1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 4. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 29.\" $FreeBSD: src/sbin/ifconfig/ifconfig.8,v 1.124 2006/10/10 09:44:08 ru Exp $ 30.\" $DragonFly: src/sbin/ifconfig/ifconfig.8,v 1.24 2007/12/16 20:10:21 thomas Exp $ 31 32.\" 33.Dd September 30, 2007 34.Dt IFCONFIG 8 35.Os 36.Sh NAME 37.Nm ifconfig 38.Nd configure network interface parameters 39.Sh SYNOPSIS 40.Nm 41.Op Fl L 42.Op Fl k 43.Op Fl m 44.Ar interface 45.Op Cm create 46.Op Ar address_family 47.Oo 48.Ar address 49.Op Ar dest_address 50.Oc 51.Op Ar parameters 52.Nm 53.Ar interface 54.Cm destroy 55.Nm 56.Fl a 57.Op Fl L 58.Op Fl d 59.Op Fl m 60.Op Fl u 61.Op Fl v 62.Op Ar address_family 63.Nm 64.Fl l 65.Op Fl d 66.Op Fl u 67.Op Ar address_family 68.Nm 69.Op Fl L 70.Op Fl d 71.Op Fl k 72.Op Fl m 73.Op Fl u 74.Op Fl v 75.Op Fl C 76.Sh DESCRIPTION 77The 78.Nm 79utility is used to assign an address 80to a network interface and/or configure 81network interface parameters. 82The 83.Nm 84utility must be used at boot time to define the network address 85of each interface present on a machine; it may also be used at 86a later time to redefine an interface's address 87or other operating parameters. 88.Pp 89The following options are available: 90.Bl -tag -width indent 91.It Ar address 92For the 93.Tn DARPA Ns -Internet 94family, 95the address is either a host name present in the host name data 96base, 97.Xr hosts 5 , 98or a 99.Tn DARPA 100Internet address expressed in the Internet standard 101.Dq dot notation . 102.Pp 103It is also possible to use the CIDR notation (also known as the 104slash notation) to include the netmask. 105That is, one can specify an address like 106.Li 192.168.0.1/16 . 107.Pp 108For 109.Dq inet6 110family, it is also possible to specify the prefix length using the slash 111notation, like 112.Li ::1/128 . 113See the 114.Cm prefixlen 115parameter below for more information. 116.\" For the Xerox Network Systems(tm) family, 117.\" addresses are 118.\" .Ar net:a.b.c.d.e.f , 119.\" where 120.\" .Ar net 121.\" is the assigned network number (in decimal), 122.\" and each of the six bytes of the host number, 123.\" .Ar a 124.\" through 125.\" .Ar f , 126.\" are specified in hexadecimal. 127.\" The host number may be omitted on IEEE 802 protocol 128.\" (Ethernet, FDDI, and Token Ring) interfaces, 129.\" which use the hardware physical address, 130.\" and on interfaces other than the first. 131.\" For the 132.\" .Tn ISO 133.\" family, addresses are specified as a long hexadecimal string, 134.\" as in the Xerox family. 135.\" However, two consecutive dots imply a zero 136.\" byte, and the dots are optional, if the user wishes to (carefully) 137.\" count out long strings of digits in network byte order. 138.Pp 139The link-level 140.Pq Dq link 141address 142is specified as a series of colon-separated hex digits. 143This can be used to 144e.g.\& set a new MAC address on an ethernet interface, though the 145mechanism used is not ethernet-specific. 146If the interface is already 147up when this option is used, it will be briefly brought down and 148then brought back up again in order to ensure that the receive 149filter in the underlying ethernet hardware is properly reprogrammed. 150.It Ar address_family 151Specify the 152address family 153which affects interpretation of the remaining parameters. 154Since an interface can receive transmissions in differing protocols 155with different naming schemes, specifying the address family is recommended. 156The address or protocol families currently 157supported are 158.Dq inet , 159.Dq inet6 , 160.Dq atalk , 161.Dq ipx , 162.\" .Dq iso , 163and 164.Dq link . 165.\" and 166.\" .Dq ns . 167The default is 168.Dq inet . 169.Dq ether 170and 171.Dq lladdr 172are synonyms for 173.Dq link . 174.It Ar dest_address 175Specify the address of the correspondent on the other end 176of a point to point link. 177.It Ar interface 178This 179parameter is a string of the form 180.Dq name unit , 181for example, 182.Dq Li ed0 . 183.El 184.Pp 185The following parameters may be set with 186.Nm : 187.Bl -tag -width indent 188.It Cm add 189Another name for the 190.Cm alias 191parameter. 192Introduced for compatibility 193with 194.Bsx . 195.It Cm alias 196Establish an additional network address for this interface. 197This is sometimes useful when changing network numbers, and 198one wishes to accept packets addressed to the old interface. 199If the address is on the same subnet as the first network address 200for this interface, a non-conflicting netmask must be given. 201Usually 202.Li 0xffffffff 203is most appropriate. 204.It Fl alias 205Remove the network address specified. 206This would be used if you incorrectly specified an alias, or it 207was no longer needed. 208If you have incorrectly set an NS address having the side effect 209of specifying the host portion, removing all NS addresses will 210allow you to respecify the host portion. 211.It Cm anycast 212(Inet6 only.) 213Specify that the address configured is an anycast address. 214Based on the current specification, 215only routers may configure anycast addresses. 216Anycast address will not be used as source address of any of outgoing 217IPv6 packets. 218.It Cm arp 219Enable the use of the Address Resolution Protocol 220.Pq Xr arp 4 221in mapping 222between network level addresses and link level addresses (default). 223This is currently implemented for mapping between 224.Tn DARPA 225Internet 226addresses and 227.Tn IEEE 228802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses). 229.It Fl arp 230Disable the use of the Address Resolution Protocol 231.Pq Xr arp 4 . 232.It Cm broadcast 233(Inet only.) 234Specify the address to use to represent broadcasts to the 235network. 236The default broadcast address is the address with a host part of all 1's. 237.It Cm debug 238Enable driver dependent debugging code; usually, this turns on 239extra console error logging. 240.It Fl debug 241Disable driver dependent debugging code. 242.It Cm promisc 243Put interface into permanently promiscuous mode. 244.It Fl promisc 245Disable permanently promiscuous mode. 246.It Cm delete 247Another name for the 248.Fl alias 249parameter. 250.It Cm down 251Mark an interface 252.Dq down . 253When an interface is marked 254.Dq down , 255the system will not attempt to 256transmit messages through that interface. 257If possible, the interface will be reset to disable reception as well. 258This action does not automatically disable routes using the interface. 259.It Cm eui64 260(Inet6 only.) 261Fill interface index 262(lowermost 64bit of an IPv6 address) 263automatically. 264.It Cm ipdst 265This is used to specify an Internet host who is willing to receive 266IP packets encapsulating IPX packets bound for a remote network. 267An apparent point to point link is constructed, and 268the address specified will be taken as the IPX address and network 269of the destination. 270.It Cm media Ar type 271If the driver supports the media selection system, set the media type 272of the interface to 273.Ar type . 274Some interfaces support the mutually exclusive use of one of several 275different physical media connectors. 276For example, a 10Mbit/s Ethernet 277interface might support the use of either 278.Tn AUI 279or twisted pair connectors. 280Setting the media type to 281.Cm 10base5/AUI 282would change the currently active connector to the AUI port. 283Setting it to 284.Cm 10baseT/UTP 285would activate twisted pair. 286Refer to the interfaces' driver 287specific documentation or man page for a complete list of the 288available types. 289.It Cm mediaopt Ar opts 290If the driver supports the media selection system, set the specified 291media options on the interface. 292The 293.Ar opts 294argument 295is a comma delimited list of options to apply to the interface. 296Refer to the interfaces' driver specific man page for a complete 297list of available options. 298.It Fl mediaopt Ar opts 299If the driver supports the media selection system, disable the 300specified media options on the interface. 301.It Cm mode Ar mode 302If the driver supports the media selection system, set the specified 303operating mode on the interface to 304.Ar mode . 305For IEEE 802.11 wireless interfaces that support multiple operating modes 306this directive is used to select between 802.11a 307.Pq Cm 11a , 308802.11b 309.Pq Cm 11b , 310and 802.11g 311.Pq Cm 11g 312operating modes. 313.It Cm name Ar name 314Set the interface name to 315.Ar name . 316.It Cm rxcsum , txcsum 317If the driver supports user-configurable checksum offloading, 318enable receive (or transmit) checksum offloading on the interface. 319Some drivers may not be able to enable these flags independently 320of each other, so setting one may also set the other. 321The driver will offload as much checksum work as it can reliably 322support, the exact level of offloading varies between drivers. 323.It Fl rxcsum , txcsum 324If the driver supports user-configurable checksum offloading, 325disable receive (or transmit) checksum offloading on the interface. 326These settings may not always be independent of each other. 327.It Cm vlanmtu , vlanhwtag 328If the driver offers user-configurable VLAN support, enable 329reception of extended frames or tag processing in hardware, 330respectively. 331Note that this must be issued on a physical interface associated with 332.Xr vlan 4 , 333not on a 334.Xr vlan 4 335interface itself. 336.It Fl vlanmtu , vlanhwtag 337If the driver offers user-configurable VLAN support, disable 338reception of extended frames or tag processing in hardware, 339respectively. 340.It Cm pollcpu Ar cpu 341Turn on 342.Xr polling 4 343feature and disable interrupts on the interface, 344if the driver supports this mode and 345.Ar cpu 346supports 347.Xr polling 4 . 348Driver will be polled by 349.Ar cpu . 350.It Cm polling 351Turn on 352.Xr polling 4 353feature and disable interrupts on the interface, if the driver supports 354this mode. 355.It Fl polling 356Turn off 357.Xr polling 4 358feature and enable interrupt mode on the interface. 359.It Cm create 360Create the specified network pseudo-device. 361If the interface is given without a unit number, try to create a new 362device with an arbitrary unit number. 363If creation of an arbitrary device is successful, the new device name is 364printed to standard output unless the interface is renamed or destroyed 365in the same 366.Nm 367invocation. 368.It Cm destroy 369Destroy the specified network pseudo-device. 370.It Cm plumb 371Another name for the 372.Cm create 373parameter. 374Included for 375.Tn Solaris 376compatibility. 377.It Cm unplumb 378Another name for the 379.Cm destroy 380parameter. 381Included for 382.Tn Solaris 383compatibility. 384.It Cm metric Ar n 385Set the routing metric of the interface to 386.Ar n , 387default 0. 388The routing metric is used by the routing protocol 389.Pq Xr routed 8 . 390Higher metrics have the effect of making a route 391less favorable; metrics are counted as additional hops 392to the destination network or host. 393.It Cm mtu Ar n 394Set the maximum transmission unit of the interface to 395.Ar n , 396default is interface specific. 397The MTU is used to limit the size of packets that are transmitted on an 398interface. 399Not all interfaces support setting the MTU, and some interfaces have 400range restrictions. 401.It Cm netmask Ar mask 402.\" (Inet and ISO.) 403(Inet only.) 404Specify how much of the address to reserve for subdividing 405networks into sub-networks. 406The mask includes the network part of the local address 407and the subnet part, which is taken from the host field of the address. 408The mask can be specified as a single hexadecimal number 409with a leading 410.Ql 0x , 411with a dot-notation Internet address, 412or with a pseudo-network name listed in the network table 413.Xr networks 5 . 414The mask contains 1's for the bit positions in the 32-bit address 415which are to be used for the network and subnet parts, 416and 0's for the host part. 417The mask should contain at least the standard network portion, 418and the subnet field should be contiguous with the network 419portion. 420.Pp 421The netmask can also be specified in CIDR notation after the address. 422See the 423.Ar address 424option above for more information. 425.It Cm autoconf 426(Inet6 only.) 427Enable autoconfiguration. 428.It Fl autoconf 429Disable autoconfiguration. 430.It Cm pltime Ar n 431(Inet6 only.) 432Set preferred lifetime for the address. 433.It Cm vltime Ar n 434(Inet6 only.) 435Set valid lifetime for the address. 436.It Cm prefixlen Ar len 437(Inet6 only.) 438Specify that 439.Ar len 440bits are reserved for subdividing networks into sub-networks. 441The 442.Ar len 443must be integer, and for syntactical reason it must be between 0 to 128. 444It is almost always 64 under the current IPv6 assignment rule. 445If the parameter is omitted, 64 is used. 446.Pp 447The prefix can also be specified using the slash notation after the address. 448See the 449.Ar address 450option above for more information. 451.It Cm deprecated 452(Inet6 only.) 453Set the IPv6 deprecated address bit. 454.It Fl deprecated 455(Inet6 only.) 456Clear the IPv6 deprecated address bit. 457.It Cm tentative 458(Inet6 only.) 459Set the IPv6 tentative address bit. 460.It Fl tentative 461(Inet6 only.) 462Clear the IPv6 tentative address bit. 463.\" see 464.\" Xr eon 5 . 465.\" .It Cm nsellength Ar n 466.\" .Pf ( Tn ISO 467.\" only) 468.\" This specifies a trailing number of bytes for a received 469.\" .Tn NSAP 470.\" used for local identification, the remaining leading part of which is 471.\" taken to be the 472.\" .Tn NET 473.\" (Network Entity Title). 474.\" The default value is 1, which is conformant to US 475.\" .Tn GOSIP . 476.\" When an ISO address is set in an ifconfig command, 477.\" it is really the 478.\" .Tn NSAP 479.\" which is being specified. 480.\" For example, in 481.\" .Tn US GOSIP , 482.\" 20 hex digits should be 483.\" specified in the 484.\" .Tn ISO NSAP 485.\" to be assigned to the interface. 486.\" There is some evidence that a number different from 1 may be useful 487.\" for 488.\" .Tn AFI 489.\" 37 type addresses. 490.It Cm range Ar netrange 491Under appletalk, set the interface to respond to a 492.Ar netrange 493of the form 494.Ar startnet Ns - Ns Ar endnet . 495Appletalk uses this scheme instead of 496netmasks though 497.Dx 498implements it internally as a set of netmasks. 499.It Cm remove 500Another name for the 501.Fl alias 502parameter. 503Introduced for compatibility 504with 505.Bsx . 506.It Cm phase 507The argument following this specifies the version (phase) of the 508Appletalk network attached to the interface. 509Values of 1 or 2 are permitted. 510.Sm off 511.It Cm link Op Cm 0 No - Cm 2 512.Sm on 513Enable special processing of the link level of the interface. 514These three options are interface specific in actual effect, however, 515they are in general used to select special modes of operation. 516An example 517of this is to enable SLIP compression, or to select the connector type 518for some Ethernet cards. 519Refer to the man page for the specific driver 520for more information. 521.Sm off 522.It Fl link Op Cm 0 No - Cm 2 523.Sm on 524Disable special processing at the link level with the specified interface. 525.It Cm compress 526Another name for the 527.Cm link0 528parameter. 529.It Cm normal 530Another name for the 531.Fl link0 532parameter. 533.It Cm noicmp 534Another name for the 535.Cm link1 536parameter. 537.It Cm monitor 538Put the interface in monitor mode. 539No packets are transmitted, and received packets are discarded after 540.Xr bpf 4 541processing. 542.It Fl monitor 543Take the interface out of monitor mode. 544.It Cm up 545Mark an interface 546.Dq up . 547This may be used to enable an interface after an 548.Dq Nm Cm down . 549It happens automatically when setting the first address on an interface. 550If the interface was reset when previously marked down, 551the hardware will be re-initialized. 552.El 553.Pp 554The following parameters are specific to IEEE 802.11 wireless interfaces: 555.Bl -tag -width indent 556.It Cm apbridge 557When operating as an access point, pass packets between 558wireless clients directly (default). 559To instead let them pass up through the 560system and be forwarded using some other mechanism, use 561.Fl apbridge . 562Disabling the internal bridging 563is useful when traffic is to be processed with 564packet filtering. 565.It Cm authmode Ar mode 566Set the desired authentication mode in infrastructure mode. 567Not all adaptors support all modes. 568The set of 569valid modes is 570.Cm none , open , shared 571(shared key), 572.Cm 8021x 573(IEEE 802.1x), 574and 575.Cm wpa 576(IEEE WPA/WPA2/802.11i). 577The 578.Cm 8021x 579and 580.Cm wpa 581modes are only useful when using an authentication service 582(a supplicant for client operation or an authenticator when 583operating as an access point). 584Modes are case insensitive. 585.It Cm bintval Ar interval 586Set the interval at which beacon frames are sent when operating in 587ad-hoc or ap mode. 588The 589.Ar interval 590parameter is specified in TU's (1024 usecs). 591By default beacon frames are transmitted every 100 TU's. 592.It Cm bmissthreshold Ar count 593Set the number of consecutive missed beacons at which the station 594will attempt to roam (i.e. search for a new access point). 595The 596.Ar count 597parameter is must be in the range 1 to 255; 598though the upper bound may be reduced according to device capabilities.. 599The default threshold is 7 consecutive missed beacons; 600but this may be overridden by the device driver. 601Another name for the 602.Cm bmissthreshold 603parameter is 604.Cm bmiss . 605.It Cm bssid Ar address 606Specify the MAC address of the access point to use when operating 607as a station in a BSS network. 608This overrides any automatic selection done by the system. 609To disable a previously selected access point, supply 610.Cm any , none , 611or 612.Cm - 613for the address. 614This option is useful when more than one access point uses the same SSID. 615Another name for the 616.Cm bssid 617parameter is 618.Cm ap . 619.It Cm burst 620Enable packet bursting. 621Packet bursting is a transmission technique whereby the wireless 622medium is acquired once to send multiple frames and the interframe 623spacing is reduced. 624This technique can significantly increase throughput by reducing 625transmission overhead. 626Packet bursting is supported by the 802.11e QoS specification 627and some devices that do not support QoS may still be capable. 628By default packet bursting is enabled if a device is capable 629of doing it. 630To disable packet bursting, use 631.Fl burst . 632.It Cm chanlist Ar channels 633Set the desired channels to use when scanning for access 634points, neighbors in an IBSS network, or looking for unoccupied 635channels when operating as an access point. 636The set of channels is specified as a comma-separated list with 637each element in the list representing either a single channel number or a range 638of the form 639.Dq Li a-b . 640Channel numbers must be in the range 1 to 255 and be permissible 641according to the operating characteristics of the device. 642.It Cm channel Ar number 643Set a single desired channel. 644Channels range from 1 to 255, but the exact selection available 645depends on the region your adaptor was manufactured for. 646Setting 647the channel to 648.Li 0 , 649.Cm any , 650or 651.Cm - 652will give you the default for your adaptor. 653Some 654adaptors ignore this setting unless you are in ad-hoc mode. 655Alternatively the frequency, in megahertz, may be specified 656instead of the channel number. 657.It Cm deftxkey Ar index 658Set the default key to use for transmission. 659Typically this is only set when using WEP encryption. 660The 661.Cm weptxkey 662is an alias for this request; it is provided for backwards compatibility. 663.It Cm dtimperiod Ar period 664Set the 665DTIM 666period for transmitting buffered multicast data frames when 667operating in ap mode. 668The 669.Ar period 670specifies the number of beacon intervals between DTIM 671and must be in the range 1 to 15. 672By default DTIM is 1 (i.e., DTIM occurs at each beacon). 673.It Cm fragthreshold Ar length 674Set the threshold for which transmitted frames are broken into fragments. 675The 676.Ar length 677argument is the frame size in bytes and must be in the range 256 to 2346. 678Setting 679.Ar length 680to 681.Li 2346 , 682.Cm any , 683or 684.Cm - 685disables transmit fragmentation. 686Not all adaptors honor the fragmentation threshold. 687.It Cm hidessid 688When operating as an access point, do not broadcast the SSID 689in beacon frames or respond to probe request frames unless 690they are directed to the ap (i.e., they include the ap's SSID). 691By default, the SSID is included in beacon frames and 692undirected probe request frames are answered. 693To re-enable the broadcast of the SSID etc., use 694.Fl hidessid . 695.It Cm list active 696Display the list of channels available for use taking into account 697any restrictions set with the 698.Cm chanlist 699directive. 700See the description of 701.Cm list chan 702for more information. 703.It Cm list caps 704Display the adaptor's capabilities, including the operating 705modes supported. 706.It Cm list chan 707Display the list of channels available for use. 708Channels are shown with their IEEE channel number, equivalent 709frequency, and usage modes. 710Channels identified as 711.Ql 11g 712are also usable in 713.Ql 11b 714mode. 715Channels identified as 716.Ql 11a Turbo 717may be used only for Atheros' Static Turbo mode 718specified with 719.Cm mediaopt turbo ) . 720Channels marked with a 721.Ql * 722have a regulatory constraint that they be passively scanned. 723This means a station is not permitted to transmit on the channel until 724it identifies the channel is being used for 802.11 communication; 725typically by hearing a beacon frame from an access point operating 726on the channel. 727.Cm list freq 728is another way of requesting this information. 729.It Cm list mac 730Display the current MAC Access Control List state. 731Each address is prefixed with a character that indicates the 732current policy applied to it: 733.Ql + 734indicates the address is allowed access, 735.Ql - 736indicates the address is denied access, 737.Ql * 738indicates the address is present but the current policy open 739(so the ACL is not consulted). 740.It Cm list scan 741Display the access points and/or ad-hoc neighbors 742located in the vicinity. 743The 744.Fl v 745flag may be used to display long SSIDs. 746This information may be updated automatically by the adaptor 747and/or with a 748.Cm scan 749request. 750.Cm list ap 751is another way of requesting this information. 752.It Cm list sta 753When operating as an access point display the stations that are 754currently associated. 755When operating in ad-hoc mode display stations identified as 756neighbors in the IBSS. 757.It Cm list wme 758Display the current parameters to use when operating in WME mode. 759When WME mode is enabled for an adaptor this information will be 760displayed with the regular status; this command is mostly useful 761for examining parameters when WME mode is disabled. 762See the description of the 763.Cm wme 764directive for information on the various parameters. 765.It Cm mcastrate Ar rate 766Set the rate for transmitting multicast/broadcast frames. 767Rates are specified as megabits/second in decimal; e.g.\& 5.5 for 5.5 Mbit/s. 768This rate should be valid for the current operating conditions; 769if an invalid rate is specified drivers are free to chose an 770appropriate rate. 771.It Cm powersave 772Enable powersave operation. 773When operating as a client, the station will conserve power by 774periodically turning off the radio and listening for 775messages from the access point telling it there are packets waiting. 776The station must then retrieve the packets. 777When operating as an access point, the station must honor power 778save operation of associated clients. 779Not all devices support power save operation, either as a client 780or as an access point. 781Use 782.Fl powersave 783to disable powersave operation. 784.It Cm powersavemode Ar mode 785Set powersave mode. 786The set of valid modes is 787.Cm off 788(same as 789.Fl powersave ) , 790.Cm on 791(same as 792.Cm powersave ) , 793and 794.Cm cam 795(same as 796.Cm powersave ) . 797.It Cm powersavesleep Ar sleep 798Set the desired max powersave sleep time in TU's (1024 usecs). 799By default the max powersave sleep time is 100 TU's. 800.It Cm protmode Ar technique 801For interfaces operating in 802.11g, use the specified 802.Ar technique 803for protecting OFDM frames in a mixed 11b/11g network. 804The set of valid techniques is 805.Cm off , cts 806(CTS to self), 807and 808.Cm rtscts 809(RTS/CTS). 810Technique names are case insensitive. 811.It Cm pureg 812When operating as an access point in 802.11g mode allow only 81311g-capable stations to associate (11b-only stations are not 814permitted to associate). 815To allow both 11g and 11b-only stations to associate, use 816.Fl pureg . 817.It Cm roaming Ar mode 818When operating as a station, control how the system will 819behave when communication with the current access point 820is broken. 821The 822.Ar mode 823argument may be one of 824.Cm device 825(leave it to the hardware device to decide), 826.Cm auto 827(handle either in the device or the operating system\[em]as appropriate), 828.Cm manual 829(do nothing until explicitly instructed). 830By default, the device is left to handle this if it is 831capable; otherwise, the operating system will automatically 832attempt to reestablish communication. 833Manual mode is mostly useful when an application wants to 834control the selection of an access point. 835.It Cm ratectl Ar algorithm 836Set the TX rate control algorithm. 837The set of valid 838.Ar algorithm 839is 840.Cm onoe 841(Onoe TX rate control algorithm), 842.Cm sample 843(Sample TX rate control algorithm) 844and 845.Cm amrr 846(AMRR TX rate control algorithm). 847.Ar Algorithm 848names are case sensitive. 849.It Cm rtsthreshold Ar length 850Set the threshold for which 851transmitted frames are preceded by transmission of an 852RTS 853control frame. 854The 855.Ar length 856argument 857is the frame size in bytes and must be in the range 1 to 2346. 858Setting 859.Ar length 860to 861.Li 2346 , 862.Cm any , 863or 864.Cm - 865disables transmission of RTS frames. 866Not all adaptors support setting the RTS threshold. 867.It Cm ssid Ar ssid 868Set the desired Service Set Identifier (aka network name). 869The SSID is a string up to 32 characters 870in length and may be specified as either a normal string or in 871hexadecimal when preceded by 872.Ql 0x . 873Additionally, the SSID may be cleared by setting it to 874.Ql - . 875.It Cm scan 876Initiate a scan of neighboring stations, wait for it to complete, and 877display all stations found. 878Only the super-user can initiate a scan. 879Depending on the capabilities of the APs, the following 880flags can be included in the output: 881.Bl -tag -width 3n 882.It Li A 883Channel Agility. 884Indicates that the station support channel hopping as described by the 885IEEE 802.11b specification. 886.It Li B 887Packet Binary Convolution Code (PBCC). 888A modulation alternative to the standard OFDM method. 889.It Li C 890Pollreq 891.It Li c 892Pollable 893.It Li D 894Direct Sequence Spread Spectrum - Orthogonal Frequency Division 895Multiplexing (DSSS-OFDM). 896Indicates the the station supports DSSS-OFDM modulation. 897.It Li E 898Extended Service Set (ESS). 899Indicates that the station is part of an infrastructure network 900(in contrast to an IBSS/ad-hoc network). 901.It Li I 902IBSS/ad-hoc network. 903Indicates that the station is part of an ad-hoc network 904(in contrast to an ESS network). 905.It Li P 906Privacy. 907Data confidentiality is required for all data frames 908exchanged within the BSS. 909This means that this BSS requires the station to 910use cryptographic means such as WEP, TKIP or AES-CCMP to 911encrypt/decrypt data frames being exchanged with others. 912.It Li R 913Robust Security Network (RSN). 914Indicates that the station supports the IEEE 802.11i authentication 915and key management protocol. 916.It Li S 917Short Preamble. 918Indicates that the network is using short preambles (defined 919in 802.11b High Rate/DSSS PHY, short preamble utilizes a 92056 bit sync field in contrast to a 128 bit field used in long 921preamble mode). 922.It Li s 923Short slot time. 924Indicates that the network is using a short slot time. 925.El 926.Pp 927The 928.Cm list scan 929request can be used to show recent scan results without 930initiating a new scan. 931.Pp 932The 933.Fl v 934flag may be used to prevent the shortening of long SSIDs. 935.It Cm stationname Ar name 936Set the name of this station. 937It appears that the station name is not really part of the IEEE 802.11 938protocol though all interfaces seem to support it. 939As such it only 940seems to be meaningful to identical or virtually identical equipment. 941Setting the station name is identical in syntax to setting the SSID. 942.It Cm txpower Ar power 943Set the power used to transmit frames. 944The 945.Ar power 946argument 947is a unitless value in the range 0 to 100 that is interpreted 948by drivers to derive a device-specific value. 949Out of range values are truncated. 950Typically only a few discreet power settings are available and 951the driver will use the setting closest to the specified value. 952Not all adaptors support changing the transmit power. 953.It Cm wepmode Ar mode 954Set the desired WEP mode. 955Not all adaptors support all modes. 956The set of valid modes is 957.Cm off , on , 958and 959.Cm mixed . 960The 961.Cm mixed 962mode explicitly tells the adaptor to allow association with access 963points which allow both encrypted and unencrypted traffic. 964On these adaptors, 965.Cm on 966means that the access point must only allow encrypted connections. 967On other adaptors, 968.Cm on 969is generally another name for 970.Cm mixed . 971Modes are case insensitive. 972.It Cm weptxkey Ar index 973Set the WEP key to be used for transmission. 974This is the same as setting the default transmission key with 975.Cm deftxkey . 976.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key 977Set the selected WEP key. 978If an 979.Ar index 980is not given, key 1 is set. 981A WEP key will be either 5 or 13 982characters (40 or 104 bits) depending of the local network and the 983capabilities of the adaptor. 984It may be specified either as a plain 985string or as a string of hexadecimal digits preceded by 986.Ql 0x . 987For maximum portability, hex keys are recommended; 988the mapping of text keys to WEP encryption is usually driver-specific. 989In particular, the 990.Tn Windows 991drivers do this mapping differently to 992.Dx . 993A key may be cleared by setting it to 994.Ql - . 995If WEP is supported then there are at least four keys. 996Some adaptors support more than four keys. 997If that is the case, then the first four keys 998(1-4) will be the standard temporary keys and any others will be adaptor 999specific keys such as permanent keys stored in NVRAM. 1000.It Cm wme 1001Enable Wireless Multimedia Extensions (WME) support, if available, 1002for the specified interface. 1003WME is a subset of the IEEE 802.11e standard to support the 1004efficient communication of realtime and multimedia data. 1005To disable WME support, use 1006.Fl wme . 1007.Pp 1008The following parameters are meaningful only when WME support is in use. 1009Parameters are specified per-AC (Access Category) and 1010split into those that are used by a station when acting 1011as an access point and those for client stations in the BSS. 1012The latter are received from the access point and may not be changed 1013(at the station). 1014The following Access Categories are recognized: 1015.Pp 1016.Bl -tag -width ".Cm AC_BK" -compact 1017.It Cm AC_BE 1018(or 1019.Cm BE ) 1020best effort delivery, 1021.It Cm AC_BK 1022(or 1023.Cm BK ) 1024background traffic, 1025.It Cm AC_VI 1026(or 1027.Cm VI ) 1028video traffic, 1029.It Cm AC_VO 1030(or 1031.Cm VO ) 1032voice traffic. 1033.El 1034.Pp 1035AC parameters are case-insensitive. 1036Traffic classification is done in the operating system using the 1037vlan priority associated with data frames or the 1038ToS (Type of Service) indication in IP-encapsulated frames. 1039If neither information is present, traffic is assigned to the 1040Best Effort (BE) category. 1041.Bl -tag -width indent 1042.It Cm ack Ar ac 1043Set the ACK policy for QoS transmissions by the local station; 1044this controls whether or not data frames transmitted by a station 1045require an ACK response from the receiving station. 1046To disable waiting for an ACK use 1047.Fl ack . 1048This parameter is applied only to the local station. 1049.It Cm acm Ar ac 1050Enable the Admission Control Mandatory (ACM) mechanism 1051for transmissions by the local station. 1052To disable the ACM use 1053.Fl acm . 1054On stations in a BSS this parameter is read-only and indicates 1055the setting received from the access point. 1056NB: ACM is not supported right now. 1057.It Cm aifs Ar ac Ar count 1058Set the Arbitration Inter Frame Spacing (AIFS) 1059channel access parameter to use for transmissions 1060by the local station. 1061On stations in a BSS this parameter is read-only and indicates 1062the setting received from the access point. 1063.It Cm cwmin Ar ac Ar count 1064Set the CWmin channel access parameter to use for transmissions 1065by the local station. 1066On stations in a BSS this parameter is read-only and indicates 1067the setting received from the access point. 1068.It Cm cwmax Ar ac Ar count 1069Set the CWmax channel access parameter to use for transmissions 1070by the local station. 1071On stations in a BSS this parameter is read-only and indicates 1072the setting received from the access point. 1073.It Cm txoplimit Ar ac Ar limit 1074Set the Transmission Opportunity Limit channel access parameter 1075to use for transmissions by the local station. 1076This parameter defines an interval of time when a WME station 1077has the right to initiate transmissions onto the wireless medium. 1078On stations in a BSS this parameter is read-only and indicates 1079the setting received from the access point. 1080.It Cm bss:aifs Ar ac Ar count 1081Set the AIFS channel access parameter to send to stations in a BSS. 1082This parameter is meaningful only when operating in ap mode. 1083.It Cm bss:cwmin Ar ac Ar count 1084Set the CWmin channel access parameter to send to stations in a BSS. 1085This parameter is meaningful only when operating in ap mode. 1086.It Cm bss:cwmax Ar ac Ar count 1087Set the CWmax channel access parameter to send to stations in a BSS. 1088This parameter is meaningful only when operating in ap mode. 1089.It Cm bss:txoplimit Ar ac Ar limit 1090Set the TxOpLimit channel access parameter to send to stations in a BSS. 1091This parameter is meaningful only when operating in ap mode. 1092.El 1093.El 1094.Pp 1095The following parameters support an optional access control list 1096feature available with some adaptors when operating in ap mode; see 1097.Xr wlan_acl 4 . 1098This facility allows an access point to accept/deny association 1099requests based on the MAC address of the station. 1100Note that this feature does not significantly enhance security 1101as MAC address spoofing is easy to do. 1102.Bl -tag -width indent 1103.It Cm mac:add Ar address 1104Add the specified MAC address to the database. 1105Depending on the policy setting association requests from the 1106specified station will be allowed or denied. 1107.It Cm mac:allow 1108Set the ACL policy to permit association only by 1109stations registered in the database. 1110.It Cm mac:del Ar address 1111Delete the specified MAC address from the database. 1112.It Cm mac:deny 1113Set the ACL policy to deny association only by 1114stations registered in the database. 1115.It Cm mac:kick Ar address 1116Force the specified station to be deauthenticated. 1117This typically is done to block a station after updating the 1118address database. 1119.It Cm mac:open 1120Set the ACL policy to allow all stations to associate. 1121.It Cm mac:flush 1122Delete all entries in the database. 1123.El 1124.Pp 1125The following parameters are for compatibility with other systems: 1126.Bl -tag -width indent 1127.It Cm nwid Ar ssid 1128Another name for the 1129.Cm ssid 1130parameter. 1131Included for 1132.Nx 1133compatibility. 1134.It Cm station Ar name 1135Another name for the 1136.Cm stationname 1137parameter. 1138Included for 1139.Bsx 1140compatibility. 1141.It Cm wep 1142Another way of saying 1143.Cm wepmode on . 1144Included for 1145.Bsx 1146compatibility. 1147.It Fl wep 1148Another way of saying 1149.Cm wepmode off . 1150Included for 1151.Bsx 1152compatibility. 1153.It Cm nwkey key 1154Another way of saying: 1155.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" . 1156Included for 1157.Nx 1158compatibility. 1159.It Cm nwkey Xo 1160.Sm off 1161.Ar n : k1 , k2 , k3 , k4 1162.Sm on 1163.Xc 1164Another way of saying 1165.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" . 1166Included for 1167.Nx 1168compatibility. 1169.It Fl nwkey 1170Another way of saying 1171.Cm wepmode off . 1172Included for 1173.Nx 1174compatibility. 1175.El 1176.Pp 1177The following parameters are specific to bridge interfaces: 1178.Bl -tag -width indent 1179.It Cm addm Ar interface 1180Add the interface named by 1181.Ar interface 1182as a member of the bridge. 1183The interface is put into promiscuous mode 1184so that it can receive every packet sent on the network. 1185.It Cm deletem Ar interface 1186Remove the interface named by 1187.Ar interface 1188from the bridge. 1189Promiscuous mode is disabled on the interface when 1190it is removed from the bridge. 1191.It Cm maxaddr Ar size 1192Set the size of the bridge address cache to 1193.Ar size . 1194The default is 100 entries. 1195.It Cm timeout Ar seconds 1196Set the timeout of address cache entries to 1197.Ar seconds 1198seconds. 1199If 1200.Ar seconds 1201is zero, then address cache entries will not be expired. 1202The default is 240 seconds. 1203.It Cm addr 1204Display the addresses that have been learned by the bridge. 1205.It Cm static Ar interface-name Ar address 1206Add a static entry into the address cache pointing to 1207.Ar interface-name . 1208Static entries are never aged out of the cache or re-placed, even if the 1209address is seen on a different interface. 1210.It Cm deladdr Ar address 1211Delete 1212.Ar address 1213from the address cache. 1214.It Cm flush 1215Delete all dynamically-learned addresses from the address cache. 1216.It Cm flushall 1217Delete all addresses, including static addresses, from the address cache. 1218.It Cm discover Ar interface 1219Mark an interface as a 1220.Dq discovering 1221interface. 1222When the bridge has no address cache entry 1223(either dynamic or static) 1224for the destination address of a packet, 1225the bridge will forward the packet to all 1226member interfaces marked as 1227.Dq discovering . 1228This is the default for all interfaces added to a bridge. 1229.It Fl discover Ar interface 1230Clear the 1231.Dq discovering 1232attribute on a member interface. 1233For packets without the 1234.Dq discovering 1235attribute, the only packets forwarded on the interface are broadcast 1236or multicast packets and packets for which the destination address 1237is known to be on the interface's segment. 1238.It Cm learn Ar interface 1239Mark an interface as a 1240.Dq learning 1241interface. 1242When a packet arrives on such an interface, the source 1243address of the packet is entered into the address cache as being a 1244destination address on the interface's segment. 1245This is the default for all interfaces added to a bridge. 1246.It Fl learn Ar interface 1247Clear the 1248.Dq learning 1249attribute on a member interface. 1250.It Cm span Ar interface 1251Add the interface named by 1252.Ar interface 1253as a span port on the bridge. 1254Span ports transmit a copy of every frame received by the bridge. 1255This is most useful for snooping a bridged network passively on 1256another host connected to one of the span ports of the bridge. 1257.It Fl span Ar interface 1258Delete the interface named by 1259.Ar interface 1260from the list of span ports of the bridge. 1261.It Cm stp Ar interface 1262Enable Spanning Tree protocol on 1263.Ar interface . 1264The 1265.Xr bridge 4 1266driver has support for the IEEE 802.1D Spanning Tree protocol (STP). 1267Spanning Tree is used to detect and remove loops in a network topology. 1268.It Fl stp Ar interface 1269Disable Spanning Tree protocol on 1270.Ar interface . 1271This is the default for all interfaces added to a bridge. 1272.It Cm maxage Ar seconds 1273Set the time that a Spanning Tree protocol configuration is valid. 1274The default is 20 seconds. 1275The minimum is 1 second and the maximum is 255 seconds. 1276.It Cm fwddelay Ar seconds 1277Set the time that must pass before an interface begins forwarding 1278packets when Spanning Tree is enabled. 1279The default is 15 seconds. 1280The minimum is 1 second and the maximum is 255 seconds. 1281.It Cm hellotime Ar seconds 1282Set the time between broadcasting of Spanning Tree protocol 1283configuration messages. 1284The default is 2 seconds. 1285The minimum is 1 second and the maximum is 255 seconds. 1286.It Cm priority Ar value 1287Set the bridge priority for Spanning Tree. 1288The default is 32768. 1289The minimum is 0 and the maximum is 65536. 1290.It Cm ifpriority Ar interface Ar value 1291Set the Spanning Tree priority of 1292.Ar interface 1293to 1294.Ar value . 1295The default is 128. 1296The minimum is 0 and the maximum is 255. 1297.It Cm ifpathcost Ar interface Ar value 1298Set the Spanning Tree path cost of 1299.Ar interface 1300to 1301.Ar value . 1302The default is 55. 1303The minimum is 0 and the maximum is 65535. 1304.El 1305.Pp 1306The following parameters are specific to IP tunnel interfaces, 1307.Xr gif 4 : 1308.Bl -tag -width indent 1309.It Cm tunnel Ar src_addr dest_addr 1310Configure the physical source and destination address for IP tunnel 1311interfaces. 1312The arguments 1313.Ar src_addr 1314and 1315.Ar dest_addr 1316are interpreted as the outer source/destination for the encapsulating 1317IPv4/IPv6 header. 1318.It Fl tunnel 1319Unconfigure the physical source and destination address for IP tunnel 1320interfaces previously configured with 1321.Cm tunnel . 1322.It Cm deletetunnel 1323Another name for the 1324.Fl tunnel 1325parameter. 1326.El 1327.Pp 1328The following parameters are specific to 1329.Xr vlan 4 1330interfaces: 1331.Bl -tag -width indent 1332.It Cm vlan Ar vlan_tag 1333Set the VLAN tag value to 1334.Ar vlan_tag . 1335This value is a 16-bit number which is used to create an 802.1Q 1336VLAN header for packets sent from the 1337.Xr vlan 4 1338interface. 1339Note that 1340.Cm vlan 1341and 1342.Cm vlandev 1343must both be set at the same time. 1344.It Cm vlandev Ar iface 1345Associate the physical interface 1346.Ar iface 1347with a 1348.Xr vlan 4 1349interface. 1350Packets transmitted through the 1351.Xr vlan 4 1352interface will be 1353diverted to the specified physical interface 1354.Ar iface 1355with 802.1Q VLAN encapsulation. 1356Packets with 802.1Q encapsulation received 1357by the parent interface with the correct VLAN tag will be diverted to 1358the associated 1359.Xr vlan 4 1360pseudo-interface. 1361The 1362.Xr vlan 4 1363interface is assigned a 1364copy of the parent interface's flags and the parent's ethernet address. 1365The 1366.Cm vlandev 1367and 1368.Cm vlan 1369must both be set at the same time. 1370If the 1371.Xr vlan 4 1372interface already has 1373a physical interface associated with it, this command will fail. 1374To 1375change the association to another physical interface, the existing 1376association must be cleared first. 1377.Pp 1378Note: if the hardware tagging capability 1379is set on the parent interface, the 1380.Xr vlan 4 1381pseudo 1382interface's behavior changes: 1383the 1384.Xr vlan 4 1385interface recognizes that the 1386parent interface supports insertion and extraction of VLAN tags on its 1387own (usually in firmware) and that it should pass packets to and from 1388the parent unaltered. 1389.It Fl vlandev Op Ar iface 1390If the driver is a 1391.Xr vlan 4 1392pseudo device, disassociate the parent interface from it. 1393This breaks the link between the 1394.Xr vlan 4 1395interface and its parent, 1396clears its VLAN tag, flags and its link address and shuts the interface down. 1397The 1398.Ar iface 1399argument is useless and hence deprecated. 1400.El 1401.Pp 1402The following parameters are specific to 1403.Xr carp 4 1404interfaces: 1405.Bl -tag -width indent 1406.It Cm advbase Ar seconds 1407Specifies the base of the advertisement interval in seconds. 1408The acceptable values are 1 to 255. 1409The default value is 1. 1410.\" The default value is 1411.\" .Dv CARP_DFLTINTV . 1412.It Cm advskew Ar interval 1413Specifies the skew to add to the base advertisement interval to 1414make one host advertise slower than another host. 1415It is specified in 1/256 of seconds. 1416The acceptable values are 1 to 254. 1417The default value is 0. 1418.It Cm pass Ar phrase 1419Set the authentication key to 1420.Ar phrase . 1421.It Cm vhid Ar n 1422Set the virtual host ID. 1423This is a required setting. 1424Acceptable values are 1 to 255. 1425.El 1426.Pp 1427The 1428.Nm 1429utility displays the current configuration for a network interface 1430when no optional parameters are supplied. 1431If a protocol family is specified, 1432.Nm 1433will report only the details specific to that protocol family. 1434.Pp 1435If the 1436.Fl m 1437flag is passed before an interface name, 1438.Nm 1439will display the capability list and all 1440of the supported media for the specified interface. 1441If 1442.Fl L 1443flag is supplied, address lifetime is displayed for IPv6 addresses, 1444as time offset string. 1445.Pp 1446Optionally, the 1447.Fl a 1448flag may be used instead of an interface name. 1449This flag instructs 1450.Nm 1451to display information about all interfaces in the system. 1452The 1453.Fl d 1454flag limits this to interfaces that are down, and 1455.Fl u 1456limits this to interfaces that are up. 1457When no arguments are given, 1458.Fl a 1459is implied. 1460.Pp 1461The 1462.Fl l 1463flag may be used to list all available interfaces on the system, with 1464no other additional information. 1465Use of this flag is mutually exclusive 1466with all other flags and commands, except for 1467.Fl d 1468(only list interfaces that are down) 1469and 1470.Fl u 1471(only list interfaces that are up). 1472.Pp 1473The 1474.Fl v 1475flag may be used to get more verbose status for an interface. 1476.Pp 1477The 1478.Fl C 1479flag may be used to list all of the interface cloners available on 1480the system, with no additional information. 1481Use of this flag is mutually exclusive with all other flags and commands. 1482.Pp 1483The 1484.Fl k 1485flag causes keying information for the interface, if available, to be 1486printed. 1487For example, the values of 802.11 WEP keys will be printed, if accessible to 1488the current user. 1489This information is not printed by default, as it may be considered 1490sensitive. 1491.Pp 1492Only the super-user may modify the configuration of a network interface. 1493.Sh DIAGNOSTICS 1494Messages indicating the specified interface does not exist, the 1495requested address is unknown, or the user is not privileged and 1496tried to alter an interface's configuration. 1497.Sh SEE ALSO 1498.Xr netstat 1 , 1499.Xr carp 4 , 1500.Xr ifmedia 4 , 1501.Xr netintro 4 , 1502.Xr polling 4 , 1503.Xr vlan 4 , 1504.\" .Xr eon 5 , 1505.Xr rc 8 , 1506.Xr routed 8 , 1507.Xr sysctl 8 1508.Sh HISTORY 1509The 1510.Nm 1511utility appeared in 1512.Bx 4.2 . 1513.Sh BUGS 1514Basic IPv6 node operation requires a link-local address on each 1515interface configured for IPv6. 1516Normally, such an address is automatically configured by the 1517kernel on each interface added to the system; this behaviour may 1518be disabled by setting the sysctl MIB variable 1519.Va net.inet6.ip6.auto_linklocal 1520to 0. 1521.Pp 1522If you delete such an address using 1523.Nm , 1524the kernel may act very odd. 1525Do this at your own risk. 1526