1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 4. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 29.\" $FreeBSD: src/sbin/ifconfig/ifconfig.8,v 1.124 2006/10/10 09:44:08 ru Exp $ 30.\" $DragonFly: src/sbin/ifconfig/ifconfig.8,v 1.19 2007/04/09 21:20:37 swildner Exp $ 31.\" 32.Dd November 19, 2006 33.Dt IFCONFIG 8 34.Os 35.Sh NAME 36.Nm ifconfig 37.Nd configure network interface parameters 38.Sh SYNOPSIS 39.Nm 40.Op Fl L 41.Op Fl k 42.Op Fl m 43.Ar interface 44.Op Cm create 45.Op Ar address_family 46.Oo 47.Ar address 48.Op Ar dest_address 49.Oc 50.Op Ar parameters 51.Nm 52.Ar interface 53.Cm destroy 54.Nm 55.Fl a 56.Op Fl L 57.Op Fl d 58.Op Fl m 59.Op Fl u 60.Op Fl v 61.Op Ar address_family 62.Nm 63.Fl l 64.Op Fl d 65.Op Fl u 66.Op Ar address_family 67.Nm 68.Op Fl L 69.Op Fl d 70.Op Fl k 71.Op Fl m 72.Op Fl u 73.Op Fl v 74.Op Fl C 75.Sh DESCRIPTION 76The 77.Nm 78utility is used to assign an address 79to a network interface and/or configure 80network interface parameters. 81The 82.Nm 83utility must be used at boot time to define the network address 84of each interface present on a machine; it may also be used at 85a later time to redefine an interface's address 86or other operating parameters. 87.Pp 88The following options are available: 89.Bl -tag -width indent 90.It Ar address 91For the 92.Tn DARPA Ns -Internet 93family, 94the address is either a host name present in the host name data 95base, 96.Xr hosts 5 , 97or a 98.Tn DARPA 99Internet address expressed in the Internet standard 100.Dq dot notation . 101.Pp 102It is also possible to use the CIDR notation (also known as the 103slash notation) to include the netmask. 104That is, one can specify an address like 105.Li 192.168.0.1/16 . 106.Pp 107For 108.Dq inet6 109family, it is also possible to specify the prefix length using the slash 110notation, like 111.Li ::1/128 . 112See the 113.Cm prefixlen 114parameter below for more information. 115.\" For the Xerox Network Systems(tm) family, 116.\" addresses are 117.\" .Ar net:a.b.c.d.e.f , 118.\" where 119.\" .Ar net 120.\" is the assigned network number (in decimal), 121.\" and each of the six bytes of the host number, 122.\" .Ar a 123.\" through 124.\" .Ar f , 125.\" are specified in hexadecimal. 126.\" The host number may be omitted on IEEE 802 protocol 127.\" (Ethernet, FDDI, and Token Ring) interfaces, 128.\" which use the hardware physical address, 129.\" and on interfaces other than the first. 130.\" For the 131.\" .Tn ISO 132.\" family, addresses are specified as a long hexadecimal string, 133.\" as in the Xerox family. 134.\" However, two consecutive dots imply a zero 135.\" byte, and the dots are optional, if the user wishes to (carefully) 136.\" count out long strings of digits in network byte order. 137.Pp 138The link-level 139.Pq Dq link 140address 141is specified as a series of colon-separated hex digits. 142This can be used to 143e.g.\& set a new MAC address on an ethernet interface, though the 144mechanism used is not ethernet-specific. 145If the interface is already 146up when this option is used, it will be briefly brought down and 147then brought back up again in order to ensure that the receive 148filter in the underlying ethernet hardware is properly reprogrammed. 149.It Ar address_family 150Specify the 151address family 152which affects interpretation of the remaining parameters. 153Since an interface can receive transmissions in differing protocols 154with different naming schemes, specifying the address family is recommended. 155The address or protocol families currently 156supported are 157.Dq inet , 158.Dq inet6 , 159.Dq atalk , 160.Dq ipx , 161.\" .Dq iso , 162and 163.Dq link . 164.\" and 165.\" .Dq ns . 166The default is 167.Dq inet . 168.Dq ether 169and 170.Dq lladdr 171are synonyms for 172.Dq link . 173.It Ar dest_address 174Specify the address of the correspondent on the other end 175of a point to point link. 176.It Ar interface 177This 178parameter is a string of the form 179.Dq name unit , 180for example, 181.Dq Li ed0 . 182.El 183.Pp 184The following parameters may be set with 185.Nm : 186.Bl -tag -width indent 187.It Cm add 188Another name for the 189.Cm alias 190parameter. 191Introduced for compatibility 192with 193.Bsx . 194.It Cm alias 195Establish an additional network address for this interface. 196This is sometimes useful when changing network numbers, and 197one wishes to accept packets addressed to the old interface. 198If the address is on the same subnet as the first network address 199for this interface, a non-conflicting netmask must be given. 200Usually 201.Li 0xffffffff 202is most appropriate. 203.It Fl alias 204Remove the network address specified. 205This would be used if you incorrectly specified an alias, or it 206was no longer needed. 207If you have incorrectly set an NS address having the side effect 208of specifying the host portion, removing all NS addresses will 209allow you to respecify the host portion. 210.It Cm anycast 211(Inet6 only.) 212Specify that the address configured is an anycast address. 213Based on the current specification, 214only routers may configure anycast addresses. 215Anycast address will not be used as source address of any of outgoing 216IPv6 packets. 217.It Cm arp 218Enable the use of the Address Resolution Protocol 219.Pq Xr arp 4 220in mapping 221between network level addresses and link level addresses (default). 222This is currently implemented for mapping between 223.Tn DARPA 224Internet 225addresses and 226.Tn IEEE 227802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses). 228.It Fl arp 229Disable the use of the Address Resolution Protocol 230.Pq Xr arp 4 . 231.It Cm broadcast 232(Inet only.) 233Specify the address to use to represent broadcasts to the 234network. 235The default broadcast address is the address with a host part of all 1's. 236.It Cm debug 237Enable driver dependent debugging code; usually, this turns on 238extra console error logging. 239.It Fl debug 240Disable driver dependent debugging code. 241.It Cm promisc 242Put interface into permanently promiscuous mode. 243.It Fl promisc 244Disable permanently promiscuous mode. 245.It Cm delete 246Another name for the 247.Fl alias 248parameter. 249.It Cm down 250Mark an interface 251.Dq down . 252When an interface is marked 253.Dq down , 254the system will not attempt to 255transmit messages through that interface. 256If possible, the interface will be reset to disable reception as well. 257This action does not automatically disable routes using the interface. 258.It Cm eui64 259(Inet6 only.) 260Fill interface index 261(lowermost 64bit of an IPv6 address) 262automatically. 263.It Cm ipdst 264This is used to specify an Internet host who is willing to receive 265IP packets encapsulating IPX packets bound for a remote network. 266An apparent point to point link is constructed, and 267the address specified will be taken as the IPX address and network 268of the destination. 269.It Cm media Ar type 270If the driver supports the media selection system, set the media type 271of the interface to 272.Ar type . 273Some interfaces support the mutually exclusive use of one of several 274different physical media connectors. 275For example, a 10Mbit/s Ethernet 276interface might support the use of either 277.Tn AUI 278or twisted pair connectors. 279Setting the media type to 280.Cm 10base5/AUI 281would change the currently active connector to the AUI port. 282Setting it to 283.Cm 10baseT/UTP 284would activate twisted pair. 285Refer to the interfaces' driver 286specific documentation or man page for a complete list of the 287available types. 288.It Cm mediaopt Ar opts 289If the driver supports the media selection system, set the specified 290media options on the interface. 291The 292.Ar opts 293argument 294is a comma delimited list of options to apply to the interface. 295Refer to the interfaces' driver specific man page for a complete 296list of available options. 297.It Fl mediaopt Ar opts 298If the driver supports the media selection system, disable the 299specified media options on the interface. 300.It Cm mode Ar mode 301If the driver supports the media selection system, set the specified 302operating mode on the interface to 303.Ar mode . 304For IEEE 802.11 wireless interfaces that support multiple operating modes 305this directive is used to select between 802.11a 306.Pq Cm 11a , 307802.11b 308.Pq Cm 11b , 309and 802.11g 310.Pq Cm 11g 311operating modes. 312.It Cm name Ar name 313Set the interface name to 314.Ar name . 315.It Cm rxcsum , txcsum 316If the driver supports user-configurable checksum offloading, 317enable receive (or transmit) checksum offloading on the interface. 318Some drivers may not be able to enable these flags independently 319of each other, so setting one may also set the other. 320The driver will offload as much checksum work as it can reliably 321support, the exact level of offloading varies between drivers. 322.It Fl rxcsum , txcsum 323If the driver supports user-configurable checksum offloading, 324disable receive (or transmit) checksum offloading on the interface. 325These settings may not always be independent of each other. 326.It Cm vlanmtu , vlanhwtag 327If the driver offers user-configurable VLAN support, enable 328reception of extended frames or tag processing in hardware, 329respectively. 330Note that this must be issued on a physical interface associated with 331.Xr vlan 4 , 332not on a 333.Xr vlan 4 334interface itself. 335.It Fl vlanmtu , vlanhwtag 336If the driver offers user-configurable VLAN support, disable 337reception of extended frames or tag processing in hardware, 338respectively. 339.It Cm polling 340Turn on 341.Xr polling 4 342feature and disable interrupts on the interface, if the driver supports 343this mode. 344.It Fl polling 345Turn off 346.Xr polling 4 347feature and enable interrupt mode on the interface. 348.It Cm create 349Create the specified network pseudo-device. 350If the interface is given without a unit number, try to create a new 351device with an arbitrary unit number. 352If creation of an arbitrary device is successful, the new device name is 353printed to standard output unless the interface is renamed or destroyed 354in the same 355.Nm 356invocation. 357.It Cm destroy 358Destroy the specified network pseudo-device. 359.It Cm plumb 360Another name for the 361.Cm create 362parameter. 363Included for 364.Tn Solaris 365compatibility. 366.It Cm unplumb 367Another name for the 368.Cm destroy 369parameter. 370Included for 371.Tn Solaris 372compatibility. 373.It Cm metric Ar n 374Set the routing metric of the interface to 375.Ar n , 376default 0. 377The routing metric is used by the routing protocol 378.Pq Xr routed 8 . 379Higher metrics have the effect of making a route 380less favorable; metrics are counted as additional hops 381to the destination network or host. 382.It Cm mtu Ar n 383Set the maximum transmission unit of the interface to 384.Ar n , 385default is interface specific. 386The MTU is used to limit the size of packets that are transmitted on an 387interface. 388Not all interfaces support setting the MTU, and some interfaces have 389range restrictions. 390.It Cm netmask Ar mask 391.\" (Inet and ISO.) 392(Inet only.) 393Specify how much of the address to reserve for subdividing 394networks into sub-networks. 395The mask includes the network part of the local address 396and the subnet part, which is taken from the host field of the address. 397The mask can be specified as a single hexadecimal number 398with a leading 399.Ql 0x , 400with a dot-notation Internet address, 401or with a pseudo-network name listed in the network table 402.Xr networks 5 . 403The mask contains 1's for the bit positions in the 32-bit address 404which are to be used for the network and subnet parts, 405and 0's for the host part. 406The mask should contain at least the standard network portion, 407and the subnet field should be contiguous with the network 408portion. 409.Pp 410The netmask can also be specified in CIDR notation after the address. 411See the 412.Ar address 413option above for more information. 414.It Cm autoconf 415(Inet6 only.) 416Enable autoconfiguration. 417.It Fl autoconf 418Disable autoconfiguration. 419.It Cm pltime Ar n 420(Inet6 only.) 421Set preferred lifetime for the address. 422.It Cm vltime Ar n 423(Inet6 only.) 424Set valid lifetime for the address. 425.It Cm prefixlen Ar len 426(Inet6 only.) 427Specify that 428.Ar len 429bits are reserved for subdividing networks into sub-networks. 430The 431.Ar len 432must be integer, and for syntactical reason it must be between 0 to 128. 433It is almost always 64 under the current IPv6 assignment rule. 434If the parameter is omitted, 64 is used. 435.Pp 436The prefix can also be specified using the slash notation after the address. 437See the 438.Ar address 439option above for more information. 440.It Cm deprecated 441(Inet6 only.) 442Set the IPv6 deprecated address bit. 443.It Fl deprecated 444(Inet6 only.) 445Clear the IPv6 deprecated address bit. 446.It Cm tentative 447(Inet6 only.) 448Set the IPv6 tentative address bit. 449.It Fl tentative 450(Inet6 only.) 451Clear the IPv6 tentative address bit. 452.\" see 453.\" Xr eon 5 . 454.\" .It Cm nsellength Ar n 455.\" .Pf ( Tn ISO 456.\" only) 457.\" This specifies a trailing number of bytes for a received 458.\" .Tn NSAP 459.\" used for local identification, the remaining leading part of which is 460.\" taken to be the 461.\" .Tn NET 462.\" (Network Entity Title). 463.\" The default value is 1, which is conformant to US 464.\" .Tn GOSIP . 465.\" When an ISO address is set in an ifconfig command, 466.\" it is really the 467.\" .Tn NSAP 468.\" which is being specified. 469.\" For example, in 470.\" .Tn US GOSIP , 471.\" 20 hex digits should be 472.\" specified in the 473.\" .Tn ISO NSAP 474.\" to be assigned to the interface. 475.\" There is some evidence that a number different from 1 may be useful 476.\" for 477.\" .Tn AFI 478.\" 37 type addresses. 479.It Cm range Ar netrange 480Under appletalk, set the interface to respond to a 481.Ar netrange 482of the form 483.Ar startnet Ns - Ns Ar endnet . 484Appletalk uses this scheme instead of 485netmasks though 486.Fx 487implements it internally as a set of netmasks. 488.It Cm remove 489Another name for the 490.Fl alias 491parameter. 492Introduced for compatibility 493with 494.Bsx . 495.It Cm phase 496The argument following this specifies the version (phase) of the 497Appletalk network attached to the interface. 498Values of 1 or 2 are permitted. 499.Sm off 500.It Cm link Op Cm 0 No - Cm 2 501.Sm on 502Enable special processing of the link level of the interface. 503These three options are interface specific in actual effect, however, 504they are in general used to select special modes of operation. 505An example 506of this is to enable SLIP compression, or to select the connector type 507for some Ethernet cards. 508Refer to the man page for the specific driver 509for more information. 510.Sm off 511.It Fl link Op Cm 0 No - Cm 2 512.Sm on 513Disable special processing at the link level with the specified interface. 514.It Cm compress 515Another name for the 516.Cm link0 517parameter. 518.It Cm normal 519Another name for the 520.Fl link0 521parameter. 522.It Cm noicmp 523Another name for the 524.Cm link1 525parameter. 526.It Cm monitor 527Put the interface in monitor mode. 528No packets are transmitted, and received packets are discarded after 529.Xr bpf 4 530processing. 531.It Fl monitor 532Take the interface out of monitor mode. 533.It Cm up 534Mark an interface 535.Dq up . 536This may be used to enable an interface after an 537.Dq Nm Cm down . 538It happens automatically when setting the first address on an interface. 539If the interface was reset when previously marked down, 540the hardware will be re-initialized. 541.El 542.Pp 543The following parameters are specific to IEEE 802.11 wireless interfaces: 544.Bl -tag -width indent 545.It Cm apbridge 546When operating as an access point, pass packets between 547wireless clients directly (default). 548To instead let them pass up through the 549system and be forwarded using some other mechanism, use 550.Fl apbridge . 551Disabling the internal bridging 552is useful when traffic is to be processed with 553packet filtering. 554.It Cm authmode Ar mode 555Set the desired authentication mode in infrastructure mode. 556Not all adaptors support all modes. 557The set of 558valid modes is 559.Cm none , open , shared 560(shared key), 561.Cm 8021x 562(IEEE 802.1x), 563and 564.Cm wpa 565(IEEE WPA/WPA2/802.11i). 566The 567.Cm 8021x 568and 569.Cm wpa 570modes are only useful when using an authentication service 571(a supplicant for client operation or an authenticator when 572operating as an access point). 573Modes are case insensitive. 574.It Cm bintval Ar interval 575Set the interval at which beacon frames are sent when operating in 576ad-hoc or ap mode. 577The 578.Ar interval 579parameter is specified in TU's (1024 usecs). 580By default beacon frames are transmitted every 100 TU's. 581.It Cm bmissthreshold Ar count 582Set the number of consecutive missed beacons at which the station 583will attempt to roam (i.e. search for a new access point). 584The 585.Ar count 586parameter is must be in the range 1 to 255; 587though the upper bound may be reduced according to device capabilities.. 588The default threshold is 7 consecutive missed beacons; 589but this may be overridden by the device driver. 590Another name for the 591.Cm bmissthreshold 592parameter is 593.Cm bmiss . 594.It Cm bssid Ar address 595Specify the MAC address of the access point to use when operating 596as a station in a BSS network. 597This overrides any automatic selection done by the system. 598To disable a previously selected access point, supply 599.Cm any , none , 600or 601.Cm - 602for the address. 603This option is useful when more than one access point uses the same SSID. 604Another name for the 605.Cm bssid 606parameter is 607.Cm ap . 608.It Cm burst 609Enable packet bursting. 610Packet bursting is a transmission technique whereby the wireless 611medium is acquired once to send multiple frames and the interframe 612spacing is reduced. 613This technique can significantly increase throughput by reducing 614transmission overhead. 615Packet bursting is supported by the 802.11e QoS specification 616and some devices that do not support QoS may still be capable. 617By default packet bursting is enabled if a device is capable 618of doing it. 619To disable packet bursting, use 620.Fl burst . 621.It Cm chanlist Ar channels 622Set the desired channels to use when scanning for access 623points, neighbors in an IBSS network, or looking for unoccupied 624channels when operating as an access point. 625The set of channels is specified as a comma-separated list with 626each element in the list representing either a single channel number or a range 627of the form 628.Dq Li a-b . 629Channel numbers must be in the range 1 to 255 and be permissible 630according to the operating characteristics of the device. 631.It Cm channel Ar number 632Set a single desired channel. 633Channels range from 1 to 255, but the exact selection available 634depends on the region your adaptor was manufactured for. 635Setting 636the channel to 637.Li 0 , 638.Cm any , 639or 640.Cm - 641will give you the default for your adaptor. 642Some 643adaptors ignore this setting unless you are in ad-hoc mode. 644Alternatively the frequency, in megahertz, may be specified 645instead of the channel number. 646.It Cm deftxkey Ar index 647Set the default key to use for transmission. 648Typically this is only set when using WEP encryption. 649The 650.Cm weptxkey 651is an alias for this request; it is provided for backwards compatibility. 652.It Cm dtimperiod Ar period 653Set the 654DTIM 655period for transmitting buffered multicast data frames when 656operating in ap mode. 657The 658.Ar period 659specifies the number of beacon intervals between DTIM 660and must be in the range 1 to 15. 661By default DTIM is 1 (i.e., DTIM occurs at each beacon). 662.It Cm fragthreshold Ar length 663Set the threshold for which transmitted frames are broken into fragments. 664The 665.Ar length 666argument is the frame size in bytes and must be in the range 256 to 2346. 667Setting 668.Ar length 669to 670.Li 2346 , 671.Cm any , 672or 673.Cm - 674disables transmit fragmentation. 675Not all adaptors honor the fragmentation threshold. 676.It Cm hidessid 677When operating as an access point, do not broadcast the SSID 678in beacon frames or respond to probe request frames unless 679they are directed to the ap (i.e., they include the ap's SSID). 680By default, the SSID is included in beacon frames and 681undirected probe request frames are answered. 682To re-enable the broadcast of the SSID etc., use 683.Fl hidessid . 684.It Cm list active 685Display the list of channels available for use taking into account 686any restrictions set with the 687.Cm chanlist 688directive. 689See the description of 690.Cm list chan 691for more information. 692.It Cm list caps 693Display the adaptor's capabilities, including the operating 694modes supported. 695.It Cm list chan 696Display the list of channels available for use. 697Channels are shown with their IEEE channel number, equivalent 698frequency, and usage modes. 699Channels identified as 700.Ql 11g 701are also usable in 702.Ql 11b 703mode. 704Channels identified as 705.Ql 11a Turbo 706may be used only for Atheros' Static Turbo mode 707specified with 708.Cm mediaopt turbo ) . 709Channels marked with a 710.Ql * 711have a regulatory constraint that they be passively scanned. 712This means a station is not permitted to transmit on the channel until 713it identifies the channel is being used for 802.11 communication; 714typically by hearing a beacon frame from an access point operating 715on the channel. 716.Cm list freq 717is another way of requesting this information. 718.It Cm list mac 719Display the current MAC Access Control List state. 720Each address is prefixed with a character that indicates the 721current policy applied to it: 722.Ql + 723indicates the address is allowed access, 724.Ql - 725indicates the address is denied access, 726.Ql * 727indicates the address is present but the current policy open 728(so the ACL is not consulted). 729.It Cm list scan 730Display the access points and/or ad-hoc neighbors 731located in the vicinity. 732The 733.Fl v 734flag may be used to display long SSIDs. 735This information may be updated automatically by the adaptor 736and/or with a 737.Cm scan 738request. 739.Cm list ap 740is another way of requesting this information. 741.It Cm list sta 742When operating as an access point display the stations that are 743currently associated. 744When operating in ad-hoc mode display stations identified as 745neighbors in the IBSS. 746.It Cm list wme 747Display the current parameters to use when operating in WME mode. 748When WME mode is enabled for an adaptor this information will be 749displayed with the regular status; this command is mostly useful 750for examining parameters when WME mode is disabled. 751See the description of the 752.Cm wme 753directive for information on the various parameters. 754.It Cm mcastrate Ar rate 755Set the rate for transmitting multicast/broadcast frames. 756Rates are specified as megabits/second in decimal; e.g.\& 5.5 for 5.5 Mbit/s. 757This rate should be valid for the current operating conditions; 758if an invalid rate is specified drivers are free to chose an 759appropriate rate. 760.It Cm powersave 761Enable powersave operation. 762When operating as a client, the station will conserve power by 763periodically turning off the radio and listening for 764messages from the access point telling it there are packets waiting. 765The station must then retrieve the packets. 766When operating as an access point, the station must honor power 767save operation of associated clients. 768Not all devices support power save operation, either as a client 769or as an access point. 770Use 771.Fl powersave 772to disable powersave operation. 773.It Cm powersavemode Ar mode 774Set powersave mode. 775The set of valid modes is 776.Cm off 777(same as 778.Fl powersave ) , 779.Cm on 780(same as 781.Cm powersave ) , 782and 783.Cm cam 784(same as 785.Cm powersave ) . 786.It Cm powersavesleep Ar sleep 787Set the desired max powersave sleep time in TU's (1024 usecs). 788By default the max powersave sleep time is 100 TU's. 789.It Cm protmode Ar technique 790For interfaces operating in 802.11g, use the specified 791.Ar technique 792for protecting OFDM frames in a mixed 11b/11g network. 793The set of valid techniques is 794.Cm off , cts 795(CTS to self), 796and 797.Cm rtscts 798(RTS/CTS). 799Technique names are case insensitive. 800.It Cm pureg 801When operating as an access point in 802.11g mode allow only 80211g-capable stations to associate (11b-only stations are not 803permitted to associate). 804To allow both 11g and 11b-only stations to associate, use 805.Fl pureg . 806.It Cm roaming Ar mode 807When operating as a station, control how the system will 808behave when communication with the current access point 809is broken. 810The 811.Ar mode 812argument may be one of 813.Cm device 814(leave it to the hardware device to decide), 815.Cm auto 816(handle either in the device or the operating system\[em]as appropriate), 817.Cm manual 818(do nothing until explicitly instructed). 819By default, the device is left to handle this if it is 820capable; otherwise, the operating system will automatically 821attempt to reestablish communication. 822Manual mode is mostly useful when an application wants to 823control the selection of an access point. 824.It Cm ratectl Ar algorithm 825Set the TX rate control algorithm. 826The set of valid 827.Ar algorithm 828is 829.Cm onoe 830(Onoe TX rate control algorithm), 831.Cm sample 832(Sample TX rate control algorithm) 833and 834.Cm amrr 835(AMRR TX rate control algorithm). 836.Ar Algorithm 837names are case sensitive. 838.It Cm rtsthreshold Ar length 839Set the threshold for which 840transmitted frames are preceded by transmission of an 841RTS 842control frame. 843The 844.Ar length 845argument 846is the frame size in bytes and must be in the range 1 to 2346. 847Setting 848.Ar length 849to 850.Li 2346 , 851.Cm any , 852or 853.Cm - 854disables transmission of RTS frames. 855Not all adaptors support setting the RTS threshold. 856.It Cm ssid Ar ssid 857Set the desired Service Set Identifier (aka network name). 858The SSID is a string up to 32 characters 859in length and may be specified as either a normal string or in 860hexadecimal when preceded by 861.Ql 0x . 862Additionally, the SSID may be cleared by setting it to 863.Ql - . 864.It Cm scan 865Initiate a scan of neighboring stations, wait for it to complete, and 866display all stations found. 867Only the super-user can initiate a scan. 868Depending on the capabilities of the APs, the following 869flags can be included in the output: 870.Bl -tag -width 3n 871.It Li A 872Channel Agility. 873Indicates that the station support channel hopping as described by the 874IEEE 802.11b specification. 875.It Li B 876Packet Binary Convolution Code (PBCC). 877A modulation alternative to the standard OFDM method. 878.It Dv C 879Pollreq 880.It Dv c 881Pollable 882.It Dv D 883Direct Sequence Spread Spectrum - Orthogonal Frequency Division 884Multiplexing (DSSS-OFDM). 885Indicates the the station supports DSSS-OFDM modulation. 886.It Li E 887Extended Service Set (ESS). 888Indicates that the station is part of an infrastructure network 889(in contrast to an IBSS/ad-hoc network). 890.It Li I 891IBSS/ad-hoc network. 892Indicates that the station is part of an ad-hoc network 893(in contrast to an ESS network). 894.It Li P 895Privacy. 896Data confidentiality is required for all data frames 897exchanged within the BSS. 898This means that this BSS requires the station to 899use cryptographic means such as WEP, TKIP or AES-CCMP to 900encrypt/decrypt data frames being exchanged with others. 901.It Dv R 902Robust Security Network (RSN). 903Indicates that the station supports the IEEE 802.11i authentication 904and key management protocol. 905.It Li S 906Short Preamble. 907Indicates that the network is using short preambles (defined 908in 802.11b High Rate/DSSS PHY, short preamble utilizes a 90956 bit sync field in contrast to a 128 bit field used in long 910preamble mode). 911.It Li s 912Short slot time. 913Indicates that the network is using a short slot time. 914.El 915.Pp 916The 917.Cm list scan 918request can be used to show recent scan results without 919initiating a new scan. 920.Pp 921The 922.Fl v 923flag may be used to prevent the shortening of long SSIDs. 924.It Cm stationname Ar name 925Set the name of this station. 926It appears that the station name is not really part of the IEEE 802.11 927protocol though all interfaces seem to support it. 928As such it only 929seems to be meaningful to identical or virtually identical equipment. 930Setting the station name is identical in syntax to setting the SSID. 931.It Cm txpower Ar power 932Set the power used to transmit frames. 933The 934.Ar power 935argument 936is a unitless value in the range 0 to 100 that is interpreted 937by drivers to derive a device-specific value. 938Out of range values are truncated. 939Typically only a few discreet power settings are available and 940the driver will use the setting closest to the specified value. 941Not all adaptors support changing the transmit power. 942.It Cm wepmode Ar mode 943Set the desired WEP mode. 944Not all adaptors support all modes. 945The set of valid modes is 946.Cm off , on , 947and 948.Cm mixed . 949The 950.Cm mixed 951mode explicitly tells the adaptor to allow association with access 952points which allow both encrypted and unencrypted traffic. 953On these adaptors, 954.Cm on 955means that the access point must only allow encrypted connections. 956On other adaptors, 957.Cm on 958is generally another name for 959.Cm mixed . 960Modes are case insensitive. 961.It Cm weptxkey Ar index 962Set the WEP key to be used for transmission. 963This is the same as setting the default transmission key with 964.Cm deftxkey . 965.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key 966Set the selected WEP key. 967If an 968.Ar index 969is not given, key 1 is set. 970A WEP key will be either 5 or 13 971characters (40 or 104 bits) depending of the local network and the 972capabilities of the adaptor. 973It may be specified either as a plain 974string or as a string of hexadecimal digits preceded by 975.Ql 0x . 976For maximum portability, hex keys are recommended; 977the mapping of text keys to WEP encryption is usually driver-specific. 978In particular, the 979.Tn Windows 980drivers do this mapping differently to 981.Fx . 982A key may be cleared by setting it to 983.Ql - . 984If WEP is supported then there are at least four keys. 985Some adaptors support more than four keys. 986If that is the case, then the first four keys 987(1-4) will be the standard temporary keys and any others will be adaptor 988specific keys such as permanent keys stored in NVRAM. 989.It Cm wme 990Enable Wireless Multimedia Extensions (WME) support, if available, 991for the specified interface. 992WME is a subset of the IEEE 802.11e standard to support the 993efficient communication of realtime and multimedia data. 994To disable WME support, use 995.Fl wme . 996.Pp 997The following parameters are meaningful only when WME support is in use. 998Parameters are specified per-AC (Access Category) and 999split into those that are used by a station when acting 1000as an access point and those for client stations in the BSS. 1001The latter are received from the access point and may not be changed 1002(at the station). 1003The following Access Categories are recognized: 1004.Pp 1005.Bl -tag -width ".Cm AC_BK" -compact 1006.It Cm AC_BE 1007(or 1008.Cm BE ) 1009best effort delivery, 1010.It Cm AC_BK 1011(or 1012.Cm BK ) 1013background traffic, 1014.It Cm AC_VI 1015(or 1016.Cm VI ) 1017video traffic, 1018.It Cm AC_VO 1019(or 1020.Cm VO ) 1021voice traffic. 1022.El 1023.Pp 1024AC parameters are case-insensitive. 1025Traffic classification is done in the operating system using the 1026vlan priority associated with data frames or the 1027ToS (Type of Service) indication in IP-encapsulated frames. 1028If neither information is present, traffic is assigned to the 1029Best Effort (BE) category. 1030.Bl -tag -width indent 1031.It Cm ack Ar ac 1032Set the ACK policy for QoS transmissions by the local station; 1033this controls whether or not data frames transmitted by a station 1034require an ACK response from the receiving station. 1035To disable waiting for an ACK use 1036.Fl ack . 1037This parameter is applied only to the local station. 1038.It Cm acm Ar ac 1039Enable the Admission Control Mandatory (ACM) mechanism 1040for transmissions by the local station. 1041To disable the ACM use 1042.Fl acm . 1043On stations in a BSS this parameter is read-only and indicates 1044the setting received from the access point. 1045NB: ACM is not supported right now. 1046.It Cm aifs Ar ac Ar count 1047Set the Arbitration Inter Frame Spacing (AIFS) 1048channel access parameter to use for transmissions 1049by the local station. 1050On stations in a BSS this parameter is read-only and indicates 1051the setting received from the access point. 1052.It Cm cwmin Ar ac Ar count 1053Set the CWmin channel access parameter to use for transmissions 1054by the local station. 1055On stations in a BSS this parameter is read-only and indicates 1056the setting received from the access point. 1057.It Cm cwmax Ar ac Ar count 1058Set the CWmax channel access parameter to use for transmissions 1059by the local station. 1060On stations in a BSS this parameter is read-only and indicates 1061the setting received from the access point. 1062.It Cm txoplimit Ar ac Ar limit 1063Set the Transmission Opportunity Limit channel access parameter 1064to use for transmissions by the local station. 1065This parameter defines an interval of time when a WME station 1066has the right to initiate transmissions onto the wireless medium. 1067On stations in a BSS this parameter is read-only and indicates 1068the setting received from the access point. 1069.It Cm bss:aifs Ar ac Ar count 1070Set the AIFS channel access parameter to send to stations in a BSS. 1071This parameter is meaningful only when operating in ap mode. 1072.It Cm bss:cwmin Ar ac Ar count 1073Set the CWmin channel access parameter to send to stations in a BSS. 1074This parameter is meaningful only when operating in ap mode. 1075.It Cm bss:cwmax Ar ac Ar count 1076Set the CWmax channel access parameter to send to stations in a BSS. 1077This parameter is meaningful only when operating in ap mode. 1078.It Cm bss:txoplimit Ar ac Ar limit 1079Set the TxOpLimit channel access parameter to send to stations in a BSS. 1080This parameter is meaningful only when operating in ap mode. 1081.El 1082.El 1083.Pp 1084The following parameters support an optional access control list 1085feature available with some adaptors when operating in ap mode; see 1086.Xr wlan_acl 4 . 1087This facility allows an access point to accept/deny association 1088requests based on the MAC address of the station. 1089Note that this feature does not significantly enhance security 1090as MAC address spoofing is easy to do. 1091.Bl -tag -width indent 1092.It Cm mac:add Ar address 1093Add the specified MAC address to the database. 1094Depending on the policy setting association requests from the 1095specified station will be allowed or denied. 1096.It Cm mac:allow 1097Set the ACL policy to permit association only by 1098stations registered in the database. 1099.It Cm mac:del Ar address 1100Delete the specified MAC address from the database. 1101.It Cm mac:deny 1102Set the ACL policy to deny association only by 1103stations registered in the database. 1104.It Cm mac:kick Ar address 1105Force the specified station to be deauthenticated. 1106This typically is done to block a station after updating the 1107address database. 1108.It Cm mac:open 1109Set the ACL policy to allow all stations to associate. 1110.It Cm mac:flush 1111Delete all entries in the database. 1112.El 1113.Pp 1114The following parameters are for compatibility with other systems: 1115.Bl -tag -width indent 1116.It Cm nwid Ar ssid 1117Another name for the 1118.Cm ssid 1119parameter. 1120Included for 1121.Nx 1122compatibility. 1123.It Cm station Ar name 1124Another name for the 1125.Cm stationname 1126parameter. 1127Included for 1128.Bsx 1129compatibility. 1130.It Cm wep 1131Another way of saying 1132.Cm wepmode on . 1133Included for 1134.Bsx 1135compatibility. 1136.It Fl wep 1137Another way of saying 1138.Cm wepmode off . 1139Included for 1140.Bsx 1141compatibility. 1142.It Cm nwkey key 1143Another way of saying: 1144.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" . 1145Included for 1146.Nx 1147compatibility. 1148.It Cm nwkey Xo 1149.Sm off 1150.Ar n : k1 , k2 , k3 , k4 1151.Sm on 1152.Xc 1153Another way of saying 1154.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" . 1155Included for 1156.Nx 1157compatibility. 1158.It Fl nwkey 1159Another way of saying 1160.Cm wepmode off . 1161Included for 1162.Nx 1163compatibility. 1164.El 1165.Pp 1166The following parameters are specific to bridge interfaces: 1167.Bl -tag -width indent 1168.It Cm addm Ar interface 1169Add the interface named by 1170.Ar interface 1171as a member of the bridge. 1172The interface is put into promiscuous mode 1173so that it can receive every packet sent on the network. 1174.It Cm deletem Ar interface 1175Remove the interface named by 1176.Ar interface 1177from the bridge. 1178Promiscuous mode is disabled on the interface when 1179it is removed from the bridge. 1180.It Cm maxaddr Ar size 1181Set the size of the bridge address cache to 1182.Ar size . 1183The default is 100 entries. 1184.It Cm timeout Ar seconds 1185Set the timeout of address cache entries to 1186.Ar seconds 1187seconds. 1188If 1189.Ar seconds 1190is zero, then address cache entries will not be expired. 1191The default is 240 seconds. 1192.It Cm addr 1193Display the addresses that have been learned by the bridge. 1194.It Cm static Ar interface-name Ar address 1195Add a static entry into the address cache pointing to 1196.Ar interface-name . 1197Static entries are never aged out of the cache or re-placed, even if the 1198address is seen on a different interface. 1199.It Cm deladdr Ar address 1200Delete 1201.Ar address 1202from the address cache. 1203.It Cm flush 1204Delete all dynamically-learned addresses from the address cache. 1205.It Cm flushall 1206Delete all addresses, including static addresses, from the address cache. 1207.It Cm discover Ar interface 1208Mark an interface as a 1209.Dq discovering 1210interface. 1211When the bridge has no address cache entry 1212(either dynamic or static) 1213for the destination address of a packet, 1214the bridge will forward the packet to all 1215member interfaces marked as 1216.Dq discovering . 1217This is the default for all interfaces added to a bridge. 1218.It Fl discover Ar interface 1219Clear the 1220.Dq discovering 1221attribute on a member interface. 1222For packets without the 1223.Dq discovering 1224attribute, the only packets forwarded on the interface are broadcast 1225or multicast packets and packets for which the destination address 1226is known to be on the interface's segment. 1227.It Cm learn Ar interface 1228Mark an interface as a 1229.Dq learning 1230interface. 1231When a packet arrives on such an interface, the source 1232address of the packet is entered into the address cache as being a 1233destination address on the interface's segment. 1234This is the default for all interfaces added to a bridge. 1235.It Fl learn Ar interface 1236Clear the 1237.Dq learning 1238attribute on a member interface. 1239.It Cm span Ar interface 1240Add the interface named by 1241.Ar interface 1242as a span port on the bridge. 1243Span ports transmit a copy of every frame received by the bridge. 1244This is most useful for snooping a bridged network passively on 1245another host connected to one of the span ports of the bridge. 1246.It Fl span Ar interface 1247Delete the interface named by 1248.Ar interface 1249from the list of span ports of the bridge. 1250.It Cm stp Ar interface 1251Enable Spanning Tree protocol on 1252.Ar interface . 1253The 1254.Xr bridge 4 1255driver has support for the IEEE 802.1D Spanning Tree protocol (STP). 1256Spanning Tree is used to detect and remove loops in a network topology. 1257.It Fl stp Ar interface 1258Disable Spanning Tree protocol on 1259.Ar interface . 1260This is the default for all interfaces added to a bridge. 1261.It Cm maxage Ar seconds 1262Set the time that a Spanning Tree protocol configuration is valid. 1263The default is 20 seconds. 1264The minimum is 1 second and the maximum is 255 seconds. 1265.It Cm fwddelay Ar seconds 1266Set the time that must pass before an interface begins forwarding 1267packets when Spanning Tree is enabled. 1268The default is 15 seconds. 1269The minimum is 1 second and the maximum is 255 seconds. 1270.It Cm hellotime Ar seconds 1271Set the time between broadcasting of Spanning Tree protocol 1272configuration messages. 1273The default is 2 seconds. 1274The minimum is 1 second and the maximum is 255 seconds. 1275.It Cm priority Ar value 1276Set the bridge priority for Spanning Tree. 1277The default is 32768. 1278The minimum is 0 and the maximum is 65536. 1279.It Cm ifpriority Ar interface Ar value 1280Set the Spanning Tree priority of 1281.Ar interface 1282to 1283.Ar value . 1284The default is 128. 1285The minimum is 0 and the maximum is 255. 1286.It Cm ifpathcost Ar interface Ar value 1287Set the Spanning Tree path cost of 1288.Ar interface 1289to 1290.Ar value . 1291The default is 55. 1292The minimum is 0 and the maximum is 65535. 1293.El 1294.Pp 1295The following parameters are specific to IP tunnel interfaces, 1296.Xr gif 4 : 1297.Bl -tag -width indent 1298.It Cm tunnel Ar src_addr dest_addr 1299Configure the physical source and destination address for IP tunnel 1300interfaces. 1301The arguments 1302.Ar src_addr 1303and 1304.Ar dest_addr 1305are interpreted as the outer source/destination for the encapsulating 1306IPv4/IPv6 header. 1307.It Fl tunnel 1308Unconfigure the physical source and destination address for IP tunnel 1309interfaces previously configured with 1310.Cm tunnel . 1311.It Cm deletetunnel 1312Another name for the 1313.Fl tunnel 1314parameter. 1315.El 1316.Pp 1317The following parameters are specific to 1318.Xr vlan 4 1319interfaces: 1320.Bl -tag -width indent 1321.It Cm vlan Ar vlan_tag 1322Set the VLAN tag value to 1323.Ar vlan_tag . 1324This value is a 16-bit number which is used to create an 802.1Q 1325VLAN header for packets sent from the 1326.Xr vlan 4 1327interface. 1328Note that 1329.Cm vlan 1330and 1331.Cm vlandev 1332must both be set at the same time. 1333.It Cm vlandev Ar iface 1334Associate the physical interface 1335.Ar iface 1336with a 1337.Xr vlan 4 1338interface. 1339Packets transmitted through the 1340.Xr vlan 4 1341interface will be 1342diverted to the specified physical interface 1343.Ar iface 1344with 802.1Q VLAN encapsulation. 1345Packets with 802.1Q encapsulation received 1346by the parent interface with the correct VLAN tag will be diverted to 1347the associated 1348.Xr vlan 4 1349pseudo-interface. 1350The 1351.Xr vlan 4 1352interface is assigned a 1353copy of the parent interface's flags and the parent's ethernet address. 1354The 1355.Cm vlandev 1356and 1357.Cm vlan 1358must both be set at the same time. 1359If the 1360.Xr vlan 4 1361interface already has 1362a physical interface associated with it, this command will fail. 1363To 1364change the association to another physical interface, the existing 1365association must be cleared first. 1366.Pp 1367Note: if the hardware tagging capability 1368is set on the parent interface, the 1369.Xr vlan 4 1370pseudo 1371interface's behavior changes: 1372the 1373.Xr vlan 4 1374interface recognizes that the 1375parent interface supports insertion and extraction of VLAN tags on its 1376own (usually in firmware) and that it should pass packets to and from 1377the parent unaltered. 1378.It Fl vlandev Op Ar iface 1379If the driver is a 1380.Xr vlan 4 1381pseudo device, disassociate the parent interface from it. 1382This breaks the link between the 1383.Xr vlan 4 1384interface and its parent, 1385clears its VLAN tag, flags and its link address and shuts the interface down. 1386The 1387.Ar iface 1388argument is useless and hence deprecated. 1389.El 1390.Pp 1391The 1392.Nm 1393utility displays the current configuration for a network interface 1394when no optional parameters are supplied. 1395If a protocol family is specified, 1396.Nm 1397will report only the details specific to that protocol family. 1398.Pp 1399If the 1400.Fl m 1401flag is passed before an interface name, 1402.Nm 1403will display the capability list and all 1404of the supported media for the specified interface. 1405If 1406.Fl L 1407flag is supplied, address lifetime is displayed for IPv6 addresses, 1408as time offset string. 1409.Pp 1410Optionally, the 1411.Fl a 1412flag may be used instead of an interface name. 1413This flag instructs 1414.Nm 1415to display information about all interfaces in the system. 1416The 1417.Fl d 1418flag limits this to interfaces that are down, and 1419.Fl u 1420limits this to interfaces that are up. 1421When no arguments are given, 1422.Fl a 1423is implied. 1424.Pp 1425The 1426.Fl l 1427flag may be used to list all available interfaces on the system, with 1428no other additional information. 1429Use of this flag is mutually exclusive 1430with all other flags and commands, except for 1431.Fl d 1432(only list interfaces that are down) 1433and 1434.Fl u 1435(only list interfaces that are up). 1436.Pp 1437The 1438.Fl v 1439flag may be used to get more verbose status for an interface. 1440.Pp 1441The 1442.Fl C 1443flag may be used to list all of the interface cloners available on 1444the system, with no additional information. 1445Use of this flag is mutually exclusive with all other flags and commands. 1446.Pp 1447The 1448.Fl k 1449flag causes keying information for the interface, if available, to be 1450printed. 1451For example, the values of 802.11 WEP keys will be printed, if accessible to 1452the current user. 1453This information is not printed by default, as it may be considered 1454sensitive. 1455.Pp 1456Only the super-user may modify the configuration of a network interface. 1457.Sh DIAGNOSTICS 1458Messages indicating the specified interface does not exist, the 1459requested address is unknown, or the user is not privileged and 1460tried to alter an interface's configuration. 1461.Sh SEE ALSO 1462.Xr netstat 1 , 1463.Xr ifmedia 4 , 1464.Xr netintro 4 , 1465.Xr polling 4 , 1466.Xr vlan 4 , 1467.\" .Xr eon 5 , 1468.Xr rc 8 , 1469.Xr routed 8 , 1470.Xr sysctl 8 1471.Sh HISTORY 1472The 1473.Nm 1474utility appeared in 1475.Bx 4.2 . 1476.Sh BUGS 1477Basic IPv6 node operation requires a link-local address on each 1478interface configured for IPv6. 1479Normally, such an address is automatically configured by the 1480kernel on each interface added to the system; this behaviour may 1481be disabled by setting the sysctl MIB variable 1482.Va net.inet6.ip6.auto_linklocal 1483to 0. 1484.Pp 1485If you delete such an address using 1486.Nm , 1487the kernel may act very odd. 1488Do this at your own risk. 1489