 |
Index for Section 8 |
|
 |
Alphabetical listing for I |
|
ifconfig(8)
NAME
ifconfig - Configures or displays network interface parameters
SYNOPSIS
/usr/sbin/ifconfig interface_id [address_family] [address[/bitmask]
[dest_address]] [parameters]
/usr/sbin/ifconfig -a
The ifconfig command assigns and displays an address to a network
interface, and configures network interface parameters.
FLAGS
-a Displays information about all interfaces that are configured on a
system.
DESCRIPTION
You use the ifconfig command at boot time to define the network address of
each interface. You can also use the ifconfig command at other times to
display all interfaces that are configured on a system, to redefine the
address of an interface, or to set other operating parameters.
Note
If you want to redefine the interface address or the netmask, use
the netsetup command. Otherwise, any daemons currently running
will use the old address and netmask, and will fail. The
netsetup command makes the necessary changes and restarts the
network services.
Any user can query the status of a network interface; only the superuser
can modify the configuration network interfaces.
You specify an interface with the ifconfig interface_id syntax. (See your
hardware documentation for information on obtaining an interface ID.)
If you specify only an interface_id, the ifconfig program displays the
current configuration for the specified network interface only.
If a protocol family is specified by the address_family parameter, ifconfig
reports only the configuration details specific to that protocol family.
When changing an interface configuration, if the address family cannot be
inferred from the address parameter, an address family, which may alter the
interpretation of succeeding parameters, must be specified. This family is
required because an interface can receive transmissions in different
protocols, each of which may require a separate naming scheme.
The address argument is the network address of the interface being
configured. For the inet address family, the address argument is either a
hostname or an Internet address in the standard dotted-decimal notation
with or without the optional Classless Inter-Domain Routing (CIDR) bitmask
(/bitmask). If using the bitmask argument, do not use the netmask
parameter.
The destination address (dest_address) argument specifies the address of
the correspondent on the remote end of a point-to-point link.
Parameters
abort Closes all TCP connections associated with a network address.
Use this parameter when removing aliases or deleting network
addresses. This prevents users from experiencing a hanging
connection when the network address is deleted.
add interface-id [,interface-id]
Creates a set of redundant adapters (NetRAIN). The interface-id
specified must represent adapters of the same type connected to
the same LAN segment. The ifconfig interface-id parameter must
be a NetRAIN virtual interface name of the form nrx, where x is
the unit number (Valid unit numbers are 0 to nr_maxdev-1. See
sys_attrs_netrain(5) for a description of nr_maxdev and other
netrain subsystem attributes. You can adjust this limit by using
the sysconfig command). If the NetRAIN virtual interface does
not exist, it is created.
alias alias_address[/bitmask]
Establishes an additional network address for this interface.
This can be useful when changing network numbers and you want to
continue to accept packets addressed to the old interface.
If you do not specify a bitmask or netmask with the alias
address, the default netmask is based on the alias address's
network class.
If you are using the optional bitmask argument, do not use the
netmask argument.
-alias alias_address
Removes the network address specified. This can be used either
if you incorrectly specified an alias or if an alias is no longer
needed. The -alias parameter functions in the same manner as the
delete parameter.
aliaslist address_list[/bitmask]
Establishes a range of additional network addresses for this
interface. The range can be a comma-separated list or a
hyphenated list, and is inclusive. You can also specify the
optional CIDR bitmask (/bitmask) argument at the end of the list.
Do not use a comma-separated list and a hyphenated list for a
range. For example, the following aliaslist command adds network
addresses 40 through 50, inclusive, to subnets 18.240.32,
18.240.33, 18.240.34, 18.240.35, and 18.240.36:
ifconfig aliaslist 18.240.32-36.40-50
The following aliaslist command specifies the netmask
255.255.252.0 in CIDR format to the previous example:
ifconfig aliaslist 18.240.32-36.40-50/22
The following aliaslist command adds network addresses 40 through
50, inclusive, to subnets 18.240.32, 18.240.64, and 18.240.96:
ifconfig aliaslist 18.240.32,64,96.40-50
The following aliaslist command is invalid because a comma-
separated list and a hyphenated list are used to denote a range:
ifconfig aliaslist 18.240.32.40-50,55,58
-aliaslist
Removes a range of network addresses for this interface. This
can be useful when deleting network numbers and you want to keep
the primary interface address. The alias list rules are the same
as for the aliaslist parameter.
allmulti Enables the reception of all multicast packets.
-allmulti Disables the reception of all multicast packets.
arp Enables the use of the Address Resolution Protocol (ARP) in
mapping between network-level addresses and link-level addresses.
This parameter is on by default.
-arp Disables the use of the ARP. Use of this parameter is not
recommended. See arp(8) for more information.
broadcast broad_address
Specifies the address to use to represent broadcasts to the
network. The default broadcast address is the address with a
host part consisting of all 1s (ones). Note that the computation
of the host part is dependent on netmask (see the description of
the netmask parameter).
debug Enables driver-dependent debug code. This might turn on extra
console error logging. (See your hardware documentation for
further information.)
-debug Disables driver-dependent debug code.
delete [net_address]
Removes the network address specified. This would be used if you
incorrectly specified an alias, or if it was no longer needed.
If you have incorrectly set an NS address having the side effect
of specifying the host portion, removing all NS addresses will
allow you to respecify the host portion.
You need to be careful when specifying this parameter. If you
specify the network address before the delete parameter, all
network addresses for the interface are deleted. Similarly, if
you specify no network address after the delete parameter, all
network addresses for the interface are deleted.
down Marks an interface as not working (down), which keeps the system
from trying to transmit messages through that interface. If
possible, the ifconfig command also resets the interface to
disable reception of messages. Routes that use the interface,
however, are not automatically disabled.
filter Enables access filtering on the interface. Reads the
/etc/ifaccess.conf file and constructs an interface access filter
based on entries in the file. Interface access filtering
provides a mechanism for detecting and preventing IP spoofing
attacks. (See CERT Advisory CA-95:01). The source addresses of
IP input packets are checked against access filter entries;
packets receive the action associated with the first matching
entry. The following actions are valid: permit, deny, or
denylog; the final filter entry is a default permit all. See
ifaccess.conf(4) for more information.
-filter Disables access filtering on the interface.
ipdst Specifies an Internet host willing to receive IP packets
encapsulating packets bound for a remote network. For a Network
Systems (NS) case, an apparent point-to-point link is
constructed, and the address specified will be taken as the NS
address and network of the destination host.
ipmtu mtu_value
Alters the size of the maximum transfer unit (MTU) for messages
that your system transmits. It might be necessary to reduce the
MTU size so that bridges connecting token rings can transfer
frames without error.
metric number
Sets the routing metric, or number of hops, for the interface to
the value of number. The default value is 0 (zero) if number is
not specified, indicating that both hosts are on the same
network. The routing metric is used by the routed and gated
daemons, with higher metrics indicating that the route is less
favorable.
monitor Enable NetRAIN monitoring on this interface. If the monitoring
code determines that the interface is not operational, a message
is sent to the console and to a log file.
netmask mask
Specifies how much of the address to reserve for subdividing
networks into sub-networks. This parameter can only be used with
an address family of inet. Do not use this parameter if you are
specifying the CIDR mask (/bitmask) with the address argument,
alias parameter, or aliaslist parameter.
The mask variable includes both the network part of the local
address and the subnet part, which is taken from the host field
of the address. The mask can be specified as a single
hexadecimal number beginning with 0x, in the standard Internet
dotted-decimal notation, or beginning with a name.
The mask contains 1s (ones) for the bit positions in the 32-bit
address that are reserved for the network and subnet parts, and
0s (zeros) for the bit positions that specify the host. The mask
should contain at least the standard network portion.
The default netmask is based on the address parameter's network
class.
nrmaxretry integer
Sets the number of attempts to determine whether a NetRAIN
interface is operational before performing a failover to another
interface. The default value is 4 retries; this value can be
adjusted using the sysconfig command.
For ATM LAN Emulation (LANE), set integer to 5.
nrtmo integer
Sets the NetRAIN interface monitoring interval. The default value
is 1 times the value of the nrtmoisr parameter (1 second). This
value sets the time it takes to perform a test on an operational
interface.
nrtmodown integer
Sets the time between NetRAIN interface tests if an interface is
marked down. Interface operability tests are not run unless the
interface UP flag is set. This timer represents the time between
checking the UP flag for an interface. Once the UP flag is set,
the interface resumes normal monitoring mode. The default value
is 10 times the value of the nrtmoisr parameter (10 seconds).
nrtmofail integer
Sets the time between NetRAIN interface tests after this
interface has failed. The default value is 5 times the value of
the nrtmoisr parameter (5 seconds). An interface is marked as
having failed after the interface test fails retry count times.
nrtmoisr integer
Sets the time-out value, in CPU clock ticks, for the NetRAIN
interrupt service routine that monitors the interfaces. The
default value is 1000 (1 second). This value overrides the
netrain_timeout system attribute value, and controls all other
NetRAIN time-out values. Each time the NetRAIN interrupt service
routine executes, it decrements the time-out count for each
interface being monitored. When the time-out count reaches zero,
an operational test is performed on the interface. This value
sets the frequency which the routine monitoring interfaces runs.
nrtmoretry integer
Sets the time between NetRAIN interface tests when the previous
test has failed but it has not failed retry count times. The
default value is 1 times the value of the nrtmoisr parameter (1
second).
For ATM LAN Emulation (LANE) interfaces, set integer to 2.
nrtmosuccess integer
Sets the time between NetRAIN interface tests when the previous
test succeeded. The default value is 3 times the value of the
nrtmoisr parameter (3 seconds).
promisc Sets the interface into promiscuous mode. This directs the
network interface to receive all packets off the network, rather
than just those packets directed to the host.
-promisc Disables the promiscuous mode of the interface. This is the
default.
remove Remove the interfaces attached to a NetRAIN interface. All of the
interfaces have their default hardware addresses restored and the
UP flag is cleared. The hardware address of the NetRAIN virtual
interface is set to 00:00:00:00:00:00 and its UP flag is cleared.
The NetRAIN virtual interface may be reconfigured using the add
command.
speed value
Sets the speed at which the token ring adapter transmits and
receives on the token ring network to value. The value can be
either 4 for a ring speed of 4Mbs or 16 for 16Mbs. The adapter
speed must match the signal speed of the token ring.
This parameter also determines the speed (regular or fast
Ethernet) and half- or full-duplex mode operation on the tu
interface when that interface is using the twisted-pair port as
follows:
_____________________________________
Value Configuration
_____________________________________
10 10 Mbps Ethernet half-duplex
20 10 Mbps Ethernet full-duplex
100 100 Mbps Ethernet half-duplex
200 100 Mbps Ethernet full-duplex
_____________________________________
After the interface is online, you can use the ifconfig up and
down options to change the speed value dynamically. Stop adapter
transmission with down and set the speed in the same command
line. Then specify up without a speed value to restart the
adapter.
switch Force a NetRAIN interface to failover to another interface in the
NetRAIN set. If the ifconfig interface-id specified is the
NetRAIN virtual interface, the next available interface in the
set becomes active. If the ifconfig interface-id is a member of
the NetRAIN set, the interface-id specified becomes the active
member. If the interface-id specified is not operational, the
switch command has no effect.
trailers Requests the use of a trailer link-level encapsulation when
sending messages.
If a network interface supports trailers, the system will, when
possible, encapsulate outgoing messages in a manner that
minimizes the number of memory-memory copy operations performed
by the receiver. On networks that support the Address Resolution
Protocol (see arp), this flag indicates that the system should
request that other systems use trailers when sending to this
host. Similarly, trailer encapsulations will be sent to other
hosts that have made such requests. Currently used by Internet
protocols only.
-trailers Disables the use of a trailer link-level encapsulation. This is
the default.
trustgrp group
Sets the trust group identifier for the interface. Trust group
identifiers are passed from the kernel to the screend daemon, and
indicate the color of the interface on which a packet was
received and the color of the interface to which a packet is
intended, as indicated by the kernel routing tables. The group
can be one of the primary colors in the visible spectrum (for
example, red, orange, yellow, green, blue, indigo, and violet).
The screend daemon can optionally use trust group information to
make packet screening decisions.
up Marks an interface as working (up). This parameter is used
automatically when setting the first address for an interface, or
can be used to enable an interface after an ifconfig down
command. If the interface was reset when previously marked with
the parameter down (see the following section for a description
of this parameter), the hardware will be reinitialized.
EXAMPLES
1. To query the status of serial line interface sl0, enter:
$ ifconfig sl0
sl0: flags=10<POINTOPOINT>
2. To configure the local loopback interface, enter:
# ifconfig lo0 inet 127.0.0.1 up
Only a user with superuser authority can modify the configuration of a
network interface.
3. To configure a ln0 interface, enter:
# ifconfig ln0 212.232.32.1/22
The broadcast address is 212.232.35.255 as the 22-bit mask specifies
four Class C networks.
4. To configure the token ring interface for a 4 Mbps token ring with a
netmask of 255.255.255.0 in CIDR format, enter:
# ifconfig tra0 130.180.4.1/24 speed 4
5. To stop the token ring interface and start it for a 16 Mbps token
ring, enter:
# ifconfig tra0 down
# ifconfig tra0 speed 16 up
6. To create a NetRAIN set nr1 with the Ethernet interfaces tu0 and tu2
as the set members, enter:
# ifconfig nr1 add tu0,tu2
To set the IP address of this interface to 18.240.32.40, enter:
# ifconfig nr1 inet 18.240.32.40
To view this set, enter:
# ifconfig nr1
nr1: flags=c63<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,SIMPLEX>
NetRAIN Attached Interfaces: ( tu0 tu2 ) Active Interface: ( tu0 )
inet 18.240.32.40 netmask ffffff00 broadcast 18.240.32.255 ipmtu
1500
7. To remove the interfaces tu0 and tu2 from the NetRAIN set created in
the previous example, enter:
# ifconfig nr1 remove
8. To stop Ethernet interface tu0, delete all addresses associated with
the interface, and close all TCP connections, enter:
# ifconfig tu0 down delete abort
145.92.16.1: aborting 7 tcp connection(s)
9. To delete the alias address 145.92.16.2 on interface tu0 and close all
TCP connections, enter:
# ifconfig tu0 -alias 145.92.16.2 abort
145.92.16.2: aborting 2 tcp connection(s)
DIAGNOSTICS
Invalid bitmask
The bitmask specified is not in the range of 1 to 32, inclusive.
Netmask can not be used with bitmask.
The -netmask option was specified together with a CIDR bitmask.
FILES
/usr/sbin/ifconfig
Specifies the command path
/etc/ifaccess.conf
Interface access filtering configuration file.
RELATED INFORMATION
Commands: netstat(1), nr(7), inet.local(8), pfconfig(8).
Daemons: gated(8), routed(8) screend(8).
Files: ifaccess.conf(4).
System Attributes: sys_attrs_netrain(5).