notation”.
- address_family
- Specifies the address_family which affects
interpretation of the remaining parameters. Since an interface can receive
transmissions in differing protocols with different naming schemes,
specifying the address family is recommended. The address or protocol
families currently supported are “inet”,
“inet6”, “atalk”, and
“link”.
- interface
- The interface parameter is a string of the form
“name unit”, for example, “en0”
The following parameters may be set with
ifconfig
:
active
- This keyword applies when
ifconfig
adds or
modifies any link-layer address. It indicates that
ifconfig
should “activate” the
address. Activation makes an address the default source for transmissions
on the interface. You may not delete the active address from an interface.
You must activate some other address, first.
advbase
n
- If the driver is a carp(4)
pseudo-device, set the base advertisement interval to
n seconds. This ia an 8-bit number; the default
value is 1 second.
advskew
n
- If the driver is a carp(4)
pseudo-device, skew the advertisement interval by n.
This is an 8-bit number; the default value is 0.
Taken together the advbase
indicate
how frequently, in seconds, the host will advertise the fact that it
considers itself the master of the virtual host. The formula is
advbase
+ (advskew
/
256). If the master does not advertise within three times this interval,
this host will begin advertising as master.
alias
- Establish an additional network address for this interface. This is
sometimes useful when changing network numbers, and one wishes to accept
packets addressed to the old interface.
-alias
- Remove the specified network address alias.
arp
- Enable the use of the Address Resolution Protocol in mapping between
network level addresses and link level addresses (default). This is
currently implemented for mapping between DARPA Internet addresses and
Ethernet addresses.
-arp
- Disable the use of the Address Resolution Protocol.
anycast
- (inet6 only) Set the IPv6 anycast address bit.
-anycast
- (inet6 only) Clear the IPv6 anycast address bit.
broadcast
mask
- (Inet only) Specify the address to use to represent broadcasts to the
network. The default broadcast address is the address with a host part of
all 1's.
carpdev
iface
- If the driver is a carp(4)
pseudo-device, attach it to iface. If not specified,
the kernel will attempt to select an interface with a subnet matching that
of the carp interface.
description
description, descr
description
- Set a description of the interface. (0-63 characters)
-description
,
-descr
- Clear the description of the interface.
debug
- Enable driver dependent debugging code; usually, this turns on extra
console error logging.
-debug
- Disable driver dependent debugging code.
delete
- Remove the network address specified. This would be used if you
incorrectly specified an alias, or it was no longer needed. If you have
incorrectly set an NS address having the side effect of specifying the
host portion, removing all NS addresses will allow you to respecify the
host portion.
delete
does not work for IPv6
addresses. Use -alias
with explicit IPv6 address
instead.
- dest_address
- Specify the address of the correspondent on the other end of a point to
point link.
down
- Mark an interface ``down''. When an interface is marked ``down'', the
system will not attempt to transmit messages through that interface. If
possible, the interface will be reset to disable reception as well. This
action does not automatically disable routes using the interface.
media
type
- Set the media type of the interface to type. Some
interfaces support the mutually exclusive use of one of several different
physical media connectors. For example, a 10Mb/s Ethernet interface might
support the use of either AUI or twisted pair connectors. Setting the
media type to “10base5” or “AUI” would change
the currently active connector to the AUI port. Setting it to
“10baseT” or “UTP” would activate twisted
pair. Refer to the interfaces' driver specific man page for a complete
list of the available types and the
ifmedia(4) manual page for
a list of media types. See the
-m
flag below.
mediaopt
opts
- Set the specified media options on the interface.
opts is a comma delimited list of options to apply
to the interface. Refer to the interfaces' driver specific man page for a
complete list of available options. Also see the
ifmedia(4) manual page for
a list of media options.
-mediaopt
opts
- Disable the specified media options on the interface.
mode
mode
- If the driver supports the media selection system, set the specified
operating mode on the interface to mode. For IEEE
802.11 wireless interfaces that support multiple operating modes this
directive is used to select between 802.11a (“11a”), 802.11b
(“11b”), and 802.11g (“11g”) operating
modes.
instance
minst
- Set the media instance to minst. This is useful for
devices which have multiple physical layer interfaces (PHYs). Setting the
instance on such devices may not be strictly required by the network
interface driver as the driver may take care of this automatically; see
the driver's manual page for more information.
metric
n
- Set the routing metric of the interface to n,
default 0. The routing metric is used by the routing protocol
(routed(8)). Higher metrics
have the effect of making a route less favorable; metrics are counted as
addition hops to the destination network or host.
mtu
n
- Set the maximum transmission unit of the interface to
n. Most interfaces do not support this option.
netmask
mask
- (inet and inet6) Specify how much of the address to reserve for
subdividing networks into sub-networks. The mask includes the network part
of the local address and the subnet part, which is taken from the host
field of the address. The mask can be specified as a single hexadecimal
number with a leading 0x, with a dot-notation Internet address, or with a
pseudo-network name listed in the network table
networks(5). The mask
contains 1's for the bit positions in the 32-bit address which are to be
used for the network and subnet parts, and 0's for the host part. The mask
should contain at least the standard network portion, and the subnet field
should be contiguous with the network portion.
For INET and INET6 addresses, the netmask can also be given
with slash-notation after the address (e.g 192.168.17.3/24).
state
state
- Explicitly force the carp(4)
pseudo-device to enter this state. Valid states are
init, backup, and
master.
frag
threshold
- (IEEE 802.11 devices only) Configure the fragmentation threshold for IEEE
802.11-based wireless network interfaces.
rts
threshold
- (IEEE 802.11 devices only) Configure the RTS/CTS threshold for IEEE
802.11-based wireless network interfaces. This controls the number of
bytes used for the RTS/CTS handshake boundary. The
threshold can be any value between 0 and 2347. The
default is 2347, which indicates the RTS/CTS mechanism should not be
used.
ssid
id
- (IEEE 802.11 devices only) Configure the Service Set Identifier (aka the
network name) for IEEE 802.11-based wireless network interfaces. The
id can either be any text string up to 32 characters
in length, or a series of up to 64 hexadecimal digits preceded by
“0x”. Setting id to the empty string
allows the interface to connect to any available access point.
nwid
id
- Synonym for “ssid”.
hidessid
- (IEEE 802.11 devices only) When operating as an access point, do not
broadcast the SSID in beacon frames or respond to probe request frames
unless they are directed to the ap (i.e., they include the ap's SSID). By
default, the SSID is included in beacon frames and undirected probe
request frames are answered.
-hidessid
- (IEEE 802.11 devices only) When operating as an access point, broadcast
the SSID in beacon frames and answer and respond to undirected probe
request frames (default).
nwkey
key
- (IEEE 802.11 devices only) Enable WEP encryption for IEEE 802.11-based
wireless network interfaces with the key. The
key can either be a string, a series of hexadecimal
digits preceded by “0x”, or a set of keys in the form
n:k1,k2,k3,k4, where n
specifies which of keys will be used for all transmitted packets, and four
keys, k1 through k4, are
configured as WEP keys. Note that the order must be match within same
network if multiple keys are used. For IEEE 802.11 wireless network, the
length of each key is restricted to 40 bits, i.e., 5-character string or
10 hexadecimal digits, while the WaveLAN/IEEE Gold cards accept the 104
bits (13 characters) key.
nwkey
persist
- (IEEE 802.11 devices only) Enable WEP encryption for IEEE 802.11-based
wireless network interfaces with the persistent key written in the network
card.
nwkey
persist
:key
- (IEEE 802.11 devices only) Write the key to the
persistent memory of the network card, and enable WEP encryption for IEEE
802.11-based wireless network interfaces with the
key.
-nwkey
- (IEEE 802.11 devices only) Disable WEP encryption for IEEE 802.11-based
wireless network interfaces.
apbridge
- (IEEE 802.11 devices only) When operating as an access point, pass packets
between wireless clients directly (default).
-apbridge
- (IEEE 802.11 devices only) When operating as an access point, pass packets
through the system so that they can be forwarded using some other
mechanism. Disabling the internal bridging is useful when traffic is to be
processed with packet filtering.
pass
passphrase
- If the driver is a carp(4)
pseudo-device, set the authentication key to
passphrase. There is no passphrase by default
powersave
- (IEEE 802.11 devices only) Enable 802.11 power saving mode.
-powersave
- (IEEE 802.11 devices only) Disable 802.11 power saving mode.
powersavesleep
duration
- (IEEE 802.11 devices only) Set the receiver sleep duration in milliseconds
for 802.11 power saving mode.
bssid
bssid
- (IEEE 802.11 devices only) Set the desired BSSID for IEEE 802.11-based
wireless network interfaces.
-bssid
- (IEEE 802.11 devices only) Unset the desired BSSID for IEEE 802.11-based
wireless network interfaces. The interface will automatically select a
BSSID in this mode, which is the default.
chan
chan
- (IEEE 802.11 devices only) Select the channel (radio frequency) to be used
for IEEE 802.11-based wireless network interfaces.
-chan
- (IEEE 802.11 devices only) Unset the desired channel to be used for IEEE
802.11-based wireless network interfaces. It does not affect the channel
to be created for IBSS or hostap mode.
list
scan
- (IEEE 802.11 devices only) Display the access points and/or ad-hoc
neighbors located in the vicinity. The
-v
flag may
be used to display long SSIDs. -v
also causes
received information elements to be displayed symbolically. The interface
must be up before any scanning operation. Only the super-user can use this
command.
tunnel
src_addr[,src_port]
dest_addr[,dest_port]
- (IP tunnel devices only) Configure the physical source and destination
address for IP tunnel interfaces, including
gif(4). The arguments
src_addr and dest_addr are
interpreted as the outer source/destination for the encapsulating
IPv4/IPv6 header.
On a gre(4)
interface in UDP mode, the arguments src_port and
dest_port are interpreted as the outer
source/destination port for the encapsulating UDP header.
deletetunnel
- Unconfigure the physical source and destination address for IP tunnel
interfaces previously configured with
tunnel
.
session
local_session
remote_session
- (L2TPv3 devices only) Configure local session id and remote session id for
L2TPv3 interface. The length of session id is 4 bytes.
deletesession
- Unconfigure the local session id and remote session id for L2TPv3
interface previously configured with
session
.
cookie
local_cookie_length local_cookie
remote_cookie_length
remote_cookie
- (L2TPv3 devices only) Configure local cookie and remote cookie for L2TPv3
interface. The cookie length must be 4 or 8 bytes. Generally, cookies are
managed by daemon. So, this command would be used for test or debug
only.
deletecookie
- Unconfigure the local cookie and remote cookie for L2TPv3 interface
previously configured with
cookie
.
create
- Create the specified network pseudo-device.
destroy
- Destroy the specified network pseudo-device.
pltime
n
- (inet6 only) Set preferred lifetime for the address.
prefixlen
n
- (inet and inet6 only) Effect is similar to
netmask
. but you can specify by prefix length by
digits.
deprecated
- (inet6 only) Set the IPv6 deprecated address bit.
-deprecated
- (inet6 only) Clear the IPv6 deprecated address bit.
eui64
- (inet6 only) Fill interface index (lowermost 64bit of an IPv6 address)
automatically.
link[0-2]
- Enable special processing of the link level of the interface. These three
options are interface specific in actual effect, however, they are in
general used to select special modes of operation. An example of this is
to enable SLIP compression, or to select the connector type for some
Ethernet cards. Refer to the man page for the specific driver for more
information.
-link[0-2]
- Disable special processing at the link level with the specified
interface.
linkstr
str
- Set a link-level string parameter for the interface. This functionality
varies from interface to interface. Refer to the man page for the specific
driver for more information.
-linkstr
- Remove an interface link-level string parameter.
up
- Mark an interface ``up''. This may be used to enable an interface after an
``ifconfig down.'' It happens automatically when setting the first address
on an interface. If the interface was reset when previously marked down,
the hardware will be re-initialized.
vhid
n
- If the driver is a carp(4)
pseudo-device, set the virtual host ID to n.
Acceptable values are 1 to 255.
vlan
vid
- If the interface is a vlan(4)
pseudo-interface, set the VLAN identifier to vid.
These are the first 12 bits (0-4095) from a 16-bit integer used to create
an 802.1Q VLAN header for packets sent from the
vlan(4) interface. Note that
vlan
and vlanif
must be
set at the same time.
vlanif
iface
- If the interface is a vlan(4)
pseudo-interface, associate the physical interface
iface with it. Packets transmitted through the
vlan(4) interface will be
diverted to the specified physical interface iface
with 802.1Q VLAN encapsulation. Packets with 802.1Q encapsulation received
by the physical interface with the correct VLAN tag will be diverted to
the associated vlan(4)
pseudo-interface. The VLAN interface is assigned a copy of the physical
interface's flags and Ethernet address. If the
vlan(4) interface already has
a physical interface associated with it, this command will fail. To change
the association to another physical interface, the existing association
must be cleared first. Note that
vlanif
and
vlan
must be set at the same time.
-vlanif
iface
- Dissociate iface from the
vlan(4) interface.
agrport
iface
- Add iface to the
agr(4) interface.
-agrport
iface
- Remove iface from the
agr(4) interface.
vltime
n
- (inet6 only) Set valid lifetime for the address.
ip4csum
- Shorthand of “ip4csum-tx ip4csum-rx”
-ip4csum
- Shorthand of “-ip4csum-tx -ip4csum-rx”
tcp4csum
- Shorthand of “tcp4csum-tx tcp4csum-rx”
-tcp4csum
- Shorthand of “-tcp4csum-tx -tcp4csum-rx”
udp4csum
- Shorthand of “udp4csum-tx udp4csum-rx”
-udp4csum
- Shorthand of “-udp4csum-tx -udp4csum-rx”
tcp6csum
- Shorthand of “tcp6csum-tx tcp6csum-rx”
-tcp6csum
- Shorthand of “-tcp6csum-tx -tcp6csum-rx”
udp6csum
- Shorthand of “udp6csum-tx udp6csum-rx”
-udp6csum
- Shorthand of “-udp6csum-tx -udp6csum-rx”
ip4csum-tx
- Enable hardware-assisted IPv4 header checksums for the out-bound
direction.
-ip4csum-tx
- Disable hardware-assisted IPv4 header checksums for the out-bound
direction.
ip4csum-rx
- Enable hardware-assisted IPv4 header checksums for the in-bound
direction.
-ip4csum-rx
- Disable hardware-assisted IPv4 header checksums for the in-bound
direction.
tcp4csum-tx
- Enable hardware-assisted TCP/IPv4 checksums for the out-bound
direction.
-tcp4csum-tx
- Disable hardware-assisted TCP/IPv4 checksums for the out-bound
direction.
tcp4csum-rx
- Enable hardware-assisted TCP/IPv4 checksums for the in-bound
direction.
-tcp4csum-rx
- Disable hardware-assisted TCP/IPv4 checksums for the in-bound
direction.
udp4csum-tx
- Enable hardware-assisted UDP/IPv4 checksums for the out-bound
direction.
-udp4csum-tx
- Disable hardware-assisted UDP/IPv4 checksums for the out-bound
direction.
udp4csum-rx
- Enable hardware-assisted UDP/IPv4 checksums for the in-bound
direction.
-udp4csum-rx
- Disable hardware-assisted UDP/IPv4 checksums for the in-bound
direction.
tcp6csum-tx
- Enable hardware-assisted TCP/IPv6 checksums for the out-bound
direction.
-tcp6csum-tx
- Disable hardware-assisted TCP/IPv6 checksums for the out-bound
direction.
tcp6csum-rx
- Enable hardware-assisted TCP/IPv6 checksums for the in-bound
direction.
-tcp6csum-rx
- Disable hardware-assisted TCP/IPv6 checksums for the in-bound
direction.
udp6csum-tx
- Enable hardware-assisted UDP/IPv6 checksums for the out-bound
direction.
-udp6csum-tx
- Disable hardware-assisted UDP/IPv6 checksums for the out-bound
direction.
udp6csum-rx
- Enable hardware-assisted UDP/IPv6 checksums for the in-bound
direction.
-udp6csum-rx
- Disable hardware-assisted UDP/IPv6 checksums for the in-bound
direction.
tso4
- Enable hardware-assisted TCP/IPv4 segmentation on interfaces that support
it.
-tso4
- Disable hardware-assisted TCP/IPv4 segmentation on interfaces that support
it.
tso6
- Enable hardware-assisted TCP/IPv6 segmentation on interfaces that support
it.
-tso6
- Disable hardware-assisted TCP/IPv6 segmentation on interfaces that support
it.
vlan-hwtagging
- Enable hardware-assisted VLAN tag insertion/removal on interfaces that
support it.
-vlan-hwtagging
- Disable hardware-assisted VLAN tag insertion/removal on interfaces that
support it.
maxupd
n
- If the driver is a pfsync(4)
pseudo-device, indicate the maximum number of updates for a single state
which can be collapsed into one. This is an 8-bit number; the default
value is 128.
syncdev
iface
- If the driver is a pfsync(4)
pseudo-device, use the specified interface to send and receive pfsync
state synchronisation messages.
-syncdev
- If the driver is a pfsync(4)
pseudo-device, stop sending pfsync state synchronisation messages over the
network.
syncpeer
peer_address
- If the driver is a pfsync(4)
pseudo-device, make the pfsync link point-to-point rather than using
multicast to broadcast the state synchronisation messages. The
peer_address is the IP address of the other host taking part in the pfsync
cluster. With this option,
pfsync(4) traffic can be
protected using
ipsec(4).
-syncpeer
- If the driver is a pfsync(4)
pseudo-device, broadcast the packets using multicast.
ifconfig
displays the current
configuration for a network interface when no optional parameters are
supplied. If a protocol family is specified,
ifconfig
will report only the details specific to
that protocol family.
If the -s
flag is passed before an
interface name, ifconfig
will attempt to query the
interface for its media status. If the interface supports reporting media
status, and it reports that it does not appear to be connected to a network,
ifconfig
will exit with status of 1 (false);
otherwise, it will exit with a zero (true) exit status. Not all interface
drivers support media status reporting.
If the -m
flag is passed before an
interface name, ifconfig
will display all of the
supported media for the specified interface. If the
-L
flag is supplied, address lifetime is displayed
for IPv6 addresses, as time offset string.
Optionally, the -a
flag may be used
instead of an interface name. This flag instructs
ifconfig
to display information about all interfaces
in the system. This is also the default behaviour when no arguments are
given to ifconfig
on the command line. When
-a
is used, the output can be modified by adding
more flags: -d
limits this to interfaces that are
down, -u
limits this to interfaces that are up,
-b
limits this to broadcast interfaces, and
-s
omits interfaces which appear not to be connected
to a network.
The -l
flag may be used to list all
available interfaces on the system, with no other additional information.
Use of this flag is mutually exclusive with all other flags and commands,
except for -d
(only list interfaces that are down),
-u
(only list interfaces that are up),
-s
(only list interfaces that may be connected),
-b
(only list broadcast interfaces).
The -C
flag may be used to list all of the
interface cloners available on the system, with no additional information.
Use of this flag is mutually exclusive with all other flags and
commands.
The -v
flag prints statistics on packets
sent and received on the given interface. If -h
is
used in conjunction with -v
, the byte statistics
will be printed in "human-readable" format. The
-z
flag is identical to the
-v
flag except that it zeros the interface input and
output statistics after printing them.
The -w
flag may be used to wait
seconds seconds for the
tentative
flag to be removed from all addresses. 0
seconds means to wait indefinitely until all addresses no longer have the
tentative
flag. The optional
-W
flag may be used to wait
seconds seconds during the above time for the detached
flag to be removed from all addresses whose interface is marked ``up'' as
well. The detached flag is set when the interface does not have a
carrier.
The -N
flag is just the opposite of the
-n
flag in
netstat(1) or in
route(8): it tells
ifconfig
to try to resolve numbers to hostnames or
to service names. The default ifconfig
behavior is
to print numbers instead of names.
Only the super-user may modify the configuration of a network
interface.