1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 4. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 29.\" $FreeBSD$ 30.\" 31.Dd February 27, 2006 32.Dt IFCONFIG 8 33.Os 34.Sh NAME 35.Nm ifconfig 36.Nd configure network interface parameters 37.Sh SYNOPSIS 38.Nm 39.Op Fl L 40.Op Fl k 41.Op Fl m 42.Ar interface 43.Op Cm create 44.Op Ar address_family 45.Oo 46.Ar address 47.Op Ar dest_address 48.Oc 49.Op Ar parameters 50.Nm 51.Ar interface 52.Cm destroy 53.Nm 54.Fl a 55.Op Fl L 56.Op Fl d 57.Op Fl m 58.Op Fl u 59.Op Fl v 60.Op Ar address_family 61.Nm 62.Fl l 63.Op Fl d 64.Op Fl u 65.Op Ar address_family 66.Nm 67.Op Fl L 68.Op Fl d 69.Op Fl k 70.Op Fl m 71.Op Fl u 72.Op Fl v 73.Op Fl C 74.Sh DESCRIPTION 75The 76.Nm 77utility is used to assign an address 78to a network interface and/or configure 79network interface parameters. 80The 81.Nm 82utility must be used at boot time to define the network address 83of each interface present on a machine; it may also be used at 84a later time to redefine an interface's address 85or other operating parameters. 86.Pp 87The following options are available: 88.Bl -tag -width indent 89.It Ar address 90For the 91.Tn DARPA Ns -Internet 92family, 93the address is either a host name present in the host name data 94base, 95.Xr hosts 5 , 96or a 97.Tn DARPA 98Internet address expressed in the Internet standard 99.Dq dot notation . 100.Pp 101It is also possible to use the CIDR notation (also known as the 102slash notation) to include the netmask. 103That is, one can specify an address like 104.Li 192.168.0.1/16 . 105.Pp 106For 107.Dq inet6 108family, it is also possible to specify the prefix length using the slash 109notation, like 110.Li ::1/128 . 111See the 112.Cm prefixlen 113parameter below for more information. 114.\" For the Xerox Network Systems(tm) family, 115.\" addresses are 116.\" .Ar net:a.b.c.d.e.f , 117.\" where 118.\" .Ar net 119.\" is the assigned network number (in decimal), 120.\" and each of the six bytes of the host number, 121.\" .Ar a 122.\" through 123.\" .Ar f , 124.\" are specified in hexadecimal. 125.\" The host number may be omitted on IEEE 802 protocol 126.\" (Ethernet, FDDI, and Token Ring) interfaces, 127.\" which use the hardware physical address, 128.\" and on interfaces other than the first. 129.\" For the 130.\" .Tn ISO 131.\" family, addresses are specified as a long hexadecimal string, 132.\" as in the Xerox family. 133.\" However, two consecutive dots imply a zero 134.\" byte, and the dots are optional, if the user wishes to (carefully) 135.\" count out long strings of digits in network byte order. 136.Pp 137The link-level 138.Pq Dq link 139address 140is specified as a series of colon-separated hex digits. 141This can be used to 142e.g.\& set a new MAC address on an ethernet interface, though the 143mechanism used is not ethernet-specific. 144If the interface is already 145up when this option is used, it will be briefly brought down and 146then brought back up again in order to ensure that the receive 147filter in the underlying ethernet hardware is properly reprogrammed. 148.It Ar address_family 149Specify the 150address family 151which affects interpretation of the remaining parameters. 152Since an interface can receive transmissions in differing protocols 153with different naming schemes, specifying the address family is recommended. 154The address or protocol families currently 155supported are 156.Dq inet , 157.Dq inet6 , 158.Dq atalk , 159.Dq ipx , 160.\" .Dq iso , 161and 162.Dq link . 163.\" and 164.\" .Dq ns . 165The default is 166.Dq inet . 167.Dq ether 168and 169.Dq lladdr 170are synonyms for 171.Dq link . 172.It Ar dest_address 173Specify the address of the correspondent on the other end 174of a point to point link. 175.It Ar interface 176This 177parameter is a string of the form 178.Dq name unit , 179for example, 180.Dq Li ed0 . 181.El 182.Pp 183The following parameters may be set with 184.Nm : 185.Bl -tag -width indent 186.It Cm add 187Another name for the 188.Cm alias 189parameter. 190Introduced for compatibility 191with 192.Bsx . 193.It Cm alias 194Establish an additional network address for this interface. 195This is sometimes useful when changing network numbers, and 196one wishes to accept packets addressed to the old interface. 197If the address is on the same subnet as the first network address 198for this interface, a non-conflicting netmask must be given. 199Usually 200.Li 0xffffffff 201is most appropriate. 202.It Fl alias 203Remove the network address specified. 204This would be used if you incorrectly specified an alias, or it 205was no longer needed. 206If you have incorrectly set an NS address having the side effect 207of specifying the host portion, removing all NS addresses will 208allow you to respecify the host portion. 209.It Cm anycast 210(Inet6 only.) 211Specify that the address configured is an anycast address. 212Based on the current specification, 213only routers may configure anycast addresses. 214Anycast address will not be used as source address of any of outgoing 215IPv6 packets. 216.It Cm arp 217Enable the use of the Address Resolution Protocol 218.Pq Xr arp 4 219in mapping 220between network level addresses and link level addresses (default). 221This is currently implemented for mapping between 222.Tn DARPA 223Internet 224addresses and 225.Tn IEEE 226802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses). 227.It Fl arp 228Disable the use of the Address Resolution Protocol 229.Pq Xr arp 4 . 230.It Cm staticarp 231If the Address Resolution Protocol is enabled, 232the host will only reply to requests for its addresses, 233and will never send any requests. 234.It Fl staticarp 235If the Address Resolution Protocol is enabled, 236the host will perform normally, 237sending out requests and listening for replies. 238.It Cm broadcast 239(Inet only.) 240Specify the address to use to represent broadcasts to the 241network. 242The default broadcast address is the address with a host part of all 1's. 243.It Cm debug 244Enable driver dependent debugging code; usually, this turns on 245extra console error logging. 246.It Fl debug 247Disable driver dependent debugging code. 248.It Cm promisc 249Put interface into permanently promiscuous mode. 250.It Fl promisc 251Disable permanently promiscuous mode. 252.It Cm delete 253Another name for the 254.Fl alias 255parameter. 256.It Cm down 257Mark an interface 258.Dq down . 259When an interface is marked 260.Dq down , 261the system will not attempt to 262transmit messages through that interface. 263If possible, the interface will be reset to disable reception as well. 264This action does not automatically disable routes using the interface. 265.It Cm eui64 266(Inet6 only.) 267Fill interface index 268(lowermost 64bit of an IPv6 address) 269automatically. 270.It Cm ipdst 271This is used to specify an Internet host who is willing to receive 272IP packets encapsulating IPX packets bound for a remote network. 273An apparent point to point link is constructed, and 274the address specified will be taken as the IPX address and network 275of the destination. 276.It Cm maclabel Ar label 277If Mandatory Access Control support is enabled in the kernel, 278set the MAC label to 279.Ar label . 280.\" (see 281.\" .Xr maclabel 7 ) . 282.It Cm media Ar type 283If the driver supports the media selection system, set the media type 284of the interface to 285.Ar type . 286Some interfaces support the mutually exclusive use of one of several 287different physical media connectors. 288For example, a 10Mbit/s Ethernet 289interface might support the use of either 290.Tn AUI 291or twisted pair connectors. 292Setting the media type to 293.Cm 10base5/AUI 294would change the currently active connector to the AUI port. 295Setting it to 296.Cm 10baseT/UTP 297would activate twisted pair. 298Refer to the interfaces' driver 299specific documentation or man page for a complete list of the 300available types. 301.It Cm mediaopt Ar opts 302If the driver supports the media selection system, set the specified 303media options on the interface. 304The 305.Ar opts 306argument 307is a comma delimited list of options to apply to the interface. 308Refer to the interfaces' driver specific man page for a complete 309list of available options. 310.It Fl mediaopt Ar opts 311If the driver supports the media selection system, disable the 312specified media options on the interface. 313.It Cm mode Ar mode 314If the driver supports the media selection system, set the specified 315operating mode on the interface to 316.Ar mode . 317For IEEE 802.11 wireless interfaces that support multiple operating modes 318this directive is used to select between 802.11a 319.Pq Cm 11a , 320802.11b 321.Pq Cm 11b , 322and 802.11g 323.Pq Cm 11g 324operating modes. 325.It Cm name Ar name 326Set the interface name to 327.Ar name . 328.It Cm rxcsum , txcsum 329If the driver supports user-configurable checksum offloading, 330enable receive (or transmit) checksum offloading on the interface. 331Some drivers may not be able to enable these flags independently 332of each other, so setting one may also set the other. 333The driver will offload as much checksum work as it can reliably 334support, the exact level of offloading varies between drivers. 335.It Fl rxcsum , txcsum 336If the driver supports user-configurable checksum offloading, 337disable receive (or transmit) checksum offloading on the interface. 338These settings may not always be independent of each other. 339.It Cm vlanmtu , vlanhwtag 340If the driver offers user-configurable VLAN support, enable 341reception of extended frames or tag processing in hardware, 342respectively. 343Note that this must be issued on a physical interface associated with 344.Xr vlan 4 , 345not on a 346.Xr vlan 4 347interface itself. 348.It Fl vlanmtu , vlanhwtag 349If the driver offers user-configurable VLAN support, disable 350reception of extended frames or tag processing in hardware, 351respectively. 352.It Cm polling 353Turn on 354.Xr polling 4 355feature and disable interrupts on the interface, if driver supports 356this mode. 357.It Fl polling 358Turn off 359.Xr polling 4 360feature and enable interrupt mode on the interface. 361.It Cm create 362Create the specified network pseudo-device. 363If the interface is given without a unit number, try to create a new 364device with an arbitrary unit number. 365If creation of an arbitrary device is successful, the new device name is 366printed to standard output unless the interface is renamed or destroyed 367in the same 368.Nm 369invocation. 370.It Cm destroy 371Destroy the specified network pseudo-device. 372.It Cm plumb 373Another name for the 374.Cm create 375parameter. 376Included for 377.Tn Solaris 378compatibility. 379.It Cm unplumb 380Another name for the 381.Cm destroy 382parameter. 383Included for 384.Tn Solaris 385compatibility. 386.It Cm metric Ar n 387Set the routing metric of the interface to 388.Ar n , 389default 0. 390The routing metric is used by the routing protocol 391.Pq Xr routed 8 . 392Higher metrics have the effect of making a route 393less favorable; metrics are counted as addition hops 394to the destination network or host. 395.It Cm mtu Ar n 396Set the maximum transmission unit of the interface to 397.Ar n , 398default is interface specific. 399The MTU is used to limit the size of packets that are transmitted on an 400interface. 401Not all interfaces support setting the MTU, and some interfaces have 402range restrictions. 403.It Cm netmask Ar mask 404.\" (Inet and ISO.) 405(Inet only.) 406Specify how much of the address to reserve for subdividing 407networks into sub-networks. 408The mask includes the network part of the local address 409and the subnet part, which is taken from the host field of the address. 410The mask can be specified as a single hexadecimal number 411with a leading 412.Ql 0x , 413with a dot-notation Internet address, 414or with a pseudo-network name listed in the network table 415.Xr networks 5 . 416The mask contains 1's for the bit positions in the 32-bit address 417which are to be used for the network and subnet parts, 418and 0's for the host part. 419The mask should contain at least the standard network portion, 420and the subnet field should be contiguous with the network 421portion. 422.Pp 423The netmask can also be specified in CIDR notation after the address. 424See the 425.Ar address 426option above for more information. 427.It Cm prefixlen Ar len 428(Inet6 only.) 429Specify that 430.Ar len 431bits are reserved for subdividing networks into sub-networks. 432The 433.Ar len 434must be integer, and for syntactical reason it must be between 0 to 128. 435It is almost always 64 under the current IPv6 assignment rule. 436If the parameter is omitted, 64 is used. 437.Pp 438The prefix can also be specified using the slash notation after the address. 439See the 440.Ar address 441option above for more information. 442.\" see 443.\" Xr eon 5 . 444.\" .It Cm nsellength Ar n 445.\" .Pf ( Tn ISO 446.\" only) 447.\" This specifies a trailing number of bytes for a received 448.\" .Tn NSAP 449.\" used for local identification, the remaining leading part of which is 450.\" taken to be the 451.\" .Tn NET 452.\" (Network Entity Title). 453.\" The default value is 1, which is conformant to US 454.\" .Tn GOSIP . 455.\" When an ISO address is set in an ifconfig command, 456.\" it is really the 457.\" .Tn NSAP 458.\" which is being specified. 459.\" For example, in 460.\" .Tn US GOSIP , 461.\" 20 hex digits should be 462.\" specified in the 463.\" .Tn ISO NSAP 464.\" to be assigned to the interface. 465.\" There is some evidence that a number different from 1 may be useful 466.\" for 467.\" .Tn AFI 468.\" 37 type addresses. 469.It Cm range Ar netrange 470Under appletalk, set the interface to respond to a 471.Ar netrange 472of the form 473.Ar startnet Ns - Ns Ar endnet . 474Appletalk uses this scheme instead of 475netmasks though 476.Fx 477implements it internally as a set of netmasks. 478.It Cm remove 479Another name for the 480.Fl alias 481parameter. 482Introduced for compatibility 483with 484.Bsx . 485.It Cm phase 486The argument following this specifies the version (phase) of the 487Appletalk network attached to the interface. 488Values of 1 or 2 are permitted. 489.Sm off 490.It Cm link Op Cm 0 No - Cm 2 491.Sm on 492Enable special processing of the link level of the interface. 493These three options are interface specific in actual effect, however, 494they are in general used to select special modes of operation. 495An example 496of this is to enable SLIP compression, or to select the connector type 497for some Ethernet cards. 498Refer to the man page for the specific driver 499for more information. 500.Sm off 501.It Fl link Op Cm 0 No - Cm 2 502.Sm on 503Disable special processing at the link level with the specified interface. 504.It Cm monitor 505Put the interface in monitor mode. 506No packets are transmitted, and received packets are discarded after 507.Xr bpf 4 508processing. 509.It Fl monitor 510Take the interface out of monitor mode. 511.It Cm up 512Mark an interface 513.Dq up . 514This may be used to enable an interface after an 515.Dq Nm Cm down . 516It happens automatically when setting the first address on an interface. 517If the interface was reset when previously marked down, 518the hardware will be re-initialized. 519.El 520.Pp 521The following parameters are specific to IEEE 802.11 wireless interfaces: 522.Bl -tag -width indent 523.It Cm apbridge 524When operating as an access point, pass packets between 525wireless clients directly (default). 526To instead let them pass up through the 527system and be forwarded using some other mechanism, use 528.Fl apbridge . 529Disabling the internal bridging 530is useful when traffic is to be processed with 531packet filtering. 532.It Cm authmode Ar mode 533Set the desired authentication mode in infrastructure mode. 534Not all adaptors support all modes. 535The set of 536valid modes is 537.Cm none , open , shared 538(shared key), 539.Cm 8021x 540(IEEE 802.1x), 541and 542.Cm wpa 543(IEEE WPA/WPA2/802.11i). 544The 545.Cm 8021x 546and 547.Cm wpa 548modes are only useful when using an authentication service 549(a supplicant for client operation or an authenticator when 550operating as an access point). 551Modes are case insensitive. 552.It Cm bintval Ar interval 553Set the interval at which beacon frames are sent when operating in 554ad-hoc or ap mode. 555The 556.Ar interval 557parameter is specified in TU's (1/1024 msecs). 558By default beacon frames are transmitted every 100 TU's. 559.It Cm bssid Ar address 560Specify the MAC address of the access point to use when operating 561as a station in a BSS network. 562This overrides any automatic selection done by the system. 563To disable a previously selected access point, supply 564.Cm any , none , 565or 566.Cm - 567for the address. 568This option is useful when more than one access points have the same SSID. 569Another name for the 570.Cm bssid 571parameter is 572.Cm ap . 573.It Cm burst 574Enable packet bursting. 575Packet bursting is a transmission technique whereby the wireless 576medium is acquired once to send multiple frames and the interframe 577spacing is reduced. 578This technique can significantly increase throughput by reducing 579transmission overhead. 580Packet bursting is supported by the 802.11e QoS specification 581and some devices that do not support QoS may still be capable. 582By default packet bursting is enabled if a device is capable 583of doing it. 584To disable packet bursting, use 585.Fl burst . 586.It Cm chanlist Ar channels 587Set the desired channels to use when scanning for access 588points, neighbors in an IBSS network, or looking for unoccupied 589channels when operating as an access point. 590The set of channels is specified as a comma-separated list with 591each element in the list representing either a single channel number or a range 592of the form 593.Dq Li a-b . 594Channel numbers must be in the range 1 to 255 and be permissible 595according to the operating characteristics of the device. 596.It Cm channel Ar number 597Set a single desired channel. 598Channels range from 1 to 255, but the exact selection available 599depends on the region your adaptor was manufactured for. 600Setting 601the channel to 602.Li 0 , 603.Cm any , 604or 605.Cm - 606will give you the default for your adaptor. 607Some 608adaptors ignore this setting unless you are in ad-hoc mode. 609Alternatively the frequency, in megahertz, may be specified 610instead of the channel number. 611.It Cm deftxkey Ar index 612Set the default key to use for transmission. 613Typically this is only set when using WEP encryption. 614The 615.Cm weptxkey 616is an alias for this request; it is provided for backwards compatibility. 617.It Cm dtimperiod Ar period 618Set the 619DTIM 620period for transmitting buffered multicast data frames when 621operating in ap mode. 622The 623.Ar period 624specifies the number of beacon intervals between DTIM 625and must be in the range 1 to 15. 626By default DTIM is 1 (i.e., DTIM occurs at each beacon). 627.It Cm fragthreshold Ar length 628Set the threshold for which transmitted frames are broken into fragments. 629The 630.Ar length 631argument is the frame size in bytes and must be in the range 256 to 2346. 632Setting 633.Ar length 634to 635.Li 2346 , 636.Cm any , 637or 638.Cm - 639disables transmit fragmentation. 640Not all adaptors honor the fragmentation threshold. 641.It Cm hidessid 642When operating as an access point, do not broadcast the SSID 643in beacon frames or respond to probe request frames unless 644they are directed to the ap (i.e., they include the ap's SSID). 645By default, the SSID is included in beacon frames and 646undirected probe request frames are answered. 647To re-enable the broadcast of the SSID etc., use 648.Fl hidessid . 649.It Cm list active 650Display the list of channels available for use taking into account 651any restrictions set with the 652.Cm chanlist 653directive. 654See the description of 655.Cm list chan 656for more information. 657.It Cm list caps 658Display the adaptor's capabilities, including the operating 659modes supported. 660.It Cm list chan 661Display the list of channels available for use. 662Channels are shown with their IEEE channel number, equivalent 663frequency, and usage modes. 664Channels identified as 665.Ql 11g 666are also usable in 667.Ql 11b 668mode. 669Channels identified as 670.Ql 11a Turbo 671may be used only for Atheros' Static Turbo mode 672.Pq specified with Cm mediaopt turbo . 673Channels marked with a 674.Ql * 675have a regulatory constraint that they be passively scanned. 676This means a station is not permitted to transmit on the channel until 677it identifies the channel is being used for 802.11 communication; 678typically by hearing a beacon frame from an access point operating 679on the channel. 680.Cm list freq 681is another way of requesting this information. 682.It Cm list mac 683Display the current MAC Access Control List state. 684Each address is prefixed with a character that indicates the 685current policy applied to it: 686.Ql + 687indicates the address is allowed access, 688.Ql - 689indicates the address is denied access, 690.Ql * 691indicates the address is present but the current policy open 692(so the ACL is not consulted). 693.It Cm list scan 694Display the access points and/or ad-hoc neighbors 695located in the vicinity. 696This information may be updated automatically by the adaptor 697and/or with a 698.Cm scan 699request. 700.Cm list ap 701is another way of requesting this information. 702.It Cm list sta 703When operating as an access point display the stations that are 704currently associated. 705When operating in ad-hoc mode display stations identified as 706neighbors in the IBSS. 707.It Cm list wme 708Display the current parameters to use when operating in WME mode. 709When WME mode is enabled for an adaptor this information will be 710displayed with the regular status; this command is mostly useful 711for examining parameters when WME mode is disabled. 712See the description of the 713.Cm wme 714directive for information on the various parameters. 715.It Cm mcastrate Ar rate 716Set the rate for transmitting multicast/broadcast frames. 717Rates are specified as megabits/second in decimal; e.g. 5.5 for 5.5 Mb/s. 718This rate should be valid for the current operating conditions; 719if an invalid rate is specified drivers are free to chose an 720appropriate rate. 721.It Cm powersave 722Enable powersave operation. 723When operating as a client, the station will conserve power by 724periodically turning off the radio and listening for 725messages from the access point telling it there are packets waiting. 726The station must then retrieve the packets. 727When operating as an access point, the station must honor power 728save operation of associated clients. 729Not all devices support power save operation, either as a client 730or as an access point. 731Use 732.Fl powersave 733to disable powersave operation. 734.It Cm powersavesleep Ar sleep 735Set the desired max powersave sleep time in milliseconds. 736.It Cm protmode Ar technique 737For interfaces operating in 802.11g, use the specified 738.Ar technique 739for protecting OFDM frames in a mixed 11b/11g network. 740The set of valid techniques is 741.Cm off , cts 742(CTS to self), 743and 744.Cm rtscts 745(RTS/CTS). 746Technique names are case insensitive. 747.It Cm pureg 748When operating as an access point in 802.11g mode allow only 74911g-capable stations to associate (11b-only stations are not 750permitted to associate). 751To allow both 11g and 11b-only stations to associate, use 752.Fl pureg . 753.It Cm roaming Ar mode 754When operating as a station, control how the system will 755behave when communication with the current access point 756is broken. 757The 758.Ar mode 759argument may be one of 760.Cm device 761(leave it to the hardware device to decide), 762.Cm auto 763(handle either in the device or the operating system\[em]as appropriate), 764.Cm manual 765(do nothing until explicitly instructed). 766By default, the device is left to handle this if it is 767capable; otherwise, the operating system will automatically 768attempt to reestablish communication. 769Manual mode is mostly useful when an application wants to 770control the selection of an access point. 771.It Cm rtsthreshold Ar length 772Set the threshold for which 773transmitted frames are preceded by transmission of an 774RTS 775control frame. 776The 777.Ar length 778argument 779is the frame size in bytes and must be in the range 1 to 2346. 780Setting 781.Ar length 782to 783.Li 2346 , 784.Cm any , 785or 786.Cm - 787disables transmission of RTS frames. 788Not all adaptors support setting the RTS threshold. 789.It Cm ssid Ar ssid 790Set the desired Service Set Identifier (aka network name). 791The SSID is a string up to 32 characters 792in length and may be specified as either a normal string or in 793hexadecimal when preceded by 794.Ql 0x . 795Additionally, the SSID may be cleared by setting it to 796.Ql - . 797.It Cm scan 798Initiate a scan of neighboring stations, wait for it to complete, and 799display all stations found. 800Only the super-user can initiate a scan. 801Depending on the capabilities of the APs, the following 802flags can be included in the output: 803.Bl -tag -width 3n 804.It Li A 805Channel Agility. 806Indicates that the station support channel hopping as described by the 807IEEE 802.11b specification. 808.It Li B 809Packet Binary Convolution Code (PBCC). 810A modulation alternative to the standard OFDM method. 811.It Dv C 812Pollreq 813.It Dv c 814Pollable 815.It Dv D 816Direct Sequence Spread Spectrum (DSSSOFDM). 817Indicates the the station supports DSSS modulation. 818.It Li E 819Extended Service Set (ESS). 820Indicates that the station is part of an infrastructure network 821(in contrast to an IBSS/ad-hoc network). 822.It Li I 823IBSS/ad-hoc network. 824Indicates that the station is part of an ad-hoc network 825(in contrast to an ESS network). 826.It Li P 827Privacy. 828Data confidentiality is required for all data frames 829exchanged within the BSS. 830This means that this BSS requires the station to 831use cryptographic means such as WEP, TKIP or AES-CCMP to 832encrypt/decrypt data frames being exchanged with others. 833.It Dv R 834Robust Security Network (RSN). 835Indicates that the station supports the IEEE 802.11i authentication 836and key management protocol. 837.It Li S 838Short Preamble. 839Indicates that the network is using short preambles (defined 840in 802.11b High Rate/DSSS PHY, short preamble utilizes a 84156 bit sync field in contrast to a 128 bit field used in long 842preamble mode). 843.It Li s 844Short slot time. 845Indicates that the network is using a short slot time. 846.El 847.Pp 848The 849.Cm list scan 850request can be used to show recent scan results without 851initiating a new scan. 852.It Cm stationname Ar name 853Set the name of this station. 854It appears that the station name is not really part of the IEEE 802.11 855protocol though all interfaces seem to support it. 856As such it only 857seems to be meaningful to identical or virtually identical equipment. 858Setting the station name is identical in syntax to setting the SSID. 859.It Cm txpower Ar power 860Set the power used to transmit frames. 861The 862.Ar power 863argument 864is a unitless value in the range 0 to 100 that is interpreted 865by drivers to derive a device-specific value. 866Out of range values are truncated. 867Typically only a few discreet power settings are available and 868the driver will use the setting closest to the specified value. 869Not all adaptors support changing the transmit power. 870.It Cm wepmode Ar mode 871Set the desired WEP mode. 872Not all adaptors support all modes. 873The set of valid modes is 874.Cm off , on , 875and 876.Cm mixed . 877The 878.Cm mixed 879mode explicitly tells the adaptor to allow association with access 880points which allow both encrypted and unencrypted traffic. 881On these adaptors, 882.Cm on 883means that the access point must only allow encrypted connections. 884On other adaptors, 885.Cm on 886is generally another name for 887.Cm mixed . 888Modes are case insensitive. 889.It Cm weptxkey Ar index 890Set the WEP key to be used for transmission. 891This is the same as setting the default transmission key with 892.Cm deftxkey . 893.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key 894Set the selected WEP key. 895If an 896.Ar index 897is not given, key 1 is set. 898A WEP key will be either 5 or 13 899characters (40 or 104 bits) depending of the local network and the 900capabilities of the adaptor. 901It may be specified either as a plain 902string or as a string of hexadecimal digits preceded by 903.Ql 0x . 904For maximum portability, hex keys are recommended; 905the mapping of text keys to WEP encryption is usually driver-specific. 906In particular, the 907.Tn Windows 908drivers do this mapping differently to 909.Fx . 910A key may be cleared by setting it to 911.Ql - . 912If WEP is supported then there are at least four keys. 913Some adaptors support more than four keys. 914If that is the case, then the first four keys 915(1-4) will be the standard temporary keys and any others will be adaptor 916specific keys such as permanent keys stored in NVRAM. 917.It Cm wme 918Enable Wireless Multimedia Extensions (WME) support, if available, 919for the specified interface. 920WME is a subset of the IEEE 802.11e standard to support the 921efficient communication of realtime and multimedia data. 922To disable WME support, use 923.Fl wme . 924.Pp 925The following parameters are meaningful only when WME support is in use. 926Parameters are specified per-AC (Access Category) and 927split into those that are used by a station when acting 928as an access point and those for client stations in the BSS. 929The latter are received from the access point and may not be changed 930(at the station). 931The following Access Categories are recognized: 932.Pp 933.Bl -tag -width ".Cm AC_BK" -compact 934.It Cm AC_BE 935(or 936.Cm BE ) 937best effort delivery, 938.It Cm AC_BK 939(or 940.Cm BK ) 941background traffic, 942.It Cm AC_VI 943(or 944.Cm VI ) 945video traffic, 946.It Cm AC_VO 947(or 948.Cm VO ) 949voice traffic. 950.El 951.Pp 952AC parameters are case-insensitive. 953Traffic classification is done in the operating system using the 954vlan priority associated with data frames or the 955ToS (Type of Service) indication in IP-encapsulated frames. 956If neither information is present, traffic is assigned to the 957Best Effort (BE) category. 958.Bl -tag -width indent 959.It Cm ack Ar ac 960Set the ACK policy for QoS transmissions by the local station; 961this controls whether or not data frames transmitted by a station 962require an ACK response from the receiving station. 963To disable waiting for an ACK use 964.Fl ack . 965This parameter is applied only to the local station. 966.It Cm acm Ar ac 967Enable the Admission Control Mandatory (ACM) mechanism 968for transmissions by the local station. 969To disable the ACM use 970.Fl acm . 971On stations in a BSS this parameter is read-only and indicates 972the setting received from the access point. 973NB: ACM is not supported right now. 974.It Cm aifs Ar ac Ar count 975Set the Arbitration Inter Frame Spacing (AIFS) 976channel access parameter to use for transmissions 977by the local station. 978On stations in a BSS this parameter is read-only and indicates 979the setting received from the access point. 980.It Cm cwmin Ar ac Ar count 981Set the CWmin channel access parameter to use for transmissions 982by the local station. 983On stations in a BSS this parameter is read-only and indicates 984the setting received from the access point. 985.It Cm cwmax Ar ac Ar count 986Set the CWmax channel access parameter to use for transmissions 987by the local station. 988On stations in a BSS this parameter is read-only and indicates 989the setting received from the access point. 990.It Cm txoplimit Ar ac Ar limit 991Set the Transmission Opportunity Limit channel access parameter 992to use for transmissions by the local station. 993This parameter defines an interval of time when a WME station 994has the right to initiate transmissions onto the wireless medium. 995On stations in a BSS this parameter is read-only and indicates 996the setting received from the access point. 997.It Cm bss:aifs Ar ac Ar count 998Set the AIFS channel access parameter to send to stations in a BSS. 999This parameter is meaningful only when operating in ap mode. 1000.It Cm bss:cwmin Ar ac Ar count 1001Set the CWmin channel access parameter to send to stations in a BSS. 1002This parameter is meaningful only when operating in ap mode. 1003.It Cm bss:cwmax Ar ac Ar count 1004Set the CWmax channel access parameter to send to stations in a BSS. 1005This parameter is meaningful only when operating in ap mode. 1006.It Cm bss:txoplimit Ar ac Ar limit 1007Set the TxOpLimit channel access parameter to send to stations in a BSS. 1008This parameter is meaningful only when operating in ap mode. 1009.El 1010.El 1011.Pp 1012The following parameters support an optional access control list 1013feature available with some adaptors when operating in ap mode; see 1014.Xr wlan_acl 4 . 1015This facility allows an access point to accept/deny association 1016requests based on the MAC address of the station. 1017Note that this feature does not significantly enhance security 1018as MAC address spoofing is easy to do. 1019.Bl -tag -width indent 1020.It Cm mac:add Ar address 1021Add the specified MAC address to the database. 1022Depending on the policy setting association requests from the 1023specified station will be allowed or denied. 1024.It Cm mac:allow 1025Set the ACL policy to permit association only by 1026stations registered in the database. 1027.It Cm mac:del Ar address 1028Delete the specified MAC address from the database. 1029.It Cm mac:deny 1030Set the ACL policy to deny association only by 1031stations registered in the database. 1032.It Cm mac:kick Ar address 1033Force the specified station to be deauthenticated. 1034This typically is done to block a station after updating the 1035address database. 1036.It Cm mac:open 1037Set the ACL policy to allow all stations to associate. 1038.It Cm mac:flush 1039Delete all entries in the database. 1040.El 1041.Pp 1042The following parameters are for compatibility with other systems: 1043.Bl -tag -width indent 1044.It Cm nwid Ar ssid 1045Another name for the 1046.Cm ssid 1047parameter. 1048Included for 1049.Nx 1050compatibility. 1051.It Cm station Ar name 1052Another name for the 1053.Cm stationname 1054parameter. 1055Included for 1056.Bsx 1057compatibility. 1058.It Cm wep 1059Another way of saying 1060.Cm wepmode on . 1061Included for 1062.Bsx 1063compatibility. 1064.It Fl wep 1065Another way of saying 1066.Cm wepmode off . 1067Included for 1068.Bsx 1069compatibility. 1070.It Cm nwkey key 1071Another way of saying: 1072.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" . 1073Included for 1074.Nx 1075compatibility. 1076.It Cm nwkey Xo 1077.Sm off 1078.Ar n : k1 , k2 , k3 , k4 1079.Sm on 1080.Xc 1081Another way of saying 1082.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" . 1083Included for 1084.Nx 1085compatibility. 1086.It Fl nwkey 1087Another way of saying 1088.Cm wepmode off . 1089Included for 1090.Nx 1091compatibility. 1092.El 1093.Pp 1094The following parameters are specific to bridge interfaces: 1095.Bl -tag -width indent 1096.It Cm addm Ar interface 1097Add the interface named by 1098.Ar interface 1099as a member of the bridge. 1100The interface is put into promiscuous mode 1101so that it can receive every packet sent on the network. 1102.It Cm deletem Ar interface 1103Remove the interface named by 1104.Ar interface 1105from the bridge. 1106Promiscuous mode is disabled on the interface when 1107it is removed from the bridge. 1108.It Cm maxaddr Ar size 1109Set the size of the bridge address cache to 1110.Ar size . 1111The default is 100 entries. 1112.It Cm timeout Ar seconds 1113Set the timeout of address cache entries to 1114.Ar seconds 1115seconds. 1116If 1117.Ar seconds 1118is zero, then address cache entries will not be expired. 1119The default is 240 seconds. 1120.It Cm addr 1121Display the addresses that have been learned by the bridge. 1122.It Cm static Ar interface-name Ar address 1123Add a static entry into the address cache pointing to 1124.Ar interface-name . 1125Static entries are never aged out of the cache or re-placed, even if the 1126address is seen on a different interface. 1127.It Cm deladdr Ar address 1128Delete 1129.Ar address 1130from the address cache. 1131.It Cm flush 1132Delete all dynamically-learned addresses from the address cache. 1133.It Cm flushall 1134Delete all addresses, including static addresses, from the address cache. 1135.It Cm discover Ar interface 1136Mark an interface as a 1137.Dq discovering 1138interface. 1139When the bridge has no address cache entry 1140(either dynamic or static) 1141for the destination address of a packet, 1142the bridge will forward the packet to all 1143member interfaces marked as 1144.Dq discovering . 1145This is the default for all interfaces added to a bridge. 1146.It Cm -discover Ar interface 1147Clear the 1148.Dq discovering 1149attribute on a member interface. 1150For packets without the 1151.Dq discovering 1152attribute, the only packets forwarded on the interface are broadcast 1153or multicast packets and packets for which the destination address 1154is known to be on the interface's segment. 1155.It Cm learn Ar interface 1156Mark an interface as a 1157.Dq learning 1158interface. 1159When a packet arrives on such an interface, the source 1160address of the packet is entered into the address cache as being a 1161destination address on the interface's segment. 1162This is the default for all interfaces added to a bridge. 1163.It Cm -learn Ar interface 1164Clear the 1165.Dq learning 1166attribute on a member interface. 1167.It Cm span Ar interface 1168Add the interface named by 1169.Ar interface 1170as a span port on the bridge. 1171Span ports transmit a copy of every frame received by the bridge. 1172This is most useful for snooping a bridged network passively on 1173another host connected to one of the span ports of the bridge. 1174.It Cm -span Ar interface 1175Delete the interface named by 1176.Ar interface 1177from the list of span ports of the bridge. 1178.It Cm stp Ar interface 1179Enable Spanning Tree protocol on 1180.Ar interface . 1181The 1182.Xr if_bridge 4 1183driver has support for the IEEE 802.1D Spanning Tree protocol (STP). 1184Spanning Tree is used to detect and remove loops in a network topology. 1185.It Cm -stp Ar interface 1186Disable Spanning Tree protocol on 1187.Ar interface . 1188This is the default for all interfaces added to a bridge. 1189.It Cm maxage Ar seconds 1190Set the time that a Spanning Tree protocol configuration is valid. 1191The default is 20 seconds. 1192The minimum is 1 second and the maximum is 255 seconds. 1193.It Cm fwddelay Ar seconds 1194Set the time that must pass before an interface begins forwarding 1195packets when Spanning Tree is enabled. 1196The default is 15 seconds. 1197The minimum is 1 second and the maximum is 255 seconds. 1198.It Cm hellotime Ar seconds 1199Set the time between broadcasting of Spanning Tree protocol 1200configuration messages. 1201The default is 2 seconds. 1202The minimum is 1 second and the maximum is 255 seconds. 1203.It Cm priority Ar value 1204Set the bridge priority for Spanning Tree. 1205The default is 32768. 1206The minimum is 0 and the maximum is 65536. 1207.It Cm ifpriority Ar interface Ar value 1208Set the Spanning Tree priority of 1209.Ar interface 1210to 1211.Ar value . 1212The default is 128. 1213The minimum is 0 and the maximum is 255. 1214.It Cm ifpathcost Ar interface Ar value 1215Set the Spanning Tree path cost of 1216.Ar interface 1217to 1218.Ar value . 1219The default is 55. 1220The minimum is 0 and the maximum is 65535. 1221.El 1222.Pp 1223The following parameters are specific to IP tunnel interfaces, 1224.Xr gif 4 : 1225.Bl -tag -width indent 1226.It Cm tunnel Ar src_addr dest_addr 1227Configure the physical source and destination address for IP tunnel 1228interfaces. 1229The arguments 1230.Ar src_addr 1231and 1232.Ar dest_addr 1233are interpreted as the outer source/destination for the encapsulating 1234IPv4/IPv6 header. 1235.It Fl tunnel 1236Unconfigure the physical source and destination address for IP tunnel 1237interfaces previously configured with 1238.Cm tunnel . 1239.It Cm deletetunnel 1240Another name for the 1241.Fl tunnel 1242parameter. 1243.El 1244.Pp 1245The following parameters are specific to 1246.Xr pfsync 4 1247interfaces: 1248.Bl -tag -width indent 1249.It Cm maxupd Ar n 1250Set the maximum number of updates for a single state which 1251can be collapsed into one. 1252This is an 8-bit number; the default value is 128. 1253.El 1254.Pp 1255The following parameters are specific to 1256.Xr vlan 4 1257interfaces: 1258.Bl -tag -width indent 1259.It Cm vlan Ar vlan_tag 1260Set the VLAN tag value to 1261.Ar vlan_tag . 1262This value is a 16-bit number which is used to create an 802.1Q 1263VLAN header for packets sent from the 1264.Xr vlan 4 1265interface. 1266Note that 1267.Cm vlan 1268and 1269.Cm vlandev 1270must both be set at the same time. 1271.It Cm vlandev Ar iface 1272Associate the physical interface 1273.Ar iface 1274with a 1275.Xr vlan 4 1276interface. 1277Packets transmitted through the 1278.Xr vlan 4 1279interface will be 1280diverted to the specified physical interface 1281.Ar iface 1282with 802.1Q VLAN encapsulation. 1283Packets with 802.1Q encapsulation received 1284by the parent interface with the correct VLAN tag will be diverted to 1285the associated 1286.Xr vlan 4 1287pseudo-interface. 1288The 1289.Xr vlan 4 1290interface is assigned a 1291copy of the parent interface's flags and the parent's ethernet address. 1292The 1293.Cm vlandev 1294and 1295.Cm vlan 1296must both be set at the same time. 1297If the 1298.Xr vlan 4 1299interface already has 1300a physical interface associated with it, this command will fail. 1301To 1302change the association to another physical interface, the existing 1303association must be cleared first. 1304.Pp 1305Note: if the hardware tagging capability 1306is set on the parent interface, the 1307.Xr vlan 4 1308pseudo 1309interface's behavior changes: 1310the 1311.Xr vlan 4 1312interface recognizes that the 1313parent interface supports insertion and extraction of VLAN tags on its 1314own (usually in firmware) and that it should pass packets to and from 1315the parent unaltered. 1316.It Fl vlandev Op Ar iface 1317If the driver is a 1318.Xr vlan 4 1319pseudo device, disassociate the parent interface from it. 1320This breaks the link between the 1321.Xr vlan 4 1322interface and its parent, 1323clears its VLAN tag, flags and its link address and shuts the interface down. 1324The 1325.Ar iface 1326argument is useless and hence deprecated. 1327.El 1328.Pp 1329The following parameters are specific to 1330.Xr carp 4 1331interfaces: 1332.Bl -tag -width indent 1333.It Cm advbase Ar seconds 1334Specifies the base of the advertisement interval in seconds. 1335The acceptable values are 1 to 255. 1336The default value is 1. 1337.\" The default value is 1338.\" .Dv CARP_DFLTINTV . 1339.It Cm advskew Ar interval 1340Specifies the skew to add to the base advertisement interval to 1341make one host advertise slower than another host. 1342It is specified in 1/256 of seconds. 1343The acceptable values are 1 to 254. 1344The default value is 0. 1345.It Cm pass Ar phrase 1346Set the authentication key to 1347.Ar phrase . 1348.It Cm vhid Ar n 1349Set the virtual host ID. 1350This is a required setting. 1351Acceptable values are 1 to 255. 1352.El 1353.Pp 1354The 1355.Nm 1356utility displays the current configuration for a network interface 1357when no optional parameters are supplied. 1358If a protocol family is specified, 1359.Nm 1360will report only the details specific to that protocol family. 1361.Pp 1362If the 1363.Fl m 1364flag is passed before an interface name, 1365.Nm 1366will display the capability list and all 1367of the supported media for the specified interface. 1368If 1369.Fl L 1370flag is supplied, address lifetime is displayed for IPv6 addresses, 1371as time offset string. 1372.Pp 1373Optionally, the 1374.Fl a 1375flag may be used instead of an interface name. 1376This flag instructs 1377.Nm 1378to display information about all interfaces in the system. 1379The 1380.Fl d 1381flag limits this to interfaces that are down, and 1382.Fl u 1383limits this to interfaces that are up. 1384When no arguments are given, 1385.Fl a 1386is implied. 1387.Pp 1388The 1389.Fl l 1390flag may be used to list all available interfaces on the system, with 1391no other additional information. 1392Use of this flag is mutually exclusive 1393with all other flags and commands, except for 1394.Fl d 1395(only list interfaces that are down) 1396and 1397.Fl u 1398(only list interfaces that are up). 1399.Pp 1400The 1401.Fl v 1402flag may be used to get more verbose status for an interface. 1403.Pp 1404The 1405.Fl C 1406flag may be used to list all of the interface cloners available on 1407the system, with no additional information. 1408Use of this flag is mutually exclusive with all other flags and commands. 1409.Pp 1410The 1411.Fl k 1412flag causes keying information for the interface, if available, to be 1413printed. 1414For example, the values of 802.11 WEP keys will be printed, if accessible to 1415the current user. 1416This information is not printed by default, as it may be considered 1417sensitive. 1418.Pp 1419Only the super-user may modify the configuration of a network interface. 1420.Sh NOTES 1421The media selection system is relatively new and only some drivers support 1422it (or have need for it). 1423.Sh DIAGNOSTICS 1424Messages indicating the specified interface does not exist, the 1425requested address is unknown, or the user is not privileged and 1426tried to alter an interface's configuration. 1427.Sh SEE ALSO 1428.Xr netstat 1 , 1429.Xr carp 4 , 1430.Xr netintro 4 , 1431.Xr pfsync 4 , 1432.Xr polling 4 , 1433.Xr vlan 4 , 1434.\" .Xr eon 5 , 1435.Xr rc 8 , 1436.Xr routed 8 , 1437.Xr sysctl 8 1438.Sh HISTORY 1439The 1440.Nm 1441utility appeared in 1442.Bx 4.2 . 1443.Sh BUGS 1444Basic IPv6 node operation requires a link-local address on each 1445interface configured for IPv6. 1446Normally, such an address is automatically configured by the 1447kernel on each interface added to the system; this behaviour may 1448be disabled by setting the sysctl MIB variable 1449.Va net.inet6.ip6.auto_linklocal 1450to 0. 1451.Pp 1452If you delete such an address using 1453.Nm , 1454the kernel may act very oddly. 1455Do this at your own risk. 1456