xref: /freebsd/sbin/ifconfig/ifconfig.8 (revision 1fb62fb074788ca4713551be09d6569966a3abee)
1.\" Copyright (c) 1983, 1991, 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 4. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\"     From: @(#)ifconfig.8	8.3 (Berkeley) 1/5/94
29.\" $FreeBSD$
30.\"
31.Dd September 17, 2016
32.Dt IFCONFIG 8
33.Os
34.Sh NAME
35.Nm ifconfig
36.Nd configure network interface parameters
37.Sh SYNOPSIS
38.Nm
39.Op Fl f Ar type:format Ns Op Ar ,type:format
40.Op Fl L
41.Op Fl k
42.Op Fl m
43.Op Fl n
44.Ar interface
45.Op Cm create
46.Ar address_family
47.Oo
48.Ar address
49.Op Ar dest_address
50.Oc
51.Op Ar parameters
52.Nm
53.Ar interface
54.Cm destroy
55.Nm
56.Fl a
57.Op Fl L
58.Op Fl d
59.Op Fl m
60.Op Fl u
61.Op Fl v
62.Op Ar address_family
63.Nm
64.Fl l
65.Op Fl d
66.Op Fl u
67.Op Ar address_family
68.Nm
69.Op Fl L
70.Op Fl d
71.Op Fl k
72.Op Fl m
73.Op Fl u
74.Op Fl v
75.Op Fl C
76.Nm
77.Op Fl g Ar groupname
78.Sh DESCRIPTION
79The
80.Nm
81utility is used to assign an address
82to a network interface and/or configure
83network interface parameters.
84The
85.Nm
86utility must be used at boot time to define the network address
87of each interface present on a machine; it may also be used at
88a later time to redefine an interface's address
89or other operating parameters.
90.Pp
91The following options are available:
92.Bl -tag -width indent
93.It Ar address
94For the
95.Tn DARPA Ns -Internet
96family,
97the address is either a host name present in the host name data
98base,
99.Xr hosts 5 ,
100or a
101.Tn DARPA
102Internet address expressed in the Internet standard
103.Dq dot notation .
104.Pp
105It is also possible to use the CIDR notation (also known as the
106slash notation) to include the netmask.
107That is, one can specify an address like
108.Li 192.168.0.1/16 .
109.Pp
110For the
111.Dq inet6
112family, it is also possible to specify the prefix length using the slash
113notation, like
114.Li ::1/128 .
115See the
116.Cm prefixlen
117parameter below for more information.
118.\" For the Xerox Network Systems(tm) family,
119.\" addresses are
120.\" .Ar net:a.b.c.d.e.f ,
121.\" where
122.\" .Ar net
123.\" is the assigned network number (in decimal),
124.\" and each of the six bytes of the host number,
125.\" .Ar a
126.\" through
127.\" .Ar f ,
128.\" are specified in hexadecimal.
129.\" The host number may be omitted on IEEE 802 protocol
130.\" (Ethernet, FDDI, and Token Ring) interfaces,
131.\" which use the hardware physical address,
132.\" and on interfaces other than the first.
133.\" For the
134.\" .Tn ISO
135.\" family, addresses are specified as a long hexadecimal string,
136.\" as in the Xerox family.
137.\" However, two consecutive dots imply a zero
138.\" byte, and the dots are optional, if the user wishes to (carefully)
139.\" count out long strings of digits in network byte order.
140.Pp
141The link-level
142.Pq Dq link
143address
144is specified as a series of colon-separated hex digits.
145This can be used to, for example,
146set a new MAC address on an Ethernet interface, though the
147mechanism used is not Ethernet specific.
148Use the
149.Pq Dq random
150keyword to set a randomly generated MAC address.
151A randomly-generated MAC address might be the same as one already in use
152in the network.
153Such duplications are extremely unlikely.
154If the interface is already
155up when this option is used, it will be briefly brought down and
156then brought back up again in order to ensure that the receive
157filter in the underlying Ethernet hardware is properly reprogrammed.
158.It Ar address_family
159Specify the
160address family
161which affects interpretation of the remaining parameters.
162Since an interface can receive transmissions in differing protocols
163with different naming schemes, specifying the address family is recommended.
164The address or protocol families currently
165supported are
166.Dq inet ,
167.Dq inet6 ,
168and
169.Dq link .
170The default if available is
171.Dq inet
172or otherwise
173.Dq link .
174.Dq ether
175and
176.Dq lladdr
177are synonyms for
178.Dq link .
179When using the
180.Fl l
181flag, the
182.Dq ether
183address family has special meaning and is no longer synonymous with
184.Dq link
185or
186.Dq lladdr .
187Specifying
188.Fl l Dq ether
189will list only Ethernet interfaces, excluding all other interface types,
190including the loopback interface.
191.It Ar dest_address
192Specify the address of the correspondent on the other end
193of a point to point link.
194.It Ar interface
195This
196parameter is a string of the form
197.Dq name unit ,
198for example,
199.Dq Li ed0 .
200.It Ar groupname
201List the interfaces in the given group.
202.El
203.Pp
204The output format of
205.Nm
206can be controlled using the
207.Fl f
208flag or the
209.Ev IFCONFIG_FORMAT
210environment variable.
211The format is specified as a comma separated list of
212.Sy type:format
213pairs.
214See the
215.Sx EXAMPLES
216section for more information.
217The
218.Sy types
219and their associated
220.Sy format
221strings are:
222.Bl -tag -width ether
223.It Sy addr
224Adjust the display of inet and inet6 addresses
225.Bl -tag -width default
226.It Sy default
227Display inet and inet6 addresses in the default format,
228.Sy numeric
229.It Sy fqdn
230Display inet and inet6 addresses as fully qualified domain names
231.Pq FQDN
232.It Sy host
233Display inet and inet6 addresses as unqualified hostnames
234.It Sy numeric
235Display inet and inet6 addresses in numeric format
236.El
237.It Sy ether
238Adjust the display of link-level ethernet (MAC) addresses
239.Bl -tag -width default
240.It Sy colon
241Separate address segments with a colon
242.It Sy dash
243Separate address segments with a dash
244.It Sy default
245Display ethernet addresses in the default format,
246.Sy colon
247.El
248.It Sy inet
249Adjust the display of inet address subnet masks:
250.Bl -tag -width default
251.It Sy cidr
252Display subnet masks in CIDR notation, for example:
253.br
25410.0.0.0/8 or 203.0.113.224/26
255.It Sy default
256Display subnet masks in the default format,
257.Sy hex
258.It Sy dotted
259Display subnet masks in dotted quad notation, for example:
260.br
261255.255.0.0 or 255.255.255.192
262.It Sy hex
263Display subnet masks in hexadecimal, for example:
264.br
2650xffff0000 or 0xffffffc0
266.El
267.It Sy inet6
268Adjust the display of inet6 address prefixes (subnet masks):
269.Bl -tag -width default
270.It Sy cidr
271Display subnet prefix in CIDR notation, for example:
272.br
273::1/128 or fe80::1%lo0/64
274.It Sy default
275Display subnet prefix in the default format
276.Sy numeric
277.It Sy numeric
278Display subnet prefix in integer format, for example:
279.br
280prefixlen 64
281.El
282.El
283.Pp
284The following parameters may be set with
285.Nm :
286.Bl -tag -width indent
287.It Cm add
288Another name for the
289.Cm alias
290parameter.
291Introduced for compatibility
292with
293.Bsx .
294.It Cm alias
295Establish an additional network address for this interface.
296This is sometimes useful when changing network numbers, and
297one wishes to accept packets addressed to the old interface.
298If the address is on the same subnet as the first network address
299for this interface, a non-conflicting netmask must be given.
300Usually
301.Li 0xffffffff
302is most appropriate.
303.It Fl alias
304Remove the network address specified.
305This would be used if you incorrectly specified an alias, or it
306was no longer needed.
307If you have incorrectly set an NS address having the side effect
308of specifying the host portion, removing all NS addresses will
309allow you to respecify the host portion.
310.It Cm anycast
311(Inet6 only.)
312Specify that the address configured is an anycast address.
313Based on the current specification,
314only routers may configure anycast addresses.
315Anycast address will not be used as source address of any of outgoing
316IPv6 packets.
317.It Cm arp
318Enable the use of the Address Resolution Protocol
319.Pq Xr arp 4
320in mapping
321between network level addresses and link level addresses (default).
322This is currently implemented for mapping between
323.Tn DARPA
324Internet
325addresses and
326.Tn IEEE
327802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses).
328.It Fl arp
329Disable the use of the Address Resolution Protocol
330.Pq Xr arp 4 .
331.It Cm staticarp
332If the Address Resolution Protocol is enabled,
333the host will only reply to requests for its addresses,
334and will never send any requests.
335.It Fl staticarp
336If the Address Resolution Protocol is enabled,
337the host will perform normally,
338sending out requests and listening for replies.
339.It Cm broadcast
340(Inet only.)
341Specify the address to use to represent broadcasts to the
342network.
343The default broadcast address is the address with a host part of all 1's.
344.It Cm debug
345Enable driver dependent debugging code; usually, this turns on
346extra console error logging.
347.It Fl debug
348Disable driver dependent debugging code.
349.It Cm promisc
350Put interface into permanently promiscuous mode.
351.It Fl promisc
352Disable permanently promiscuous mode.
353.It Cm delete
354Another name for the
355.Fl alias
356parameter.
357.It Cm description Ar value , Cm descr Ar value
358Specify a description of the interface.
359This can be used to label interfaces in situations where they may
360otherwise be difficult to distinguish.
361.It Cm -description , Cm -descr
362Clear the interface description.
363.It Cm down
364Mark an interface
365.Dq down .
366When an interface is marked
367.Dq down ,
368the system will not attempt to
369transmit messages through that interface.
370If possible, the interface will be reset to disable reception as well.
371This action does not automatically disable routes using the interface.
372.It Cm group Ar group-name
373Assign the interface to a
374.Dq group .
375Any interface can be in multiple groups.
376.Pp
377Cloned interfaces are members of their interface family group by default.
378For example, a PPP interface such as
379.Em ppp0
380is a member of the PPP interface family group,
381.Em ppp .
382.\" The interface(s) the default route(s) point to are members of the
383.\" .Em egress
384.\" interface group.
385.It Cm -group Ar group-name
386Remove the interface from the given
387.Dq group .
388.It Cm eui64
389(Inet6 only.)
390Fill interface index
391(lowermost 64bit of an IPv6 address)
392automatically.
393.It Cm fib Ar fib_number
394Specify interface FIB.
395A FIB
396.Ar fib_number
397is assigned to all frames or packets received on that interface.
398The FIB is not inherited, e.g., vlans or other sub-interfaces will use
399the default FIB (0) irrespective of the parent interface's FIB.
400The kernel needs to be tuned to support more than the default FIB
401using the
402.Va ROUTETABLES
403kernel configuration option, or the
404.Va net.fibs
405tunable.
406.It Cm tunnelfib Ar fib_number
407Specify tunnel FIB.
408A FIB
409.Ar fib_number
410is assigned to all packets encapsulated by tunnel interface, e.g.,
411.Xr gif 4
412and
413.Xr gre 4 .
414.It Cm maclabel Ar label
415If Mandatory Access Control support is enabled in the kernel,
416set the MAC label to
417.Ar label .
418.\" (see
419.\" .Xr maclabel 7 ) .
420.It Cm media Ar type
421If the driver supports the media selection system, set the media type
422of the interface to
423.Ar type .
424Some interfaces support the mutually exclusive use of one of several
425different physical media connectors.
426For example, a 10Mbit/s Ethernet
427interface might support the use of either
428.Tn AUI
429or twisted pair connectors.
430Setting the media type to
431.Cm 10base5/AUI
432would change the currently active connector to the AUI port.
433Setting it to
434.Cm 10baseT/UTP
435would activate twisted pair.
436Refer to the interfaces' driver
437specific documentation or man page for a complete list of the
438available types.
439.It Cm mediaopt Ar opts
440If the driver supports the media selection system, set the specified
441media options on the interface.
442The
443.Ar opts
444argument
445is a comma delimited list of options to apply to the interface.
446Refer to the interfaces' driver specific man page for a complete
447list of available options.
448.It Fl mediaopt Ar opts
449If the driver supports the media selection system, disable the
450specified media options on the interface.
451.It Cm mode Ar mode
452If the driver supports the media selection system, set the specified
453operating mode on the interface to
454.Ar mode .
455For IEEE 802.11 wireless interfaces that support multiple operating modes
456this directive is used to select between 802.11a
457.Pq Cm 11a ,
458802.11b
459.Pq Cm 11b ,
460and 802.11g
461.Pq Cm 11g
462operating modes.
463.It Cm inst Ar minst , Cm instance Ar minst
464Set the media instance to
465.Ar minst .
466This is useful for devices which have multiple physical layer interfaces
467.Pq PHYs .
468.It Cm name Ar name
469Set the interface name to
470.Ar name .
471.It Cm rxcsum , txcsum , rxcsum6 , txcsum6
472If the driver supports user-configurable checksum offloading,
473enable receive (or transmit) checksum offloading on the interface.
474The feature can be turned on selectively per protocol family.
475Use
476.Cm rxcsum6 , txcsum6
477for
478.Xr ip6 4
479or
480.Cm rxcsum , txcsum
481otherwise.
482Some drivers may not be able to enable these flags independently
483of each other, so setting one may also set the other.
484The driver will offload as much checksum work as it can reliably
485support, the exact level of offloading varies between drivers.
486.It Fl rxcsum , txcsum , rxcsum6 , txcsum6
487If the driver supports user-configurable checksum offloading,
488disable receive (or transmit) checksum offloading on the interface.
489The feature can be turned off selectively per protocol family.
490Use
491.Fl rxcsum6 , txcsum6
492for
493.Xr ip6 4
494or
495.Fl rxcsum , txcsum
496otherwise.
497These settings may not always be independent of each other.
498.It Cm tso
499If the driver supports
500.Xr tcp 4
501segmentation offloading, enable TSO on the interface.
502Some drivers may not be able to support TSO for
503.Xr ip 4
504and
505.Xr ip6 4
506packets, so they may enable only one of them.
507.It Fl tso
508If the driver supports
509.Xr tcp 4
510segmentation offloading, disable TSO on the interface.
511It will always disable TSO for
512.Xr ip 4
513and
514.Xr ip6 4 .
515.It Cm tso6 , tso4
516If the driver supports
517.Xr tcp 4
518segmentation offloading for
519.Xr ip6 4
520or
521.Xr ip 4
522use one of these to selectively enabled it only for one protocol family.
523.It Fl tso6 , tso4
524If the driver supports
525.Xr tcp 4
526segmentation offloading for
527.Xr ip6 4
528or
529.Xr ip 4
530use one of these to selectively disable it only for one protocol family.
531.It Cm lro
532If the driver supports
533.Xr tcp 4
534large receive offloading, enable LRO on the interface.
535.It Fl lro
536If the driver supports
537.Xr tcp 4
538large receive offloading, disable LRO on the interface.
539.It Cm wol , wol_ucast , wol_mcast , wol_magic
540Enable Wake On Lan (WOL) support, if available.
541WOL is a facility whereby a machine in a low power state may be woken
542in response to a received packet.
543There are three types of packets that may wake a system:
544ucast (directed solely to the machine's mac address),
545mcast (directed to a broadcast or multicast address),
546or
547magic (unicast or multicast frames with a ``magic contents'').
548Not all devices support WOL, those that do indicate the mechanisms
549they support in their capabilities.
550.Cm wol
551is a synonym for enabling all available WOL mechanisms.
552To disable WOL use
553.Fl wol .
554.It Cm vlanmtu , vlanhwtag, vlanhwfilter, vlanhwcsum, vlanhwtso
555If the driver offers user-configurable VLAN support, enable
556reception of extended frames, tag processing in hardware,
557frame filtering in hardware, checksum offloading, or TSO on VLAN,
558respectively.
559Note that this must be issued on a physical interface associated with
560.Xr vlan 4 ,
561not on a
562.Xr vlan 4
563interface itself.
564.It Fl vlanmtu , vlanhwtag, vlanhwfilter, vlanhwtso
565If the driver offers user-configurable VLAN support, disable
566reception of extended frames, tag processing in hardware,
567frame filtering in hardware, or TSO on VLAN,
568respectively.
569.It Cm vnet Ar jail
570Move the interface to the
571.Xr jail 8 ,
572specified by name or JID.
573If the jail has a virtual network stack, the interface will disappear
574from the current environment and become visible to the jail.
575.It Fl vnet Ar jail
576Reclaim the interface from the
577.Xr jail 8 ,
578specified by name or JID.
579If the jail has a virtual network stack, the interface will disappear
580from the jail, and become visible to the current network environment.
581.It Cm polling
582Turn on
583.Xr polling 4
584feature and disable interrupts on the interface, if driver supports
585this mode.
586.It Fl polling
587Turn off
588.Xr polling 4
589feature and enable interrupt mode on the interface.
590.It Cm create
591Create the specified network pseudo-device.
592If the interface is given without a unit number, try to create a new
593device with an arbitrary unit number.
594If creation of an arbitrary device is successful, the new device name is
595printed to standard output unless the interface is renamed or destroyed
596in the same
597.Nm
598invocation.
599.It Cm destroy
600Destroy the specified network pseudo-device.
601.It Cm plumb
602Another name for the
603.Cm create
604parameter.
605Included for
606.Tn Solaris
607compatibility.
608.It Cm unplumb
609Another name for the
610.Cm destroy
611parameter.
612Included for
613.Tn Solaris
614compatibility.
615.It Cm metric Ar n
616Set the routing metric of the interface to
617.Ar n ,
618default 0.
619The routing metric is used by the routing protocol
620.Pq Xr routed 8 .
621Higher metrics have the effect of making a route
622less favorable; metrics are counted as additional hops
623to the destination network or host.
624.It Cm mtu Ar n
625Set the maximum transmission unit of the interface to
626.Ar n ,
627default is interface specific.
628The MTU is used to limit the size of packets that are transmitted on an
629interface.
630Not all interfaces support setting the MTU, and some interfaces have
631range restrictions.
632.It Cm netmask Ar mask
633.\" (Inet and ISO.)
634(Inet only.)
635Specify how much of the address to reserve for subdividing
636networks into sub-networks.
637The mask includes the network part of the local address
638and the subnet part, which is taken from the host field of the address.
639The mask can be specified as a single hexadecimal number
640with a leading
641.Ql 0x ,
642with a dot-notation Internet address,
643or with a pseudo-network name listed in the network table
644.Xr networks 5 .
645The mask contains 1's for the bit positions in the 32-bit address
646which are to be used for the network and subnet parts,
647and 0's for the host part.
648The mask should contain at least the standard network portion,
649and the subnet field should be contiguous with the network
650portion.
651.Pp
652The netmask can also be specified in CIDR notation after the address.
653See the
654.Ar address
655option above for more information.
656.It Cm prefixlen Ar len
657(Inet6 only.)
658Specify that
659.Ar len
660bits are reserved for subdividing networks into sub-networks.
661The
662.Ar len
663must be integer, and for syntactical reason it must be between 0 to 128.
664It is almost always 64 under the current IPv6 assignment rule.
665If the parameter is omitted, 64 is used.
666.Pp
667The prefix can also be specified using the slash notation after the address.
668See the
669.Ar address
670option above for more information.
671.It Cm remove
672Another name for the
673.Fl alias
674parameter.
675Introduced for compatibility
676with
677.Bsx .
678.Sm off
679.It Cm link Op Cm 0 No - Cm 2
680.Sm on
681Enable special processing of the link level of the interface.
682These three options are interface specific in actual effect, however,
683they are in general used to select special modes of operation.
684An example
685of this is to enable SLIP compression, or to select the connector type
686for some Ethernet cards.
687Refer to the man page for the specific driver
688for more information.
689.Sm off
690.It Fl link Op Cm 0 No - Cm 2
691.Sm on
692Disable special processing at the link level with the specified interface.
693.It Cm monitor
694Put the interface in monitor mode.
695No packets are transmitted, and received packets are discarded after
696.Xr bpf 4
697processing.
698.It Fl monitor
699Take the interface out of monitor mode.
700.It Cm up
701Mark an interface
702.Dq up .
703This may be used to enable an interface after an
704.Dq Nm Cm down .
705It happens automatically when setting the first address on an interface.
706If the interface was reset when previously marked down,
707the hardware will be re-initialized.
708.El
709.Pp
710The following parameters are for ICMPv6 Neighbor Discovery Protocol.
711Note that the address family keyword
712.Dq Li inet6
713is needed for them:
714.Bl -tag -width indent
715.It Cm accept_rtadv
716Set a flag to enable accepting ICMPv6 Router Advertisement messages.
717The
718.Xr sysctl 8
719variable
720.Va net.inet6.ip6.accept_rtadv
721controls whether this flag is set by default or not.
722.It Cm -accept_rtadv
723Clear a flag
724.Cm accept_rtadv .
725.It Cm autoconf
726Set a flag to accept router advertisements on an interface.
727.It Fl autoconf
728Disable autoconfiguration.
729.It Cm no_radr
730Set a flag to control whether routers from which the system accepts
731Router Advertisement messages will be added to the Default Router List
732or not.
733When the
734.Cm accept_rtadv
735flag is disabled, this flag has no effect.
736The
737.Xr sysctl 8
738variable
739.Va net.inet6.ip6.no_radr
740controls whether this flag is set by default or not.
741.It Cm -no_radr
742Clear a flag
743.Cm no_radr .
744.It Cm auto_linklocal
745Set a flag to perform automatic link-local address configuration when
746the interface becomes available.
747The
748.Xr sysctl 8
749variable
750.Va net.inet6.ip6.auto_linklocal
751controls whether this flag is set by default or not.
752.It Cm -auto_linklocal
753Clear a flag
754.Cm auto_linklocal .
755.It Cm defaultif
756Set the specified interface as the default route when there is no
757default router.
758.It Cm -defaultif
759Clear a flag
760.Cm defaultif .
761.It Cm ifdisabled
762Set a flag to disable all of IPv6 network communications on the
763specified interface.
764Note that if there are already configured IPv6
765addresses on that interface, all of them are marked as
766.Dq tentative
767and DAD will be performed when this flag is cleared.
768.It Cm -ifdisabled
769Clear a flag
770.Cm ifdisabled .
771When this flag is cleared and
772.Cm auto_linklocal
773flag is enabled, automatic configuration of a link-local address is
774performed.
775.It Cm nud
776Set a flag to enable Neighbor Unreachability Detection.
777.It Cm -nud
778Clear a flag
779.Cm nud .
780.It Cm no_prefer_iface
781Set a flag to not honor rule 5 of source address selection in RFC 3484.
782In practice this means the address on the outgoing interface will not be
783preferred, effectively yielding the decision to the address selection
784policy table, configurable with
785.Xr ip6addrctl 8 .
786.It Cm -no_prefer_iface
787Clear a flag
788.Cm no_prefer_iface .
789.It Cm no_dad
790Set a flag to disable Duplicate Address Detection.
791.It Cm -no_dad
792Clear a flag
793.Cm no_dad .
794.El
795.Pp
796The following parameters are specific for IPv6 addresses.
797Note that the address family keyword
798.Dq Li inet6
799is needed for them:
800.Bl -tag -width indent
801.It Cm deprecated
802Set the IPv6 deprecated address bit.
803.It Fl deprecated
804Clear the IPv6 deprecated address bit.
805.It Cm pltime Ar n
806Set preferred lifetime for the address.
807.It Cm prefer_source
808Set a flag to prefer address as a candidate of the source address for
809outgoing packets.
810.It Cm -prefer_source
811Clear a flag
812.Cm prefer_source .
813.It Cm vltime Ar n
814Set valid lifetime for the address.
815.El
816.Pp
817The following parameters are specific to cloning
818IEEE 802.11 wireless interfaces with the
819.Cm create
820request:
821.Bl -tag -width indent
822.It Cm wlandev Ar device
823Use
824.Ar device
825as the parent for the cloned device.
826.It Cm wlanmode Ar mode
827Specify the operating mode for this cloned device.
828.Ar mode
829is one of
830.Cm sta ,
831.Cm ahdemo
832(or
833.Cm adhoc-demo ),
834.Cm ibss ,
835(or
836.Cm adhoc ),
837.Cm ap ,
838(or
839.Cm hostap ),
840.Cm wds ,
841.Cm tdma ,
842.Cm mesh ,
843and
844.Cm monitor .
845The operating mode of a cloned interface cannot be changed.
846The
847.Cm tdma
848mode is actually implemented as an
849.Cm adhoc-demo
850interface with special properties.
851.It Cm wlanbssid Ar bssid
852The 802.11 mac address to use for the bssid.
853This must be specified at create time for a legacy
854.Cm wds
855device.
856.It Cm wlanaddr Ar address
857The local mac address.
858If this is not specified then a mac address will automatically be assigned
859to the cloned device.
860Typically this address is the same as the address of the parent device
861but if the
862.Cm bssid
863parameter is specified then the driver will craft a unique address for
864the device (if supported).
865.It Cm wdslegacy
866Mark a
867.Cm wds
868device as operating in ``legacy mode''.
869Legacy
870.Cm wds
871devices have a fixed peer relationship and do not, for example, roam
872if their peer stops communicating.
873For completeness a Dynamic WDS (DWDS) interface may marked as
874.Fl wdslegacy .
875.It Cm bssid
876Request a unique local mac address for the cloned device.
877This is only possible if the device supports multiple mac addresses.
878To force use of the parent's mac address use
879.Fl bssid .
880.It Cm beacons
881Mark the cloned interface as depending on hardware support to
882track received beacons.
883To have beacons tracked in software use
884.Fl beacons .
885For
886.Cm hostap
887mode
888.Fl beacons
889can also be used to indicate no beacons should
890be transmitted; this can be useful when creating a WDS configuration but
891.Cm wds
892interfaces can only be created as companions to an access point.
893.El
894.Pp
895The following parameters are specific to IEEE 802.11 wireless interfaces
896cloned with a
897.Cm create
898operation:
899.Bl -tag -width indent
900.It Cm ampdu
901Enable sending and receiving AMPDU frames when using 802.11n (default).
902The 802.11n specification states a compliant station must be capable
903of receiving AMPDU frames but transmission is optional.
904Use
905.Fl ampdu
906to disable all use of AMPDU with 802.11n.
907For testing and/or to work around interoperability problems one can use
908.Cm ampdutx
909and
910.Cm ampdurx
911to control use of AMPDU in one direction.
912.It Cm ampdudensity Ar density
913Set the AMPDU density parameter used when operating with 802.11n.
914This parameter controls the inter-packet gap for AMPDU frames.
915The sending device normally controls this setting but a receiving station
916may request wider gaps.
917Legal values for
918.Ar density
919are 0, .25, .5, 1, 2, 4, 8, and 16 (microseconds).
920A value of
921.Cm -
922is treated the same as 0.
923.It Cm ampdulimit Ar limit
924Set the limit on packet size for receiving AMPDU frames when operating
925with 802.11n.
926Legal values for
927.Ar limit
928are 8192, 16384, 32768, and 65536 but one can also specify
929just the unique prefix: 8, 16, 32, 64.
930Note the sender may limit the size of AMPDU frames to be less
931than the maximum specified by the receiving station.
932.It Cm amsdu
933Enable sending and receiving AMSDU frames when using 802.11n.
934By default AMSDU is received but not transmitted.
935Use
936.Fl amsdu
937to disable all use of AMSDU with 802.11n.
938For testing and/or to work around interoperability problems one can use
939.Cm amsdutx
940and
941.Cm amsdurx
942to control use of AMSDU in one direction.
943.It Cm amsdulimit Ar limit
944Set the limit on packet size for sending and receiving AMSDU frames
945when operating with 802.11n.
946Legal values for
947.Ar limit
948are 7935 and 3839 (bytes).
949Note the sender may limit the size of AMSDU frames to be less
950than the maximum specified by the receiving station.
951Note also that devices are not required to support the 7935 limit,
952only 3839 is required by the specification and the larger value
953may require more memory to be dedicated to support functionality
954that is rarely used.
955.It Cm apbridge
956When operating as an access point, pass packets between
957wireless clients directly (default).
958To instead let them pass up through the
959system and be forwarded using some other mechanism, use
960.Fl apbridge .
961Disabling the internal bridging
962is useful when traffic is to be processed with
963packet filtering.
964.It Cm authmode Ar mode
965Set the desired authentication mode in infrastructure mode.
966Not all adapters support all modes.
967The set of
968valid modes is
969.Cm none , open , shared
970(shared key),
971.Cm 8021x
972(IEEE 802.1x),
973and
974.Cm wpa
975(IEEE WPA/WPA2/802.11i).
976The
977.Cm 8021x
978and
979.Cm wpa
980modes are only useful when using an authentication service
981(a supplicant for client operation or an authenticator when
982operating as an access point).
983Modes are case insensitive.
984.It Cm bgscan
985Enable background scanning when operating as a station.
986Background scanning is a technique whereby a station associated to
987an access point will temporarily leave the channel to scan for
988neighboring stations.
989This allows a station to maintain a cache of nearby access points
990so that roaming between access points can be done without
991a lengthy scan operation.
992Background scanning is done only when a station is not busy and
993any outbound traffic will cancel a scan operation.
994Background scanning should never cause packets to be lost though
995there may be some small latency if outbound traffic interrupts a
996scan operation.
997By default background scanning is enabled if the device is capable.
998To disable background scanning, use
999.Fl bgscan .
1000Background scanning is controlled by the
1001.Cm bgscanidle
1002and
1003.Cm bgscanintvl
1004parameters.
1005Background scanning must be enabled for roaming; this is an artifact
1006of the current implementation and may not be required in the future.
1007.It Cm bgscanidle Ar idletime
1008Set the minimum time a station must be idle (not transmitting or
1009receiving frames) before a background scan is initiated.
1010The
1011.Ar idletime
1012parameter is specified in milliseconds.
1013By default a station must be idle at least 250 milliseconds before
1014a background scan is initiated.
1015The idle time may not be set to less than 100 milliseconds.
1016.It Cm bgscanintvl Ar interval
1017Set the interval at which background scanning is attempted.
1018The
1019.Ar interval
1020parameter is specified in seconds.
1021By default a background scan is considered every 300 seconds (5 minutes).
1022The
1023.Ar interval
1024may not be set to less than 15 seconds.
1025.It Cm bintval Ar interval
1026Set the interval at which beacon frames are sent when operating in
1027ad-hoc or ap mode.
1028The
1029.Ar interval
1030parameter is specified in TU's (1024 usecs).
1031By default beacon frames are transmitted every 100 TU's.
1032.It Cm bmissthreshold Ar count
1033Set the number of consecutive missed beacons at which the station
1034will attempt to roam (i.e., search for a new access point).
1035The
1036.Ar count
1037parameter must be in the range 1 to 255; though the
1038upper bound may be reduced according to device capabilities.
1039The default threshold is 7 consecutive missed beacons; but
1040this may be overridden by the device driver.
1041Another name for the
1042.Cm bmissthreshold
1043parameter is
1044.Cm bmiss .
1045.It Cm bssid Ar address
1046Specify the MAC address of the access point to use when operating
1047as a station in a BSS network.
1048This overrides any automatic selection done by the system.
1049To disable a previously selected access point, supply
1050.Cm any , none ,
1051or
1052.Cm -
1053for the address.
1054This option is useful when more than one access point uses the same SSID.
1055Another name for the
1056.Cm bssid
1057parameter is
1058.Cm ap .
1059.It Cm burst
1060Enable packet bursting.
1061Packet bursting is a transmission technique whereby the wireless
1062medium is acquired once to send multiple frames and the interframe
1063spacing is reduced.
1064This technique can significantly increase throughput by reducing
1065transmission overhead.
1066Packet bursting is supported by the 802.11e QoS specification
1067and some devices that do not support QoS may still be capable.
1068By default packet bursting is enabled if a device is capable
1069of doing it.
1070To disable packet bursting, use
1071.Fl burst .
1072.It Cm chanlist Ar channels
1073Set the desired channels to use when scanning for access
1074points, neighbors in an IBSS network, or looking for unoccupied
1075channels when operating as an access point.
1076The set of channels is specified as a comma-separated list with
1077each element in the list representing either a single channel number or a range
1078of the form
1079.Dq Li a-b .
1080Channel numbers must be in the range 1 to 255 and be permissible
1081according to the operating characteristics of the device.
1082.It Cm channel Ar number
1083Set a single desired channel.
1084Channels range from 1 to 255, but the exact selection available
1085depends on the region your adaptor was manufactured for.
1086Setting
1087the channel to
1088.Li any ,
1089or
1090.Cm -
1091will clear any desired channel and, if the device is marked up,
1092force a scan for a channel to operate on.
1093Alternatively the frequency, in megahertz, may be specified
1094instead of the channel number.
1095.Pp
1096When there are several ways to use a channel the channel
1097number/frequency may be appended with attributes to clarify.
1098For example, if a device is capable of operating on channel 6
1099with 802.11n and 802.11g then one can specify that g-only use
1100should be used by specifying ``6:g''.
1101Similarly the channel width can be specified by appending it
1102with ``/''; e.g., ``6/40'' specifies a 40MHz wide channel,
1103These attributes can be combined as in: ``6:ht/40''.
1104The full set of flags specified following a ``:'' are:
1105.Cm a
1106(802.11a),
1107.Cm b
1108(802.11b),
1109.Cm d
1110(Atheros Dynamic Turbo mode),
1111.Cm g
1112(802.11g),
1113.Cm h
1114or
1115.Cm n
1116(802.11n aka HT),
1117.Cm s
1118(Atheros Static Turbo mode),
1119and
1120.Cm t
1121(Atheros Dynamic Turbo mode, or appended to ``st'' and ``dt'').
1122The full set of channel widths following a '/' are:
1123.Cm 5
1124(5MHz aka quarter-rate channel),
1125.Cm 10
1126(10MHz aka half-rate channel),
1127.Cm 20
1128(20MHz mostly for use in specifying ht20),
1129and
1130.Cm 40
1131(40MHz mostly for use in specifying ht40).
1132In addition,
1133a 40MHz HT channel specification may include the location
1134of the extension channel by appending ``+'' or ``-'' for above and below,
1135respectively; e.g., ``2437:ht/40+'' specifies 40MHz wide HT operation
1136with the center channel at frequency 2437 and the extension channel above.
1137.It Cm country Ar name
1138Set the country code to use in calculating the regulatory constraints
1139for operation.
1140In particular the set of available channels, how the wireless device
1141will operation on the channels, and the maximum transmit power that
1142can be used on a channel are defined by this setting.
1143Country/Region codes are specified as a 2-character abbreviation
1144defined by ISO 3166 or using a longer, but possibly ambiguous, spelling;
1145e.g., "ES" and "Spain".
1146The set of country codes are taken from
1147.Pa /etc/regdomain.xml
1148and can also
1149be viewed with the ``list countries'' request.
1150Note that not all devices support changing the country code from a default
1151setting; typically stored in EEPROM.
1152See also
1153.Cm regdomain ,
1154.Cm indoor ,
1155.Cm outdoor ,
1156and
1157.Cm anywhere .
1158.It Cm dfs
1159Enable Dynamic Frequency Selection (DFS) as specified in 802.11h.
1160DFS embodies several facilities including detection of overlapping
1161radar signals, dynamic transmit power control, and channel selection
1162according to a least-congested criteria.
1163DFS support is mandatory for some 5GHz frequencies in certain
1164locales (e.g., ETSI).
1165By default DFS is enabled according to the regulatory definitions
1166specified in
1167.Pa /etc/regdomain.xml
1168and the current country code, regdomain,
1169and channel.
1170Note the underlying device (and driver) must support radar detection
1171for full DFS support to work.
1172To be fully compliant with the local regulatory agency frequencies that
1173require DFS should not be used unless it is fully supported.
1174Use
1175.Fl dfs
1176to disable this functionality for testing.
1177.It Cm dotd
1178Enable support for the 802.11d specification (default).
1179When this support is enabled in station mode, beacon frames that advertise
1180a country code different than the currently configured country code will
1181cause an event to be dispatched to user applications.
1182This event can be used by the station to adopt that country code and
1183operate according to the associated regulatory constraints.
1184When operating as an access point with 802.11d enabled the beacon and
1185probe response frames transmitted will advertise the current regulatory
1186domain settings.
1187To disable 802.11d use
1188.Fl dotd .
1189.It Cm doth
1190Enable 802.11h support including spectrum management.
1191When 802.11h is enabled beacon and probe response frames will have
1192the SpectrumMgt bit set in the capabilities field and
1193country and power constraint information elements will be present.
1194802.11h support also includes handling Channel Switch Announcements (CSA)
1195which are a mechanism to coordinate channel changes by an access point.
1196By default 802.11h is enabled if the device is capable.
1197To disable 802.11h use
1198.Fl doth .
1199.It Cm deftxkey Ar index
1200Set the default key to use for transmission.
1201Typically this is only set when using WEP encryption.
1202Note that you must set a default transmit key
1203for the system to know which key to use in encrypting outbound traffic.
1204The
1205.Cm weptxkey
1206is an alias for this request; it is provided for backwards compatibility.
1207.It Cm dtimperiod Ar period
1208Set the
1209DTIM
1210period for transmitting buffered multicast data frames when
1211operating in ap mode.
1212The
1213.Ar period
1214specifies the number of beacon intervals between DTIM
1215and must be in the range 1 to 15.
1216By default DTIM is 1 (i.e., DTIM occurs at each beacon).
1217.It Cm quiet
1218Enable the use of quiet IE.
1219Hostap will use this to silence other
1220stations to reduce interference for radar detection when
1221operating on 5GHz frequency and doth support is enabled.
1222Use
1223.Fl quiet
1224to disable this functionality.
1225.It Cm quiet_period Ar period
1226Set the QUIET
1227.Ar period
1228to the number of beacon intervals between the start of regularly
1229scheduled quiet intervals defined by Quiet element.
1230.It Cm quiet_count Ar count
1231Set the QUIET
1232.Ar count
1233to the number of TBTTs until the beacon interval during which the
1234next quiet interval shall start.
1235A value of 1 indicates the quiet
1236interval will start during the beacon interval starting at the next
1237TBTT.
1238A value 0 is reserved.
1239.It Cm quiet_offset Ar offset
1240Set the QUIET
1241.Ar offset
1242to the offset of the start of the quiet interval from the TBTT
1243specified by the Quiet count, expressed in TUs.
1244The value of the
1245.Ar offset
1246shall be less than one beacon interval.
1247.It Cm quiet_duration Ar dur
1248Set the QUIET
1249.Ar dur
1250to the duration of the Quiet interval, expressed in TUs.
1251The value should be less than beacon interval.
1252.It Cm dturbo
1253Enable the use of Atheros Dynamic Turbo mode when communicating with
1254another Dynamic Turbo-capable station.
1255Dynamic Turbo mode is an Atheros-specific mechanism by which
1256stations switch between normal 802.11 operation and a ``boosted''
1257mode in which a 40MHz wide channel is used for communication.
1258Stations using Dynamic Turbo mode operate boosted only when the
1259channel is free of non-dturbo stations; when a non-dturbo station
1260is identified on the channel all stations will automatically drop
1261back to normal operation.
1262By default, Dynamic Turbo mode is not enabled, even if the device is capable.
1263Note that turbo mode (dynamic or static) is only allowed on some
1264channels depending on the regulatory constraints; use the
1265.Cm list chan
1266command to identify the channels where turbo mode may be used.
1267To disable Dynamic Turbo mode use
1268.Fl dturbo .
1269.It Cm dwds
1270Enable Dynamic WDS (DWDS) support.
1271DWDS is a facility by which 4-address traffic can be carried between
1272stations operating in infrastructure mode.
1273A station first associates to an access point and authenticates using
1274normal procedures (e.g., WPA).
1275Then 4-address frames are passed to carry traffic for stations
1276operating on either side of the wireless link.
1277DWDS extends the normal WDS mechanism by leveraging existing security
1278protocols and eliminating static binding.
1279.Pp
1280When DWDS is enabled on an access point 4-address frames received from
1281an authorized station will generate a ``DWDS discovery'' event to user
1282applications.
1283This event should be used to create a WDS interface that is bound
1284to the remote station (and usually plumbed into a bridge).
1285Once the WDS interface is up and running 4-address traffic then logically
1286flows through that interface.
1287.Pp
1288When DWDS is enabled on a station, traffic with a destination address
1289different from the peer station are encapsulated in a 4-address frame
1290and transmitted to the peer.
1291All 4-address traffic uses the security information of the stations
1292(e.g., cryptographic keys).
1293A station is associated using 802.11n facilities may transport
12944-address traffic using these same mechanisms; this depends on available
1295resources and capabilities of the device.
1296The DWDS implementation guards against layer 2 routing loops of
1297multicast traffic.
1298.It Cm ff
1299Enable the use of Atheros Fast Frames when communicating with
1300another Fast Frames-capable station.
1301Fast Frames are an encapsulation technique by which two 802.3
1302frames are transmitted in a single 802.11 frame.
1303This can noticeably improve throughput but requires that the
1304receiving station understand how to decapsulate the frame.
1305Fast frame use is negotiated using the Atheros 802.11 vendor-specific
1306protocol extension so enabling use is safe when communicating with
1307non-Atheros devices.
1308By default, use of fast frames is enabled if the device is capable.
1309To explicitly disable fast frames, use
1310.Fl ff .
1311.It Cm fragthreshold Ar length
1312Set the threshold for which transmitted frames are broken into fragments.
1313The
1314.Ar length
1315argument is the frame size in bytes and must be in the range 256 to 2346.
1316Setting
1317.Ar length
1318to
1319.Li 2346 ,
1320.Cm any ,
1321or
1322.Cm -
1323disables transmit fragmentation.
1324Not all adapters honor the fragmentation threshold.
1325.It Cm hidessid
1326When operating as an access point, do not broadcast the SSID
1327in beacon frames or respond to probe request frames unless
1328they are directed to the ap (i.e., they include the ap's SSID).
1329By default, the SSID is included in beacon frames and
1330undirected probe request frames are answered.
1331To re-enable the broadcast of the SSID etc., use
1332.Fl hidessid .
1333.It Cm ht
1334Enable use of High Throughput (HT) when using 802.11n (default).
1335The 802.11n specification includes mechanisms for operation
1336on 20MHz and 40MHz wide channels using different signalling mechanisms
1337than specified in 802.11b, 802.11g, and 802.11a.
1338Stations negotiate use of these facilities, termed HT20 and HT40,
1339when they associate.
1340To disable all use of 802.11n use
1341.Fl ht .
1342To disable use of HT20 (e.g., to force only HT40 use) use
1343.Fl ht20 .
1344To disable use of HT40 use
1345.Fl ht40 .
1346.Pp
1347HT configuration is used to ``auto promote'' operation
1348when several choices are available.
1349For example, if a station associates to an 11n-capable access point
1350it controls whether the station uses legacy operation, HT20, or HT40.
1351When an 11n-capable device is setup as an access point and
1352Auto Channel Selection is used to locate a channel to operate on,
1353HT configuration controls whether legacy, HT20, or HT40 operation is setup
1354on the selected channel.
1355If a fixed channel is specified for a station then HT configuration can
1356be given as part of the channel specification; e.g., 6:ht/20 to setup
1357HT20 operation on channel 6.
1358.It Cm htcompat
1359Enable use of compatibility support for pre-802.11n devices (default).
1360The 802.11n protocol specification went through several incompatible iterations.
1361Some vendors implemented 11n support to older specifications that
1362will not interoperate with a purely 11n-compliant station.
1363In particular the information elements included in management frames
1364for old devices are different.
1365When compatibility support is enabled both standard and compatible data
1366will be provided.
1367Stations that associate using the compatibility mechanisms are flagged
1368in ``list sta''.
1369To disable compatibility support use
1370.Fl htcompat .
1371.It Cm htprotmode Ar technique
1372For interfaces operating in 802.11n, use the specified
1373.Ar technique
1374for protecting HT frames in a mixed legacy/HT network.
1375The set of valid techniques is
1376.Cm off ,
1377and
1378.Cm rts
1379(RTS/CTS, default).
1380Technique names are case insensitive.
1381.It Cm inact
1382Enable inactivity processing for stations associated to an
1383access point (default).
1384When operating as an access point the 802.11 layer monitors
1385the activity of each associated station.
1386When a station is inactive for 5 minutes it will send several
1387``probe frames'' to see if the station is still present.
1388If no response is received then the station is deauthenticated.
1389Applications that prefer to handle this work can disable this
1390facility by using
1391.Fl inact .
1392.It Cm indoor
1393Set the location to use in calculating regulatory constraints.
1394The location is also advertised in beacon and probe response frames
1395when 802.11d is enabled with
1396.Cm dotd .
1397See also
1398.Cm outdoor ,
1399.Cm anywhere ,
1400.Cm country ,
1401and
1402.Cm regdomain .
1403.It Cm list active
1404Display the list of channels available for use taking into account
1405any restrictions set with the
1406.Cm chanlist
1407directive.
1408See the description of
1409.Cm list chan
1410for more information.
1411.It Cm list caps
1412Display the adaptor's capabilities, including the operating
1413modes supported.
1414.It Cm list chan
1415Display the list of channels available for use.
1416Channels are shown with their IEEE channel number, equivalent
1417frequency, and usage modes.
1418Channels identified as
1419.Ql 11g
1420are also usable in
1421.Ql 11b
1422mode.
1423Channels identified as
1424.Ql 11a Turbo
1425may be used only for Atheros' Static Turbo mode
1426(specified with
1427. Cm mediaopt turbo ) .
1428Channels marked with a
1429.Ql *
1430have a regulatory constraint that they be passively scanned.
1431This means a station is not permitted to transmit on the channel until
1432it identifies the channel is being used for 802.11 communication;
1433typically by hearing a beacon frame from an access point operating
1434on the channel.
1435.Cm list freq
1436is another way of requesting this information.
1437By default a compacted list of channels is displayed; if the
1438.Fl v
1439option is specified then all channels are shown.
1440.It Cm list countries
1441Display the set of country codes and regulatory domains that can be
1442used in regulatory configuration.
1443.It Cm list mac
1444Display the current MAC Access Control List state.
1445Each address is prefixed with a character that indicates the
1446current policy applied to it:
1447.Ql +
1448indicates the address is allowed access,
1449.Ql -
1450indicates the address is denied access,
1451.Ql *
1452indicates the address is present but the current policy open
1453(so the ACL is not consulted).
1454.It Cm list mesh
1455Displays the mesh routing table, used for forwarding packets on a mesh
1456network.
1457.It Cm list regdomain
1458Display the current regulatory settings including the available channels
1459and transmit power caps.
1460.It Cm list roam
1461Display the parameters that govern roaming operation.
1462.It Cm list txparam
1463Display the parameters that govern transmit operation.
1464.It Cm list txpower
1465Display the transmit power caps for each channel.
1466.It Cm list scan
1467Display the access points and/or ad-hoc neighbors
1468located in the vicinity.
1469This information may be updated automatically by the adapter
1470with a
1471.Cm scan
1472request or through background scanning.
1473Depending on the capabilities of the stations the following
1474flags can be included in the output:
1475.Bl -tag -width 3n
1476.It Li A
1477Authorized.
1478Indicates that the station is permitted to send/receive data frames.
1479.It Li E
1480Extended Rate Phy (ERP).
1481Indicates that the station is operating in an 802.11g network
1482using extended transmit rates.
1483.It Li H
1484High Throughput (HT).
1485Indicates that the station is using HT transmit rates.
1486If a `+' follows immediately after then the station associated
1487using deprecated mechanisms supported only when
1488.Cm htcompat
1489is enabled.
1490.It Li P
1491Power Save.
1492Indicates that the station is operating in power save mode.
1493.It Li Q
1494Quality of Service (QoS).
1495Indicates that the station is using QoS encapsulation for
1496data frame.
1497QoS encapsulation is enabled only when WME mode is enabled.
1498.It Li S
1499Short Preamble.
1500Indicates that the station is doing short preamble to optionally
1501improve throughput performance with 802.11g and 802.11b.
1502.It Li T
1503Transitional Security Network (TSN).
1504Indicates that the station associated using TSN; see also
1505.Cm tsn
1506below.
1507.It Li W
1508Wi-Fi Protected Setup (WPS).
1509Indicates that the station associated using WPS.
1510.El
1511.Pp
1512By default interesting information elements captured from the neighboring
1513stations are displayed at the end of each row.
1514Possible elements include:
1515.Cm WME
1516(station supports WME),
1517.Cm WPA
1518(station supports WPA),
1519.Cm WPS
1520(station supports WPS),
1521.Cm RSN
1522(station supports 802.11i/RSN),
1523.Cm HTCAP
1524(station supports 802.11n/HT communication),
1525.Cm ATH
1526(station supports Atheros protocol extensions),
1527.Cm VEN
1528(station supports unknown vendor-specific extensions).
1529If the
1530.Fl v
1531flag is used all the information elements and their
1532contents will be shown.
1533Specifying the
1534.Fl v
1535flag also enables display of long SSIDs.
1536The
1537.Cm list ap
1538command is another way of requesting this information.
1539.It Cm list sta
1540When operating as an access point display the stations that are
1541currently associated.
1542When operating in ad-hoc mode display stations identified as
1543neighbors in the IBSS.
1544When operating in mesh mode display stations identified as
1545neighbors in the MBSS.
1546When operating in station mode display the access point.
1547Capabilities advertised by the stations are described under
1548the
1549.Cm scan
1550request.
1551Depending on the capabilities of the stations the following
1552flags can be included in the output:
1553.Bl -tag -width 3n
1554.It Li A
1555Authorized.
1556Indicates that the station is permitted to send/receive data frames.
1557.It Li E
1558Extended Rate Phy (ERP).
1559Indicates that the station is operating in an 802.11g network
1560using extended transmit rates.
1561.It Li H
1562High Throughput (HT).
1563Indicates that the station is using HT transmit rates.
1564If a `+' follows immediately after then the station associated
1565using deprecated mechanisms supported only when
1566.Cm htcompat
1567is enabled.
1568.It Li P
1569Power Save.
1570Indicates that the station is operating in power save mode.
1571.It Li Q
1572Quality of Service (QoS).
1573Indicates that the station is using QoS encapsulation for
1574data frame.
1575QoS encapsulation is enabled only when WME mode is enabled.
1576.It Li S
1577Short Preamble.
1578Indicates that the station is doing short preamble to optionally
1579improve throughput performance with 802.11g and 802.11b.
1580.It Li T
1581Transitional Security Network (TSN).
1582Indicates that the station associated using TSN; see also
1583.Cm tsn
1584below.
1585.It Li W
1586Wi-Fi Protected Setup (WPS).
1587Indicates that the station associated using WPS.
1588.El
1589.Pp
1590By default information elements received from associated stations
1591are displayed in a short form; the
1592.Fl v
1593flag causes this information to be displayed symbolically.
1594.It Cm list wme
1595Display the current channel parameters to use when operating in WME mode.
1596If the
1597.Fl v
1598option is specified then both channel and BSS parameters are displayed
1599for each AC (first channel, then BSS).
1600When WME mode is enabled for an adaptor this information will be
1601displayed with the regular status; this command is mostly useful
1602for examining parameters when WME mode is disabled.
1603See the description of the
1604.Cm wme
1605directive for information on the various parameters.
1606.It Cm maxretry Ar count
1607Set the maximum number of tries to use in sending unicast frames.
1608The default setting is 6 but drivers may override this with a value
1609they choose.
1610.It Cm mcastrate Ar rate
1611Set the rate for transmitting multicast/broadcast frames.
1612Rates are specified as megabits/second in decimal; e.g.,\& 5.5 for 5.5 Mb/s.
1613This rate should be valid for the current operating conditions;
1614if an invalid rate is specified drivers are free to chose an
1615appropriate rate.
1616.It Cm mgtrate Ar rate
1617Set the rate for transmitting management and/or control frames.
1618Rates are specified as megabits/second in decimal; e.g.,\& 5.5 for 5.5 Mb/s.
1619.It Cm outdoor
1620Set the location to use in calculating regulatory constraints.
1621The location is also advertised in beacon and probe response frames
1622when 802.11d is enabled with
1623.Cm dotd .
1624See also
1625.Cm anywhere ,
1626.Cm country ,
1627.Cm indoor ,
1628and
1629.Cm regdomain .
1630.It Cm powersave
1631Enable powersave operation.
1632When operating as a client, the station will conserve power by
1633periodically turning off the radio and listening for
1634messages from the access point telling it there are packets waiting.
1635The station must then retrieve the packets.
1636Not all devices support power save operation as a client.
1637The 802.11 specification requires that all access points support
1638power save but some drivers do not.
1639Use
1640.Fl powersave
1641to disable powersave operation when operating as a client.
1642.It Cm powersavesleep Ar sleep
1643Set the desired max powersave sleep time in TU's (1024 usecs).
1644By default the max powersave sleep time is 100 TU's.
1645.It Cm protmode Ar technique
1646For interfaces operating in 802.11g, use the specified
1647.Ar technique
1648for protecting OFDM frames in a mixed 11b/11g network.
1649The set of valid techniques is
1650.Cm off , cts
1651(CTS to self),
1652and
1653.Cm rtscts
1654(RTS/CTS).
1655Technique names are case insensitive.
1656Not all devices support
1657.Cm cts
1658as a protection technique.
1659.It Cm pureg
1660When operating as an access point in 802.11g mode allow only
166111g-capable stations to associate (11b-only stations are not
1662permitted to associate).
1663To allow both 11g and 11b-only stations to associate, use
1664.Fl pureg .
1665.It Cm puren
1666When operating as an access point in 802.11n mode allow only
1667HT-capable stations to associate (legacy stations are not
1668permitted to associate).
1669To allow both HT and legacy stations to associate, use
1670.Fl puren .
1671.It Cm regdomain Ar sku
1672Set the regulatory domain to use in calculating the regulatory constraints
1673for operation.
1674In particular the set of available channels, how the wireless device
1675will operation on the channels, and the maximum transmit power that
1676can be used on a channel are defined by this setting.
1677Regdomain codes (SKU's) are taken from
1678.Pa /etc/regdomain.xml
1679and can also
1680be viewed with the ``list countries'' request.
1681Note that not all devices support changing the regdomain from a default
1682setting; typically stored in EEPROM.
1683See also
1684.Cm country ,
1685.Cm indoor ,
1686.Cm outdoor ,
1687and
1688.Cm anywhere .
1689.It Cm rifs
1690Enable use of Reduced InterFrame Spacing (RIFS) when operating in 802.11n
1691on an HT channel.
1692Note that RIFS must be supported by both the station and access point
1693for it to be used.
1694To disable RIFS use
1695.Fl rifs .
1696.It Cm roam:rate Ar rate
1697Set the threshold for controlling roaming when operating in a BSS.
1698The
1699.Ar rate
1700parameter specifies the transmit rate in megabits
1701at which roaming should be considered.
1702If the current transmit rate drops below this setting and background scanning
1703is enabled, then the system will check if a more desirable access point is
1704available and switch over to it.
1705The current scan cache contents are used if they are considered
1706valid according to the
1707.Cm scanvalid
1708parameter; otherwise a background scan operation is triggered before
1709any selection occurs.
1710Each channel type has a separate rate threshold; the default values are:
171112 Mb/s (11a), 2 Mb/s (11b), 2 Mb/s (11g), MCS 1 (11na, 11ng).
1712.It Cm roam:rssi Ar rssi
1713Set the threshold for controlling roaming when operating in a BSS.
1714The
1715.Ar rssi
1716parameter specifies the receive signal strength in dBm units
1717at which roaming should be considered.
1718If the current rssi drops below this setting and background scanning
1719is enabled, then the system will check if a more desirable access point is
1720available and switch over to it.
1721The current scan cache contents are used if they are considered
1722valid according to the
1723.Cm scanvalid
1724parameter; otherwise a background scan operation is triggered before
1725any selection occurs.
1726Each channel type has a separate rssi threshold; the default values are
1727all 7 dBm.
1728.It Cm roaming Ar mode
1729When operating as a station, control how the system will
1730behave when communication with the current access point
1731is broken.
1732The
1733.Ar mode
1734argument may be one of
1735.Cm device
1736(leave it to the hardware device to decide),
1737.Cm auto
1738(handle either in the device or the operating system\[em]as appropriate),
1739.Cm manual
1740(do nothing until explicitly instructed).
1741By default, the device is left to handle this if it is
1742capable; otherwise, the operating system will automatically
1743attempt to reestablish communication.
1744Manual mode is used by applications such as
1745.Xr wpa_supplicant 8
1746that want to control the selection of an access point.
1747.It Cm rtsthreshold Ar length
1748Set the threshold for which
1749transmitted frames are preceded by transmission of an
1750RTS
1751control frame.
1752The
1753.Ar length
1754argument
1755is the frame size in bytes and must be in the range 1 to 2346.
1756Setting
1757.Ar length
1758to
1759.Li 2346 ,
1760.Cm any ,
1761or
1762.Cm -
1763disables transmission of RTS frames.
1764Not all adapters support setting the RTS threshold.
1765.It Cm scan
1766Initiate a scan of neighboring stations, wait for it to complete, and
1767display all stations found.
1768Only the super-user can initiate a scan.
1769See
1770.Cm list scan
1771for information on the display.
1772By default a background scan is done; otherwise a foreground
1773scan is done and the station may roam to a different access point.
1774The
1775.Cm list scan
1776request can be used to show recent scan results without
1777initiating a new scan.
1778.It Cm scanvalid Ar threshold
1779Set the maximum time the scan cache contents are considered valid;
1780i.e., will be used without first triggering a scan operation to
1781refresh the data.
1782The
1783.Ar threshold
1784parameter is specified in seconds and defaults to 60 seconds.
1785The minimum setting for
1786.Ar threshold
1787is 10 seconds.
1788One should take care setting this threshold; if it is set too low
1789then attempts to roam to another access point may trigger unnecessary
1790background scan operations.
1791.It Cm shortgi
1792Enable use of Short Guard Interval when operating in 802.11n
1793on an HT channel.
1794NB: this currently enables Short GI on both HT40 and HT20 channels.
1795To disable Short GI use
1796.Fl shortgi .
1797.It Cm smps
1798Enable use of Static Spatial Multiplexing Power Save (SMPS)
1799when operating in 802.11n.
1800A station operating with Static SMPS maintains only a single
1801receive chain active (this can significantly reduce power consumption).
1802To disable SMPS use
1803.Fl smps .
1804.It Cm smpsdyn
1805Enable use of Dynamic Spatial Multiplexing Power Save (SMPS)
1806when operating in 802.11n.
1807A station operating with Dynamic SMPS maintains only a single
1808receive chain active but switches to multiple receive chains when it
1809receives an RTS frame (this can significantly reduce power consumption).
1810Note that stations cannot distinguish between RTS/CTS intended to
1811enable multiple receive chains and those used for other purposes.
1812To disable SMPS use
1813.Fl smps .
1814.It Cm ssid Ar ssid
1815Set the desired Service Set Identifier (aka network name).
1816The SSID is a string up to 32 characters
1817in length and may be specified as either a normal string or in
1818hexadecimal when preceded by
1819.Ql 0x .
1820Additionally, the SSID may be cleared by setting it to
1821.Ql - .
1822.It Cm tdmaslot Ar slot
1823When operating with TDMA, use the specified
1824.Ar slot
1825configuration.
1826The
1827.Ar slot
1828is a number between 0 and the maximum number of slots in the BSS.
1829Note that a station configured as slot 0 is a master and
1830will broadcast beacon frames advertising the BSS;
1831stations configured to use other slots will always
1832scan to locate a master before they ever transmit.
1833By default
1834.Cm tdmaslot
1835is set to 1.
1836.It Cm tdmaslotcnt Ar cnt
1837When operating with TDMA, setup a BSS with
1838.Ar cnt
1839slots.
1840The slot count may be at most 8.
1841The current implementation is only tested with two stations
1842(i.e., point to point applications).
1843This setting is only meaningful when a station is configured as slot 0;
1844other stations adopt this setting from the BSS they join.
1845By default
1846.Cm tdmaslotcnt
1847is set to 2.
1848.It Cm tdmaslotlen Ar len
1849When operating with TDMA, setup a BSS such that each station has a slot
1850.Ar len
1851microseconds long.
1852The slot length must be at least 150 microseconds (1/8 TU)
1853and no more than 65 milliseconds.
1854Note that setting too small a slot length may result in poor channel
1855bandwidth utilization due to factors such as timer granularity and
1856guard time.
1857This setting is only meaningful when a station is configured as slot 0;
1858other stations adopt this setting from the BSS they join.
1859By default
1860.Cm tdmaslotlen
1861is set to 10 milliseconds.
1862.It Cm tdmabintval Ar intval
1863When operating with TDMA, setup a BSS such that beacons are transmitted every
1864.Ar intval
1865superframes to synchronize the TDMA slot timing.
1866A superframe is defined as the number of slots times the slot length; e.g.,
1867a BSS with two slots of 10 milliseconds has a 20 millisecond superframe.
1868The beacon interval may not be zero.
1869A lower setting of
1870.Cm tdmabintval
1871causes the timers to be resynchronized more often; this can be help if
1872significant timer drift is observed.
1873By default
1874.Cm tdmabintval
1875is set to 5.
1876.It Cm tsn
1877When operating as an access point with WPA/802.11i allow legacy
1878stations to associate using static key WEP and open authentication.
1879To disallow legacy station use of WEP, use
1880.Fl tsn .
1881.It Cm txpower Ar power
1882Set the power used to transmit frames.
1883The
1884.Ar power
1885argument is specified in .5 dBm units.
1886Out of range values are truncated.
1887Typically only a few discreet power settings are available and
1888the driver will use the setting closest to the specified value.
1889Not all adapters support changing the transmit power.
1890.It Cm ucastrate Ar rate
1891Set a fixed rate for transmitting unicast frames.
1892Rates are specified as megabits/second in decimal; e.g.,\& 5.5 for 5.5 Mb/s.
1893This rate should be valid for the current operating conditions;
1894if an invalid rate is specified drivers are free to chose an
1895appropriate rate.
1896.It Cm wepmode Ar mode
1897Set the desired WEP mode.
1898Not all adapters support all modes.
1899The set of valid modes is
1900.Cm off , on ,
1901and
1902.Cm mixed .
1903The
1904.Cm mixed
1905mode explicitly tells the adaptor to allow association with access
1906points which allow both encrypted and unencrypted traffic.
1907On these adapters,
1908.Cm on
1909means that the access point must only allow encrypted connections.
1910On other adapters,
1911.Cm on
1912is generally another name for
1913.Cm mixed .
1914Modes are case insensitive.
1915.It Cm weptxkey Ar index
1916Set the WEP key to be used for transmission.
1917This is the same as setting the default transmission key with
1918.Cm deftxkey .
1919.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key
1920Set the selected WEP key.
1921If an
1922.Ar index
1923is not given, key 1 is set.
1924A WEP key will be either 5 or 13
1925characters (40 or 104 bits) depending on the local network and the
1926capabilities of the adaptor.
1927It may be specified either as a plain
1928string or as a string of hexadecimal digits preceded by
1929.Ql 0x .
1930For maximum portability, hex keys are recommended;
1931the mapping of text keys to WEP encryption is usually driver-specific.
1932In particular, the
1933.Tn Windows
1934drivers do this mapping differently to
1935.Fx .
1936A key may be cleared by setting it to
1937.Ql - .
1938If WEP is supported then there are at least four keys.
1939Some adapters support more than four keys.
1940If that is the case, then the first four keys
1941(1-4) will be the standard temporary keys and any others will be adaptor
1942specific keys such as permanent keys stored in NVRAM.
1943.Pp
1944Note that you must set a default transmit key with
1945.Cm deftxkey
1946for the system to know which key to use in encrypting outbound traffic.
1947.It Cm wme
1948Enable Wireless Multimedia Extensions (WME) support, if available,
1949for the specified interface.
1950WME is a subset of the IEEE 802.11e standard to support the
1951efficient communication of realtime and multimedia data.
1952To disable WME support, use
1953.Fl wme .
1954Another name for this parameter is
1955.Cm wmm .
1956.Pp
1957The following parameters are meaningful only when WME support is in use.
1958Parameters are specified per-AC (Access Category) and
1959split into those that are used by a station when acting
1960as an access point and those for client stations in the BSS.
1961The latter are received from the access point and may not be changed
1962(at the station).
1963The following Access Categories are recognized:
1964.Pp
1965.Bl -tag -width ".Cm AC_BK" -compact
1966.It Cm AC_BE
1967(or
1968.Cm BE )
1969best effort delivery,
1970.It Cm AC_BK
1971(or
1972.Cm BK )
1973background traffic,
1974.It Cm AC_VI
1975(or
1976.Cm VI )
1977video traffic,
1978.It Cm AC_VO
1979(or
1980.Cm VO )
1981voice traffic.
1982.El
1983.Pp
1984AC parameters are case-insensitive.
1985Traffic classification is done in the operating system using the
1986vlan priority associated with data frames or the
1987ToS (Type of Service) indication in IP-encapsulated frames.
1988If neither information is present, traffic is assigned to the
1989Best Effort (BE) category.
1990.Bl -tag -width indent
1991.It Cm ack Ar ac
1992Set the ACK policy for QoS transmissions by the local station;
1993this controls whether or not data frames transmitted by a station
1994require an ACK response from the receiving station.
1995To disable waiting for an ACK use
1996.Fl ack .
1997This parameter is applied only to the local station.
1998.It Cm acm Ar ac
1999Enable the Admission Control Mandatory (ACM) mechanism
2000for transmissions by the local station.
2001To disable the ACM use
2002.Fl acm .
2003On stations in a BSS this parameter is read-only and indicates
2004the setting received from the access point.
2005NB: ACM is not supported right now.
2006.It Cm aifs Ar ac Ar count
2007Set the Arbitration Inter Frame Spacing (AIFS)
2008channel access parameter to use for transmissions
2009by the local station.
2010On stations in a BSS this parameter is read-only and indicates
2011the setting received from the access point.
2012.It Cm cwmin Ar ac Ar count
2013Set the CWmin channel access parameter to use for transmissions
2014by the local station.
2015On stations in a BSS this parameter is read-only and indicates
2016the setting received from the access point.
2017.It Cm cwmax Ar ac Ar count
2018Set the CWmax channel access parameter to use for transmissions
2019by the local station.
2020On stations in a BSS this parameter is read-only and indicates
2021the setting received from the access point.
2022.It Cm txoplimit Ar ac Ar limit
2023Set the Transmission Opportunity Limit channel access parameter
2024to use for transmissions by the local station.
2025This parameter defines an interval of time when a WME station
2026has the right to initiate transmissions onto the wireless medium.
2027On stations in a BSS this parameter is read-only and indicates
2028the setting received from the access point.
2029.It Cm bss:aifs Ar ac Ar count
2030Set the AIFS channel access parameter to send to stations in a BSS.
2031This parameter is meaningful only when operating in ap mode.
2032.It Cm bss:cwmin Ar ac Ar count
2033Set the CWmin channel access parameter to send to stations in a BSS.
2034This parameter is meaningful only when operating in ap mode.
2035.It Cm bss:cwmax Ar ac Ar count
2036Set the CWmax channel access parameter to send to stations in a BSS.
2037This parameter is meaningful only when operating in ap mode.
2038.It Cm bss:txoplimit Ar ac Ar limit
2039Set the TxOpLimit channel access parameter to send to stations in a BSS.
2040This parameter is meaningful only when operating in ap mode.
2041.El
2042.It Cm wps
2043Enable Wireless Privacy Subscriber support.
2044Note that WPS support requires a WPS-capable supplicant.
2045To disable this function use
2046.Fl wps .
2047.El
2048.Pp
2049The following parameters support an optional access control list
2050feature available with some adapters when operating in ap mode; see
2051.Xr wlan_acl 4 .
2052This facility allows an access point to accept/deny association
2053requests based on the MAC address of the station.
2054Note that this feature does not significantly enhance security
2055as MAC address spoofing is easy to do.
2056.Bl -tag -width indent
2057.It Cm mac:add Ar address
2058Add the specified MAC address to the database.
2059Depending on the policy setting association requests from the
2060specified station will be allowed or denied.
2061.It Cm mac:allow
2062Set the ACL policy to permit association only by
2063stations registered in the database.
2064.It Cm mac:del Ar address
2065Delete the specified MAC address from the database.
2066.It Cm mac:deny
2067Set the ACL policy to deny association only by
2068stations registered in the database.
2069.It Cm mac:kick Ar address
2070Force the specified station to be deauthenticated.
2071This typically is done to block a station after updating the
2072address database.
2073.It Cm mac:open
2074Set the ACL policy to allow all stations to associate.
2075.It Cm mac:flush
2076Delete all entries in the database.
2077.It Cm mac:radius
2078Set the ACL policy to permit association only by
2079stations approved by a RADIUS server.
2080Note that this feature requires the
2081.Xr hostapd 8
2082program be configured to do the right thing
2083as it handles the RADIUS processing
2084(and marks stations as authorized).
2085.El
2086.Pp
2087The following parameters are related to a wireless interface operating in mesh
2088mode:
2089.Bl -tag -width indent
2090.It Cm meshid Ar meshid
2091Set the desired Mesh Identifier.
2092The Mesh ID is a string up to 32 characters in length.
2093A mesh interface must have a Mesh Identifier specified
2094to reach an operational state.
2095.It Cm meshttl Ar ttl
2096Set the desired ``time to live'' for mesh forwarded packets;
2097this is the number of hops a packet may be forwarded before
2098it is discarded.
2099The default setting for
2100.Cm meshttl
2101is 31.
2102.It Cm meshpeering
2103Enable or disable peering with neighbor mesh stations.
2104Stations must peer before any data packets can be exchanged.
2105By default
2106.Cm meshpeering
2107is enabled.
2108.It Cm meshforward
2109Enable or disable forwarding packets by a mesh interface.
2110By default
2111.Cm meshforward
2112is enabled.
2113.It Cm meshgate
2114This attribute specifies whether or not the mesh STA activates mesh gate
2115announcements.
2116By default
2117.Cm meshgate
2118is disabled.
2119.It Cm meshmetric Ar protocol
2120Set the specified
2121.Ar protocol
2122as the link metric protocol used on a mesh network.
2123The default protocol is called
2124.Ar AIRTIME .
2125The mesh interface will restart after changing this setting.
2126.It Cm meshpath Ar protocol
2127Set the specified
2128.Ar protocol
2129as the path selection protocol used on a mesh network.
2130The only available protocol at the moment is called
2131.Ar HWMP
2132(Hybrid Wireless Mesh Protocol).
2133The mesh interface will restart after changing this setting.
2134.It Cm hwmprootmode Ar mode
2135Stations on a mesh network can operate as ``root nodes.''
2136Root nodes try to find paths to all mesh nodes and advertise themselves
2137regularly.
2138When there is a root mesh node on a network, other mesh nodes can setup
2139paths between themselves faster because they can use the root node
2140to find the destination.
2141This path may not be the best, but on-demand
2142routing will eventually find the best path.
2143The following modes are recognized:
2144.Pp
2145.Bl -tag -width ".Cm PROACTIVE" -compact
2146.It Cm DISABLED
2147Disable root mode.
2148.It Cm NORMAL
2149Send broadcast path requests every two seconds.
2150Nodes on the mesh without a path to this root mesh station with try to
2151discover a path to us.
2152.It Cm PROACTIVE
2153Send broadcast path requests every two seconds and every node must reply
2154with a path reply even if it already has a path to this root mesh station.
2155.It Cm RANN
2156Send broadcast root announcement (RANN) frames.
2157Nodes on the mesh without a path to this root mesh station with try to
2158discover a path to us.
2159.El
2160By default
2161.Cm hwmprootmode
2162is set to
2163.Ar DISABLED .
2164.It Cm hwmpmaxhops Ar cnt
2165Set the maximum number of hops allowed in an HMWP path to
2166.Ar cnt .
2167The default setting for
2168.Cm hwmpmaxhops
2169is 31.
2170.El
2171.Pp
2172The following parameters are for compatibility with other systems:
2173.Bl -tag -width indent
2174.It Cm nwid Ar ssid
2175Another name for the
2176.Cm ssid
2177parameter.
2178Included for
2179.Nx
2180compatibility.
2181.It Cm stationname Ar name
2182Set the name of this station.
2183The station name is not part of the IEEE 802.11
2184protocol though some interfaces support it.
2185As such it only
2186seems to be meaningful to identical or virtually identical equipment.
2187Setting the station name is identical in syntax to setting the SSID.
2188One can also use
2189.Cm station
2190for
2191.Bsx
2192compatibility.
2193.It Cm wep
2194Another way of saying
2195.Cm wepmode on .
2196Included for
2197.Bsx
2198compatibility.
2199.It Fl wep
2200Another way of saying
2201.Cm wepmode off .
2202Included for
2203.Bsx
2204compatibility.
2205.It Cm nwkey key
2206Another way of saying:
2207.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" .
2208Included for
2209.Nx
2210compatibility.
2211.It Cm nwkey Xo
2212.Sm off
2213.Ar n : k1 , k2 , k3 , k4
2214.Sm on
2215.Xc
2216Another way of saying
2217.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" .
2218Included for
2219.Nx
2220compatibility.
2221.It Fl nwkey
2222Another way of saying
2223.Cm wepmode off .
2224Included for
2225.Nx
2226compatibility.
2227.El
2228.Pp
2229The following parameters are specific to bridge interfaces:
2230.Bl -tag -width indent
2231.It Cm addm Ar interface
2232Add the interface named by
2233.Ar interface
2234as a member of the bridge.
2235The interface is put into promiscuous mode
2236so that it can receive every packet sent on the network.
2237.It Cm deletem Ar interface
2238Remove the interface named by
2239.Ar interface
2240from the bridge.
2241Promiscuous mode is disabled on the interface when
2242it is removed from the bridge.
2243.It Cm maxaddr Ar size
2244Set the size of the bridge address cache to
2245.Ar size .
2246The default is 2000 entries.
2247.It Cm timeout Ar seconds
2248Set the timeout of address cache entries to
2249.Ar seconds
2250seconds.
2251If
2252.Ar seconds
2253is zero, then address cache entries will not be expired.
2254The default is 1200 seconds.
2255.It Cm addr
2256Display the addresses that have been learned by the bridge.
2257.It Cm static Ar interface-name Ar address
2258Add a static entry into the address cache pointing to
2259.Ar interface-name .
2260Static entries are never aged out of the cache or re-placed, even if the
2261address is seen on a different interface.
2262.It Cm deladdr Ar address
2263Delete
2264.Ar address
2265from the address cache.
2266.It Cm flush
2267Delete all dynamically-learned addresses from the address cache.
2268.It Cm flushall
2269Delete all addresses, including static addresses, from the address cache.
2270.It Cm discover Ar interface
2271Mark an interface as a
2272.Dq discovering
2273interface.
2274When the bridge has no address cache entry
2275(either dynamic or static)
2276for the destination address of a packet,
2277the bridge will forward the packet to all
2278member interfaces marked as
2279.Dq discovering .
2280This is the default for all interfaces added to a bridge.
2281.It Cm -discover Ar interface
2282Clear the
2283.Dq discovering
2284attribute on a member interface.
2285For packets without the
2286.Dq discovering
2287attribute, the only packets forwarded on the interface are broadcast
2288or multicast packets and packets for which the destination address
2289is known to be on the interface's segment.
2290.It Cm learn Ar interface
2291Mark an interface as a
2292.Dq learning
2293interface.
2294When a packet arrives on such an interface, the source
2295address of the packet is entered into the address cache as being a
2296destination address on the interface's segment.
2297This is the default for all interfaces added to a bridge.
2298.It Cm -learn Ar interface
2299Clear the
2300.Dq learning
2301attribute on a member interface.
2302.It Cm sticky Ar interface
2303Mark an interface as a
2304.Dq sticky
2305interface.
2306Dynamically learned address entries are treated at static once entered into
2307the cache.
2308Sticky entries are never aged out of the cache or replaced, even if the
2309address is seen on a different interface.
2310.It Cm -sticky Ar interface
2311Clear the
2312.Dq sticky
2313attribute on a member interface.
2314.It Cm private Ar interface
2315Mark an interface as a
2316.Dq private
2317interface.
2318A private interface does not forward any traffic to any other port that is also
2319a private interface.
2320.It Cm -private Ar interface
2321Clear the
2322.Dq private
2323attribute on a member interface.
2324.It Cm span Ar interface
2325Add the interface named by
2326.Ar interface
2327as a span port on the bridge.
2328Span ports transmit a copy of every frame received by the bridge.
2329This is most useful for snooping a bridged network passively on
2330another host connected to one of the span ports of the bridge.
2331.It Cm -span Ar interface
2332Delete the interface named by
2333.Ar interface
2334from the list of span ports of the bridge.
2335.It Cm stp Ar interface
2336Enable Spanning Tree protocol on
2337.Ar interface .
2338The
2339.Xr if_bridge 4
2340driver has support for the IEEE 802.1D Spanning Tree protocol (STP).
2341Spanning Tree is used to detect and remove loops in a network topology.
2342.It Cm -stp Ar interface
2343Disable Spanning Tree protocol on
2344.Ar interface .
2345This is the default for all interfaces added to a bridge.
2346.It Cm edge Ar interface
2347Set
2348.Ar interface
2349as an edge port.
2350An edge port connects directly to end stations cannot create bridging
2351loops in the network, this allows it to transition straight to forwarding.
2352.It Cm -edge Ar interface
2353Disable edge status on
2354.Ar interface .
2355.It Cm autoedge Ar interface
2356Allow
2357.Ar interface
2358to automatically detect edge status.
2359This is the default for all interfaces added to a bridge.
2360.It Cm -autoedge Ar interface
2361Disable automatic edge status on
2362.Ar interface .
2363.It Cm ptp Ar interface
2364Set the
2365.Ar interface
2366as a point to point link.
2367This is required for straight transitions to forwarding and
2368should be enabled on a direct link to another RSTP capable switch.
2369.It Cm -ptp Ar interface
2370Disable point to point link status on
2371.Ar interface .
2372This should be disabled for a half duplex link and for an interface
2373connected to a shared network segment,
2374like a hub or a wireless network.
2375.It Cm autoptp Ar interface
2376Automatically detect the point to point status on
2377.Ar interface
2378by checking the full duplex link status.
2379This is the default for interfaces added to the bridge.
2380.It Cm -autoptp Ar interface
2381Disable automatic point to point link detection on
2382.Ar interface .
2383.It Cm maxage Ar seconds
2384Set the time that a Spanning Tree protocol configuration is valid.
2385The default is 20 seconds.
2386The minimum is 6 seconds and the maximum is 40 seconds.
2387.It Cm fwddelay Ar seconds
2388Set the time that must pass before an interface begins forwarding
2389packets when Spanning Tree is enabled.
2390The default is 15 seconds.
2391The minimum is 4 seconds and the maximum is 30 seconds.
2392.It Cm hellotime Ar seconds
2393Set the time between broadcasting of Spanning Tree protocol
2394configuration messages.
2395The hello time may only be changed when operating in legacy stp mode.
2396The default is 2 seconds.
2397The minimum is 1 second and the maximum is 2 seconds.
2398.It Cm priority Ar value
2399Set the bridge priority for Spanning Tree.
2400The default is 32768.
2401The minimum is 0 and the maximum is 61440.
2402.It Cm proto Ar value
2403Set the Spanning Tree protocol.
2404The default is rstp.
2405The available options are stp and rstp.
2406.It Cm holdcnt Ar value
2407Set the transmit hold count for Spanning Tree.
2408This is the number of packets transmitted before being rate limited.
2409The default is 6.
2410The minimum is 1 and the maximum is 10.
2411.It Cm ifpriority Ar interface Ar value
2412Set the Spanning Tree priority of
2413.Ar interface
2414to
2415.Ar value .
2416The default is 128.
2417The minimum is 0 and the maximum is 240.
2418.It Cm ifpathcost Ar interface Ar value
2419Set the Spanning Tree path cost of
2420.Ar interface
2421to
2422.Ar value .
2423The default is calculated from the link speed.
2424To change a previously selected path cost back to automatic, set the
2425cost to 0.
2426The minimum is 1 and the maximum is 200000000.
2427.It Cm ifmaxaddr Ar interface Ar size
2428Set the maximum number of hosts allowed from an interface, packets with unknown
2429source addresses are dropped until an existing host cache entry expires or is
2430removed.
2431Set to 0 to disable.
2432.El
2433.Pp
2434The following parameters are specific to lagg interfaces:
2435.Bl -tag -width indent
2436.It Cm laggport Ar interface
2437Add the interface named by
2438.Ar interface
2439as a port of the aggregation interface.
2440.It Cm -laggport Ar interface
2441Remove the interface named by
2442.Ar interface
2443from the aggregation interface.
2444.It Cm laggproto Ar proto
2445Set the aggregation protocol.
2446The default is
2447.Li failover .
2448The available options are
2449.Li failover ,
2450.Li lacp ,
2451.Li loadbalance ,
2452.Li roundrobin ,
2453.Li broadcast
2454and
2455.Li none .
2456.It Cm lagghash Ar option Ns Oo , Ns Ar option Oc
2457Set the packet layers to hash for aggregation protocols which load balance.
2458The default is
2459.Dq l2,l3,l4 .
2460The options can be combined using commas.
2461.Pp
2462.Bl -tag -width ".Cm l2" -compact
2463.It Cm l2
2464src/dst mac address and optional vlan number.
2465.It Cm l3
2466src/dst address for IPv4 or IPv6.
2467.It Cm l4
2468src/dst port for TCP/UDP/SCTP.
2469.El
2470.It Cm use_flowid
2471Enable local hash computation for RSS hash on the interface.
2472The
2473.Li loadbalance
2474and
2475.Li lacp
2476modes will use the RSS hash from the network card if available
2477to avoid computing one, this may give poor traffic distribution
2478if the hash is invalid or uses less of the protocol header information.
2479.Cm use_flowid
2480disables use of RSS hash from the network card.
2481The default value can be set via the
2482.Va net.link.lagg.default_use_flowid
2483.Xr sysctl 8
2484variable.
2485.Li 0
2486means
2487.Dq disabled
2488and
2489.Li 1
2490means
2491.Dq enabled .
2492.It Cm -use_flowid
2493Disable local hash computation for RSS hash on the interface.
2494.It Cm flowid_shift Ar number
2495Set a shift parameter for RSS local hash computation.
2496Hash is calculated by using flowid bits in a packet header mbuf
2497which are shifted by the number of this parameter.
2498.It Cm lacp_fast_timeout
2499Enable lacp fast-timeout on the interface.
2500.It Cm -lacp_fast_timeout
2501Disable lacp fast-timeout on the interface.
2502.It Cm lacp_strict
2503Enable lacp strict compliance on the interface.
2504The default value can be set via the
2505.Va net.link.lagg.lacp.default_strict_mode
2506.Xr sysctl 8
2507variable.
2508.Li 0
2509means
2510.Dq disabled
2511and
2512.Li 1
2513means
2514.Dq enabled .
2515.It Cm -lacp_strict
2516Disable lacp strict compliance on the interface.
2517.El
2518.Pp
2519The following parameters are specific to IP tunnel interfaces,
2520.Xr gif 4 :
2521.Bl -tag -width indent
2522.It Cm tunnel Ar src_addr dest_addr
2523Configure the physical source and destination address for IP tunnel
2524interfaces.
2525The arguments
2526.Ar src_addr
2527and
2528.Ar dest_addr
2529are interpreted as the outer source/destination for the encapsulating
2530IPv4/IPv6 header.
2531.It Fl tunnel
2532Unconfigure the physical source and destination address for IP tunnel
2533interfaces previously configured with
2534.Cm tunnel .
2535.It Cm deletetunnel
2536Another name for the
2537.Fl tunnel
2538parameter.
2539.It Cm accept_rev_ethip_ver
2540Set a flag to accept both correct EtherIP packets and ones
2541with reversed version field.
2542Enabled by default.
2543This is for backward compatibility with
2544.Fx 6.1 ,
25456.2, 6.3, 7.0, and 7.1.
2546.It Cm -accept_rev_ethip_ver
2547Clear a flag
2548.Cm accept_rev_ethip_ver .
2549.It Cm ignore_source
2550Set a flag to accept encapsulated packets destined to this host
2551independently from source address.
2552This may be useful for hosts, that receive encapsulated packets
2553from the load balancers.
2554.It Cm -ignore_source
2555Clear a flag
2556.Cm ignore_source .
2557.It Cm send_rev_ethip_ver
2558Set a flag to send EtherIP packets with reversed version
2559field intentionally.
2560Disabled by default.
2561This is for backward compatibility with
2562.Fx 6.1 ,
25636.2, 6.3, 7.0, and 7.1.
2564.It Cm -send_rev_ethip_ver
2565Clear a flag
2566.Cm send_rev_ethip_ver .
2567.El
2568.Pp
2569The following parameters are specific to GRE tunnel interfaces,
2570.Xr gre 4 :
2571.Bl -tag -width indent
2572.It Cm grekey Ar key
2573Configure the GRE key to be used for outgoing packets.
2574Note that
2575.Xr gre 4 will always accept GRE packets with invalid or absent keys.
2576This command will result in a four byte MTU reduction on the interface.
2577.El
2578.Pp
2579The following parameters are specific to
2580.Xr pfsync 4
2581interfaces:
2582.Bl -tag -width indent
2583.It Cm syncdev Ar iface
2584Use the specified interface
2585to send and receive pfsync state synchronisation messages.
2586.It Fl syncdev
2587Stop sending pfsync state synchronisation messages over the network.
2588.It Cm syncpeer Ar peer_address
2589Make the pfsync link point-to-point rather than using
2590multicast to broadcast the state synchronisation messages.
2591The peer_address is the IP address of the other host taking part in
2592the pfsync cluster.
2593.It Fl syncpeer
2594Broadcast the packets using multicast.
2595.It Cm maxupd Ar n
2596Set the maximum number of updates for a single state which
2597can be collapsed into one.
2598This is an 8-bit number; the default value is 128.
2599.It Cm defer
2600Defer transmission of the first packet in a state until a peer has
2601acknowledged that the associated state has been inserted.
2602.It Fl defer
2603Do not defer the first packet in a state.
2604This is the default.
2605.El
2606.Pp
2607The following parameters are specific to
2608.Xr vlan 4
2609interfaces:
2610.Bl -tag -width indent
2611.It Cm vlan Ar vlan_tag
2612Set the VLAN tag value to
2613.Ar vlan_tag .
2614This value is a 12-bit VLAN Identifier (VID) which is used to create an 802.1Q
2615VLAN header for packets sent from the
2616.Xr vlan 4
2617interface.
2618Note that
2619.Cm vlan
2620and
2621.Cm vlandev
2622must both be set at the same time.
2623.It Cm vlanpcp Ar priority_code_point
2624Priority code point
2625.Pq Dv PCP
2626is an 3-bit field which refers to the IEEE 802.1p
2627class of service and maps to the frame priority level.
2628.Pp
2629Values in order of priority are:
2630.Cm 1
2631.Pq Dv Background (lowest) ,
2632.Cm 0
2633.Pq Dv Best effort (default) ,
2634.Cm 2
2635.Pq Dv Excellent effort ,
2636.Cm 3
2637.Pq Dv Critical applications ,
2638.Cm 4
2639.Pq Dv Video, < 100ms latency ,
2640.Cm 5
2641.Pq Dv Video, < 10ms latency ,
2642.Cm 6
2643.Pq Dv Internetwork control ,
2644.Cm 7
2645.Pq Dv Network control (highest) .
2646.It Cm vlandev Ar iface
2647Associate the physical interface
2648.Ar iface
2649with a
2650.Xr vlan 4
2651interface.
2652Packets transmitted through the
2653.Xr vlan 4
2654interface will be
2655diverted to the specified physical interface
2656.Ar iface
2657with 802.1Q VLAN encapsulation.
2658Packets with 802.1Q encapsulation received
2659by the parent interface with the correct VLAN Identifier will be diverted to
2660the associated
2661.Xr vlan 4
2662pseudo-interface.
2663The
2664.Xr vlan 4
2665interface is assigned a
2666copy of the parent interface's flags and the parent's Ethernet address.
2667The
2668.Cm vlandev
2669and
2670.Cm vlan
2671must both be set at the same time.
2672If the
2673.Xr vlan 4
2674interface already has
2675a physical interface associated with it, this command will fail.
2676To
2677change the association to another physical interface, the existing
2678association must be cleared first.
2679.Pp
2680Note: if the hardware tagging capability
2681is set on the parent interface, the
2682.Xr vlan 4
2683pseudo
2684interface's behavior changes:
2685the
2686.Xr vlan 4
2687interface recognizes that the
2688parent interface supports insertion and extraction of VLAN tags on its
2689own (usually in firmware) and that it should pass packets to and from
2690the parent unaltered.
2691.It Fl vlandev Op Ar iface
2692If the driver is a
2693.Xr vlan 4
2694pseudo device, disassociate the parent interface from it.
2695This breaks the link between the
2696.Xr vlan 4
2697interface and its parent,
2698clears its VLAN Identifier, flags and its link address and shuts the interface
2699down.
2700The
2701.Ar iface
2702argument is useless and hence deprecated.
2703.El
2704.Pp
2705The following parameters are used to configure
2706.Xr vxlan 4
2707interfaces.
2708.Bl -tag -width indent
2709.It Cm vxlanid Ar identifier
2710This value is a 24-bit VXLAN Network Identifier (VNI) that identifies the
2711virtual network segment membership of the interface.
2712.It Cm vxlanlocal Ar address
2713The source address used in the encapsulating IPv4/IPv6 header.
2714The address should already be assigned to an existing interface.
2715When the interface is configured in unicast mode, the listening socket
2716is bound to this address.
2717.It Cm vxlanremote Ar address
2718The interface can be configured in a unicast, or point-to-point, mode
2719to create a tunnel between two hosts.
2720This is the IP address of the remote end of the tunnel.
2721.It Cm vxlangroup Ar address
2722The interface can be configured in a multicast mode
2723to create a virtual network of hosts.
2724This is the IP multicast group address the interface will join.
2725.It Cm vxlanlocalport Ar port
2726The port number the interface will listen on.
2727The default port number is 4789.
2728.It Cm vxlanremoteport Ar port
2729The destination port number used in the encapsulating IPv4/IPv6 header.
2730The remote host should be listening on this port.
2731The default port number is 4789.
2732Note some other implementations, such as Linux,
2733do not default to the IANA assigned port,
2734but instead listen on port 8472.
2735.It Cm vxlanportrange Ar low high
2736The range of source ports used in the encapsulating IPv4/IPv6 header.
2737The port selected within the range is based on a hash of the inner frame.
2738A range is useful to provide entropy within the outer IP header
2739for more effective load balancing.
2740The default range is between the
2741.Xr sysctl 8
2742variables
2743.Va net.inet.ip.portrange.first
2744and
2745.Va net.inet.ip.portrange.last
2746.It Cm vxlantimeout Ar timeout
2747The maximum time, in seconds, before an entry in the forwarding table
2748is pruned.
2749The default is 1200 seconds (20 minutes).
2750.It Cm vxlanmaxaddr Ar max
2751The maximum number of entries in the forwarding table.
2752The default is 2000.
2753.It Cm vxlandev Ar dev
2754When the interface is configured in multicast mode, the
2755.Cm dev
2756interface is used to transmit IP multicast packets.
2757.It Cm vxlanttl Ar ttl
2758The TTL used in the encapsulating IPv4/IPv6 header.
2759The default is 64.
2760.It Cm vxlanlearn
2761The source IP address and inner source Ethernet MAC address of
2762received packets are used to dynamically populate the forwarding table.
2763When in multicast mode, an entry in the forwarding table allows the
2764interface to send the frame directly to the remote host instead of
2765broadcasting the frame to the multicast group.
2766This is the default.
2767.It Fl vxlanlearn
2768The forwarding table is not populated by received packets.
2769.It Cm vxlanflush
2770Delete all dynamically-learned addresses from the forwarding table.
2771.It Cm vxlanflushall
2772Delete all addresses, including static addresses, from the forwarding table.
2773.El
2774.Pp
2775The following parameters are used to configure
2776.Xr carp 4
2777protocol on an interface:
2778.Bl -tag -width indent
2779.It Cm vhid Ar n
2780Set the virtual host ID.
2781This is a required setting to initiate
2782.Xr carp 4 .
2783If the virtual host ID does not exist yet, it is created and attached to the
2784interface, otherwise configuration of an existing vhid is adjusted.
2785If the
2786.Cm vhid
2787keyword is supplied along with an
2788.Dq inet6
2789or
2790.Dq inet
2791address, then this address is configured to be run under control of the
2792specified vhid.
2793Whenever a last address that refers to a particular vhid is removed from an
2794interface, the vhid is automatically removed from interface and destroyed.
2795Any other configuration parameters for the
2796.Xr carp 4
2797protocol should be supplied along with the
2798.Cm vhid
2799keyword.
2800Acceptable values for vhid are 1 to 255.
2801.It Cm advbase Ar seconds
2802Specifies the base of the advertisement interval in seconds.
2803The acceptable values are 1 to 255.
2804The default value is 1.
2805.It Cm advskew Ar interval
2806Specifies the skew to add to the base advertisement interval to
2807make one host advertise slower than another host.
2808It is specified in 1/256 of seconds.
2809The acceptable values are 1 to 254.
2810The default value is 0.
2811.It Cm pass Ar phrase
2812Set the authentication key to
2813.Ar phrase .
2814.It Cm state Ar MASTER|BACKUP
2815Forcibly change state of a given vhid.
2816.El
2817.Pp
2818The
2819.Nm
2820utility displays the current configuration for a network interface
2821when no optional parameters are supplied.
2822If a protocol family is specified,
2823.Nm
2824will report only the details specific to that protocol family.
2825.Pp
2826If the
2827.Fl m
2828flag is passed before an interface name,
2829.Nm
2830will display the capability list and all
2831of the supported media for the specified interface.
2832If
2833.Fl L
2834flag is supplied, address lifetime is displayed for IPv6 addresses,
2835as time offset string.
2836.Pp
2837Optionally, the
2838.Fl a
2839flag may be used instead of an interface name.
2840This flag instructs
2841.Nm
2842to display information about all interfaces in the system.
2843The
2844.Fl d
2845flag limits this to interfaces that are down, and
2846.Fl u
2847limits this to interfaces that are up.
2848When no arguments are given,
2849.Fl a
2850is implied.
2851.Pp
2852The
2853.Fl l
2854flag may be used to list all available interfaces on the system, with
2855no other additional information.
2856If an
2857.Ar address_family
2858is specified, only interfaces of that type will be listed.
2859.Fl l Dq ether
2860will list only Ethernet adapters, excluding the loopback interface.
2861Use of this flag is mutually exclusive
2862with all other flags and commands, except for
2863.Fl d
2864(only list interfaces that are down)
2865and
2866.Fl u
2867(only list interfaces that are up).
2868.Pp
2869The
2870.Fl v
2871flag may be used to get more verbose status for an interface.
2872.Pp
2873The
2874.Fl C
2875flag may be used to list all of the interface cloners available on
2876the system, with no additional information.
2877Use of this flag is mutually exclusive with all other flags and commands.
2878.Pp
2879The
2880.Fl k
2881flag causes keying information for the interface, if available, to be
2882printed.
2883For example, the values of 802.11 WEP keys and
2884.Xr carp 4
2885passphrases will be printed, if accessible to the current user.
2886This information is not printed by default, as it may be considered
2887sensitive.
2888.Pp
2889If the network interface driver is not present in the kernel then
2890.Nm
2891will attempt to load it.
2892The
2893.Fl n
2894flag disables this behavior.
2895.Pp
2896Only the super-user may modify the configuration of a network interface.
2897.Sh EXAMPLES
2898Assign the IPv4 address
2899.Li 192.0.2.10 ,
2900with a network mask of
2901.Li 255.255.255.0 ,
2902to the interface
2903.Li fxp0 :
2904.Dl # ifconfig fxp0 inet 192.0.2.10 netmask 255.255.255.0
2905.Pp
2906Add the IPv4 address
2907.Li 192.0.2.45 ,
2908with the CIDR network prefix
2909.Li /28 ,
2910to the interface
2911.Li ed0 ,
2912using
2913.Cm add
2914as a synonym for the canonical form of the option
2915.Cm alias :
2916.Dl # ifconfig ed0 inet 192.0.2.45/28 add
2917.Pp
2918Remove the IPv4 address
2919.Li 192.0.2.45
2920from the interface
2921.Li ed0 :
2922.Dl # ifconfig ed0 inet 192.0.2.45 -alias
2923.Pp
2924Enable IPv6 functionality of the interface:
2925.Dl # ifconfig em0 inet6 -ifdisabled
2926.Pp
2927Add the IPv6 address
2928.Li 2001:DB8:DBDB::123/48
2929to the interface
2930.Li em0 :
2931.Dl # ifconfig em0 inet6 2001:db8:bdbd::123 prefixlen 48 alias
2932Note that lower case hexadecimal IPv6 addresses are acceptable.
2933.Pp
2934Remove the IPv6 address added in the above example,
2935using the
2936.Li /
2937character as shorthand for the network prefix,
2938and using
2939.Cm delete
2940as a synonym for the canonical form of the option
2941.Fl alias :
2942.Dl # ifconfig em0 inet6 2001:db8:bdbd::123/48 delete
2943.Pp
2944Configure a single CARP redundant address on igb0, and then switch it
2945to be master:
2946.Dl # ifconfig igb0 vhid 1 10.0.0.1/24 pass foobar up
2947.Dl # ifconfig igb0 vhid 1 state master
2948.Pp
2949Configure the interface
2950.Li xl0 ,
2951to use 100baseTX, full duplex Ethernet media options:
2952.Dl # ifconfig xl0 media 100baseTX mediaopt full-duplex
2953.Pp
2954Label the em0 interface as an uplink:
2955.Dl # ifconfig em0 description \&"Uplink to Gigabit Switch 2\&"
2956.Pp
2957Create the software network interface
2958.Li gif1 :
2959.Dl # ifconfig gif1 create
2960.Pp
2961Destroy the software network interface
2962.Li gif1 :
2963.Dl # ifconfig gif1 destroy
2964.Pp
2965Display available wireless networks using
2966.Li wlan0 :
2967.Dl # ifconfig wlan0 list scan
2968.Pp
2969Display inet and inet6 address subnet masks in CIDR notation
2970.Dl # ifconfig -f inet:cidr,inet6:cidr
2971.Sh DIAGNOSTICS
2972Messages indicating the specified interface does not exist, the
2973requested address is unknown, or the user is not privileged and
2974tried to alter an interface's configuration.
2975.Sh SEE ALSO
2976.Xr netstat 1 ,
2977.Xr carp 4 ,
2978.Xr gif 4 ,
2979.Xr netintro 4 ,
2980.Xr pfsync 4 ,
2981.Xr polling 4 ,
2982.Xr vlan 4 ,
2983.Xr vxlan 4 ,
2984.Xr devd.conf 5 ,
2985.\" .Xr eon 5 ,
2986.Xr devd 8 ,
2987.Xr jail 8 ,
2988.Xr rc 8 ,
2989.Xr routed 8 ,
2990.Xr sysctl 8
2991.Sh HISTORY
2992The
2993.Nm
2994utility appeared in
2995.Bx 4.2 .
2996.Sh BUGS
2997Basic IPv6 node operation requires a link-local address on each
2998interface configured for IPv6.
2999Normally, such an address is automatically configured by the
3000kernel on each interface added to the system or enabled; this behavior may
3001be disabled by setting per-interface flag
3002.Cm -auto_linklocal .
3003The default value of this flag is 1 and can be disabled by using the sysctl
3004MIB variable
3005.Va net.inet6.ip6.auto_linklocal .
3006.Pp
3007Do not configure IPv6 addresses with no link-local address by using
3008.Nm .
3009It can result in unexpected behaviors of the kernel.
3010