 |
Index for
Section 8 |
|
 |
Alphabetical
listing for I |
|
 |
Bottom of
page |
|
ifconfig(8)
NAME
ifconfig - Configures or displays network interface parameters
SYNOPSIS
/usr/sbin/ifconfig interface_id [address_family]
[address[/bitmask] [dest_address]] [parameters]
/usr/sbin/ifconfig -a
The ifconfig command assigns and displays an address to a network
interface, and configures network interface parameters.
FLAGS
-a Displays information about all interfaces that are configured on a
system.
DESCRIPTION
You use the ifconfig command at boot time to define the network address of
each interface. You can also use the ifconfig command at other times to
display all interfaces that are configured on a system, to redefine the
address of an interface, or to set other operating parameters.
Note
If you want to redefine the interface address or the netmask, use
the SysMan Menu utility. Otherwise, any daemons currently
running will use the old address and netmask, and will fail. The
SysMan Menu utility makes the necessary changes and restarts the
network services.
Any user can query the status of a network interface; only the superuser
can modify the configuration network interfaces.
You specify an interface with the ifconfig interface_id syntax. (See your
hardware documentation for information on obtaining an interface ID.)
If you specify only an interface_id, the ifconfig command displays the
current configuration for the specified network interface only.
If a protocol family is specified by the address_family parameter, ifconfig
reports only the configuration details specific to that protocol family.
When changing an interface configuration, if the address family cannot be
inferred from the address parameter, an address family, which may alter the
interpretation of succeeding parameters, must be specified. This family is
required because an interface can receive transmissions in different
protocols, each of which may require a separate naming scheme.
The address argument is the network address of the interface being
configured. For the inet address family, the address argument is either a
hostname or an Internet address in the standard dotted-decimal notation
with or without the optional Classless Inter-Domain Routing (CIDR) bitmask
(/bitmask). If using the bitmask argument, do not use the netmask
parameter.
The destination address (dest_address) argument specifies the address of
the correspondent on the remote end of a point-to-point link.
Parameters
abort Closes all TCP connections associated with a network address.
Use this parameter when removing aliases or deleting network
addresses. This prevents users from experiencing a hanging
connection when the network address is deleted.
add interface-id [,interface-id]
Creates a set of redundant adapters (NetRAIN). The interface-id
specified must represent adapters of the same type connected to
the same LAN segment. The ifconfig interface-id parameter must
be a NetRAIN virtual interface name of the form nrx, where x is
the unit number (Valid unit numbers are 0 to nr_maxdev-1. See
sys_attrs_netrain(5) for a description of nr_maxdev and other
netrain subsystem attributes. You can adjust this limit by using
the sysconfig command). If the NetRAIN virtual interface does
not exist, it is created.
Note
Before creating a NetRAIN set, make sure that niffd is
running on your system.
See the Network Administration manual for complete information on
configuring a NetRAIN interface.
alias alias_address[/bitmask]
Establishes an additional network address for this interface.
This can be useful when changing network numbers and you want to
continue to accept packets addressed to the old interface. This
alias is in effect only until the system is rebooted. To
establish this alias automatically each time the system is
booted, edit the inet.local file and add the ifconfig alias
entries to it.
If you do not specify a bitmask or netmask with an alias address,
the default netmask is based on the alias address's network
class.
If you are using the optional bitmask argument, do not use the
netmask argument.
This parameter has the following restrictions:
·
You can specify only one alias alias_address parameter for each
ifconfig command line.
·
You cannot specify an alias and an interface-id on the same
command line.
-alias alias_address
Removes the network address specified. This can be used either
if you incorrectly specified an alias or if an alias is no longer
needed. The -alias parameter functions in the same manner as the
delete parameter.
aliaslist address_list[/bitmask]
Establishes a range of additional network addresses for this
interface. The range can be either a comma-separated list or a
hyphenated list, and is inclusive. You can also specify the
optional CIDR bitmask (/bitmask) argument at the end of the list.
Do not use a comma-separated list and a hyphenated list for a
range. See the "Examples" section for valid examples of the
aliaslist parameter.
If you do not specify a netmask with the alias list, the default
netmask is based on the alias address's network class.
-aliaslist
Removes a range of network addresses for this interface. This
can be useful when deleting network numbers and you want to keep
the primary interface address. The alias list rules are the same
as for the aliaslist parameter.
allmulti Enables the reception of all multicast packets.
-allmulti Disables the reception of all multicast packets.
arp Enables the use of the Address Resolution Protocol (ARP) in
mapping between network-level addresses and link-level addresses.
This parameter is on by default.
-arp Disables the use of the ARP. Use of this parameter is not
recommended. See arp(8) for more information.
broadcast broad_address
Specifies the address to use to represent broadcasts to the
network. The default broadcast address is the address with a
host part consisting of all 1s (ones). Note that the computation
of the host part is dependent on netmask (see the description of
the netmask parameter).
debug Enables driver-dependent debug code. This might turn on extra
console error logging. (See your hardware documentation for
further information.)
-debug Disables driver-dependent debug code.
delete [net_address]
Removes the network address specified. This would be used if you
incorrectly specified an alias, or if it was no longer needed.
If you have incorrectly set an NS address having the side effect
of specifying the host portion, removing all NS addresses will
allow you to respecify the host portion.
Note
Be careful when you use this parameter. If you either
specify the network address before the delete parameter
or specify no network address after the delete
parameter, all network addresses for the interface are
deleted.
down Marks an interface as not working (down), which keeps the system
from trying to transmit messages through that interface. If
possible, the ifconfig command also resets the interface to
disable reception of messages. Routes that use the interface,
however, are not automatically disabled.
filter Enables access filtering on the interface. Reads the
/etc/ifaccess.conf file and constructs an interface access filter
based on entries in the file. Interface access filtering
provides a mechanism for detecting and preventing IP spoofing
attacks. (See CERT Advisory CA-95:01). The source addresses of
IP input packets are checked against access filter entries;
packets receive the action associated with the first matching
entry. The following actions are valid: permit, deny, or
denylog; the final filter entry is a default permit all. See
ifaccess.conf(4) for more information.
-filter Disables access filtering on the interface.
ipdst Specifies an Internet host willing to receive IP packets
encapsulating packets bound for a remote network. For a Network
Systems (NS) case, an apparent point-to-point link is
constructed, and the address specified will be taken as the NS
address and network of the destination host.
ipmtu mtu_value
Alters the size of the maximum transfer unit (MTU) for messages
that your system transmits. It might be necessary to reduce the
MTU size so that bridges connecting token rings can transfer
frames without error.
metric number
Sets the routing metric, or number of hops, for the interface to
the value of number. The default value is 0 (zero) if number is
not specified, indicating that both hosts are on the same
network. The routing metric is used by the routed and gated
daemons, with higher metrics indicating that the route is less
favorable.
monitor Enable NetRAIN monitoring on this interface. If the monitoring
code determines that the interface is not operational, a message
is sent to the console and to a log file.
multinet Enables the use of multiple subnets on the interface. This is
required when an IP alias address is configured on an interface
and it is in a different subnet than the primary IP address of
the interface.
-multinet Disables the use of multiple subnets on the interface.
netmask mask
Specifies how much of the address to reserve for subdividing
networks into sub-networks. This parameter can only be used with
an address family of inet. Do not use this parameter if you are
specifying the CIDR mask (/bitmask) with the address argument,
alias parameter, or aliaslist parameter.
The mask variable includes both the network part of the local
address and the subnet part, which is taken from the host field
of the address. The mask can be specified as a single
hexadecimal number beginning with 0x, in the standard Internet
dotted-decimal notation, or beginning with a name.
The mask contains 1s (ones) for the bit positions in the 32-bit
address that are reserved for the network and subnet parts, and
0s (zeros) for the bit positions that specify the host. The mask
should contain at least the standard network portion.
The default netmask is based on the address parameter's network
class.
nrtimers t1, t2
Sets two NetRAIN interface timing parameters. The t1 parameter
specifies the time period, in seconds, that the traffic monitor
thread delays between reads of the interface counters when the
network is running normally. If there is no change in the
received byte count for t1 seconds, the traffic monitor thread
issues a yellow alert. The recommended t1 value is 4.
The t2 parameter specifies the traffic-free time period, in
seconds, that must pass before the traffic monitor thread
declares the interface dead. The recommended t1 value is 10 for
Ethernet interfaces and 16 for Asynchronous Transfer Mode (ATM)
LAN Emulation (LANE) interfaces.
NetRAIN uses Network Interface Failure Finder (NIFF) to monitor
the NetRAIN interfaces. See nifftmt(7) for more information.
physaddr mac-address
Associates the Media Access Control (MAC) address (mac-address)
with an IP network address. You must specify an alias address
with this command. This association is in effect only until the
system is rebooted. To establish this association automatically
each time the system is booted, edit the inet.local file and add
the ifconfig physaddr entries to it.
-physaddr mac-address
Disassociates the MAC address (mac-address) from an IP network
address.
promisc Sets the interface into promiscuous mode. This directs the
network interface to receive all packets off the network, rather
than just those packets directed to the host.
-promisc Disables the promiscuous mode of the interface. This is the
default.
remove Removes the interfaces attached to a NetRAIN interface. All of
the interfaces have their default hardware addresses restored and
the UP flag is cleared. The hardware address of the NetRAIN
virtual interface is set to 00:00:00:00:00:00 and its UP flag is
cleared. The NetRAIN virtual interface may be reconfigured using
the add command.
speed value
Sets the speed at which the token ring adapter transmits and
receives on the token ring network to value. The value can be
either 4 for a ring speed of 4Mbs or 16 for 16Mbs. The adapter
speed must match the signal speed of the token ring.
This parameter also determines the speed (regular or fast
Ethernet) and half- or full-duplex mode operation on the tu
interface when that interface is using the twisted-pair port as
follows:
_____________________________________
Value Configuration
_____________________________________
10 10 Mbps Ethernet half-duplex
20 10 Mbps Ethernet full-duplex
100 100 Mbps Ethernet half-duplex
200 100 Mbps Ethernet full-duplex
_____________________________________
After the interface is online, you can use the ifconfig up and
down options to change the speed value dynamically. Stop adapter
transmission with down and set the speed in the same command
line. Then specify up without a speed value to restart the
adapter.
switch Force a NetRAIN interface to failover to another interface in the
NetRAIN set. If the ifconfig interface-id specified is the
NetRAIN virtual interface, the next available interface in the
set becomes active. If the ifconfig interface-id is a member of
the NetRAIN set, the interface-id specified becomes the active
member. If the interface-id specified is not operational, the
switch command has no effect.
trailers Requests the use of a trailer link-level encapsulation when
sending messages.
If a network interface supports trailers, the system will, when
possible, encapsulate outgoing messages in a manner that
minimizes the number of memory-memory copy operations performed
by the receiver. On networks that support the Address Resolution
Protocol (see arp), this flag indicates that the system should
request that other systems use trailers when sending to this
host. Similarly, trailer encapsulations will be sent to other
hosts that have made such requests. Currently used by Internet
protocols only.
-trailers Disables the use of a trailer link-level encapsulation. This is
the default.
trustgrp group
Sets the trust group identifier for the interface. Trust group
identifiers are passed from the kernel to the screend daemon, and
indicate the color of the interface on which a packet was
received and the color of the interface to which a packet is
intended, as indicated by the kernel routing tables. The group
can be one of the primary colors in the visible spectrum (for
example, red, orange, yellow, green, blue, indigo, and violet).
The screend daemon can optionally use trust group information to
make packet screening decisions.
By default, the trust group identifier is unknown, meaning any
interface. Only application gateways for firewall services use
trust group identifiers.
up Marks an interface as working (up). This parameter is used
automatically when setting the first address for an interface, or
can be used to enable an interface after an ifconfig down
command. If the interface was reset when previously marked with
the parameter down (see the following section for a description
of this parameter), the hardware will be reinitialized.
Display Flags
When you issue the ifconfig command for an interface you might see any of
the following flags:
ALLMULTI The interface will receive all multicast packets.
BROADCAST The interface supports broadcast packets. This is a read-only
flag that is set by the driver.
CLUIF The interface is used for the cluster interconnect.
DEBUG Driver-dependent debugging is enabled.
LOOPBACK The interface is a loopback mode. Packets transmitted on this
interface will be looped back in the driver and not be
transmitted out on the network.
MULTICAST The interface supports multicast packets. This is a read-only
flag that is set by the driver, does not mean that a multicast
address is configured for the interface.
MULTINET Multiple networks are configured on the interface. This means
that an IP alias is in a different subnet than the primary IP
address.
NOARP The interface is not using address resolution protocol (ARP). It
will neither transmit nor respond to ARP requests.
NOCHECKSUM
The interface does not perform checksums on transmitted or
received packets. Use this only on very reliable network media.
NOTRAILERS
Trailer link-level encapsulation for transmitted packets is
disabled.
OACTIVE The interface is actively transmitting packets. This is a read-
only flag that is set by the driver.
PFCOPYALL All packets transmitted on this interface are copied and passed
to the packet filter program.
POINTOPOINT
The interface is point-to-point link. This is a read-only flag
that is set by the driver.
PROMISC The interface is in promiscuous mode. All packets received are
copied and passed to the packet filter program.
QUORUMLOSS
UP interface marked DOWN due to cluster quorum loss.
RUNNING The driver has allocated resources for the interface, and is
ready to transmit and receive packets. This is a read-only flag
that is set by the driver. It is not applicable to loopback
devices, for example, lo0.
SIMPLEX The interface cannot hear its own transmissions. This is a
read-only flag that is set by the driver.
UP The interface is up. This flag is turned on when an address has
been configured on the interface.
VAR_MTU The interface supports variable Maximum Transmission Unit (MTU)
sizes. The is a read-only flag that is set by the driver.
EXAMPLES
1. To query the status of serial line interface sl0, enter:
$ ifconfig sl0
sl0: flags=10<POINTOPOINT>
2. To configure the local loopback interface, enter:
# ifconfig lo0 inet 127.0.0.1 up
Only a user with superuser authority can modify the configuration of a
network interface.
3. To configure a ln0 interface, enter:
# ifconfig ln0 212.232.32.1/22
The broadcast address is 212.232.35.255 as the 22-bit mask specifies
four Class C networks.
4. To configure the token ring interface for a 4 Mbps token ring with a
netmask of 255.255.255.0 in CIDR format, enter:
# ifconfig tra0 130.180.4.1/24 speed 4
5. To stop the token ring interface and start it for a 16 Mbps token
ring, enter:
# ifconfig tra0 down
# ifconfig tra0 speed 16 up
6. To create a NetRAIN set nr1 with the Ethernet interfaces tu0 and tu2
as the set members, enter:
# ifconfig nr1 add tu0,tu2
To set the IP address of this interface to 18.240.32.40, enter:
# ifconfig nr1 inet 18.240.32.40
To view this set, enter:
# ifconfig nr1
nr1: flags=c63<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST,SIMPLEX>
NetRAIN Attached Interfaces: ( tu0 tu2 ) Active Interface: ( tu0 )
inet 18.240.32.40 netmask ffffff00 broadcast 18.240.32.255 ipmtu 1500
7. To remove the interfaces tu0 and tu2 from the NetRAIN set created in
the previous example, enter:
# ifconfig nr1 remove
8. To add alias 132.50.40.35 with a netmask of 255.255.255.0 in CIDR
format to interface tu0, enter:
# ifconfig tu0 alias 132.50.40.35/24
9. To add network addresses 40 through 50, inclusive, to subnets
18.240.32, 18.240.33, 18.240.34, 18.240.35, and 18.240.36 with a
netmask of 255.255.255.0 in CIDR format to the tu0 interface, enter:
# ifconfig tu0 aliaslist 132.240.32-36.40-50/24
10. To add network addresses 40 through 50, inclusive, to subnets
18.240.32, 18.240.64, and 18.240.96 with a netmask of 255.255.255.0 in
CIDR format to the tu0 interface, enter:
# ifconfig tu0 aliaslist 132.240.32,64,96.40-50/24
11. To stop Ethernet interface tu0, delete all addresses associated with
the interface, and close all TCP connections, enter:
# ifconfig tu0 down delete abort
145.92.16.1: aborting 7 tcp connection(s)
12. To delete the alias address 145.92.16.2 on interface tu0 and close all
TCP connections, enter:
# ifconfig tu0 -alias 145.92.16.2 abort
145.92.16.2: aborting 2 tcp connection(s)
13. To associate MAC address aa:01:81:43:02:11 with the alias address
145.92.16.2, enter:
# ifconfig tu0 alias 145.92.16.2 physaddr aa:01:81:43:02:11
14. To disassociate MAC address aa:01:81:43:02:11 from the alias address
145.92.16.2, enter:
# ifconfig tu0 -alias 145.92.16.2 -physaddr aa:01:81:43:02:11
DIAGNOSTICS
Invalid bitmask
The bitmask specified is not in the range of 1 to 32, inclusive.
Netmask can not be used with bitmask.
The -netmask option was specified together with a CIDR bitmask.
cannot set primary and alias addresses, or
multiple alias addresses
You specified more than one alias alias_address parameter on the
same ifconfig command line or you specified an alias and an
interface-id on the same command line.
FILES
/usr/sbin/ifconfig
Specifies the command path
/etc/ifaccess.conf
Interface access filtering configuration file.
RELATED INFORMATION
Commands: netstat(1), niffconfig(8), pfconfig(8), sysconfig(8).
Daemons: gated(8), routed(8), screend(8).
Files: ifaccess.conf(4), inet.local(4).
Networking: nifftmt(7), nr(7).
System Attributes: sys_attrs_netrain(5).
Network Administration
|
Index for
Section 8 |
|
|
Alphabetical
listing for I |
|
 |
Top of
page |
|