1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 4. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 29.\" $FreeBSD: src/sbin/ifconfig/ifconfig.8,v 1.124 2006/10/10 09:44:08 ru Exp $ 30.\" $DragonFly: src/sbin/ifconfig/ifconfig.8,v 1.15 2006/12/29 20:50:55 swildner Exp $ 31.\" 32.Dd November 19, 2006 33.Dt IFCONFIG 8 34.Os 35.Sh NAME 36.Nm ifconfig 37.Nd configure network interface parameters 38.Sh SYNOPSIS 39.Nm 40.Op Fl L 41.Op Fl k 42.Op Fl m 43.Ar interface 44.Op Cm create 45.Op Ar address_family 46.Oo 47.Ar address 48.Op Ar dest_address 49.Oc 50.Op Ar parameters 51.Nm 52.Ar interface 53.Cm destroy 54.Nm 55.Fl a 56.Op Fl L 57.Op Fl d 58.Op Fl m 59.Op Fl u 60.Op Fl v 61.Op Ar address_family 62.Nm 63.Fl l 64.Op Fl d 65.Op Fl u 66.Op Ar address_family 67.Nm 68.Op Fl L 69.Op Fl d 70.Op Fl k 71.Op Fl m 72.Op Fl u 73.Op Fl v 74.Op Fl C 75.Sh DESCRIPTION 76The 77.Nm 78utility is used to assign an address 79to a network interface and/or configure 80network interface parameters. 81The 82.Nm 83utility must be used at boot time to define the network address 84of each interface present on a machine; it may also be used at 85a later time to redefine an interface's address 86or other operating parameters. 87.Pp 88The following options are available: 89.Bl -tag -width indent 90.It Ar address 91For the 92.Tn DARPA Ns -Internet 93family, 94the address is either a host name present in the host name data 95base, 96.Xr hosts 5 , 97or a 98.Tn DARPA 99Internet address expressed in the Internet standard 100.Dq dot notation . 101.Pp 102It is also possible to use the CIDR notation (also known as the 103slash notation) to include the netmask. 104That is, one can specify an address like 105.Li 192.168.0.1/16 . 106.Pp 107For 108.Dq inet6 109family, it is also possible to specify the prefix length using the slash 110notation, like 111.Li ::1/128 . 112See the 113.Cm prefixlen 114parameter below for more information. 115.\" For the Xerox Network Systems(tm) family, 116.\" addresses are 117.\" .Ar net:a.b.c.d.e.f , 118.\" where 119.\" .Ar net 120.\" is the assigned network number (in decimal), 121.\" and each of the six bytes of the host number, 122.\" .Ar a 123.\" through 124.\" .Ar f , 125.\" are specified in hexadecimal. 126.\" The host number may be omitted on IEEE 802 protocol 127.\" (Ethernet, FDDI, and Token Ring) interfaces, 128.\" which use the hardware physical address, 129.\" and on interfaces other than the first. 130.\" For the 131.\" .Tn ISO 132.\" family, addresses are specified as a long hexadecimal string, 133.\" as in the Xerox family. 134.\" However, two consecutive dots imply a zero 135.\" byte, and the dots are optional, if the user wishes to (carefully) 136.\" count out long strings of digits in network byte order. 137.Pp 138The link-level 139.Pq Dq link 140address 141is specified as a series of colon-separated hex digits. 142This can be used to 143e.g.\& set a new MAC address on an ethernet interface, though the 144mechanism used is not ethernet-specific. 145If the interface is already 146up when this option is used, it will be briefly brought down and 147then brought back up again in order to ensure that the receive 148filter in the underlying ethernet hardware is properly reprogrammed. 149.It Ar address_family 150Specify the 151address family 152which affects interpretation of the remaining parameters. 153Since an interface can receive transmissions in differing protocols 154with different naming schemes, specifying the address family is recommended. 155The address or protocol families currently 156supported are 157.Dq inet , 158.Dq inet6 , 159.Dq atalk , 160.Dq ipx , 161.\" .Dq iso , 162and 163.Dq link . 164.\" and 165.\" .Dq ns . 166The default is 167.Dq inet . 168.Dq ether 169and 170.Dq lladdr 171are synonyms for 172.Dq link . 173.It Ar dest_address 174Specify the address of the correspondent on the other end 175of a point to point link. 176.It Ar interface 177This 178parameter is a string of the form 179.Dq name unit , 180for example, 181.Dq Li ed0 . 182.El 183.Pp 184The following parameters may be set with 185.Nm : 186.Bl -tag -width indent 187.It Cm add 188Another name for the 189.Cm alias 190parameter. 191Introduced for compatibility 192with 193.Bsx . 194.It Cm alias 195Establish an additional network address for this interface. 196This is sometimes useful when changing network numbers, and 197one wishes to accept packets addressed to the old interface. 198If the address is on the same subnet as the first network address 199for this interface, a non-conflicting netmask must be given. 200Usually 201.Li 0xffffffff 202is most appropriate. 203.It Fl alias 204Remove the network address specified. 205This would be used if you incorrectly specified an alias, or it 206was no longer needed. 207If you have incorrectly set an NS address having the side effect 208of specifying the host portion, removing all NS addresses will 209allow you to respecify the host portion. 210.It Cm anycast 211(Inet6 only.) 212Specify that the address configured is an anycast address. 213Based on the current specification, 214only routers may configure anycast addresses. 215Anycast address will not be used as source address of any of outgoing 216IPv6 packets. 217.It Cm arp 218Enable the use of the Address Resolution Protocol 219.Pq Xr arp 4 220in mapping 221between network level addresses and link level addresses (default). 222This is currently implemented for mapping between 223.Tn DARPA 224Internet 225addresses and 226.Tn IEEE 227802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses). 228.It Fl arp 229Disable the use of the Address Resolution Protocol 230.Pq Xr arp 4 . 231.It Cm broadcast 232(Inet only.) 233Specify the address to use to represent broadcasts to the 234network. 235The default broadcast address is the address with a host part of all 1's. 236.It Cm debug 237Enable driver dependent debugging code; usually, this turns on 238extra console error logging. 239.It Fl debug 240Disable driver dependent debugging code. 241.It Cm promisc 242Put interface into permanently promiscuous mode. 243.It Fl promisc 244Disable permanently promiscuous mode. 245.It Cm delete 246Another name for the 247.Fl alias 248parameter. 249.It Cm down 250Mark an interface 251.Dq down . 252When an interface is marked 253.Dq down , 254the system will not attempt to 255transmit messages through that interface. 256If possible, the interface will be reset to disable reception as well. 257This action does not automatically disable routes using the interface. 258.It Cm eui64 259(Inet6 only.) 260Fill interface index 261(lowermost 64bit of an IPv6 address) 262automatically. 263.It Cm ipdst 264This is used to specify an Internet host who is willing to receive 265IP packets encapsulating IPX packets bound for a remote network. 266An apparent point to point link is constructed, and 267the address specified will be taken as the IPX address and network 268of the destination. 269.It Cm media Ar type 270If the driver supports the media selection system, set the media type 271of the interface to 272.Ar type . 273Some interfaces support the mutually exclusive use of one of several 274different physical media connectors. 275For example, a 10Mbit/s Ethernet 276interface might support the use of either 277.Tn AUI 278or twisted pair connectors. 279Setting the media type to 280.Cm 10base5/AUI 281would change the currently active connector to the AUI port. 282Setting it to 283.Cm 10baseT/UTP 284would activate twisted pair. 285Refer to the interfaces' driver 286specific documentation or man page for a complete list of the 287available types. 288.It Cm mediaopt Ar opts 289If the driver supports the media selection system, set the specified 290media options on the interface. 291The 292.Ar opts 293argument 294is a comma delimited list of options to apply to the interface. 295Refer to the interfaces' driver specific man page for a complete 296list of available options. 297.It Fl mediaopt Ar opts 298If the driver supports the media selection system, disable the 299specified media options on the interface. 300.It Cm mode Ar mode 301If the driver supports the media selection system, set the specified 302operating mode on the interface to 303.Ar mode . 304For IEEE 802.11 wireless interfaces that support multiple operating modes 305this directive is used to select between 802.11a 306.Pq Cm 11a , 307802.11b 308.Pq Cm 11b , 309and 802.11g 310.Pq Cm 11g 311operating modes. 312.It Cm name Ar name 313Set the interface name to 314.Ar name . 315.It Cm rxcsum , txcsum 316If the driver supports user-configurable checksum offloading, 317enable receive (or transmit) checksum offloading on the interface. 318Some drivers may not be able to enable these flags independently 319of each other, so setting one may also set the other. 320The driver will offload as much checksum work as it can reliably 321support, the exact level of offloading varies between drivers. 322.It Fl rxcsum , txcsum 323If the driver supports user-configurable checksum offloading, 324disable receive (or transmit) checksum offloading on the interface. 325These settings may not always be independent of each other. 326.It Cm vlanmtu , vlanhwtag 327If the driver offers user-configurable VLAN support, enable 328reception of extended frames or tag processing in hardware, 329respectively. 330Note that this must be issued on a physical interface associated with 331.Xr vlan 4 , 332not on a 333.Xr vlan 4 334interface itself. 335.It Fl vlanmtu , vlanhwtag 336If the driver offers user-configurable VLAN support, disable 337reception of extended frames or tag processing in hardware, 338respectively. 339.It Cm polling 340Turn on 341.Xr polling 4 342feature and disable interrupts on the interface, if the driver supports 343this mode. 344.It Fl polling 345Turn off 346.Xr polling 4 347feature and enable interrupt mode on the interface. 348.It Cm create 349Create the specified network pseudo-device. 350If the interface is given without a unit number, try to create a new 351device with an arbitrary unit number. 352If creation of an arbitrary device is successful, the new device name is 353printed to standard output unless the interface is renamed or destroyed 354in the same 355.Nm 356invocation. 357.It Cm destroy 358Destroy the specified network pseudo-device. 359.It Cm plumb 360Another name for the 361.Cm create 362parameter. 363Included for 364.Tn Solaris 365compatibility. 366.It Cm unplumb 367Another name for the 368.Cm destroy 369parameter. 370Included for 371.Tn Solaris 372compatibility. 373.It Cm metric Ar n 374Set the routing metric of the interface to 375.Ar n , 376default 0. 377The routing metric is used by the routing protocol 378.Pq Xr routed 8 . 379Higher metrics have the effect of making a route 380less favorable; metrics are counted as additional hops 381to the destination network or host. 382.It Cm mtu Ar n 383Set the maximum transmission unit of the interface to 384.Ar n , 385default is interface specific. 386The MTU is used to limit the size of packets that are transmitted on an 387interface. 388Not all interfaces support setting the MTU, and some interfaces have 389range restrictions. 390.It Cm netmask Ar mask 391.\" (Inet and ISO.) 392(Inet only.) 393Specify how much of the address to reserve for subdividing 394networks into sub-networks. 395The mask includes the network part of the local address 396and the subnet part, which is taken from the host field of the address. 397The mask can be specified as a single hexadecimal number 398with a leading 399.Ql 0x , 400with a dot-notation Internet address, 401or with a pseudo-network name listed in the network table 402.Xr networks 5 . 403The mask contains 1's for the bit positions in the 32-bit address 404which are to be used for the network and subnet parts, 405and 0's for the host part. 406The mask should contain at least the standard network portion, 407and the subnet field should be contiguous with the network 408portion. 409.Pp 410The netmask can also be specified in CIDR notation after the address. 411See the 412.Ar address 413option above for more information. 414.It Cm autoconf 415(Inet6 only.) 416Enable autoconfiguration. 417.It Fl autoconf 418Disable autoconfiguration. 419.It Cm pltime Ar n 420(Inet6 only.) 421Set preferred lifetime for the address. 422.It Cm vltime Ar n 423(Inet6 only.) 424Set valid lifetime for the address. 425.It Cm prefixlen Ar len 426(Inet6 only.) 427Specify that 428.Ar len 429bits are reserved for subdividing networks into sub-networks. 430The 431.Ar len 432must be integer, and for syntactical reason it must be between 0 to 128. 433It is almost always 64 under the current IPv6 assignment rule. 434If the parameter is omitted, 64 is used. 435.Pp 436The prefix can also be specified using the slash notation after the address. 437See the 438.Ar address 439option above for more information. 440.It Cm deprecated 441(Inet6 only.) 442Set the IPv6 deprecated address bit. 443.It Fl deprecated 444(Inet6 only.) 445Clear the IPv6 deprecated address bit. 446.It Cm tentative 447(Inet6 only.) 448Set the IPv6 tentative address bit. 449.It Fl tentative 450(Inet6 only.) 451Clear the IPv6 tentative address bit. 452.\" see 453.\" Xr eon 5 . 454.\" .It Cm nsellength Ar n 455.\" .Pf ( Tn ISO 456.\" only) 457.\" This specifies a trailing number of bytes for a received 458.\" .Tn NSAP 459.\" used for local identification, the remaining leading part of which is 460.\" taken to be the 461.\" .Tn NET 462.\" (Network Entity Title). 463.\" The default value is 1, which is conformant to US 464.\" .Tn GOSIP . 465.\" When an ISO address is set in an ifconfig command, 466.\" it is really the 467.\" .Tn NSAP 468.\" which is being specified. 469.\" For example, in 470.\" .Tn US GOSIP , 471.\" 20 hex digits should be 472.\" specified in the 473.\" .Tn ISO NSAP 474.\" to be assigned to the interface. 475.\" There is some evidence that a number different from 1 may be useful 476.\" for 477.\" .Tn AFI 478.\" 37 type addresses. 479.It Cm range Ar netrange 480Under appletalk, set the interface to respond to a 481.Ar netrange 482of the form 483.Ar startnet Ns - Ns Ar endnet . 484Appletalk uses this scheme instead of 485netmasks though 486.Fx 487implements it internally as a set of netmasks. 488.It Cm remove 489Another name for the 490.Fl alias 491parameter. 492Introduced for compatibility 493with 494.Bsx . 495.It Cm phase 496The argument following this specifies the version (phase) of the 497Appletalk network attached to the interface. 498Values of 1 or 2 are permitted. 499.Sm off 500.It Cm link Op Cm 0 No - Cm 2 501.Sm on 502Enable special processing of the link level of the interface. 503These three options are interface specific in actual effect, however, 504they are in general used to select special modes of operation. 505An example 506of this is to enable SLIP compression, or to select the connector type 507for some Ethernet cards. 508Refer to the man page for the specific driver 509for more information. 510.Sm off 511.It Fl link Op Cm 0 No - Cm 2 512.Sm on 513Disable special processing at the link level with the specified interface. 514.It Cm compress 515Another name for the 516.Cm link0 517parameter. 518.It Cm normal 519Another name for the 520.Fl link0 521parameter. 522.It Cm noicmp 523Another name for the 524.Cm link1 525parameter. 526.It Cm monitor 527Put the interface in monitor mode. 528No packets are transmitted, and received packets are discarded after 529.Xr bpf 4 530processing. 531.It Fl monitor 532Take the interface out of monitor mode. 533.It Cm up 534Mark an interface 535.Dq up . 536This may be used to enable an interface after an 537.Dq Nm Cm down . 538It happens automatically when setting the first address on an interface. 539If the interface was reset when previously marked down, 540the hardware will be re-initialized. 541.El 542.Pp 543The following parameters are specific to IEEE 802.11 wireless interfaces: 544.Bl -tag -width indent 545.It Cm apbridge 546When operating as an access point, pass packets between 547wireless clients directly (default). 548To instead let them pass up through the 549system and be forwarded using some other mechanism, use 550.Fl apbridge . 551Disabling the internal bridging 552is useful when traffic is to be processed with 553packet filtering. 554.It Cm authmode Ar mode 555Set the desired authentication mode in infrastructure mode. 556Not all adaptors support all modes. 557The set of 558valid modes is 559.Cm none , open , shared 560(shared key), 561.Cm 8021x 562(IEEE 802.1x), 563and 564.Cm wpa 565(IEEE WPA/WPA2/802.11i). 566The 567.Cm 8021x 568and 569.Cm wpa 570modes are only useful when using an authentication service 571(a supplicant for client operation or an authenticator when 572operating as an access point). 573Modes are case insensitive. 574.It Cm bintval Ar interval 575Set the interval at which beacon frames are sent when operating in 576ad-hoc or ap mode. 577The 578.Ar interval 579parameter is specified in TU's (1/1024 msecs). 580By default beacon frames are transmitted every 100 TU's. 581.It Cm bmissthreshold Ar count 582Set the number of consecutive missed beacons at which the station 583will attempt to roam (i.e. search for a new access point). 584The 585.Ar count 586parameter is must be in the range 1 to 255; 587though the upper bound may be reduced according to device capabilities.. 588The default threshold is 7 consecutive missed beacons; 589but this may be overridden by the device driver. 590Another name for the 591.Cm bmissthreshold 592parameter is 593.Cm bmiss . 594.It Cm bssid Ar address 595Specify the MAC address of the access point to use when operating 596as a station in a BSS network. 597This overrides any automatic selection done by the system. 598To disable a previously selected access point, supply 599.Cm any , none , 600or 601.Cm - 602for the address. 603This option is useful when more than one access point uses the same SSID. 604Another name for the 605.Cm bssid 606parameter is 607.Cm ap . 608.It Cm burst 609Enable packet bursting. 610Packet bursting is a transmission technique whereby the wireless 611medium is acquired once to send multiple frames and the interframe 612spacing is reduced. 613This technique can significantly increase throughput by reducing 614transmission overhead. 615Packet bursting is supported by the 802.11e QoS specification 616and some devices that do not support QoS may still be capable. 617By default packet bursting is enabled if a device is capable 618of doing it. 619To disable packet bursting, use 620.Fl burst . 621.It Cm chanlist Ar channels 622Set the desired channels to use when scanning for access 623points, neighbors in an IBSS network, or looking for unoccupied 624channels when operating as an access point. 625The set of channels is specified as a comma-separated list with 626each element in the list representing either a single channel number or a range 627of the form 628.Dq Li a-b . 629Channel numbers must be in the range 1 to 255 and be permissible 630according to the operating characteristics of the device. 631.It Cm channel Ar number 632Set a single desired channel. 633Channels range from 1 to 255, but the exact selection available 634depends on the region your adaptor was manufactured for. 635Setting 636the channel to 637.Li 0 , 638.Cm any , 639or 640.Cm - 641will give you the default for your adaptor. 642Some 643adaptors ignore this setting unless you are in ad-hoc mode. 644Alternatively the frequency, in megahertz, may be specified 645instead of the channel number. 646.It Cm deftxkey Ar index 647Set the default key to use for transmission. 648Typically this is only set when using WEP encryption. 649The 650.Cm weptxkey 651is an alias for this request; it is provided for backwards compatibility. 652.It Cm dtimperiod Ar period 653Set the 654DTIM 655period for transmitting buffered multicast data frames when 656operating in ap mode. 657The 658.Ar period 659specifies the number of beacon intervals between DTIM 660and must be in the range 1 to 15. 661By default DTIM is 1 (i.e., DTIM occurs at each beacon). 662.It Cm fragthreshold Ar length 663Set the threshold for which transmitted frames are broken into fragments. 664The 665.Ar length 666argument is the frame size in bytes and must be in the range 256 to 2346. 667Setting 668.Ar length 669to 670.Li 2346 , 671.Cm any , 672or 673.Cm - 674disables transmit fragmentation. 675Not all adaptors honor the fragmentation threshold. 676.It Cm hidessid 677When operating as an access point, do not broadcast the SSID 678in beacon frames or respond to probe request frames unless 679they are directed to the ap (i.e., they include the ap's SSID). 680By default, the SSID is included in beacon frames and 681undirected probe request frames are answered. 682To re-enable the broadcast of the SSID etc., use 683.Fl hidessid . 684.It Cm list active 685Display the list of channels available for use taking into account 686any restrictions set with the 687.Cm chanlist 688directive. 689See the description of 690.Cm list chan 691for more information. 692.It Cm list caps 693Display the adaptor's capabilities, including the operating 694modes supported. 695.It Cm list chan 696Display the list of channels available for use. 697Channels are shown with their IEEE channel number, equivalent 698frequency, and usage modes. 699Channels identified as 700.Ql 11g 701are also usable in 702.Ql 11b 703mode. 704Channels identified as 705.Ql 11a Turbo 706may be used only for Atheros' Static Turbo mode 707specified with 708.Cm mediaopt turbo ) . 709Channels marked with a 710.Ql * 711have a regulatory constraint that they be passively scanned. 712This means a station is not permitted to transmit on the channel until 713it identifies the channel is being used for 802.11 communication; 714typically by hearing a beacon frame from an access point operating 715on the channel. 716.Cm list freq 717is another way of requesting this information. 718.It Cm list mac 719Display the current MAC Access Control List state. 720Each address is prefixed with a character that indicates the 721current policy applied to it: 722.Ql + 723indicates the address is allowed access, 724.Ql - 725indicates the address is denied access, 726.Ql * 727indicates the address is present but the current policy open 728(so the ACL is not consulted). 729.It Cm list scan 730Display the access points and/or ad-hoc neighbors 731located in the vicinity. 732The 733.Fl v 734flag may be used to display long SSIDs. 735This information may be updated automatically by the adaptor 736and/or with a 737.Cm scan 738request. 739.Cm list ap 740is another way of requesting this information. 741.It Cm list sta 742When operating as an access point display the stations that are 743currently associated. 744When operating in ad-hoc mode display stations identified as 745neighbors in the IBSS. 746.It Cm list wme 747Display the current parameters to use when operating in WME mode. 748When WME mode is enabled for an adaptor this information will be 749displayed with the regular status; this command is mostly useful 750for examining parameters when WME mode is disabled. 751See the description of the 752.Cm wme 753directive for information on the various parameters. 754.It Cm mcastrate Ar rate 755Set the rate for transmitting multicast/broadcast frames. 756Rates are specified as megabits/second in decimal; e.g.\& 5.5 for 5.5 Mbit/s. 757This rate should be valid for the current operating conditions; 758if an invalid rate is specified drivers are free to chose an 759appropriate rate. 760.It Cm powersave 761Enable powersave operation. 762When operating as a client, the station will conserve power by 763periodically turning off the radio and listening for 764messages from the access point telling it there are packets waiting. 765The station must then retrieve the packets. 766When operating as an access point, the station must honor power 767save operation of associated clients. 768Not all devices support power save operation, either as a client 769or as an access point. 770Use 771.Fl powersave 772to disable powersave operation. 773.It Cm powersavemode Ar mode 774Set powersave mode. 775The set of valid modes is 776.Cm off 777(same as 778.Fl powersave), 779.Cm on 780(same as 781.Cm powersave), 782and 783.Cm cam 784(same as 785.Cm powersave). 786.It Cm powersavesleep Ar sleep 787Set the desired max powersave sleep time in milliseconds. 788.It Cm protmode Ar technique 789For interfaces operating in 802.11g, use the specified 790.Ar technique 791for protecting OFDM frames in a mixed 11b/11g network. 792The set of valid techniques is 793.Cm off , cts 794(CTS to self), 795and 796.Cm rtscts 797(RTS/CTS). 798Technique names are case insensitive. 799.It Cm pureg 800When operating as an access point in 802.11g mode allow only 80111g-capable stations to associate (11b-only stations are not 802permitted to associate). 803To allow both 11g and 11b-only stations to associate, use 804.Fl pureg . 805.It Cm roaming Ar mode 806When operating as a station, control how the system will 807behave when communication with the current access point 808is broken. 809The 810.Ar mode 811argument may be one of 812.Cm device 813(leave it to the hardware device to decide), 814.Cm auto 815(handle either in the device or the operating system\[em]as appropriate), 816.Cm manual 817(do nothing until explicitly instructed). 818By default, the device is left to handle this if it is 819capable; otherwise, the operating system will automatically 820attempt to reestablish communication. 821Manual mode is mostly useful when an application wants to 822control the selection of an access point. 823.It Cm ratectl Ar algorithm 824Set the TX rate control algorithm. 825The set of valid 826.Ar algorithm 827is 828.Cm onoe 829(Onoe TX rate control algorithm) 830and 831.Cm amrr 832(AMRR TX rate control algorithm). 833.Ar Algorithm 834names are case sensitive. 835.It Cm rtsthreshold Ar length 836Set the threshold for which 837transmitted frames are preceded by transmission of an 838RTS 839control frame. 840The 841.Ar length 842argument 843is the frame size in bytes and must be in the range 1 to 2346. 844Setting 845.Ar length 846to 847.Li 2346 , 848.Cm any , 849or 850.Cm - 851disables transmission of RTS frames. 852Not all adaptors support setting the RTS threshold. 853.It Cm ssid Ar ssid 854Set the desired Service Set Identifier (aka network name). 855The SSID is a string up to 32 characters 856in length and may be specified as either a normal string or in 857hexadecimal when preceded by 858.Ql 0x . 859Additionally, the SSID may be cleared by setting it to 860.Ql - . 861.It Cm scan 862Initiate a scan of neighboring stations, wait for it to complete, and 863display all stations found. 864Only the super-user can initiate a scan. 865Depending on the capabilities of the APs, the following 866flags can be included in the output: 867.Bl -tag -width 3n 868.It Li A 869Channel Agility. 870Indicates that the station support channel hopping as described by the 871IEEE 802.11b specification. 872.It Li B 873Packet Binary Convolution Code (PBCC). 874A modulation alternative to the standard OFDM method. 875.It Dv C 876Pollreq 877.It Dv c 878Pollable 879.It Dv D 880Direct Sequence Spread Spectrum - Orthogonal Frequency Division 881Multiplexing (DSSS-OFDM). 882Indicates the the station supports DSSS-OFDM modulation. 883.It Li E 884Extended Service Set (ESS). 885Indicates that the station is part of an infrastructure network 886(in contrast to an IBSS/ad-hoc network). 887.It Li I 888IBSS/ad-hoc network. 889Indicates that the station is part of an ad-hoc network 890(in contrast to an ESS network). 891.It Li P 892Privacy. 893Data confidentiality is required for all data frames 894exchanged within the BSS. 895This means that this BSS requires the station to 896use cryptographic means such as WEP, TKIP or AES-CCMP to 897encrypt/decrypt data frames being exchanged with others. 898.It Dv R 899Robust Security Network (RSN). 900Indicates that the station supports the IEEE 802.11i authentication 901and key management protocol. 902.It Li S 903Short Preamble. 904Indicates that the network is using short preambles (defined 905in 802.11b High Rate/DSSS PHY, short preamble utilizes a 90656 bit sync field in contrast to a 128 bit field used in long 907preamble mode). 908.It Li s 909Short slot time. 910Indicates that the network is using a short slot time. 911.El 912.Pp 913The 914.Cm list scan 915request can be used to show recent scan results without 916initiating a new scan. 917.Pp 918The 919.Fl v 920flag may be used to prevent the shortening of long SSIDs. 921.It Cm stationname Ar name 922Set the name of this station. 923It appears that the station name is not really part of the IEEE 802.11 924protocol though all interfaces seem to support it. 925As such it only 926seems to be meaningful to identical or virtually identical equipment. 927Setting the station name is identical in syntax to setting the SSID. 928.It Cm txpower Ar power 929Set the power used to transmit frames. 930The 931.Ar power 932argument 933is a unitless value in the range 0 to 100 that is interpreted 934by drivers to derive a device-specific value. 935Out of range values are truncated. 936Typically only a few discreet power settings are available and 937the driver will use the setting closest to the specified value. 938Not all adaptors support changing the transmit power. 939.It Cm wepmode Ar mode 940Set the desired WEP mode. 941Not all adaptors support all modes. 942The set of valid modes is 943.Cm off , on , 944and 945.Cm mixed . 946The 947.Cm mixed 948mode explicitly tells the adaptor to allow association with access 949points which allow both encrypted and unencrypted traffic. 950On these adaptors, 951.Cm on 952means that the access point must only allow encrypted connections. 953On other adaptors, 954.Cm on 955is generally another name for 956.Cm mixed . 957Modes are case insensitive. 958.It Cm weptxkey Ar index 959Set the WEP key to be used for transmission. 960This is the same as setting the default transmission key with 961.Cm deftxkey . 962.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key 963Set the selected WEP key. 964If an 965.Ar index 966is not given, key 1 is set. 967A WEP key will be either 5 or 13 968characters (40 or 104 bits) depending of the local network and the 969capabilities of the adaptor. 970It may be specified either as a plain 971string or as a string of hexadecimal digits preceded by 972.Ql 0x . 973For maximum portability, hex keys are recommended; 974the mapping of text keys to WEP encryption is usually driver-specific. 975In particular, the 976.Tn Windows 977drivers do this mapping differently to 978.Fx . 979A key may be cleared by setting it to 980.Ql - . 981If WEP is supported then there are at least four keys. 982Some adaptors support more than four keys. 983If that is the case, then the first four keys 984(1-4) will be the standard temporary keys and any others will be adaptor 985specific keys such as permanent keys stored in NVRAM. 986.It Cm wme 987Enable Wireless Multimedia Extensions (WME) support, if available, 988for the specified interface. 989WME is a subset of the IEEE 802.11e standard to support the 990efficient communication of realtime and multimedia data. 991To disable WME support, use 992.Fl wme . 993.Pp 994The following parameters are meaningful only when WME support is in use. 995Parameters are specified per-AC (Access Category) and 996split into those that are used by a station when acting 997as an access point and those for client stations in the BSS. 998The latter are received from the access point and may not be changed 999(at the station). 1000The following Access Categories are recognized: 1001.Pp 1002.Bl -tag -width ".Cm AC_BK" -compact 1003.It Cm AC_BE 1004(or 1005.Cm BE ) 1006best effort delivery, 1007.It Cm AC_BK 1008(or 1009.Cm BK ) 1010background traffic, 1011.It Cm AC_VI 1012(or 1013.Cm VI ) 1014video traffic, 1015.It Cm AC_VO 1016(or 1017.Cm VO ) 1018voice traffic. 1019.El 1020.Pp 1021AC parameters are case-insensitive. 1022Traffic classification is done in the operating system using the 1023vlan priority associated with data frames or the 1024ToS (Type of Service) indication in IP-encapsulated frames. 1025If neither information is present, traffic is assigned to the 1026Best Effort (BE) category. 1027.Bl -tag -width indent 1028.It Cm ack Ar ac 1029Set the ACK policy for QoS transmissions by the local station; 1030this controls whether or not data frames transmitted by a station 1031require an ACK response from the receiving station. 1032To disable waiting for an ACK use 1033.Fl ack . 1034This parameter is applied only to the local station. 1035.It Cm acm Ar ac 1036Enable the Admission Control Mandatory (ACM) mechanism 1037for transmissions by the local station. 1038To disable the ACM use 1039.Fl acm . 1040On stations in a BSS this parameter is read-only and indicates 1041the setting received from the access point. 1042NB: ACM is not supported right now. 1043.It Cm aifs Ar ac Ar count 1044Set the Arbitration Inter Frame Spacing (AIFS) 1045channel access parameter to use for transmissions 1046by the local station. 1047On stations in a BSS this parameter is read-only and indicates 1048the setting received from the access point. 1049.It Cm cwmin Ar ac Ar count 1050Set the CWmin channel access parameter to use for transmissions 1051by the local station. 1052On stations in a BSS this parameter is read-only and indicates 1053the setting received from the access point. 1054.It Cm cwmax Ar ac Ar count 1055Set the CWmax channel access parameter to use for transmissions 1056by the local station. 1057On stations in a BSS this parameter is read-only and indicates 1058the setting received from the access point. 1059.It Cm txoplimit Ar ac Ar limit 1060Set the Transmission Opportunity Limit channel access parameter 1061to use for transmissions by the local station. 1062This parameter defines an interval of time when a WME station 1063has the right to initiate transmissions onto the wireless medium. 1064On stations in a BSS this parameter is read-only and indicates 1065the setting received from the access point. 1066.It Cm bss:aifs Ar ac Ar count 1067Set the AIFS channel access parameter to send to stations in a BSS. 1068This parameter is meaningful only when operating in ap mode. 1069.It Cm bss:cwmin Ar ac Ar count 1070Set the CWmin channel access parameter to send to stations in a BSS. 1071This parameter is meaningful only when operating in ap mode. 1072.It Cm bss:cwmax Ar ac Ar count 1073Set the CWmax channel access parameter to send to stations in a BSS. 1074This parameter is meaningful only when operating in ap mode. 1075.It Cm bss:txoplimit Ar ac Ar limit 1076Set the TxOpLimit channel access parameter to send to stations in a BSS. 1077This parameter is meaningful only when operating in ap mode. 1078.El 1079.El 1080.Pp 1081The following parameters support an optional access control list 1082feature available with some adaptors when operating in ap mode; see 1083.Xr wlan_acl 4 . 1084This facility allows an access point to accept/deny association 1085requests based on the MAC address of the station. 1086Note that this feature does not significantly enhance security 1087as MAC address spoofing is easy to do. 1088.Bl -tag -width indent 1089.It Cm mac:add Ar address 1090Add the specified MAC address to the database. 1091Depending on the policy setting association requests from the 1092specified station will be allowed or denied. 1093.It Cm mac:allow 1094Set the ACL policy to permit association only by 1095stations registered in the database. 1096.It Cm mac:del Ar address 1097Delete the specified MAC address from the database. 1098.It Cm mac:deny 1099Set the ACL policy to deny association only by 1100stations registered in the database. 1101.It Cm mac:kick Ar address 1102Force the specified station to be deauthenticated. 1103This typically is done to block a station after updating the 1104address database. 1105.It Cm mac:open 1106Set the ACL policy to allow all stations to associate. 1107.It Cm mac:flush 1108Delete all entries in the database. 1109.El 1110.Pp 1111The following parameters are for compatibility with other systems: 1112.Bl -tag -width indent 1113.It Cm nwid Ar ssid 1114Another name for the 1115.Cm ssid 1116parameter. 1117Included for 1118.Nx 1119compatibility. 1120.It Cm station Ar name 1121Another name for the 1122.Cm stationname 1123parameter. 1124Included for 1125.Bsx 1126compatibility. 1127.It Cm wep 1128Another way of saying 1129.Cm wepmode on . 1130Included for 1131.Bsx 1132compatibility. 1133.It Fl wep 1134Another way of saying 1135.Cm wepmode off . 1136Included for 1137.Bsx 1138compatibility. 1139.It Cm nwkey key 1140Another way of saying: 1141.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" . 1142Included for 1143.Nx 1144compatibility. 1145.It Cm nwkey Xo 1146.Sm off 1147.Ar n : k1 , k2 , k3 , k4 1148.Sm on 1149.Xc 1150Another way of saying 1151.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" . 1152Included for 1153.Nx 1154compatibility. 1155.It Fl nwkey 1156Another way of saying 1157.Cm wepmode off . 1158Included for 1159.Nx 1160compatibility. 1161.El 1162.Pp 1163The following parameters are specific to bridge interfaces: 1164.Bl -tag -width indent 1165.It Cm addm Ar interface 1166Add the interface named by 1167.Ar interface 1168as a member of the bridge. 1169The interface is put into promiscuous mode 1170so that it can receive every packet sent on the network. 1171.It Cm deletem Ar interface 1172Remove the interface named by 1173.Ar interface 1174from the bridge. 1175Promiscuous mode is disabled on the interface when 1176it is removed from the bridge. 1177.It Cm maxaddr Ar size 1178Set the size of the bridge address cache to 1179.Ar size . 1180The default is 100 entries. 1181.It Cm timeout Ar seconds 1182Set the timeout of address cache entries to 1183.Ar seconds 1184seconds. 1185If 1186.Ar seconds 1187is zero, then address cache entries will not be expired. 1188The default is 240 seconds. 1189.It Cm addr 1190Display the addresses that have been learned by the bridge. 1191.It Cm static Ar interface-name Ar address 1192Add a static entry into the address cache pointing to 1193.Ar interface-name . 1194Static entries are never aged out of the cache or re-placed, even if the 1195address is seen on a different interface. 1196.It Cm deladdr Ar address 1197Delete 1198.Ar address 1199from the address cache. 1200.It Cm flush 1201Delete all dynamically-learned addresses from the address cache. 1202.It Cm flushall 1203Delete all addresses, including static addresses, from the address cache. 1204.It Cm discover Ar interface 1205Mark an interface as a 1206.Dq discovering 1207interface. 1208When the bridge has no address cache entry 1209(either dynamic or static) 1210for the destination address of a packet, 1211the bridge will forward the packet to all 1212member interfaces marked as 1213.Dq discovering . 1214This is the default for all interfaces added to a bridge. 1215.It Fl discover Ar interface 1216Clear the 1217.Dq discovering 1218attribute on a member interface. 1219For packets without the 1220.Dq discovering 1221attribute, the only packets forwarded on the interface are broadcast 1222or multicast packets and packets for which the destination address 1223is known to be on the interface's segment. 1224.It Cm learn Ar interface 1225Mark an interface as a 1226.Dq learning 1227interface. 1228When a packet arrives on such an interface, the source 1229address of the packet is entered into the address cache as being a 1230destination address on the interface's segment. 1231This is the default for all interfaces added to a bridge. 1232.It Fl learn Ar interface 1233Clear the 1234.Dq learning 1235attribute on a member interface. 1236.It Cm span Ar interface 1237Add the interface named by 1238.Ar interface 1239as a span port on the bridge. 1240Span ports transmit a copy of every frame received by the bridge. 1241This is most useful for snooping a bridged network passively on 1242another host connected to one of the span ports of the bridge. 1243.It Fl span Ar interface 1244Delete the interface named by 1245.Ar interface 1246from the list of span ports of the bridge. 1247.It Cm stp Ar interface 1248Enable Spanning Tree protocol on 1249.Ar interface . 1250The 1251.Xr bridge 4 1252driver has support for the IEEE 802.1D Spanning Tree protocol (STP). 1253Spanning Tree is used to detect and remove loops in a network topology. 1254.It Fl stp Ar interface 1255Disable Spanning Tree protocol on 1256.Ar interface . 1257This is the default for all interfaces added to a bridge. 1258.It Cm maxage Ar seconds 1259Set the time that a Spanning Tree protocol configuration is valid. 1260The default is 20 seconds. 1261The minimum is 1 second and the maximum is 255 seconds. 1262.It Cm fwddelay Ar seconds 1263Set the time that must pass before an interface begins forwarding 1264packets when Spanning Tree is enabled. 1265The default is 15 seconds. 1266The minimum is 1 second and the maximum is 255 seconds. 1267.It Cm hellotime Ar seconds 1268Set the time between broadcasting of Spanning Tree protocol 1269configuration messages. 1270The default is 2 seconds. 1271The minimum is 1 second and the maximum is 255 seconds. 1272.It Cm priority Ar value 1273Set the bridge priority for Spanning Tree. 1274The default is 32768. 1275The minimum is 0 and the maximum is 65536. 1276.It Cm ifpriority Ar interface Ar value 1277Set the Spanning Tree priority of 1278.Ar interface 1279to 1280.Ar value . 1281The default is 128. 1282The minimum is 0 and the maximum is 255. 1283.It Cm ifpathcost Ar interface Ar value 1284Set the Spanning Tree path cost of 1285.Ar interface 1286to 1287.Ar value . 1288The default is 55. 1289The minimum is 0 and the maximum is 65535. 1290.El 1291.Pp 1292The following parameters are specific to IP tunnel interfaces, 1293.Xr gif 4 : 1294.Bl -tag -width indent 1295.It Cm tunnel Ar src_addr dest_addr 1296Configure the physical source and destination address for IP tunnel 1297interfaces. 1298The arguments 1299.Ar src_addr 1300and 1301.Ar dest_addr 1302are interpreted as the outer source/destination for the encapsulating 1303IPv4/IPv6 header. 1304.It Fl tunnel 1305Unconfigure the physical source and destination address for IP tunnel 1306interfaces previously configured with 1307.Cm tunnel . 1308.It Cm deletetunnel 1309Another name for the 1310.Fl tunnel 1311parameter. 1312.El 1313.Pp 1314The following parameters are specific to 1315.Xr vlan 4 1316interfaces: 1317.Bl -tag -width indent 1318.It Cm vlan Ar vlan_tag 1319Set the VLAN tag value to 1320.Ar vlan_tag . 1321This value is a 16-bit number which is used to create an 802.1Q 1322VLAN header for packets sent from the 1323.Xr vlan 4 1324interface. 1325Note that 1326.Cm vlan 1327and 1328.Cm vlandev 1329must both be set at the same time. 1330.It Cm vlandev Ar iface 1331Associate the physical interface 1332.Ar iface 1333with a 1334.Xr vlan 4 1335interface. 1336Packets transmitted through the 1337.Xr vlan 4 1338interface will be 1339diverted to the specified physical interface 1340.Ar iface 1341with 802.1Q VLAN encapsulation. 1342Packets with 802.1Q encapsulation received 1343by the parent interface with the correct VLAN tag will be diverted to 1344the associated 1345.Xr vlan 4 1346pseudo-interface. 1347The 1348.Xr vlan 4 1349interface is assigned a 1350copy of the parent interface's flags and the parent's ethernet address. 1351The 1352.Cm vlandev 1353and 1354.Cm vlan 1355must both be set at the same time. 1356If the 1357.Xr vlan 4 1358interface already has 1359a physical interface associated with it, this command will fail. 1360To 1361change the association to another physical interface, the existing 1362association must be cleared first. 1363.Pp 1364Note: if the hardware tagging capability 1365is set on the parent interface, the 1366.Xr vlan 4 1367pseudo 1368interface's behavior changes: 1369the 1370.Xr vlan 4 1371interface recognizes that the 1372parent interface supports insertion and extraction of VLAN tags on its 1373own (usually in firmware) and that it should pass packets to and from 1374the parent unaltered. 1375.It Fl vlandev Op Ar iface 1376If the driver is a 1377.Xr vlan 4 1378pseudo device, disassociate the parent interface from it. 1379This breaks the link between the 1380.Xr vlan 4 1381interface and its parent, 1382clears its VLAN tag, flags and its link address and shuts the interface down. 1383The 1384.Ar iface 1385argument is useless and hence deprecated. 1386.El 1387.Pp 1388The 1389.Nm 1390utility displays the current configuration for a network interface 1391when no optional parameters are supplied. 1392If a protocol family is specified, 1393.Nm 1394will report only the details specific to that protocol family. 1395.Pp 1396If the 1397.Fl m 1398flag is passed before an interface name, 1399.Nm 1400will display the capability list and all 1401of the supported media for the specified interface. 1402If 1403.Fl L 1404flag is supplied, address lifetime is displayed for IPv6 addresses, 1405as time offset string. 1406.Pp 1407Optionally, the 1408.Fl a 1409flag may be used instead of an interface name. 1410This flag instructs 1411.Nm 1412to display information about all interfaces in the system. 1413The 1414.Fl d 1415flag limits this to interfaces that are down, and 1416.Fl u 1417limits this to interfaces that are up. 1418When no arguments are given, 1419.Fl a 1420is implied. 1421.Pp 1422The 1423.Fl l 1424flag may be used to list all available interfaces on the system, with 1425no other additional information. 1426Use of this flag is mutually exclusive 1427with all other flags and commands, except for 1428.Fl d 1429(only list interfaces that are down) 1430and 1431.Fl u 1432(only list interfaces that are up). 1433.Pp 1434The 1435.Fl v 1436flag may be used to get more verbose status for an interface. 1437.Pp 1438The 1439.Fl C 1440flag may be used to list all of the interface cloners available on 1441the system, with no additional information. 1442Use of this flag is mutually exclusive with all other flags and commands. 1443.Pp 1444The 1445.Fl k 1446flag causes keying information for the interface, if available, to be 1447printed. 1448For example, the values of 802.11 WEP keys will be printed, if accessible to 1449the current user. 1450This information is not printed by default, as it may be considered 1451sensitive. 1452.Pp 1453Only the super-user may modify the configuration of a network interface. 1454.Sh DIAGNOSTICS 1455Messages indicating the specified interface does not exist, the 1456requested address is unknown, or the user is not privileged and 1457tried to alter an interface's configuration. 1458.Sh SEE ALSO 1459.Xr netstat 1 , 1460.Xr ifmedia 4 , 1461.Xr netintro 4 , 1462.Xr polling 4 , 1463.Xr vlan 4 , 1464.\" .Xr eon 5 , 1465.Xr rc 8 , 1466.Xr routed 8 , 1467.Xr sysctl 8 1468.Sh HISTORY 1469The 1470.Nm 1471utility appeared in 1472.Bx 4.2 . 1473.Sh BUGS 1474Basic IPv6 node operation requires a link-local address on each 1475interface configured for IPv6. 1476Normally, such an address is automatically configured by the 1477kernel on each interface added to the system; this behaviour may 1478be disabled by setting the sysctl MIB variable 1479.Va net.inet6.ip6.auto_linklocal 1480to 0. 1481.Pp 1482If you delete such an address using 1483.Nm , 1484the kernel may act very odd. 1485Do this at your own risk. 1486