1.\" Copyright (c) 1983, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 4. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 29.\" $FreeBSD$ 30.\" 31.Dd February 27, 2006 32.Dt IFCONFIG 8 33.Os 34.Sh NAME 35.Nm ifconfig 36.Nd configure network interface parameters 37.Sh SYNOPSIS 38.Nm 39.Op Fl L 40.Op Fl k 41.Op Fl m 42.Ar interface 43.Op Cm create 44.Op Ar address_family 45.Oo 46.Ar address 47.Op Ar dest_address 48.Oc 49.Op Ar parameters 50.Nm 51.Ar interface 52.Cm destroy 53.Nm 54.Fl a 55.Op Fl L 56.Op Fl d 57.Op Fl m 58.Op Fl u 59.Op Fl v 60.Op Ar address_family 61.Nm 62.Fl l 63.Op Fl d 64.Op Fl u 65.Op Ar address_family 66.Nm 67.Op Fl L 68.Op Fl d 69.Op Fl k 70.Op Fl m 71.Op Fl u 72.Op Fl v 73.Op Fl C 74.Sh DESCRIPTION 75The 76.Nm 77utility is used to assign an address 78to a network interface and/or configure 79network interface parameters. 80The 81.Nm 82utility must be used at boot time to define the network address 83of each interface present on a machine; it may also be used at 84a later time to redefine an interface's address 85or other operating parameters. 86.Pp 87The following options are available: 88.Bl -tag -width indent 89.It Ar address 90For the 91.Tn DARPA Ns -Internet 92family, 93the address is either a host name present in the host name data 94base, 95.Xr hosts 5 , 96or a 97.Tn DARPA 98Internet address expressed in the Internet standard 99.Dq dot notation . 100.Pp 101It is also possible to use the CIDR notation (also known as the 102slash notation) to include the netmask. 103That is, one can specify an address like 104.Li 192.168.0.1/16 . 105.Pp 106For 107.Dq inet6 108family, it is also possible to specify the prefix length using the slash 109notation, like 110.Li ::1/128 . 111See the 112.Cm prefixlen 113parameter below for more information. 114.\" For the Xerox Network Systems(tm) family, 115.\" addresses are 116.\" .Ar net:a.b.c.d.e.f , 117.\" where 118.\" .Ar net 119.\" is the assigned network number (in decimal), 120.\" and each of the six bytes of the host number, 121.\" .Ar a 122.\" through 123.\" .Ar f , 124.\" are specified in hexadecimal. 125.\" The host number may be omitted on IEEE 802 protocol 126.\" (Ethernet, FDDI, and Token Ring) interfaces, 127.\" which use the hardware physical address, 128.\" and on interfaces other than the first. 129.\" For the 130.\" .Tn ISO 131.\" family, addresses are specified as a long hexadecimal string, 132.\" as in the Xerox family. 133.\" However, two consecutive dots imply a zero 134.\" byte, and the dots are optional, if the user wishes to (carefully) 135.\" count out long strings of digits in network byte order. 136.Pp 137The link-level 138.Pq Dq link 139address 140is specified as a series of colon-separated hex digits. 141This can be used to 142e.g.\& set a new MAC address on an ethernet interface, though the 143mechanism used is not ethernet-specific. 144If the interface is already 145up when this option is used, it will be briefly brought down and 146then brought back up again in order to ensure that the receive 147filter in the underlying ethernet hardware is properly reprogrammed. 148.It Ar address_family 149Specify the 150address family 151which affects interpretation of the remaining parameters. 152Since an interface can receive transmissions in differing protocols 153with different naming schemes, specifying the address family is recommended. 154The address or protocol families currently 155supported are 156.Dq inet , 157.Dq inet6 , 158.Dq atalk , 159.Dq ipx , 160.\" .Dq iso , 161and 162.Dq link . 163.\" and 164.\" .Dq ns . 165The default is 166.Dq inet . 167.Dq ether 168and 169.Dq lladdr 170are synonyms for 171.Dq link . 172.It Ar dest_address 173Specify the address of the correspondent on the other end 174of a point to point link. 175.It Ar interface 176This 177parameter is a string of the form 178.Dq name unit , 179for example, 180.Dq Li ed0 . 181.El 182.Pp 183The following parameters may be set with 184.Nm : 185.Bl -tag -width indent 186.It Cm add 187Another name for the 188.Cm alias 189parameter. 190Introduced for compatibility 191with 192.Bsx . 193.It Cm alias 194Establish an additional network address for this interface. 195This is sometimes useful when changing network numbers, and 196one wishes to accept packets addressed to the old interface. 197If the address is on the same subnet as the first network address 198for this interface, a non-conflicting netmask must be given. 199Usually 200.Li 0xffffffff 201is most appropriate. 202.It Fl alias 203Remove the network address specified. 204This would be used if you incorrectly specified an alias, or it 205was no longer needed. 206If you have incorrectly set an NS address having the side effect 207of specifying the host portion, removing all NS addresses will 208allow you to respecify the host portion. 209.It Cm anycast 210(Inet6 only.) 211Specify that the address configured is an anycast address. 212Based on the current specification, 213only routers may configure anycast addresses. 214Anycast address will not be used as source address of any of outgoing 215IPv6 packets. 216.It Cm arp 217Enable the use of the Address Resolution Protocol 218.Pq Xr arp 4 219in mapping 220between network level addresses and link level addresses (default). 221This is currently implemented for mapping between 222.Tn DARPA 223Internet 224addresses and 225.Tn IEEE 226802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses). 227.It Fl arp 228Disable the use of the Address Resolution Protocol 229.Pq Xr arp 4 . 230.It Cm staticarp 231If the Address Resolution Protocol is enabled, 232the host will only reply to requests for its addresses, 233and will never send any requests. 234.It Fl staticarp 235If the Address Resolution Protocol is enabled, 236the host will perform normally, 237sending out requests and listening for replies. 238.It Cm broadcast 239(Inet only.) 240Specify the address to use to represent broadcasts to the 241network. 242The default broadcast address is the address with a host part of all 1's. 243.It Cm debug 244Enable driver dependent debugging code; usually, this turns on 245extra console error logging. 246.It Fl debug 247Disable driver dependent debugging code. 248.It Cm promisc 249Put interface into permanently promiscuous mode. 250.It Fl promisc 251Disable permanently promiscuous mode. 252.It Cm delete 253Another name for the 254.Fl alias 255parameter. 256.It Cm down 257Mark an interface 258.Dq down . 259When an interface is marked 260.Dq down , 261the system will not attempt to 262transmit messages through that interface. 263If possible, the interface will be reset to disable reception as well. 264This action does not automatically disable routes using the interface. 265.It Cm eui64 266(Inet6 only.) 267Fill interface index 268(lowermost 64bit of an IPv6 address) 269automatically. 270.It Cm ipdst 271This is used to specify an Internet host who is willing to receive 272IP packets encapsulating IPX packets bound for a remote network. 273An apparent point to point link is constructed, and 274the address specified will be taken as the IPX address and network 275of the destination. 276.It Cm maclabel Ar label 277If Mandatory Access Control support is enabled in the kernel, 278set the MAC label to 279.Ar label . 280.\" (see 281.\" .Xr maclabel 7 ) . 282.It Cm media Ar type 283If the driver supports the media selection system, set the media type 284of the interface to 285.Ar type . 286Some interfaces support the mutually exclusive use of one of several 287different physical media connectors. 288For example, a 10Mbit/s Ethernet 289interface might support the use of either 290.Tn AUI 291or twisted pair connectors. 292Setting the media type to 293.Cm 10base5/AUI 294would change the currently active connector to the AUI port. 295Setting it to 296.Cm 10baseT/UTP 297would activate twisted pair. 298Refer to the interfaces' driver 299specific documentation or man page for a complete list of the 300available types. 301.It Cm mediaopt Ar opts 302If the driver supports the media selection system, set the specified 303media options on the interface. 304The 305.Ar opts 306argument 307is a comma delimited list of options to apply to the interface. 308Refer to the interfaces' driver specific man page for a complete 309list of available options. 310.It Fl mediaopt Ar opts 311If the driver supports the media selection system, disable the 312specified media options on the interface. 313.It Cm mode Ar mode 314If the driver supports the media selection system, set the specified 315operating mode on the interface to 316.Ar mode . 317For IEEE 802.11 wireless interfaces that support multiple operating modes 318this directive is used to select between 802.11a 319.Pq Cm 11a , 320802.11b 321.Pq Cm 11b , 322and 802.11g 323.Pq Cm 11g 324operating modes. 325.It Cm name Ar name 326Set the interface name to 327.Ar name . 328.It Cm rxcsum , txcsum 329If the driver supports user-configurable checksum offloading, 330enable receive (or transmit) checksum offloading on the interface. 331Some drivers may not be able to enable these flags independently 332of each other, so setting one may also set the other. 333The driver will offload as much checksum work as it can reliably 334support, the exact level of offloading varies between drivers. 335.It Fl rxcsum , txcsum 336If the driver supports user-configurable checksum offloading, 337disable receive (or transmit) checksum offloading on the interface. 338These settings may not always be independent of each other. 339.It Cm vlanmtu , vlanhwtag 340If the driver offers user-configurable VLAN support, enable 341reception of extended frames or tag processing in hardware, 342respectively. 343Note that this must be issued on a physical interface associated with 344.Xr vlan 4 , 345not on a 346.Xr vlan 4 347interface itself. 348.It Fl vlanmtu , vlanhwtag 349If the driver offers user-configurable VLAN support, disable 350reception of extended frames or tag processing in hardware, 351respectively. 352.It Cm polling 353Turn on 354.Xr polling 4 355feature and disable interrupts on the interface, if driver supports 356this mode. 357.It Fl polling 358Turn off 359.Xr polling 4 360feature and enable interrupt mode on the interface. 361.It Cm create 362Create the specified network pseudo-device. 363If the interface is given without a unit number, try to create a new 364device with an arbitrary unit number. 365If creation of an arbitrary device is successful, the new device name is 366printed to standard output unless the interface is renamed or destroyed 367in the same 368.Nm 369invocation. 370.It Cm destroy 371Destroy the specified network pseudo-device. 372.It Cm plumb 373Another name for the 374.Cm create 375parameter. 376Included for 377.Tn Solaris 378compatibility. 379.It Cm unplumb 380Another name for the 381.Cm destroy 382parameter. 383Included for 384.Tn Solaris 385compatibility. 386.It Cm metric Ar n 387Set the routing metric of the interface to 388.Ar n , 389default 0. 390The routing metric is used by the routing protocol 391.Pq Xr routed 8 . 392Higher metrics have the effect of making a route 393less favorable; metrics are counted as addition hops 394to the destination network or host. 395.It Cm mtu Ar n 396Set the maximum transmission unit of the interface to 397.Ar n , 398default is interface specific. 399The MTU is used to limit the size of packets that are transmitted on an 400interface. 401Not all interfaces support setting the MTU, and some interfaces have 402range restrictions. 403.It Cm netmask Ar mask 404.\" (Inet and ISO.) 405(Inet only.) 406Specify how much of the address to reserve for subdividing 407networks into sub-networks. 408The mask includes the network part of the local address 409and the subnet part, which is taken from the host field of the address. 410The mask can be specified as a single hexadecimal number 411with a leading 412.Ql 0x , 413with a dot-notation Internet address, 414or with a pseudo-network name listed in the network table 415.Xr networks 5 . 416The mask contains 1's for the bit positions in the 32-bit address 417which are to be used for the network and subnet parts, 418and 0's for the host part. 419The mask should contain at least the standard network portion, 420and the subnet field should be contiguous with the network 421portion. 422.Pp 423The netmask can also be specified in CIDR notation after the address. 424See the 425.Ar address 426option above for more information. 427.It Cm prefixlen Ar len 428(Inet6 only.) 429Specify that 430.Ar len 431bits are reserved for subdividing networks into sub-networks. 432The 433.Ar len 434must be integer, and for syntactical reason it must be between 0 to 128. 435It is almost always 64 under the current IPv6 assignment rule. 436If the parameter is omitted, 64 is used. 437.Pp 438The prefix can also be specified using the slash notation after the address. 439See the 440.Ar address 441option above for more information. 442.\" see 443.\" Xr eon 5 . 444.\" .It Cm nsellength Ar n 445.\" .Pf ( Tn ISO 446.\" only) 447.\" This specifies a trailing number of bytes for a received 448.\" .Tn NSAP 449.\" used for local identification, the remaining leading part of which is 450.\" taken to be the 451.\" .Tn NET 452.\" (Network Entity Title). 453.\" The default value is 1, which is conformant to US 454.\" .Tn GOSIP . 455.\" When an ISO address is set in an ifconfig command, 456.\" it is really the 457.\" .Tn NSAP 458.\" which is being specified. 459.\" For example, in 460.\" .Tn US GOSIP , 461.\" 20 hex digits should be 462.\" specified in the 463.\" .Tn ISO NSAP 464.\" to be assigned to the interface. 465.\" There is some evidence that a number different from 1 may be useful 466.\" for 467.\" .Tn AFI 468.\" 37 type addresses. 469.It Cm range Ar netrange 470Under appletalk, set the interface to respond to a 471.Ar netrange 472of the form 473.Ar startnet Ns - Ns Ar endnet . 474Appletalk uses this scheme instead of 475netmasks though 476.Fx 477implements it internally as a set of netmasks. 478.It Cm remove 479Another name for the 480.Fl alias 481parameter. 482Introduced for compatibility 483with 484.Bsx . 485.It Cm phase 486The argument following this specifies the version (phase) of the 487Appletalk network attached to the interface. 488Values of 1 or 2 are permitted. 489.Sm off 490.It Cm link Op Cm 0 No - Cm 2 491.Sm on 492Enable special processing of the link level of the interface. 493These three options are interface specific in actual effect, however, 494they are in general used to select special modes of operation. 495An example 496of this is to enable SLIP compression, or to select the connector type 497for some Ethernet cards. 498Refer to the man page for the specific driver 499for more information. 500.Sm off 501.It Fl link Op Cm 0 No - Cm 2 502.Sm on 503Disable special processing at the link level with the specified interface. 504.It Cm monitor 505Put the interface in monitor mode. 506No packets are transmitted, and received packets are discarded after 507.Xr bpf 4 508processing. 509.It Fl monitor 510Take the interface out of monitor mode. 511.It Cm up 512Mark an interface 513.Dq up . 514This may be used to enable an interface after an 515.Dq Nm Cm down . 516It happens automatically when setting the first address on an interface. 517If the interface was reset when previously marked down, 518the hardware will be re-initialized. 519.El 520.Pp 521The following parameters are specific to IEEE 802.11 wireless interfaces: 522.Bl -tag -width indent 523.It Cm apbridge 524When operating as an access point, pass packets between 525wireless clients directly (default). 526To instead let them pass up through the 527system and be forwarded using some other mechanism, use 528.Fl apbridge . 529Disabling the internal bridging 530is useful when traffic is to be processed with 531packet filtering. 532.It Cm authmode Ar mode 533Set the desired authentication mode in infrastructure mode. 534Not all adaptors support all modes. 535The set of 536valid modes is 537.Cm none , open , shared 538(shared key), 539.Cm 8021x 540(IEEE 802.1x), 541and 542.Cm wpa 543(IEEE WPA/WPA2/802.11i). 544The 545.Cm 8021x 546and 547.Cm wpa 548modes are only useful when using an authentication service 549(a supplicant for client operation or an authenticator when 550operating as an access point). 551Modes are case insensitive. 552.It Cm bintval Ar interval 553Set the interval at which beacon frames are sent when operating in 554ad-hoc or ap mode. 555The 556.Ar interval 557parameter is specified in TU's (1/1024 msecs). 558By default beacon frames are transmitted every 100 TU's. 559.It Cm bssid Ar address 560Specify the MAC address of the access point to use when operating 561as a station in a BSS network. 562This overrides any automatic selection done by the system. 563To disable a previously selected access point, supply 564.Cm any , none , 565or 566.Cm - 567for the address. 568This option is useful when more than one access points have the same SSID. 569Another name for the 570.Cm bssid 571parameter is 572.Cm ap . 573.It Cm burst 574Enable packet bursting. 575Packet bursting is a transmission technique whereby the wireless 576medium is acquired once to send multiple frames and the interframe 577spacing is reduced. 578This technique can significantly increase throughput by reducing 579transmission overhead. 580Packet bursting is supported by the 802.11e QoS specification 581and some devices that do not support QoS may still be capable. 582By default packet bursting is enabled if a device is capable 583of doing it. 584To disable packet bursting, use 585.Fl burst . 586.It Cm chanlist Ar channels 587Set the desired channels to use when scanning for access 588points, neighbors in an IBSS network, or looking for unoccupied 589channels when operating as an access point. 590The set of channels is specified as a comma-separated list with 591each element in the list representing either a single channel number or a range 592of the form 593.Dq Li a-b . 594Channel numbers must be in the range 1 to 255 and be permissible 595according to the operating characteristics of the device. 596.It Cm channel Ar number 597Set a single desired channel. 598Channels range from 1 to 255, but the exact selection available 599depends on the region your adaptor was manufactured for. 600Setting 601the channel to 602.Li 0 , 603.Cm any , 604or 605.Cm - 606will give you the default for your adaptor. 607Some 608adaptors ignore this setting unless you are in ad-hoc mode. 609Alternatively the frequency, in megahertz, may be specified 610instead of the channel number. 611.It Cm deftxkey Ar index 612Set the default key to use for transmission. 613Typically this is only set when using WEP encryption. 614The 615.Cm weptxkey 616is an alias for this request; it is provided for backwards compatibility. 617.It Cm dtimperiod Ar period 618Set the 619DTIM 620period for transmitting buffered multicast data frames when 621operating in ap mode. 622The 623.Ar period 624specifies the number of beacon intervals between DTIM 625and must be in the range 1 to 15. 626By default DTIM is 1 (i.e., DTIM occurs at each beacon). 627.It Cm fragthreshold Ar length 628Set the threshold for which transmitted frames are broken into fragments. 629The 630.Ar length 631argument is the frame size in bytes and must be in the range 256 to 2346. 632Setting 633.Ar length 634to 635.Li 2346 , 636.Cm any , 637or 638.Cm - 639disables transmit fragmentation. 640Not all adaptors honor the fragmentation threshold. 641.It Cm hidessid 642When operating as an access point, do not broadcast the SSID 643in beacon frames or respond to probe request frames unless 644they are directed to the ap (i.e., they include the ap's SSID). 645By default, the SSID is included in beacon frames and 646undirected probe request frames are answered. 647To re-enable the broadcast of the SSID etc., use 648.Fl hidessid . 649.It Cm list active 650Display the list of channels available for use taking into account 651any restrictions set with the 652.Cm chanlist 653directive. 654See the description of 655.Cm list chan 656for more information. 657.It Cm list caps 658Display the adaptor's capabilities, including the operating 659modes supported. 660.It Cm list chan 661Display the list of channels available for use. 662Channels are shown with their IEEE channel number, equivalent 663frequency, and usage modes. 664Channels identified as 665.Ql 11g 666are also usable in 667.Ql 11b 668mode. 669Channels identified as 670.Ql 11a Turbo 671may be used only for Atheros' Static Turbo mode 672.Pq specified with Cm mediaopt turbo . 673Channels marked with a 674.Ql * 675have a regulatory constraint that they be passively scanned. 676This means a station is not permitted to transmit on the channel until 677it identifies the channel is being used for 802.11 communication; 678typically by hearing a beacon frame from an access point operating 679on the channel. 680.Cm list freq 681is another way of requesting this information. 682.It Cm list mac 683Display the current MAC Access Control List state. 684Each address is prefixed with a character that indicates the 685current policy applied to it: 686.Ql + 687indicates the address is allowed access, 688.Ql - 689indicates the address is denied access, 690.Ql * 691indicates the address is present but the current policy open 692(so the ACL is not consulted). 693.It Cm list scan 694Display the access points and/or ad-hoc neighbors 695located in the vicinity. 696This information may be updated automatically by the adaptor 697and/or with a 698.Cm scan 699request. 700.Cm list ap 701is another way of requesting this information. 702.It Cm list sta 703When operating as an access point display the stations that are 704currently associated. 705When operating in ad-hoc mode display stations identified as 706neighbors in the IBSS. 707.It Cm list wme 708Display the current parameters to use when operating in WME mode. 709When WME mode is enabled for an adaptor this information will be 710displayed with the regular status; this command is mostly useful 711for examining parameters when WME mode is disabled. 712See the description of the 713.Cm wme 714directive for information on the various parameters. 715.It Cm mcastrate Ar rate 716Set the rate for transmitting multicast/broadcast frames. 717Rates are specified as megabits/second in decimal; e.g. 5.5 for 5.5 Mb/s. 718This rate should be valid for the current operating conditions; 719if an invalid rate is specified drivers are free to chose an 720appropriate rate. 721.It Cm powersave 722Enable powersave operation. 723When operating as a client, the station will conserve power by 724periodically turning off the radio and listening for 725messages from the access point telling it there are packets waiting. 726The station must then retrieve the packets. 727When operating as an access point, the station must honor power 728save operation of associated clients. 729Not all devices support power save operation, either as a client 730or as an access point. 731Use 732.Fl powersave 733to disable powersave operation. 734.It Cm powersavesleep Ar sleep 735Set the desired max powersave sleep time in milliseconds. 736.It Cm protmode Ar technique 737For interfaces operating in 802.11g, use the specified 738.Ar technique 739for protecting OFDM frames in a mixed 11b/11g network. 740The set of valid techniques is 741.Cm off , cts 742(CTS to self), 743and 744.Cm rtscts 745(RTS/CTS). 746Technique names are case insensitive. 747.It Cm pureg 748When operating as an access point in 802.11g mode allow only 74911g-capable stations to associate (11b-only stations are not 750permitted to associate). 751To allow both 11g and 11b-only stations to associate, use 752.Fl pureg . 753.It Cm roaming Ar mode 754When operating as a station, control how the system will 755behave when communication with the current access point 756is broken. 757The 758.Ar mode 759argument may be one of 760.Cm device 761(leave it to the hardware device to decide), 762.Cm auto 763(handle either in the device or the operating system\[em]as appropriate), 764.Cm manual 765(do nothing until explicitly instructed). 766By default, the device is left to handle this if it is 767capable; otherwise, the operating system will automatically 768attempt to reestablish communication. 769Manual mode is mostly useful when an application wants to 770control the selection of an access point. 771.It Cm rtsthreshold Ar length 772Set the threshold for which 773transmitted frames are preceded by transmission of an 774RTS 775control frame. 776The 777.Ar length 778argument 779is the frame size in bytes and must be in the range 1 to 2346. 780Setting 781.Ar length 782to 783.Li 2346 , 784.Cm any , 785or 786.Cm - 787disables transmission of RTS frames. 788Not all adaptors support setting the RTS threshold. 789.It Cm ssid Ar ssid 790Set the desired Service Set Identifier (aka network name). 791The SSID is a string up to 32 characters 792in length and may be specified as either a normal string or in 793hexadecimal when preceded by 794.Ql 0x . 795Additionally, the SSID may be cleared by setting it to 796.Ql - . 797.It Cm scan 798Initiate a scan of neighboring stations, wait for it to complete, and 799display all stations found. 800Only the super-user can initiate a scan. 801Depending on the capabilities of the APs, the following 802flags can be included in the output: 803.Bl -tag -width 3n 804.It Li E 805Extended Service Set (ESS). 806Indicates that the station is part of an infrastructure network 807(in contrast to an IBSS/ad-hoc network). 808.It Li I 809IBSS/ad-hoc network. 810Indicates that the station is part of an ad-hoc network 811(in contrast to an ESS network). 812.It Li P 813Privacy. 814Data confidentiality is required for all data frames 815exchanged within the BSS. 816This means that this BSS requires the station to 817use cryptographic means such as WEP, TKIP or AES-CCMP to 818encrypt/decrypt data frames being exchanged with others. 819.It Li S 820Short Preamble. 821Indicates that the network is using short preambles (defined 822in 802.11b High Rate/DSSS PHY, short preamble utilizes a 82356 bit sync field in contrast to a 128 bit field used in long 824preamble mode). 825.It Li s 826Short slot time. 827Indicates that the network is using a short slot time. 828.El 829.Pp 830The 831.Cm list scan 832request can be used to show recent scan results without 833initiating a new scan. 834.It Cm stationname Ar name 835Set the name of this station. 836It appears that the station name is not really part of the IEEE 802.11 837protocol though all interfaces seem to support it. 838As such it only 839seems to be meaningful to identical or virtually identical equipment. 840Setting the station name is identical in syntax to setting the SSID. 841.It Cm txpower Ar power 842Set the power used to transmit frames. 843The 844.Ar power 845argument 846is a unitless value in the range 0 to 100 that is interpreted 847by drivers to derive a device-specific value. 848Out of range values are truncated. 849Typically only a few discreet power settings are available and 850the driver will use the setting closest to the specified value. 851Not all adaptors support changing the transmit power. 852.It Cm wepmode Ar mode 853Set the desired WEP mode. 854Not all adaptors support all modes. 855The set of valid modes is 856.Cm off , on , 857and 858.Cm mixed . 859The 860.Cm mixed 861mode explicitly tells the adaptor to allow association with access 862points which allow both encrypted and unencrypted traffic. 863On these adaptors, 864.Cm on 865means that the access point must only allow encrypted connections. 866On other adaptors, 867.Cm on 868is generally another name for 869.Cm mixed . 870Modes are case insensitive. 871.It Cm weptxkey Ar index 872Set the WEP key to be used for transmission. 873This is the same as setting the default transmission key with 874.Cm deftxkey . 875.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key 876Set the selected WEP key. 877If an 878.Ar index 879is not given, key 1 is set. 880A WEP key will be either 5 or 13 881characters (40 or 104 bits) depending of the local network and the 882capabilities of the adaptor. 883It may be specified either as a plain 884string or as a string of hexadecimal digits preceded by 885.Ql 0x . 886For maximum portability, hex keys are recommended; 887the mapping of text keys to WEP encryption is usually driver-specific. 888In particular, the 889.Tn Windows 890drivers do this mapping differently to 891.Fx . 892A key may be cleared by setting it to 893.Ql - . 894If WEP is supported then there are at least four keys. 895Some adaptors support more than four keys. 896If that is the case, then the first four keys 897(1-4) will be the standard temporary keys and any others will be adaptor 898specific keys such as permanent keys stored in NVRAM. 899.It Cm wme 900Enable Wireless Multimedia Extensions (WME) support, if available, 901for the specified interface. 902WME is a subset of the IEEE 802.11e standard to support the 903efficient communication of realtime and multimedia data. 904To disable WME support, use 905.Fl wme . 906.Pp 907The following parameters are meaningful only when WME support is in use. 908Parameters are specified per-AC (Access Category) and 909split into those that are used by a station when acting 910as an access point and those for client stations in the BSS. 911The latter are received from the access point and may not be changed 912(at the station). 913The following Access Categories are recognized: 914.Pp 915.Bl -tag -width ".Cm AC_BK" -compact 916.It Cm AC_BE 917(or 918.Cm BE ) 919best effort delivery, 920.It Cm AC_BK 921(or 922.Cm BK ) 923background traffic, 924.It Cm AC_VI 925(or 926.Cm VI ) 927video traffic, 928.It Cm AC_VO 929(or 930.Cm VO ) 931voice traffic. 932.El 933.Pp 934AC parameters are case-insensitive. 935Traffic classification is done in the operating system using the 936vlan priority associated with data frames or the 937ToS (Type of Service) indication in IP-encapsulated frames. 938If neither information is present, traffic is assigned to the 939Best Effort (BE) category. 940.Bl -tag -width indent 941.It Cm ack Ar ac 942Set the ACK policy for QoS transmissions by the local station; 943this controls whether or not data frames transmitted by a station 944require an ACK response from the receiving station. 945To disable waiting for an ACK use 946.Fl ack . 947This parameter is applied only to the local station. 948.It Cm acm Ar ac 949Enable the Admission Control Mandatory (ACM) mechanism 950for transmissions by the local station. 951To disable the ACM use 952.Fl acm . 953On stations in a BSS this parameter is read-only and indicates 954the setting received from the access point. 955NB: ACM is not supported right now. 956.It Cm aifs Ar ac Ar count 957Set the Arbitration Inter Frame Spacing (AIFS) 958channel access parameter to use for transmissions 959by the local station. 960On stations in a BSS this parameter is read-only and indicates 961the setting received from the access point. 962.It Cm cwmin Ar ac Ar count 963Set the CWmin channel access parameter to use for transmissions 964by the local station. 965On stations in a BSS this parameter is read-only and indicates 966the setting received from the access point. 967.It Cm cwmax Ar ac Ar count 968Set the CWmax channel access parameter to use for transmissions 969by the local station. 970On stations in a BSS this parameter is read-only and indicates 971the setting received from the access point. 972.It Cm txoplimit Ar ac Ar limit 973Set the Transmission Opportunity Limit channel access parameter 974to use for transmissions by the local station. 975This parameter defines an interval of time when a WME station 976has the right to initiate transmissions onto the wireless medium. 977On stations in a BSS this parameter is read-only and indicates 978the setting received from the access point. 979.It Cm bss:aifs Ar ac Ar count 980Set the AIFS channel access parameter to send to stations in a BSS. 981This parameter is meaningful only when operating in ap mode. 982.It Cm bss:cwmin Ar ac Ar count 983Set the CWmin channel access parameter to send to stations in a BSS. 984This parameter is meaningful only when operating in ap mode. 985.It Cm bss:cwmax Ar ac Ar count 986Set the CWmax channel access parameter to send to stations in a BSS. 987This parameter is meaningful only when operating in ap mode. 988.It Cm bss:txoplimit Ar ac Ar limit 989Set the TxOpLimit channel access parameter to send to stations in a BSS. 990This parameter is meaningful only when operating in ap mode. 991.El 992.El 993.Pp 994The following parameters support an optional access control list 995feature available with some adaptors when operating in ap mode; see 996.Xr wlan_acl 4 . 997This facility allows an access point to accept/deny association 998requests based on the MAC address of the station. 999Note that this feature does not significantly enhance security 1000as MAC address spoofing is easy to do. 1001.Bl -tag -width indent 1002.It Cm mac:add Ar address 1003Add the specified MAC address to the database. 1004Depending on the policy setting association requests from the 1005specified station will be allowed or denied. 1006.It Cm mac:allow 1007Set the ACL policy to permit association only by 1008stations registered in the database. 1009.It Cm mac:del Ar address 1010Delete the specified MAC address from the database. 1011.It Cm mac:deny 1012Set the ACL policy to deny association only by 1013stations registered in the database. 1014.It Cm mac:kick Ar address 1015Force the specified station to be deauthenticated. 1016This typically is done to block a station after updating the 1017address database. 1018.It Cm mac:open 1019Set the ACL policy to allow all stations to associate. 1020.It Cm mac:flush 1021Delete all entries in the database. 1022.El 1023.Pp 1024The following parameters are for compatibility with other systems: 1025.Bl -tag -width indent 1026.It Cm nwid Ar ssid 1027Another name for the 1028.Cm ssid 1029parameter. 1030Included for 1031.Nx 1032compatibility. 1033.It Cm station Ar name 1034Another name for the 1035.Cm stationname 1036parameter. 1037Included for 1038.Bsx 1039compatibility. 1040.It Cm wep 1041Another way of saying 1042.Cm wepmode on . 1043Included for 1044.Bsx 1045compatibility. 1046.It Fl wep 1047Another way of saying 1048.Cm wepmode off . 1049Included for 1050.Bsx 1051compatibility. 1052.It Cm nwkey key 1053Another way of saying: 1054.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" . 1055Included for 1056.Nx 1057compatibility. 1058.It Cm nwkey Xo 1059.Sm off 1060.Ar n : k1 , k2 , k3 , k4 1061.Sm on 1062.Xc 1063Another way of saying 1064.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" . 1065Included for 1066.Nx 1067compatibility. 1068.It Fl nwkey 1069Another way of saying 1070.Cm wepmode off . 1071Included for 1072.Nx 1073compatibility. 1074.El 1075.Pp 1076The following parameters are specific to bridge interfaces: 1077.Bl -tag -width indent 1078.It Cm addm Ar interface 1079Add the interface named by 1080.Ar interface 1081as a member of the bridge. 1082The interface is put into promiscuous mode 1083so that it can receive every packet sent on the network. 1084.It Cm deletem Ar interface 1085Remove the interface named by 1086.Ar interface 1087from the bridge. 1088Promiscuous mode is disabled on the interface when 1089it is removed from the bridge. 1090.It Cm maxaddr Ar size 1091Set the size of the bridge address cache to 1092.Ar size . 1093The default is 100 entries. 1094.It Cm timeout Ar seconds 1095Set the timeout of address cache entries to 1096.Ar seconds 1097seconds. 1098If 1099.Ar seconds 1100is zero, then address cache entries will not be expired. 1101The default is 240 seconds. 1102.It Cm addr 1103Display the addresses that have been learned by the bridge. 1104.It Cm static Ar interface-name Ar address 1105Add a static entry into the address cache pointing to 1106.Ar interface-name . 1107Static entries are never aged out of the cache or re-placed, even if the 1108address is seen on a different interface. 1109.It Cm deladdr Ar address 1110Delete 1111.Ar address 1112from the address cache. 1113.It Cm flush 1114Delete all dynamically-learned addresses from the address cache. 1115.It Cm flushall 1116Delete all addresses, including static addresses, from the address cache. 1117.It Cm discover Ar interface 1118Mark an interface as a 1119.Dq discovering 1120interface. 1121When the bridge has no address cache entry 1122(either dynamic or static) 1123for the destination address of a packet, 1124the bridge will forward the packet to all 1125member interfaces marked as 1126.Dq discovering . 1127This is the default for all interfaces added to a bridge. 1128.It Cm -discover Ar interface 1129Clear the 1130.Dq discovering 1131attribute on a member interface. 1132For packets without the 1133.Dq discovering 1134attribute, the only packets forwarded on the interface are broadcast 1135or multicast packets and packets for which the destination address 1136is known to be on the interface's segment. 1137.It Cm learn Ar interface 1138Mark an interface as a 1139.Dq learning 1140interface. 1141When a packet arrives on such an interface, the source 1142address of the packet is entered into the address cache as being a 1143destination address on the interface's segment. 1144This is the default for all interfaces added to a bridge. 1145.It Cm -learn Ar interface 1146Clear the 1147.Dq learning 1148attribute on a member interface. 1149.It Cm span Ar interface 1150Add the interface named by 1151.Ar interface 1152as a span port on the bridge. 1153Span ports transmit a copy of every frame received by the bridge. 1154This is most useful for snooping a bridged network passively on 1155another host connected to one of the span ports of the bridge. 1156.It Cm -span Ar interface 1157Delete the interface named by 1158.Ar interface 1159from the list of span ports of the bridge. 1160.It Cm stp Ar interface 1161Enable Spanning Tree protocol on 1162.Ar interface . 1163The 1164.Xr if_bridge 4 1165driver has support for the IEEE 802.1D Spanning Tree protocol (STP). 1166Spanning Tree is used to detect and remove loops in a network topology. 1167.It Cm -stp Ar interface 1168Disable Spanning Tree protocol on 1169.Ar interface . 1170This is the default for all interfaces added to a bridge. 1171.It Cm maxage Ar seconds 1172Set the time that a Spanning Tree protocol configuration is valid. 1173The default is 20 seconds. 1174The minimum is 1 second and the maximum is 255 seconds. 1175.It Cm fwddelay Ar seconds 1176Set the time that must pass before an interface begins forwarding 1177packets when Spanning Tree is enabled. 1178The default is 15 seconds. 1179The minimum is 1 second and the maximum is 255 seconds. 1180.It Cm hellotime Ar seconds 1181Set the time between broadcasting of Spanning Tree protocol 1182configuration messages. 1183The default is 2 seconds. 1184The minimum is 1 second and the maximum is 255 seconds. 1185.It Cm priority Ar value 1186Set the bridge priority for Spanning Tree. 1187The default is 32768. 1188The minimum is 0 and the maximum is 65536. 1189.It Cm ifpriority Ar interface Ar value 1190Set the Spanning Tree priority of 1191.Ar interface 1192to 1193.Ar value . 1194The default is 128. 1195The minimum is 0 and the maximum is 255. 1196.It Cm ifpathcost Ar interface Ar value 1197Set the Spanning Tree path cost of 1198.Ar interface 1199to 1200.Ar value . 1201The default is 55. 1202The minimum is 0 and the maximum is 65535. 1203.El 1204.Pp 1205The following parameters are specific to IP tunnel interfaces, 1206.Xr gif 4 : 1207.Bl -tag -width indent 1208.It Cm tunnel Ar src_addr dest_addr 1209Configure the physical source and destination address for IP tunnel 1210interfaces. 1211The arguments 1212.Ar src_addr 1213and 1214.Ar dest_addr 1215are interpreted as the outer source/destination for the encapsulating 1216IPv4/IPv6 header. 1217.It Fl tunnel 1218Unconfigure the physical source and destination address for IP tunnel 1219interfaces previously configured with 1220.Cm tunnel . 1221.It Cm deletetunnel 1222Another name for the 1223.Fl tunnel 1224parameter. 1225.El 1226.Pp 1227The following parameters are specific to 1228.Xr pfsync 4 1229interfaces: 1230.Bl -tag -width indent 1231.It Cm maxupd Ar n 1232Set the maximum number of updates for a single state which 1233can be collapsed into one. 1234This is an 8-bit number; the default value is 128. 1235.El 1236.Pp 1237The following parameters are specific to 1238.Xr vlan 4 1239interfaces: 1240.Bl -tag -width indent 1241.It Cm vlan Ar vlan_tag 1242Set the VLAN tag value to 1243.Ar vlan_tag . 1244This value is a 16-bit number which is used to create an 802.1Q 1245VLAN header for packets sent from the 1246.Xr vlan 4 1247interface. 1248Note that 1249.Cm vlan 1250and 1251.Cm vlandev 1252must both be set at the same time. 1253.It Cm vlandev Ar iface 1254Associate the physical interface 1255.Ar iface 1256with a 1257.Xr vlan 4 1258interface. 1259Packets transmitted through the 1260.Xr vlan 4 1261interface will be 1262diverted to the specified physical interface 1263.Ar iface 1264with 802.1Q VLAN encapsulation. 1265Packets with 802.1Q encapsulation received 1266by the parent interface with the correct VLAN tag will be diverted to 1267the associated 1268.Xr vlan 4 1269pseudo-interface. 1270The 1271.Xr vlan 4 1272interface is assigned a 1273copy of the parent interface's flags and the parent's ethernet address. 1274The 1275.Cm vlandev 1276and 1277.Cm vlan 1278must both be set at the same time. 1279If the 1280.Xr vlan 4 1281interface already has 1282a physical interface associated with it, this command will fail. 1283To 1284change the association to another physical interface, the existing 1285association must be cleared first. 1286.Pp 1287Note: if the hardware tagging capability 1288is set on the parent interface, the 1289.Xr vlan 4 1290pseudo 1291interface's behavior changes: 1292the 1293.Xr vlan 4 1294interface recognizes that the 1295parent interface supports insertion and extraction of VLAN tags on its 1296own (usually in firmware) and that it should pass packets to and from 1297the parent unaltered. 1298.It Fl vlandev Op Ar iface 1299If the driver is a 1300.Xr vlan 4 1301pseudo device, disassociate the parent interface from it. 1302This breaks the link between the 1303.Xr vlan 4 1304interface and its parent, 1305clears its VLAN tag, flags and its link address and shuts the interface down. 1306The 1307.Ar iface 1308argument is useless and hence deprecated. 1309.El 1310.Pp 1311The following parameters are specific to 1312.Xr carp 4 1313interfaces: 1314.Bl -tag -width indent 1315.It Cm advbase Ar seconds 1316Specifies the base of the advertisement interval in seconds. 1317The acceptable values are 1 to 255. 1318The default value is 1. 1319.\" The default value is 1320.\" .Dv CARP_DFLTINTV . 1321.It Cm advskew Ar interval 1322Specifies the skew to add to the base advertisement interval to 1323make one host advertise slower than another host. 1324It is specified in 1/256 of seconds. 1325The acceptable values are 1 to 254. 1326The default value is 0. 1327.It Cm pass Ar phrase 1328Set the authentication key to 1329.Ar phrase . 1330.It Cm vhid Ar n 1331Set the virtual host ID. 1332This is a required setting. 1333Acceptable values are 1 to 255. 1334.El 1335.Pp 1336The 1337.Nm 1338utility displays the current configuration for a network interface 1339when no optional parameters are supplied. 1340If a protocol family is specified, 1341.Nm 1342will report only the details specific to that protocol family. 1343.Pp 1344If the 1345.Fl m 1346flag is passed before an interface name, 1347.Nm 1348will display the capability list and all 1349of the supported media for the specified interface. 1350If 1351.Fl L 1352flag is supplied, address lifetime is displayed for IPv6 addresses, 1353as time offset string. 1354.Pp 1355Optionally, the 1356.Fl a 1357flag may be used instead of an interface name. 1358This flag instructs 1359.Nm 1360to display information about all interfaces in the system. 1361The 1362.Fl d 1363flag limits this to interfaces that are down, and 1364.Fl u 1365limits this to interfaces that are up. 1366When no arguments are given, 1367.Fl a 1368is implied. 1369.Pp 1370The 1371.Fl l 1372flag may be used to list all available interfaces on the system, with 1373no other additional information. 1374Use of this flag is mutually exclusive 1375with all other flags and commands, except for 1376.Fl d 1377(only list interfaces that are down) 1378and 1379.Fl u 1380(only list interfaces that are up). 1381.Pp 1382The 1383.Fl v 1384flag may be used to get more verbose status for an interface. 1385.Pp 1386The 1387.Fl C 1388flag may be used to list all of the interface cloners available on 1389the system, with no additional information. 1390Use of this flag is mutually exclusive with all other flags and commands. 1391.Pp 1392The 1393.Fl k 1394flag causes keying information for the interface, if available, to be 1395printed. 1396For example, the values of 802.11 WEP keys will be printed, if accessible to 1397the current user. 1398This information is not printed by default, as it may be considered 1399sensitive. 1400.Pp 1401Only the super-user may modify the configuration of a network interface. 1402.Sh NOTES 1403The media selection system is relatively new and only some drivers support 1404it (or have need for it). 1405.Sh DIAGNOSTICS 1406Messages indicating the specified interface does not exist, the 1407requested address is unknown, or the user is not privileged and 1408tried to alter an interface's configuration. 1409.Sh SEE ALSO 1410.Xr netstat 1 , 1411.Xr carp 4 , 1412.Xr netintro 4 , 1413.Xr pfsync 4 , 1414.Xr polling 4 , 1415.Xr vlan 4 , 1416.\" .Xr eon 5 , 1417.Xr rc 8 , 1418.Xr routed 8 , 1419.Xr sysctl 8 1420.Sh HISTORY 1421The 1422.Nm 1423utility appeared in 1424.Bx 4.2 . 1425.Sh BUGS 1426Basic IPv6 node operation requires a link-local address on each 1427interface configured for IPv6. 1428Normally, such an address is automatically configured by the 1429kernel on each interface added to the system; this behaviour may 1430be disabled by setting the sysctl MIB variable 1431.Va net.inet6.ip6.auto_linklocal 1432to 0. 1433.Pp 1434If you delete such an address using 1435.Nm , 1436the kernel may act very oddly. 1437Do this at your own risk. 1438