xref: /freebsd/sbin/ifconfig/ifconfig.8 (revision 9162f64b58d01ec01481d60b6cdc06ffd8e8c7fc)
1.\" Copyright (c) 1983, 1991, 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 4. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\"     From: @(#)ifconfig.8	8.3 (Berkeley) 1/5/94
29.\" $FreeBSD$
30.\"
31.Dd January 7, 2009
32.Dt IFCONFIG 8
33.Os
34.Sh NAME
35.Nm ifconfig
36.Nd configure network interface parameters
37.Sh SYNOPSIS
38.Nm
39.Op Fl L
40.Op Fl k
41.Op Fl m
42.Op Fl n
43.Ar interface
44.Op Cm create
45.Op Ar address_family
46.Oo
47.Ar address
48.Op Ar dest_address
49.Oc
50.Op Ar parameters
51.Nm
52.Ar interface
53.Cm destroy
54.Nm
55.Fl a
56.Op Fl L
57.Op Fl d
58.Op Fl m
59.Op Fl u
60.Op Fl v
61.Op Ar address_family
62.Nm
63.Fl l
64.Op Fl d
65.Op Fl u
66.Op Ar address_family
67.Nm
68.Op Fl L
69.Op Fl d
70.Op Fl k
71.Op Fl m
72.Op Fl u
73.Op Fl v
74.Op Fl C
75.Nm
76.Op Fl g Ar groupname
77.Sh DESCRIPTION
78The
79.Nm
80utility is used to assign an address
81to a network interface and/or configure
82network interface parameters.
83The
84.Nm
85utility must be used at boot time to define the network address
86of each interface present on a machine; it may also be used at
87a later time to redefine an interface's address
88or other operating parameters.
89.Pp
90The following options are available:
91.Bl -tag -width indent
92.It Ar address
93For the
94.Tn DARPA Ns -Internet
95family,
96the address is either a host name present in the host name data
97base,
98.Xr hosts 5 ,
99or a
100.Tn DARPA
101Internet address expressed in the Internet standard
102.Dq dot notation .
103.Pp
104It is also possible to use the CIDR notation (also known as the
105slash notation) to include the netmask.
106That is, one can specify an address like
107.Li 192.168.0.1/16 .
108.Pp
109For the
110.Dq inet6
111family, it is also possible to specify the prefix length using the slash
112notation, like
113.Li ::1/128 .
114See the
115.Cm prefixlen
116parameter below for more information.
117.\" For the Xerox Network Systems(tm) family,
118.\" addresses are
119.\" .Ar net:a.b.c.d.e.f ,
120.\" where
121.\" .Ar net
122.\" is the assigned network number (in decimal),
123.\" and each of the six bytes of the host number,
124.\" .Ar a
125.\" through
126.\" .Ar f ,
127.\" are specified in hexadecimal.
128.\" The host number may be omitted on IEEE 802 protocol
129.\" (Ethernet, FDDI, and Token Ring) interfaces,
130.\" which use the hardware physical address,
131.\" and on interfaces other than the first.
132.\" For the
133.\" .Tn ISO
134.\" family, addresses are specified as a long hexadecimal string,
135.\" as in the Xerox family.
136.\" However, two consecutive dots imply a zero
137.\" byte, and the dots are optional, if the user wishes to (carefully)
138.\" count out long strings of digits in network byte order.
139.Pp
140The link-level
141.Pq Dq link
142address
143is specified as a series of colon-separated hex digits.
144This can be used to
145e.g.\& set a new MAC address on an ethernet interface, though the
146mechanism used is not ethernet-specific.
147If the interface is already
148up when this option is used, it will be briefly brought down and
149then brought back up again in order to ensure that the receive
150filter in the underlying ethernet hardware is properly reprogrammed.
151.It Ar address_family
152Specify the
153address family
154which affects interpretation of the remaining parameters.
155Since an interface can receive transmissions in differing protocols
156with different naming schemes, specifying the address family is recommended.
157The address or protocol families currently
158supported are
159.Dq inet ,
160.Dq inet6 ,
161.Dq atalk ,
162.Dq ipx ,
163.\" .Dq iso ,
164and
165.Dq link .
166.\" and
167.\" .Dq ns .
168The default is
169.Dq inet .
170.Dq ether
171and
172.Dq lladdr
173are synonyms for
174.Dq link .
175.It Ar dest_address
176Specify the address of the correspondent on the other end
177of a point to point link.
178.It Ar interface
179This
180parameter is a string of the form
181.Dq name unit ,
182for example,
183.Dq Li ed0 .
184.It Ar groupname
185List the interfaces in the given group.
186.El
187.Pp
188The following parameters may be set with
189.Nm :
190.Bl -tag -width indent
191.It Cm add
192Another name for the
193.Cm alias
194parameter.
195Introduced for compatibility
196with
197.Bsx .
198.It Cm alias
199Establish an additional network address for this interface.
200This is sometimes useful when changing network numbers, and
201one wishes to accept packets addressed to the old interface.
202If the address is on the same subnet as the first network address
203for this interface, a non-conflicting netmask must be given.
204Usually
205.Li 0xffffffff
206is most appropriate.
207.It Fl alias
208Remove the network address specified.
209This would be used if you incorrectly specified an alias, or it
210was no longer needed.
211If you have incorrectly set an NS address having the side effect
212of specifying the host portion, removing all NS addresses will
213allow you to respecify the host portion.
214.It Cm anycast
215(Inet6 only.)
216Specify that the address configured is an anycast address.
217Based on the current specification,
218only routers may configure anycast addresses.
219Anycast address will not be used as source address of any of outgoing
220IPv6 packets.
221.It Cm arp
222Enable the use of the Address Resolution Protocol
223.Pq Xr arp 4
224in mapping
225between network level addresses and link level addresses (default).
226This is currently implemented for mapping between
227.Tn DARPA
228Internet
229addresses and
230.Tn IEEE
231802 48-bit MAC addresses (Ethernet, FDDI, and Token Ring addresses).
232.It Fl arp
233Disable the use of the Address Resolution Protocol
234.Pq Xr arp 4 .
235.It Cm staticarp
236If the Address Resolution Protocol is enabled,
237the host will only reply to requests for its addresses,
238and will never send any requests.
239.It Fl staticarp
240If the Address Resolution Protocol is enabled,
241the host will perform normally,
242sending out requests and listening for replies.
243.It Cm broadcast
244(Inet only.)
245Specify the address to use to represent broadcasts to the
246network.
247The default broadcast address is the address with a host part of all 1's.
248.It Cm debug
249Enable driver dependent debugging code; usually, this turns on
250extra console error logging.
251.It Fl debug
252Disable driver dependent debugging code.
253.It Cm promisc
254Put interface into permanently promiscuous mode.
255.It Fl promisc
256Disable permanently promiscuous mode.
257.It Cm delete
258Another name for the
259.Fl alias
260parameter.
261.It Cm down
262Mark an interface
263.Dq down .
264When an interface is marked
265.Dq down ,
266the system will not attempt to
267transmit messages through that interface.
268If possible, the interface will be reset to disable reception as well.
269This action does not automatically disable routes using the interface.
270.It Cm group Ar group-name
271Assign the interface to a
272.Dq group .
273Any interface can be in multiple groups.
274.Pp
275Cloned interfaces are members of their interface family group by default.
276For example, a PPP interface such as
277.Em ppp0
278is a member of the PPP interface family group,
279.Em ppp .
280.\" The interface(s) the default route(s) point to are members of the
281.\" .Em egress
282.\" interface group.
283.It Cm -group Ar group-name
284Remove the interface from the given
285.Dq group .
286.It Cm eui64
287(Inet6 only.)
288Fill interface index
289(lowermost 64bit of an IPv6 address)
290automatically.
291.It Cm ipdst
292This is used to specify an Internet host who is willing to receive
293IP packets encapsulating IPX packets bound for a remote network.
294An apparent point to point link is constructed, and
295the address specified will be taken as the IPX address and network
296of the destination.
297.It Cm maclabel Ar label
298If Mandatory Access Control support is enabled in the kernel,
299set the MAC label to
300.Ar label .
301.\" (see
302.\" .Xr maclabel 7 ) .
303.It Cm media Ar type
304If the driver supports the media selection system, set the media type
305of the interface to
306.Ar type .
307Some interfaces support the mutually exclusive use of one of several
308different physical media connectors.
309For example, a 10Mbit/s Ethernet
310interface might support the use of either
311.Tn AUI
312or twisted pair connectors.
313Setting the media type to
314.Cm 10base5/AUI
315would change the currently active connector to the AUI port.
316Setting it to
317.Cm 10baseT/UTP
318would activate twisted pair.
319Refer to the interfaces' driver
320specific documentation or man page for a complete list of the
321available types.
322.It Cm mediaopt Ar opts
323If the driver supports the media selection system, set the specified
324media options on the interface.
325The
326.Ar opts
327argument
328is a comma delimited list of options to apply to the interface.
329Refer to the interfaces' driver specific man page for a complete
330list of available options.
331.It Fl mediaopt Ar opts
332If the driver supports the media selection system, disable the
333specified media options on the interface.
334.It Cm mode Ar mode
335If the driver supports the media selection system, set the specified
336operating mode on the interface to
337.Ar mode .
338For IEEE 802.11 wireless interfaces that support multiple operating modes
339this directive is used to select between 802.11a
340.Pq Cm 11a ,
341802.11b
342.Pq Cm 11b ,
343and 802.11g
344.Pq Cm 11g
345operating modes.
346.It Cm inst Ar minst , Cm instance Ar minst
347Set the media instance to
348.Ar minst .
349This is useful for devices which have multiple physical layer interfaces
350.Pq PHYs .
351.It Cm name Ar name
352Set the interface name to
353.Ar name .
354.It Cm rxcsum , txcsum
355If the driver supports user-configurable checksum offloading,
356enable receive (or transmit) checksum offloading on the interface.
357Some drivers may not be able to enable these flags independently
358of each other, so setting one may also set the other.
359The driver will offload as much checksum work as it can reliably
360support, the exact level of offloading varies between drivers.
361.It Fl rxcsum , txcsum
362If the driver supports user-configurable checksum offloading,
363disable receive (or transmit) checksum offloading on the interface.
364These settings may not always be independent of each other.
365.It Cm tso
366If the driver supports
367.Xr tcp 4
368segmentation offloading, enable TSO on the interface.
369Some drivers may not be able to support TSO for
370.Xr ip 4
371and
372.Xr ip6 4
373packets, so they may enable only one of them.
374.It Fl tso
375If the driver supports
376.Xr tcp 4
377segmentation offloading, disable TSO on the interface.
378It will always disable TSO for
379.Xr ip 4
380and
381.Xr ip6 4 .
382.It Cm lro
383If the driver supports
384.Xr tcp 4
385large receive offloading, enable LRO on the interface.
386.It Fl lro
387If the driver supports
388.Xr tcp 4
389large receive offloading, disable LRO on the interface.
390.It Cm wol , wol_ucast , wol_mcast , wol_magic
391Enable Wake On Lan (WOL) support, if available.
392WOL is a facility whereby a machine in a low power state may be woken
393in response to a received packet.
394There are three types of packets that may wake a system:
395ucast (directed solely to the machine's mac address),
396mcast (directed to a broadcast or multicast address),
397or
398magic (unicast or multicast frames with a ``magic contents'').
399Not all devices support WOL, those that do indicate the mechanisms
400they support in their capabilities.
401.Cm wol
402is a synonym for enabling all available WOL mechanisms.
403To disable WOL use
404.Fl wol .
405.It Cm vlanmtu , vlanhwtag, vlanhwfilter
406If the driver offers user-configurable VLAN support, enable
407reception of extended frames, tag processing in hardware, or
408frame filtering in hardware,
409respectively.
410Note that this must be issued on a physical interface associated with
411.Xr vlan 4 ,
412not on a
413.Xr vlan 4
414interface itself.
415.It Fl vlanmtu , vlanhwtag, vlanhwfilter
416If the driver offers user-configurable VLAN support, disable
417reception of extended frames, tag processing in hardware, or
418frame filtering in hardware,
419respectively.
420.It Cm polling
421Turn on
422.Xr polling 4
423feature and disable interrupts on the interface, if driver supports
424this mode.
425.It Fl polling
426Turn off
427.Xr polling 4
428feature and enable interrupt mode on the interface.
429.It Cm create
430Create the specified network pseudo-device.
431If the interface is given without a unit number, try to create a new
432device with an arbitrary unit number.
433If creation of an arbitrary device is successful, the new device name is
434printed to standard output unless the interface is renamed or destroyed
435in the same
436.Nm
437invocation.
438.It Cm destroy
439Destroy the specified network pseudo-device.
440.It Cm plumb
441Another name for the
442.Cm create
443parameter.
444Included for
445.Tn Solaris
446compatibility.
447.It Cm unplumb
448Another name for the
449.Cm destroy
450parameter.
451Included for
452.Tn Solaris
453compatibility.
454.It Cm metric Ar n
455Set the routing metric of the interface to
456.Ar n ,
457default 0.
458The routing metric is used by the routing protocol
459.Pq Xr routed 8 .
460Higher metrics have the effect of making a route
461less favorable; metrics are counted as additional hops
462to the destination network or host.
463.It Cm mtu Ar n
464Set the maximum transmission unit of the interface to
465.Ar n ,
466default is interface specific.
467The MTU is used to limit the size of packets that are transmitted on an
468interface.
469Not all interfaces support setting the MTU, and some interfaces have
470range restrictions.
471.It Cm netmask Ar mask
472.\" (Inet and ISO.)
473(Inet only.)
474Specify how much of the address to reserve for subdividing
475networks into sub-networks.
476The mask includes the network part of the local address
477and the subnet part, which is taken from the host field of the address.
478The mask can be specified as a single hexadecimal number
479with a leading
480.Ql 0x ,
481with a dot-notation Internet address,
482or with a pseudo-network name listed in the network table
483.Xr networks 5 .
484The mask contains 1's for the bit positions in the 32-bit address
485which are to be used for the network and subnet parts,
486and 0's for the host part.
487The mask should contain at least the standard network portion,
488and the subnet field should be contiguous with the network
489portion.
490.Pp
491The netmask can also be specified in CIDR notation after the address.
492See the
493.Ar address
494option above for more information.
495.It Cm prefixlen Ar len
496(Inet6 only.)
497Specify that
498.Ar len
499bits are reserved for subdividing networks into sub-networks.
500The
501.Ar len
502must be integer, and for syntactical reason it must be between 0 to 128.
503It is almost always 64 under the current IPv6 assignment rule.
504If the parameter is omitted, 64 is used.
505.Pp
506The prefix can also be specified using the slash notation after the address.
507See the
508.Ar address
509option above for more information.
510.\" see
511.\" Xr eon 5 .
512.\" .It Cm nsellength Ar n
513.\" .Pf ( Tn ISO
514.\" only)
515.\" This specifies a trailing number of bytes for a received
516.\" .Tn NSAP
517.\" used for local identification, the remaining leading part of which is
518.\" taken to be the
519.\" .Tn NET
520.\" (Network Entity Title).
521.\" The default value is 1, which is conformant to US
522.\" .Tn GOSIP .
523.\" When an ISO address is set in an ifconfig command,
524.\" it is really the
525.\" .Tn NSAP
526.\" which is being specified.
527.\" For example, in
528.\" .Tn US GOSIP ,
529.\" 20 hex digits should be
530.\" specified in the
531.\" .Tn ISO NSAP
532.\" to be assigned to the interface.
533.\" There is some evidence that a number different from 1 may be useful
534.\" for
535.\" .Tn AFI
536.\" 37 type addresses.
537.It Cm range Ar netrange
538Under appletalk, set the interface to respond to a
539.Ar netrange
540of the form
541.Ar startnet Ns - Ns Ar endnet .
542Appletalk uses this scheme instead of
543netmasks though
544.Fx
545implements it internally as a set of netmasks.
546.It Cm remove
547Another name for the
548.Fl alias
549parameter.
550Introduced for compatibility
551with
552.Bsx .
553.It Cm phase
554The argument following this specifies the version (phase) of the
555Appletalk network attached to the interface.
556Values of 1 or 2 are permitted.
557.Sm off
558.It Cm link Op Cm 0 No - Cm 2
559.Sm on
560Enable special processing of the link level of the interface.
561These three options are interface specific in actual effect, however,
562they are in general used to select special modes of operation.
563An example
564of this is to enable SLIP compression, or to select the connector type
565for some Ethernet cards.
566Refer to the man page for the specific driver
567for more information.
568.Sm off
569.It Fl link Op Cm 0 No - Cm 2
570.Sm on
571Disable special processing at the link level with the specified interface.
572.It Cm monitor
573Put the interface in monitor mode.
574No packets are transmitted, and received packets are discarded after
575.Xr bpf 4
576processing.
577.It Fl monitor
578Take the interface out of monitor mode.
579.It Cm up
580Mark an interface
581.Dq up .
582This may be used to enable an interface after an
583.Dq Nm Cm down .
584It happens automatically when setting the first address on an interface.
585If the interface was reset when previously marked down,
586the hardware will be re-initialized.
587.El
588.Pp
589The following parameters are specific to cloning
590IEEE 802.11 wireless interfaces with the
591.Cm create
592request:
593.Bl -tag -width indent
594.It Cm wlandev Ar device
595Use
596.Ar device
597as the parent for the cloned device.
598.It Cm wlanmode Ar mode
599Specify the operating mode for this cloned device.
600.Ar mode
601is one of
602.Cm sta ,
603.Cm ahdemo
604(or
605.Cm adhoc-demo ),
606.Cm ibss ,
607(or
608.Cm adhoc ),
609.Cm ap ,
610(or
611.Cm hostap ),
612.Cm wds ,
613.Cm tdma ,
614and
615.Cm monitor .
616The operating mode of a cloned interface cannot be changed.
617The
618.Cm tdma
619mode is actually implemented as an
620.Cm adhoc-demo
621interface with special properties.
622.It Cm wlanbssid Ar bssid
623The 802.11 mac address to use for the bssid.
624This must be specified at create time for a legacy
625.Cm wds
626device.
627.It Cm wlanaddr Ar address
628The local mac address.
629If this is not specified then a mac address will automatically be assigned
630to the cloned device.
631Typically this address is the same as the address of the parent device
632but if the
633.Cm bssid
634parameter is specified then the driver will craft a unique address for
635the device (if supported).
636.It Cm wdslegacy
637Mark a
638.Cm wds
639device as operating in ``legacy mode''.
640Legacy
641.Cm wds
642devices have a fixed peer relationship and do not, for example, roam
643if their peer stops communicating.
644For completeness a Dynamic WDS (DWDS) interface may marked as
645.Fl wdslegacy .
646.It Cm bssid
647Request a unique local mac address for the cloned device.
648This is only possible if the device supports multiple mac addresses.
649To force use of the parent's mac address use
650.Fl bssid .
651.It Cm beacons
652Mark the cloned interface as depending on hardware support to
653track received beacons.
654To have beacons tracked in software use
655.Fl beacons .
656For
657.Cm hostap
658mode
659.Fl beacons
660can also be used to indicate no beacons should
661be transmitted; this can be useful when creating a WDS configuration but
662.Cm wds
663interfaces can only be created as companions to an access point.
664.El
665.Pp
666The following parameters are specific to IEEE 802.11 wireless interfaces
667cloned with a
668.Cm create
669operation:
670.Bl -tag -width indent
671.It Cm ampdu
672Enable sending and receiving AMPDU frames when using 802.11n (default).
673The 802.11n specification states a compliant station must be capable
674of receiving AMPDU frames but transmision is optional.
675Use
676.Fl ampdu
677to disable all use of AMPDU with 802.11n.
678For testing and/or to work around interoperability problems one can use
679.Cm ampdutx
680and
681.Cm ampdurx
682to control use of AMPDU in one direction.
683.It Cm ampdudensity Ar density
684Set the AMPDU density parameter used when operating with 802.11n.
685This parameter controls the inter-packet gap for AMPDU frames.
686The sending device normally controls this setting but a receiving station
687may request wider gaps.
688Legal values for
689.Ar density
690are 0, .25, .5, 1, 2, 4, 8, and 16 (microseconds).
691A value of
692.Cm -
693is treated the same as 0.
694.It Cm ampdulimit Ar limit
695Set the limit on packet size for receiving AMPDU frames when operating
696with 802.11n.
697Legal values for
698.Ar limit
699are 8192, 16384, 32768, and 65536 but one can also specify
700just the unique prefix: 8, 16, 32, 64.
701Note the sender may limit the size of AMPDU frames to be less
702than the maximum specified by the receiving station.
703.It Cm amsdu
704Enable sending and receiving AMSDU frames when using 802.11n.
705By default AMSDU is received but not transmitted.
706Use
707.Fl amsdu
708to disable all use of AMSDU with 802.11n.
709For testing and/or to work around interoperability problems one can use
710.Cm amsdutx
711and
712.Cm amsdurx
713to control use of AMSDU in one direction.
714.It Cm amsdulimit Ar limit
715Set the limit on packet size for sending and receiving AMSDU frames
716when operating with 802.11n.
717Legal values for
718.Ar limit
719are 7935 and 3839 (bytes).
720Note the sender may limit the size of AMSDU frames to be less
721than the maximum specified by the receiving station.
722Note also that devices are not required to support the 7935 limit,
723only 3839 is required by the specification and the larger value
724may require more memory to be dedicated to support functionality
725that is rarely used.
726.It Cm apbridge
727When operating as an access point, pass packets between
728wireless clients directly (default).
729To instead let them pass up through the
730system and be forwarded using some other mechanism, use
731.Fl apbridge .
732Disabling the internal bridging
733is useful when traffic is to be processed with
734packet filtering.
735.It Cm authmode Ar mode
736Set the desired authentication mode in infrastructure mode.
737Not all adapters support all modes.
738The set of
739valid modes is
740.Cm none , open , shared
741(shared key),
742.Cm 8021x
743(IEEE 802.1x),
744and
745.Cm wpa
746(IEEE WPA/WPA2/802.11i).
747The
748.Cm 8021x
749and
750.Cm wpa
751modes are only useful when using an authentication service
752(a supplicant for client operation or an authenticator when
753operating as an access point).
754Modes are case insensitive.
755.It Cm bgscan
756Enable background scanning when operating as a station.
757Background scanning is a technique whereby a station associated to
758an access point will temporarily leave the channel to scan for
759neighboring stations.
760This allows a station to maintain a cache of nearby access points
761so that roaming between access points can be done without
762a lengthy scan operation.
763Background scanning is done only when a station is not busy and
764any outbound traffic will cancel a scan operation.
765Background scanning should never cause packets to be lost though
766there may be some small latency if outbound traffic interrupts a
767scan operation.
768By default background scanning is enabled if the device is capable.
769To disable background scanning, use
770.Fl bgscan .
771Background scanning is controlled by the
772.Cm bgscanidle
773and
774.Cm bgscanintvl
775parameters.
776Background scanning must be enabled for roaming; this is an artifact
777of the current implementation and may not be required in the future.
778.It Cm bgscanidle Ar idletime
779Set the minimum time a station must be idle (not transmitting or
780receiving frames) before a background scan is initiated.
781The
782.Ar idletime
783parameter is specified in milliseconds.
784By default a station must be idle at least 250 milliseconds before
785a background scan is initiated.
786The idle time may not be set to less than 100 milliseconds.
787.It Cm bgscanintvl Ar interval
788Set the interval at which background scanning is attempted.
789The
790.Ar interval
791parameter is specified in seconds.
792By default a background scan is considered every 300 seconds (5 minutes).
793The
794.Ar interval
795may not be set to less than 15 seconds.
796.It Cm bintval Ar interval
797Set the interval at which beacon frames are sent when operating in
798ad-hoc or ap mode.
799The
800.Ar interval
801parameter is specified in TU's (1024 usecs).
802By default beacon frames are transmitted every 100 TU's.
803.It Cm bmissthreshold Ar count
804Set the number of consecutive missed beacons at which the station
805will attempt to roam (i.e., search for a new access point).
806The
807.Ar count
808parameter must be in the range 1 to 255; though the
809upper bound may be reduced according to device capabilities.
810The default threshold is 7 consecutive missed beacons; but
811this may be overridden by the device driver.
812Another name for the
813.Cm bmissthreshold
814parameter is
815.Cm bmiss .
816.It Cm bssid Ar address
817Specify the MAC address of the access point to use when operating
818as a station in a BSS network.
819This overrides any automatic selection done by the system.
820To disable a previously selected access point, supply
821.Cm any , none ,
822or
823.Cm -
824for the address.
825This option is useful when more than one access point uses the same SSID.
826Another name for the
827.Cm bssid
828parameter is
829.Cm ap .
830.It Cm burst
831Enable packet bursting.
832Packet bursting is a transmission technique whereby the wireless
833medium is acquired once to send multiple frames and the interframe
834spacing is reduced.
835This technique can significantly increase throughput by reducing
836transmission overhead.
837Packet bursting is supported by the 802.11e QoS specification
838and some devices that do not support QoS may still be capable.
839By default packet bursting is enabled if a device is capable
840of doing it.
841To disable packet bursting, use
842.Fl burst .
843.It Cm chanlist Ar channels
844Set the desired channels to use when scanning for access
845points, neighbors in an IBSS network, or looking for unoccupied
846channels when operating as an access point.
847The set of channels is specified as a comma-separated list with
848each element in the list representing either a single channel number or a range
849of the form
850.Dq Li a-b .
851Channel numbers must be in the range 1 to 255 and be permissible
852according to the operating characteristics of the device.
853.It Cm channel Ar number
854Set a single desired channel.
855Channels range from 1 to 255, but the exact selection available
856depends on the region your adaptor was manufactured for.
857Setting
858the channel to
859.Li any ,
860or
861.Cm -
862will clear any desired channel and, if the device is marked up,
863force a scan for a channel to operate on.
864Alternatively the frequency, in megahertz, may be specified
865instead of the channel number.
866.Pp
867When there are several ways to use a channel the channel
868number/frequency may be appended with attributes to clarify.
869For example, if a device is capable of operating on channel 6
870with 802.11n and 802.11g then one can specify that g-only use
871should be used by specifying ``6:g''.
872Similarly the channel width can be specified by appending it
873with ``/''; e.g. ``6/40'' specifies a 40MHz wide channel,
874These attributes can be combined as in: ``6:ht/40''.
875The full set of flags specified following a `:'' are:
876.Cm a
877(802.11a),
878.Cm b
879(802.11b),
880.Cm d
881(Atheros Dynamic Turbo mode),
882.Cm g
883(802.11g),
884.Cm h
885or
886.Cm n
887(802.11n aka HT),
888.Cm s
889(Atheros Static Turbo mode),
890and
891.Cm t
892(Atheros Dynamic Turbo mode, or appended to ``st'' and ``dt'').
893The full set of channel widths following a '/' are:
894.Cm 5
895(5MHz aka quarter-rate channel),
896.Cm 10
897(10MHz aka half-rate channel),
898.Cm 20
899(20MHz mostly for use in specifying ht20),
900and
901.Cm 40
902(40MHz mostly for use in specifying ht40),
903In addition,
904a 40MHz HT channel specification may include the location
905of the extension channel by appending ``+'' or ``-'' for above and below,
906respectively; e.g. ``2437:ht/40+'' specifies 40MHz wide HT operation
907with the center channel at frequency 2437 and the extension channel above.
908.It Cm country Ar name
909Set the country code to use in calculating the regulatory constraints
910for operation.
911In particular the set of available channels, how the wireless device
912will operation on the channels, and the maximum transmit power that
913can be used on a channel are defined by this setting.
914Country/Region codes are specified as a 2-character abbreviation
915defined by ISO 3166 or using a longer, but possibly ambiguous, spelling;
916e.g. "ES" and "Spain".
917The set of country codes are taken from /etc/regdomain.xml and can also
918be viewed with the ``list countries'' request.
919Note that not all devices support changing the country code from a default
920setting; typically stored in EEPROM.
921See also
922.Cm regdomain ,
923.Cm indoor ,
924.Cm outdoor ,
925and
926.Cm anywhere .
927.It Cm dfs
928Enable Dynamic Frequency Selection (DFS) as specified in 802.11h.
929DFS embodies several facilities including detection of overlapping
930radar signals, dynamic transmit power control, and channel selection
931according to a least-congested criteria.
932DFS support is mandatory for some 5Ghz frequencies in certain
933locales (e.g. ETSI).
934By default DFS is enabled according to the regulatory definitions
935specified in /etc/regdomain.xml and the curent country code, regdomain,
936and channel.
937Note the underlying device (and driver) must support radar detection
938for full DFS support to work.
939To be fully compliant with the local regulatory agency frequencies that
940require DFS should not be used unless it is fully supported.
941Use
942.Fl dfs
943to disable this functionality for testing.
944.It Cm dotd
945Enable support for the 802.11d specification (default).
946When this support is enabled in station mode, beacon frames that advertise
947a country code different than the currently configured country code will
948cause an event to be dispatched to user applications.
949This event can be used by the station to adopt that country code and
950operate according to the associated regulatory constraints.
951When operating as an access point with 802.11d enabled the beacon and
952probe response frames transmitted will advertise the current regulatory
953domain settings.
954To disable 802.11d use
955.Fl dotd .
956.It Cm doth
957Enable 802.11h support including spectrum management.
958When 802.11h is enabled beacon and probe response frames will have
959the SpectrumMgt bit set in the capabilities field and
960country and power constraint information elements will be present.
961802.11h support also includes handling Channel Switch Announcements (CSA)
962which are a mechanism to coordinate channel changes by an access point.
963By default 802.11h is enabled if the device is capable.
964To disable 802.11h use
965.Fl doth .
966.It Cm deftxkey Ar index
967Set the default key to use for transmission.
968Typically this is only set when using WEP encryption.
969Note that you must set a default transmit key
970for the system to know which key to use in encrypting outbound traffic.
971The
972.Cm weptxkey
973is an alias for this request; it is provided for backwards compatibility.
974.It Cm dtimperiod Ar period
975Set the
976DTIM
977period for transmitting buffered multicast data frames when
978operating in ap mode.
979The
980.Ar period
981specifies the number of beacon intervals between DTIM
982and must be in the range 1 to 15.
983By default DTIM is 1 (i.e., DTIM occurs at each beacon).
984.It Cm dturbo
985Enable the use of Atheros Dynamic Turbo mode when communicating with
986another Dynamic Turbo-capable station.
987Dynamic Turbo mode is an Atheros-specific mechanism by which
988stations switch between normal 802.11 operation and a ``boosted''
989mode in which a 40MHz wide channel is used for communication.
990Stations using Dynamic Turbo mode operate boosted only when the
991channel is free of non-dturbo stations; when a non-dturbo station
992is identified on the channel all stations will automatically drop
993back to normal operation.
994By default, Dynamic Turbo mode is not enabled, even if the device is capable.
995Note that turbo mode (dynamic or static) is only allowed on some
996channels depending on the regulatory constraints; use the
997.Cm list chan
998command to identify the channels where turbo mode may be used.
999To disable Dynamic Turbo mode use
1000.Fl dturbo .
1001.It Cm dwds
1002Enable Dynamic WDS (DWDS) support.
1003DWDS is a facility by which 4-address traffic can be carried between
1004stations operating in infrastructure mode.
1005A station first associates to an access point and authenticates using
1006normal procedures (e.g. WPA).
1007Then 4-address frames are passed to carry traffic for stations
1008operating on either side of the wireless link.
1009DWDS extends the normal WDS mechanism by leveraging existing security
1010protocols and eliminating static binding.
1011.Pp
1012When DWDS is enabled on an access point 4-address frames received from
1013an authorized station will generate a ``DWDS discovery'' event to user
1014applications.
1015This event should be used to create a WDS interface that is bound
1016to the remote station (and usually plumbed into a bridge).
1017Once the WDS interface is up and running 4-address traffic then logically
1018flows through that interface.
1019.Pp
1020When DWDS is enabled on a station, traffic with a destination address
1021different from the peer station are encapsulated in a 4-address frame
1022and transmitted to the peer.
1023All 4-address traffic uses the security information of the stations
1024(e.g. cryptographic keys).
1025A station is associated using 802.11n facilities may transport
10264-address traffic using these same mechanisms; this depends on available
1027resources and capabilities of the device.
1028The DWDS implementation guards against layer 2 routing loops of
1029multicast traffic.
1030.It Cm ff
1031Enable the use of Atheros Fast Frames when communicating with
1032another Fast Frames-capable station.
1033Fast Frames are an encapsulation technique by which two 802.3
1034frames are transmitted in a single 802.11 frame.
1035This can noticeably improve throughput but requires that the
1036receiving station understand how to decapsulate the frame.
1037Fast frame use is negotiated using the Atheros 802.11 vendor-specific
1038protocol extension so enabling use is safe when communicating with
1039non-Atheros devices.
1040By default, use of fast frames is enabled if the device is capable.
1041To explicitly disable fast frames, use
1042.Fl ff .
1043.It Cm fragthreshold Ar length
1044Set the threshold for which transmitted frames are broken into fragments.
1045The
1046.Ar length
1047argument is the frame size in bytes and must be in the range 256 to 2346.
1048Setting
1049.Ar length
1050to
1051.Li 2346 ,
1052.Cm any ,
1053or
1054.Cm -
1055disables transmit fragmentation.
1056Not all adapters honor the fragmentation threshold.
1057.It Cm hidessid
1058When operating as an access point, do not broadcast the SSID
1059in beacon frames or respond to probe request frames unless
1060they are directed to the ap (i.e., they include the ap's SSID).
1061By default, the SSID is included in beacon frames and
1062undirected probe request frames are answered.
1063To re-enable the broadcast of the SSID etc., use
1064.Fl hidessid .
1065.It Cm ht
1066Enable use of High Throughput (HT) when using 802.11n (default).
1067The 802.11n specification includes mechanisms for operation
1068on 20MHz and 40MHz wide channels using different signalling mechanisms
1069than specified in 802.11b, 802.11g, and 802.11a.
1070Stations negotiate use of these facilities, termed HT20 and HT40,
1071when they associate.
1072To disable all use of 802.11n use
1073.Fl ht .
1074To disable use of HT20 (e.g. to force only HT40 use) use
1075.Fl ht20 .
1076To disable use of HT40 use
1077.Fl ht40 .
1078.Pp
1079HT configuration is used to ``auto promote'' operation
1080when several choices are available.
1081For example, if a station associates to an 11n-capable access point
1082it controls whether the station uses legacy operation, HT20, or HT40.
1083When an 11n-capable device is setup as an access point and
1084Auto Channel Selection is used to locate a channel to operate on,
1085HT configuration controls whether legacy, HT20, or HT40 operation is setup
1086on the selected channel.
1087If a fixed channel is specified for a station then HT configuration can
1088be given as part of the channel specification; e.g. 6:ht/20 to setup
1089HT20 operation on channel 6.
1090.It Cm htcompat
1091Enable use of compatibility support for pre-802.11n devices (default).
1092The 802.11n protocol specification went through several incompatible iterations.
1093Some vendors implemented 11n support to older specifications that
1094will not interoperate with a purely 11n-compliant station.
1095In particular the information elements included in management frames
1096for old devices are different.
1097When compatibility support is enabled both standard and compatible data
1098will be provided.
1099Stations that associate using the compatiblity mechanisms are flagged
1100in ``list sta''.
1101To disable compatiblity support use
1102.Fl htcompat .
1103.It Cm htprotmode Ar technique
1104For interfaces operating in 802.11n, use the specified
1105.Ar technique
1106for protecting HT frames in a mixed legacy/HT network.
1107The set of valid techniques is
1108.Cm off ,
1109and
1110.Cm rts
1111(RTS/CTS, default).
1112Technique names are case insensitive.
1113.It Cm inact
1114Enable inactivity processing for stations associated to an
1115access point (default).
1116When operating as an access point the 802.11 layer monitors
1117the activity of each associated station.
1118When a station is inactive for 5 minutes it will send several
1119``probe frames'' to see if the station is still present.
1120If no response is received then the station is deauthenticated.
1121Applications that prefer to handle this work can disable this
1122facility by using
1123.Fl inact .
1124.It Cm indoor
1125Set the location to use in calculating regulatory constraints.
1126The location is also advertised in beacon and probe response frames
1127when 802.11d is enabled with
1128.Cm dotd .
1129See also
1130.Cm outdoor ,
1131.Cm anywhere ,
1132.Cm country ,
1133and
1134.Cm regdomain .
1135.It Cm list active
1136Display the list of channels available for use taking into account
1137any restrictions set with the
1138.Cm chanlist
1139directive.
1140See the description of
1141.Cm list chan
1142for more information.
1143.It Cm list caps
1144Display the adaptor's capabilities, including the operating
1145modes supported.
1146.It Cm list chan
1147Display the list of channels available for use.
1148Channels are shown with their IEEE channel number, equivalent
1149frequency, and usage modes.
1150Channels identified as
1151.Ql 11g
1152are also usable in
1153.Ql 11b
1154mode.
1155Channels identified as
1156.Ql 11a Turbo
1157may be used only for Atheros' Static Turbo mode
1158(specified with
1159. Cm mediaopt turbo ) .
1160Channels marked with a
1161.Ql *
1162have a regulatory constraint that they be passively scanned.
1163This means a station is not permitted to transmit on the channel until
1164it identifies the channel is being used for 802.11 communication;
1165typically by hearing a beacon frame from an access point operating
1166on the channel.
1167.Cm list freq
1168is another way of requesting this information.
1169By default a compacted list of channels is displayed; if the
1170.Fl v
1171option is specified then all channels are shown.
1172.It Cm list countries
1173Display the set of country codes and regulatory domains that can be
1174used in regulatory configuration.
1175.It Cm list mac
1176Display the current MAC Access Control List state.
1177Each address is prefixed with a character that indicates the
1178current policy applied to it:
1179.Ql +
1180indicates the address is allowed access,
1181.Ql -
1182indicates the address is denied access,
1183.Ql *
1184indicates the address is present but the current policy open
1185(so the ACL is not consulted).
1186.It Cm list regdomain
1187Display the current regulatory settings including the available channels
1188and transmit power caps.
1189.It Cm list roam
1190Display the parameters that govern roaming operation.
1191.It Cm list txparam
1192Display the parameters that govern transmit operation.
1193.It Cm list txpower
1194Display the transmit power caps for each channel.
1195.It Cm list scan
1196Display the access points and/or ad-hoc neighbors
1197located in the vicinity.
1198This information may be updated automatically by the adapter
1199with a
1200.Cm scan
1201request or through background scanning.
1202Depending on the capabilities of the stations the following
1203flags can be included in the output:
1204.Bl -tag -width 3n
1205.It Li A
1206Authorized.
1207Indicates that the station is permitted to send/receive data frames.
1208.It Li E
1209Extended Rate Phy (ERP).
1210Indicates that the station is operating in an 802.11g network
1211using extended transmit rates.
1212.It Li H
1213High Throughput (HT).
1214Indicates that the station is using HT transmit rates.
1215If a `+' follows immediately after then the station associated
1216using deprecated mechanisms supported only when
1217.Cm htcompat
1218is enabled.
1219.It Li P
1220Power Save.
1221Indicates that the station is operating in power save mode.
1222.It Li Q
1223Quality of Service (QoS).
1224Indicates that the station is using QoS encapsulation for
1225data frame.
1226QoS encapsulation is enabled only when WME mode is enabled.
1227.It Li T
1228Transitional Security Network (TSN).
1229Indicates that the station associated using TSN; see also
1230.Cm tsn
1231below.
1232.It Li W
1233Wi-Fi Protected Setup (WPS).
1234Indicates that the station associated using WPS.
1235.El
1236.Pp
1237By default interesting information elements captured from the neighboring
1238stations are displayed at the end of each row.
1239Possible elements include:
1240.Cm WME
1241(station supports WME),
1242.Cm WPA
1243(station supports WPA),
1244.Cm WPS
1245(station supports WPS),
1246.Cm RSN
1247(station supports 802.11i/RSN),
1248.Cm HTCAP
1249(station supports 802.11n/HT communication),
1250.Cm ATH
1251(station supports Atheros protocol extensions),
1252.Cm VEN
1253(station supports unknown vendor-specific extensions).
1254If the
1255.Fl v
1256flag is used all the information elements and their
1257contents will be shown.
1258Specifying the
1259.Fl v
1260flag also enables display of long SSIDs.
1261The
1262.Cm list ap
1263command is another way of requesting this information.
1264.It Cm list sta
1265When operating as an access point display the stations that are
1266currently associated.
1267When operating in ad-hoc mode display stations identified as
1268neighbors in the IBSS.
1269When operating in station mode display the access point.
1270Capabilities advertised by the stations are described under
1271the
1272.Cm scan
1273request.
1274Depending on the capabilities of the stations the following
1275flags can be included in the output:
1276.Bl -tag -width 3n
1277.It Li A
1278Authorized.
1279Indicates that the station is permitted to send/receive data frames.
1280.It Li E
1281Extended Rate Phy (ERP).
1282Indicates that the station is operating in an 802.11g network
1283using extended transmit rates.
1284.It Li H
1285High Throughput (HT).
1286Indicates that the station is using HT transmit rates.
1287If a `+' follows immediately after then the station associated
1288using deprecated mechanisms supported only when
1289.Cm htcompat
1290is enabled.
1291.It Li P
1292Power Save.
1293Indicates that the station is operating in power save mode.
1294.It Li Q
1295Quality of Service (QoS).
1296Indicates that the station is using QoS encapsulation for
1297data frame.
1298QoS encapsulation is enabled only when WME mode is enabled.
1299.It Li T
1300Transitional Security Network (TSN).
1301Indicates that the station associated using TSN; see also
1302.Cm tsn
1303below.
1304.It Li W
1305Wi-Fi Protected Setup (WPS).
1306Indicates that the station associated using WPS.
1307.El
1308.Pp
1309By default information elements received from associated stations
1310are displayed in a short form; the
1311.Fl v
1312flag causes this information to be displayed symbolically.
1313.It Cm list wme
1314Display the current channel parameters to use when operating in WME mode.
1315If the
1316.Fl v
1317option is specified then both channel and BSS parameters are displayed
1318for each AC (first channel, then BSS).
1319When WME mode is enabled for an adaptor this information will be
1320displayed with the regular status; this command is mostly useful
1321for examining parameters when WME mode is disabled.
1322See the description of the
1323.Cm wme
1324directive for information on the various parameters.
1325.It Cm maxretry Ar count
1326Set the maximum number of tries to use in sending unicast frames.
1327The default setting is 6 but drivers may override this with a value
1328they choose.
1329.It Cm mcastrate Ar rate
1330Set the rate for transmitting multicast/broadcast frames.
1331Rates are specified as megabits/second in decimal; e.g.\& 5.5 for 5.5 Mb/s.
1332This rate should be valid for the current operating conditions;
1333if an invalid rate is specified drivers are free to chose an
1334appropriate rate.
1335.It Cm mgtrate Ar rate
1336Set the rate for transmitting management and/or control frames.
1337Rates are specified as megabits/second in decimal; e.g.\& 5.5 for 5.5 Mb/s.
1338.It Cm outdoor
1339Set the location to use in calculating regulatory constraints.
1340The location is also advertised in beacon and probe response frames
1341when 802.11d is enabled with
1342.Cm dotd .
1343See also
1344.Cm anywhere ,
1345.Cm country ,
1346.Cm indoor ,
1347and
1348.Cm regdomain .
1349.It Cm powersave
1350Enable powersave operation.
1351When operating as a client, the station will conserve power by
1352periodically turning off the radio and listening for
1353messages from the access point telling it there are packets waiting.
1354The station must then retrieve the packets.
1355Not all devices support power save operation as a client.
1356The 802.11 specification requires that all access points support
1357power save but some drivers do not.
1358Use
1359.Fl powersave
1360to disable powersave operation when operating as a client.
1361.It Cm powersavesleep Ar sleep
1362Set the desired max powersave sleep time in TU's (1024 usecs).
1363By default the max powersave sleep time is 100 TU's.
1364.It Cm protmode Ar technique
1365For interfaces operating in 802.11g, use the specified
1366.Ar technique
1367for protecting OFDM frames in a mixed 11b/11g network.
1368The set of valid techniques is
1369.Cm off , cts
1370(CTS to self),
1371and
1372.Cm rtscts
1373(RTS/CTS).
1374Technique names are case insensitive.
1375Not all devices support
1376.Cm cts
1377as a protection technique.
1378.It Cm pureg
1379When operating as an access point in 802.11g mode allow only
138011g-capable stations to associate (11b-only stations are not
1381permitted to associate).
1382To allow both 11g and 11b-only stations to associate, use
1383.Fl pureg .
1384.It Cm puren
1385When operating as an access point in 802.11n mode allow only
1386HT-capable stations to associate (legacy stations are not
1387permitted to associate).
1388To allow both HT and legacy stations to associate, use
1389.Fl puren .
1390.It Cm regdomain Ar sku
1391Set the regulatory domain to use in calculating the regulatory constraints
1392for operation.
1393In particular the set of available channels, how the wireless device
1394will operation on the channels, and the maximum transmit power that
1395can be used on a channel are defined by this setting.
1396Regdomain codes (SKU's) are taken from /etc/regdomain.xml and can also
1397be viewed with the ``list countries'' request.
1398Note that not all devices support changing the regdomain from a default
1399setting; typically stored in EEPROM.
1400See also
1401.Cm country ,
1402.Cm indoor ,
1403.Cm outdoor ,
1404and
1405.Cm anywhere .
1406.It Cm rifs
1407Enable use of Reduced InterFrame Spacing (RIFS) when operating in 802.11n
1408on an HT channel.
1409Note that RIFS must be supported by both the station and access point
1410for it to be used.
1411To disable RIFS use
1412.Fl rifs .
1413.It Cm roam:rate Ar rate
1414Set the threshold for controlling roaming when operating in a BSS.
1415The
1416.Ar rate
1417parameter specifies the transmit rate in megabits
1418at which roaming should be considered.
1419If the current transmit rate drops below this setting and background scanning
1420is enabled, then the system will check if a more desirable access point is
1421available and switch over to it.
1422The current scan cache contents are used if they are considered
1423valid according to the
1424.Cm scanvalid
1425parameter; otherwise a background scan operation is triggered before
1426any selection occurs.
1427Each channel type has a separate rate threshold; the default values are:
142812 Mb/s (11a), 2 Mb/s (11b), 2 Mb/s (11g), MCS 1 (11na, 11ng).
1429.It Cm roam:rssi Ar rssi
1430Set the threshold for controlling roaming when operating in a BSS.
1431The
1432.Ar rssi
1433parameter specifies the receive signal strength in dBm units
1434at which roaming should be considered.
1435If the current rssi drops below this setting and background scanning
1436is enabled, then the system will check if a more desirable access point is
1437available and switch over to it.
1438The current scan cache contents are used if they are considered
1439valid according to the
1440.Cm scanvalid
1441parameter; otherwise a background scan operation is triggered before
1442any selection occurs.
1443Each channel type has a separate rssi threshold; the default values are
1444all 7 dBm.
1445.It Cm roaming Ar mode
1446When operating as a station, control how the system will
1447behave when communication with the current access point
1448is broken.
1449The
1450.Ar mode
1451argument may be one of
1452.Cm device
1453(leave it to the hardware device to decide),
1454.Cm auto
1455(handle either in the device or the operating system\[em]as appropriate),
1456.Cm manual
1457(do nothing until explicitly instructed).
1458By default, the device is left to handle this if it is
1459capable; otherwise, the operating system will automatically
1460attempt to reestablish communication.
1461Manual mode is used by applications such as
1462.Xr wpa_supplicant 8
1463that want to control the selection of an access point.
1464.It Cm rtsthreshold Ar length
1465Set the threshold for which
1466transmitted frames are preceded by transmission of an
1467RTS
1468control frame.
1469The
1470.Ar length
1471argument
1472is the frame size in bytes and must be in the range 1 to 2346.
1473Setting
1474.Ar length
1475to
1476.Li 2346 ,
1477.Cm any ,
1478or
1479.Cm -
1480disables transmission of RTS frames.
1481Not all adapters support setting the RTS threshold.
1482.It Cm scan
1483Initiate a scan of neighboring stations, wait for it to complete, and
1484display all stations found.
1485Only the super-user can initiate a scan.
1486See
1487.Cm list scan
1488for information on the display.
1489By default a background scan is done; otherwise a foreground
1490scan is done and the station may roam to a different access point.
1491The
1492.Cm list scan
1493request can be used to show recent scan results without
1494initiating a new scan.
1495.It Cm scanvalid Ar threshold
1496Set the maximum time the scan cache contents are considered valid;
1497i.e. will be used without first triggering a scan operation to
1498refresh the data.
1499The
1500.Ar threshold
1501parameter is specified in seconds and defaults to 60 seconds.
1502The minimum setting for
1503.Ar threshold
1504is 10 seconds.
1505One should take care setting this threshold; if it is set too low
1506then attempts to roam to another access point may trigger unnecessary
1507background scan operations.
1508.It Cm shortgi
1509Enable use of Short Guard Interval when operating in 802.11n
1510on an HT channel.
1511NB: this currently enables Short GI on both HT40 and HT20 channels.
1512To disable Short GI use
1513.Fl shortgi .
1514.It Cm smps
1515Enable use of Static Spatial Multiplexing Power Save (SMPS)
1516when operating in 802.11n.
1517A station operating with Static SMPS maintains only a single
1518receive chain active (this can significantly reduce power consumption).
1519To disable SMPS use
1520.Fl smps .
1521.It Cm smpsdyn
1522Enable use of Dynamic Spatial Multiplexing Power Save (SMPS)
1523when operating in 802.11n.
1524A station operating with Dynamic SMPS maintains only a single
1525receive chain active but switches to multiple receive chains when it
1526receives an RTS frame (this can significantly reduce power consumption).
1527Note that stations cannot distinguish between RTS/CTS intended to
1528enable multiple receive chains and those used for other purposes.
1529To disable SMPS use
1530.Fl smps .
1531.It Cm ssid Ar ssid
1532Set the desired Service Set Identifier (aka network name).
1533The SSID is a string up to 32 characters
1534in length and may be specified as either a normal string or in
1535hexadecimal when preceded by
1536.Ql 0x .
1537Additionally, the SSID may be cleared by setting it to
1538.Ql - .
1539.It Cm tdmaslot Ar slot
1540When operating with TDMA, use the specified
1541.Ar slot
1542configuration.
1543The
1544.Ar slot
1545is a number between 0 and the maximum number of slots in the BSS.
1546Note that a station configured as slot 0 is a master and
1547will broadcast beacon frames advertising the BSS;
1548stations configured to use other slots will always
1549scan to locate a master before they ever transmit.
1550By default
1551.Cm tdmaslot
1552is set to 1.
1553.It Cm tdmaslotcnt Ar cnt
1554When operating with TDMA, setup a BSS with
1555.Ar cnt
1556slots.
1557The slot count may be at most 8.
1558The current implementation is only tested with two stations
1559(i.e. point to point applications).
1560This setting is only meaningful when a station is configured as slot 0;
1561other stations adopt this setting from the BSS they join.
1562By default
1563.Cm tdmaslotcnt
1564is set to 2.
1565.It Cm tdmaslotlen Ar len
1566When operating with TDMA, setup a BSS such that each station has a slot
1567.Ar len
1568microseconds long.
1569The slot length must be at least 150 microseconds (1/8 TU)
1570and no more than 65 milliseconds.
1571Note that setting too small a slot length may result in poor channel
1572bandwidth utilization due to factors such as timer granularity and
1573guard time.
1574This setting is only meaningful when a station is configured as slot 0;
1575other stations adopt this setting from the BSS they join.
1576By default
1577.Cm tdmaslotlen
1578is set to 10 milliseconds.
1579.It Cm tdmabintval Ar intval
1580When operating with TDMA, setup a BSS such that beacons are transmitted every
1581.Ar intval
1582superframes to synchronize the TDMA slot timing.
1583A superframe is defined as the number of slots times the slot length; e.g.
1584a BSS with two slots of 10 milliseconds has a 20 millisecond superframe.
1585The beacon interval may not be zero.
1586A lower setting of
1587.Cm tdmabintval
1588causes the timers to be resynchronized more often; this can be help if
1589significant timer drift is observed.
1590By default
1591.Cm tdmabintval
1592is set to 5.
1593.It Cm tsn
1594When operating as an access point with WPA/802.11i allow legacy
1595stations to associate using static key WEP and open authentication.
1596To disallow legacy station use of WEP, use
1597.Fl tsn .
1598.It Cm txpower Ar power
1599Set the power used to transmit frames.
1600The
1601.Ar power
1602argument is specified in .5 dBm units.
1603Out of range values are truncated.
1604Typically only a few discreet power settings are available and
1605the driver will use the setting closest to the specified value.
1606Not all adapters support changing the transmit power.
1607.It Cm ucastrate Ar rate
1608Set a fixed rate for transmitting unicast frames.
1609Rates are specified as megabits/second in decimal; e.g.\& 5.5 for 5.5 Mb/s.
1610This rate should be valid for the current operating conditions;
1611if an invalid rate is specified drivers are free to chose an
1612appropriate rate.
1613.It Cm wepmode Ar mode
1614Set the desired WEP mode.
1615Not all adapters support all modes.
1616The set of valid modes is
1617.Cm off , on ,
1618and
1619.Cm mixed .
1620The
1621.Cm mixed
1622mode explicitly tells the adaptor to allow association with access
1623points which allow both encrypted and unencrypted traffic.
1624On these adapters,
1625.Cm on
1626means that the access point must only allow encrypted connections.
1627On other adapters,
1628.Cm on
1629is generally another name for
1630.Cm mixed .
1631Modes are case insensitive.
1632.It Cm weptxkey Ar index
1633Set the WEP key to be used for transmission.
1634This is the same as setting the default transmission key with
1635.Cm deftxkey .
1636.It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key
1637Set the selected WEP key.
1638If an
1639.Ar index
1640is not given, key 1 is set.
1641A WEP key will be either 5 or 13
1642characters (40 or 104 bits) depending of the local network and the
1643capabilities of the adaptor.
1644It may be specified either as a plain
1645string or as a string of hexadecimal digits preceded by
1646.Ql 0x .
1647For maximum portability, hex keys are recommended;
1648the mapping of text keys to WEP encryption is usually driver-specific.
1649In particular, the
1650.Tn Windows
1651drivers do this mapping differently to
1652.Fx .
1653A key may be cleared by setting it to
1654.Ql - .
1655If WEP is supported then there are at least four keys.
1656Some adapters support more than four keys.
1657If that is the case, then the first four keys
1658(1-4) will be the standard temporary keys and any others will be adaptor
1659specific keys such as permanent keys stored in NVRAM.
1660.Pp
1661Note that you must set a default transmit key with
1662.Cm deftxkey
1663for the system to know which key to use in encrypting outbound traffic.
1664.It Cm wme
1665Enable Wireless Multimedia Extensions (WME) support, if available,
1666for the specified interface.
1667WME is a subset of the IEEE 802.11e standard to support the
1668efficient communication of realtime and multimedia data.
1669To disable WME support, use
1670.Fl wme .
1671Another name for this parameter is
1672.Cm wmm .
1673.Pp
1674The following parameters are meaningful only when WME support is in use.
1675Parameters are specified per-AC (Access Category) and
1676split into those that are used by a station when acting
1677as an access point and those for client stations in the BSS.
1678The latter are received from the access point and may not be changed
1679(at the station).
1680The following Access Categories are recognized:
1681.Pp
1682.Bl -tag -width ".Cm AC_BK" -compact
1683.It Cm AC_BE
1684(or
1685.Cm BE )
1686best effort delivery,
1687.It Cm AC_BK
1688(or
1689.Cm BK )
1690background traffic,
1691.It Cm AC_VI
1692(or
1693.Cm VI )
1694video traffic,
1695.It Cm AC_VO
1696(or
1697.Cm VO )
1698voice traffic.
1699.El
1700.Pp
1701AC parameters are case-insensitive.
1702Traffic classification is done in the operating system using the
1703vlan priority associated with data frames or the
1704ToS (Type of Service) indication in IP-encapsulated frames.
1705If neither information is present, traffic is assigned to the
1706Best Effort (BE) category.
1707.Bl -tag -width indent
1708.It Cm ack Ar ac
1709Set the ACK policy for QoS transmissions by the local station;
1710this controls whether or not data frames transmitted by a station
1711require an ACK response from the receiving station.
1712To disable waiting for an ACK use
1713.Fl ack .
1714This parameter is applied only to the local station.
1715.It Cm acm Ar ac
1716Enable the Admission Control Mandatory (ACM) mechanism
1717for transmissions by the local station.
1718To disable the ACM use
1719.Fl acm .
1720On stations in a BSS this parameter is read-only and indicates
1721the setting received from the access point.
1722NB: ACM is not supported right now.
1723.It Cm aifs Ar ac Ar count
1724Set the Arbitration Inter Frame Spacing (AIFS)
1725channel access parameter to use for transmissions
1726by the local station.
1727On stations in a BSS this parameter is read-only and indicates
1728the setting received from the access point.
1729.It Cm cwmin Ar ac Ar count
1730Set the CWmin channel access parameter to use for transmissions
1731by the local station.
1732On stations in a BSS this parameter is read-only and indicates
1733the setting received from the access point.
1734.It Cm cwmax Ar ac Ar count
1735Set the CWmax channel access parameter to use for transmissions
1736by the local station.
1737On stations in a BSS this parameter is read-only and indicates
1738the setting received from the access point.
1739.It Cm txoplimit Ar ac Ar limit
1740Set the Transmission Opportunity Limit channel access parameter
1741to use for transmissions by the local station.
1742This parameter defines an interval of time when a WME station
1743has the right to initiate transmissions onto the wireless medium.
1744On stations in a BSS this parameter is read-only and indicates
1745the setting received from the access point.
1746.It Cm bss:aifs Ar ac Ar count
1747Set the AIFS channel access parameter to send to stations in a BSS.
1748This parameter is meaningful only when operating in ap mode.
1749.It Cm bss:cwmin Ar ac Ar count
1750Set the CWmin channel access parameter to send to stations in a BSS.
1751This parameter is meaningful only when operating in ap mode.
1752.It Cm bss:cwmax Ar ac Ar count
1753Set the CWmax channel access parameter to send to stations in a BSS.
1754This parameter is meaningful only when operating in ap mode.
1755.It Cm bss:txoplimit Ar ac Ar limit
1756Set the TxOpLimit channel access parameter to send to stations in a BSS.
1757This parameter is meaningful only when operating in ap mode.
1758.El
1759.It Cm wps
1760Enable Wireless Privacy Subscriber support.
1761Note that WPS support requires a WPS-capable supplicant.
1762To disable this function use
1763.Fl wps .
1764.El
1765.Pp
1766The following parameters support an optional access control list
1767feature available with some adapters when operating in ap mode; see
1768.Xr wlan_acl 4 .
1769This facility allows an access point to accept/deny association
1770requests based on the MAC address of the station.
1771Note that this feature does not significantly enhance security
1772as MAC address spoofing is easy to do.
1773.Bl -tag -width indent
1774.It Cm mac:add Ar address
1775Add the specified MAC address to the database.
1776Depending on the policy setting association requests from the
1777specified station will be allowed or denied.
1778.It Cm mac:allow
1779Set the ACL policy to permit association only by
1780stations registered in the database.
1781.It Cm mac:del Ar address
1782Delete the specified MAC address from the database.
1783.It Cm mac:deny
1784Set the ACL policy to deny association only by
1785stations registered in the database.
1786.It Cm mac:kick Ar address
1787Force the specified station to be deauthenticated.
1788This typically is done to block a station after updating the
1789address database.
1790.It Cm mac:open
1791Set the ACL policy to allow all stations to associate.
1792.It Cm mac:flush
1793Delete all entries in the database.
1794.It Cm mac:radius
1795Set the ACL policy to permit association only by
1796stations approved by a RADIUS server.
1797Note that this feature requires the
1798.Xr hostapd 8
1799program be configured to do the right thing
1800as it handles the RADIUS processing
1801(and marks stations as authorized).
1802.El
1803.Pp
1804The following parameters are for compatibility with other systems:
1805.Bl -tag -width indent
1806.It Cm nwid Ar ssid
1807Another name for the
1808.Cm ssid
1809parameter.
1810Included for
1811.Nx
1812compatibility.
1813.It Cm stationname Ar name
1814Set the name of this station.
1815The station name is not part of the IEEE 802.11
1816protocol though some interfaces support it.
1817As such it only
1818seems to be meaningful to identical or virtually identical equipment.
1819Setting the station name is identical in syntax to setting the SSID.
1820One can also use
1821.Cm station
1822for
1823.Bsx
1824compatibility.
1825.It Cm wep
1826Another way of saying
1827.Cm wepmode on .
1828Included for
1829.Bsx
1830compatibility.
1831.It Fl wep
1832Another way of saying
1833.Cm wepmode off .
1834Included for
1835.Bsx
1836compatibility.
1837.It Cm nwkey key
1838Another way of saying:
1839.Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" .
1840Included for
1841.Nx
1842compatibility.
1843.It Cm nwkey Xo
1844.Sm off
1845.Ar n : k1 , k2 , k3 , k4
1846.Sm on
1847.Xc
1848Another way of saying
1849.Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" .
1850Included for
1851.Nx
1852compatibility.
1853.It Fl nwkey
1854Another way of saying
1855.Cm wepmode off .
1856Included for
1857.Nx
1858compatibility.
1859.El
1860.Pp
1861The following parameters are specific to bridge interfaces:
1862.Bl -tag -width indent
1863.It Cm addm Ar interface
1864Add the interface named by
1865.Ar interface
1866as a member of the bridge.
1867The interface is put into promiscuous mode
1868so that it can receive every packet sent on the network.
1869.It Cm deletem Ar interface
1870Remove the interface named by
1871.Ar interface
1872from the bridge.
1873Promiscuous mode is disabled on the interface when
1874it is removed from the bridge.
1875.It Cm maxaddr Ar size
1876Set the size of the bridge address cache to
1877.Ar size .
1878The default is 100 entries.
1879.It Cm timeout Ar seconds
1880Set the timeout of address cache entries to
1881.Ar seconds
1882seconds.
1883If
1884.Ar seconds
1885is zero, then address cache entries will not be expired.
1886The default is 240 seconds.
1887.It Cm addr
1888Display the addresses that have been learned by the bridge.
1889.It Cm static Ar interface-name Ar address
1890Add a static entry into the address cache pointing to
1891.Ar interface-name .
1892Static entries are never aged out of the cache or re-placed, even if the
1893address is seen on a different interface.
1894.It Cm deladdr Ar address
1895Delete
1896.Ar address
1897from the address cache.
1898.It Cm flush
1899Delete all dynamically-learned addresses from the address cache.
1900.It Cm flushall
1901Delete all addresses, including static addresses, from the address cache.
1902.It Cm discover Ar interface
1903Mark an interface as a
1904.Dq discovering
1905interface.
1906When the bridge has no address cache entry
1907(either dynamic or static)
1908for the destination address of a packet,
1909the bridge will forward the packet to all
1910member interfaces marked as
1911.Dq discovering .
1912This is the default for all interfaces added to a bridge.
1913.It Cm -discover Ar interface
1914Clear the
1915.Dq discovering
1916attribute on a member interface.
1917For packets without the
1918.Dq discovering
1919attribute, the only packets forwarded on the interface are broadcast
1920or multicast packets and packets for which the destination address
1921is known to be on the interface's segment.
1922.It Cm learn Ar interface
1923Mark an interface as a
1924.Dq learning
1925interface.
1926When a packet arrives on such an interface, the source
1927address of the packet is entered into the address cache as being a
1928destination address on the interface's segment.
1929This is the default for all interfaces added to a bridge.
1930.It Cm -learn Ar interface
1931Clear the
1932.Dq learning
1933attribute on a member interface.
1934.It Cm sticky Ar interface
1935Mark an interface as a
1936.Dq sticky
1937interface.
1938Dynamically learned address entries are treated at static once entered into
1939the cache.
1940Sticky entries are never aged out of the cache or replaced, even if the
1941address is seen on a different interface.
1942.It Cm -sticky Ar interface
1943Clear the
1944.Dq sticky
1945attribute on a member interface.
1946.It Cm private Ar interface
1947Mark an interface as a
1948.Dq private
1949interface.
1950A private interface does not forward any traffic to any other port that is also
1951a private interface.
1952.It Cm -private Ar interface
1953Clear the
1954.Dq private
1955attribute on a member interface.
1956.It Cm span Ar interface
1957Add the interface named by
1958.Ar interface
1959as a span port on the bridge.
1960Span ports transmit a copy of every frame received by the bridge.
1961This is most useful for snooping a bridged network passively on
1962another host connected to one of the span ports of the bridge.
1963.It Cm -span Ar interface
1964Delete the interface named by
1965.Ar interface
1966from the list of span ports of the bridge.
1967.It Cm stp Ar interface
1968Enable Spanning Tree protocol on
1969.Ar interface .
1970The
1971.Xr if_bridge 4
1972driver has support for the IEEE 802.1D Spanning Tree protocol (STP).
1973Spanning Tree is used to detect and remove loops in a network topology.
1974.It Cm -stp Ar interface
1975Disable Spanning Tree protocol on
1976.Ar interface .
1977This is the default for all interfaces added to a bridge.
1978.It Cm edge Ar interface
1979Set
1980.Ar interface
1981as an edge port.
1982An edge port connects directly to end stations cannot create bridging
1983loops in the network, this allows it to transition straight to forwarding.
1984.It Cm -edge Ar interface
1985Disable edge status on
1986.Ar interface .
1987.It Cm autoedge Ar interface
1988Allow
1989.Ar interface
1990to automatically detect edge status.
1991This is the default for all interfaces added to a bridge.
1992.It Cm -autoedge Ar interface
1993Disable automatic edge status on
1994.Ar interface .
1995.It Cm ptp Ar interface
1996Set the
1997.Ar interface
1998as a point to point link.
1999This is required for straight transitions to forwarding and
2000should be enabled on a direct link to another RSTP capable switch.
2001.It Cm -ptp Ar interface
2002Disable point to point link status on
2003.Ar interface .
2004This should be disabled for a half duplex link and for an interface
2005connected to a shared network segment,
2006like a hub or a wireless network.
2007.It Cm autoptp Ar interface
2008Automatically detect the point to point status on
2009.Ar interface
2010by checking the full duplex link status.
2011This is the default for interfaces added to the bridge.
2012.It Cm -autoptp Ar interface
2013Disable automatic point to point link detection on
2014.Ar interface .
2015.It Cm maxage Ar seconds
2016Set the time that a Spanning Tree protocol configuration is valid.
2017The default is 20 seconds.
2018The minimum is 6 seconds and the maximum is 40 seconds.
2019.It Cm fwddelay Ar seconds
2020Set the time that must pass before an interface begins forwarding
2021packets when Spanning Tree is enabled.
2022The default is 15 seconds.
2023The minimum is 4 seconds and the maximum is 30 seconds.
2024.It Cm hellotime Ar seconds
2025Set the time between broadcasting of Spanning Tree protocol
2026configuration messages.
2027The hello time may only be changed when operating in legacy stp mode.
2028The default is 2 seconds.
2029The minimum is 1 second and the maximum is 2 seconds.
2030.It Cm priority Ar value
2031Set the bridge priority for Spanning Tree.
2032The default is 32768.
2033The minimum is 0 and the maximum is 61440.
2034.It Cm proto Ar value
2035Set the Spanning Tree protocol.
2036The default is rstp.
2037The available options are stp and rstp.
2038.It Cm holdcnt Ar value
2039Set the transmit hold count for Spanning Tree.
2040This is the number of packets transmitted before being rate limited.
2041The default is 6.
2042The minimum is 1 and the maximum is 10.
2043.It Cm ifpriority Ar interface Ar value
2044Set the Spanning Tree priority of
2045.Ar interface
2046to
2047.Ar value .
2048The default is 128.
2049The minimum is 0 and the maximum is 240.
2050.It Cm ifpathcost Ar interface Ar value
2051Set the Spanning Tree path cost of
2052.Ar interface
2053to
2054.Ar value .
2055The default is calculated from the link speed.
2056To change a previously selected path cost back to automatic, set the
2057cost to 0.
2058The minimum is 1 and the maximum is 200000000.
2059.It Cm ifmaxaddr Ar interface Ar size
2060Set the maximum number of hosts allowed from an interface, packets with unknown
2061source addresses are dropped until an existing host cache entry expires or is
2062removed.
2063Set to 0 to disable.
2064.El
2065.Pp
2066The following parameters are specific to lagg interfaces:
2067.Bl -tag -width indent
2068.It Cm laggport Ar interface
2069Add the interface named by
2070.Ar interface
2071as a port of the aggregation interface.
2072.It Cm -laggport Ar interface
2073Remove the interface named by
2074.Ar interface
2075from the aggregation interface.
2076.It Cm laggproto Ar proto
2077Set the aggregation protocol.
2078The default is failover.
2079The available options are failover, fec, lacp, loadbalance, roundrobin and
2080none.
2081.El
2082.Pp
2083The following parameters are specific to IP tunnel interfaces,
2084.Xr gif 4 :
2085.Bl -tag -width indent
2086.It Cm tunnel Ar src_addr dest_addr
2087Configure the physical source and destination address for IP tunnel
2088interfaces.
2089The arguments
2090.Ar src_addr
2091and
2092.Ar dest_addr
2093are interpreted as the outer source/destination for the encapsulating
2094IPv4/IPv6 header.
2095.It Fl tunnel
2096Unconfigure the physical source and destination address for IP tunnel
2097interfaces previously configured with
2098.Cm tunnel .
2099.It Cm deletetunnel
2100Another name for the
2101.Fl tunnel
2102parameter.
2103.El
2104.Pp
2105The following parameters are specific to GRE tunnel interfaces,
2106.Xr gre 4 :
2107.Bl -tag -width indent
2108.It Cm grekey Ar key
2109Configure the GRE key to be used for outgoing packets.
2110Note that
2111.Xr gre 4 will always accept GRE packets with invalid or absent keys.
2112This command will result in a four byte MTU reduction on the interface.
2113.El
2114.Pp
2115The following parameters are specific to
2116.Xr pfsync 4
2117interfaces:
2118.Bl -tag -width indent
2119.It Cm maxupd Ar n
2120Set the maximum number of updates for a single state which
2121can be collapsed into one.
2122This is an 8-bit number; the default value is 128.
2123.El
2124.Pp
2125The following parameters are specific to
2126.Xr vlan 4
2127interfaces:
2128.Bl -tag -width indent
2129.It Cm vlan Ar vlan_tag
2130Set the VLAN tag value to
2131.Ar vlan_tag .
2132This value is a 16-bit number which is used to create an 802.1Q
2133VLAN header for packets sent from the
2134.Xr vlan 4
2135interface.
2136Note that
2137.Cm vlan
2138and
2139.Cm vlandev
2140must both be set at the same time.
2141.It Cm vlandev Ar iface
2142Associate the physical interface
2143.Ar iface
2144with a
2145.Xr vlan 4
2146interface.
2147Packets transmitted through the
2148.Xr vlan 4
2149interface will be
2150diverted to the specified physical interface
2151.Ar iface
2152with 802.1Q VLAN encapsulation.
2153Packets with 802.1Q encapsulation received
2154by the parent interface with the correct VLAN tag will be diverted to
2155the associated
2156.Xr vlan 4
2157pseudo-interface.
2158The
2159.Xr vlan 4
2160interface is assigned a
2161copy of the parent interface's flags and the parent's ethernet address.
2162The
2163.Cm vlandev
2164and
2165.Cm vlan
2166must both be set at the same time.
2167If the
2168.Xr vlan 4
2169interface already has
2170a physical interface associated with it, this command will fail.
2171To
2172change the association to another physical interface, the existing
2173association must be cleared first.
2174.Pp
2175Note: if the hardware tagging capability
2176is set on the parent interface, the
2177.Xr vlan 4
2178pseudo
2179interface's behavior changes:
2180the
2181.Xr vlan 4
2182interface recognizes that the
2183parent interface supports insertion and extraction of VLAN tags on its
2184own (usually in firmware) and that it should pass packets to and from
2185the parent unaltered.
2186.It Fl vlandev Op Ar iface
2187If the driver is a
2188.Xr vlan 4
2189pseudo device, disassociate the parent interface from it.
2190This breaks the link between the
2191.Xr vlan 4
2192interface and its parent,
2193clears its VLAN tag, flags and its link address and shuts the interface down.
2194The
2195.Ar iface
2196argument is useless and hence deprecated.
2197.El
2198.Pp
2199The following parameters are specific to
2200.Xr carp 4
2201interfaces:
2202.Bl -tag -width indent
2203.It Cm advbase Ar seconds
2204Specifies the base of the advertisement interval in seconds.
2205The acceptable values are 1 to 255.
2206The default value is 1.
2207.\" The default value is
2208.\" .Dv CARP_DFLTINTV .
2209.It Cm advskew Ar interval
2210Specifies the skew to add to the base advertisement interval to
2211make one host advertise slower than another host.
2212It is specified in 1/256 of seconds.
2213The acceptable values are 1 to 254.
2214The default value is 0.
2215.It Cm pass Ar phrase
2216Set the authentication key to
2217.Ar phrase .
2218.It Cm vhid Ar n
2219Set the virtual host ID.
2220This is a required setting.
2221Acceptable values are 1 to 255.
2222.El
2223.Pp
2224The
2225.Nm
2226utility displays the current configuration for a network interface
2227when no optional parameters are supplied.
2228If a protocol family is specified,
2229.Nm
2230will report only the details specific to that protocol family.
2231.Pp
2232If the
2233.Fl m
2234flag is passed before an interface name,
2235.Nm
2236will display the capability list and all
2237of the supported media for the specified interface.
2238If
2239.Fl L
2240flag is supplied, address lifetime is displayed for IPv6 addresses,
2241as time offset string.
2242.Pp
2243Optionally, the
2244.Fl a
2245flag may be used instead of an interface name.
2246This flag instructs
2247.Nm
2248to display information about all interfaces in the system.
2249The
2250.Fl d
2251flag limits this to interfaces that are down, and
2252.Fl u
2253limits this to interfaces that are up.
2254When no arguments are given,
2255.Fl a
2256is implied.
2257.Pp
2258The
2259.Fl l
2260flag may be used to list all available interfaces on the system, with
2261no other additional information.
2262Use of this flag is mutually exclusive
2263with all other flags and commands, except for
2264.Fl d
2265(only list interfaces that are down)
2266and
2267.Fl u
2268(only list interfaces that are up).
2269.Pp
2270The
2271.Fl v
2272flag may be used to get more verbose status for an interface.
2273.Pp
2274The
2275.Fl C
2276flag may be used to list all of the interface cloners available on
2277the system, with no additional information.
2278Use of this flag is mutually exclusive with all other flags and commands.
2279.Pp
2280The
2281.Fl k
2282flag causes keying information for the interface, if available, to be
2283printed.
2284For example, the values of 802.11 WEP keys will be printed, if accessible to
2285the current user.
2286This information is not printed by default, as it may be considered
2287sensitive.
2288.Pp
2289If the network interface driver is not present in the kernel then
2290.Nm
2291will attempt to load it.
2292The
2293.Fl n
2294flag disables this behavior.
2295.Pp
2296Only the super-user may modify the configuration of a network interface.
2297.Sh NOTES
2298The media selection system is relatively new and only some drivers support
2299it (or have need for it).
2300.Sh EXAMPLES
2301Assign the IPv4 address
2302.Li 192.0.2.10 ,
2303with a network mask of
2304.Li 255.255.255.0 ,
2305to the interface
2306.Li fxp0 :
2307.Dl # ifconfig fxp0 inet 192.0.2.10 netmask 255.255.255.0
2308.Pp
2309Add the IPv4 address
2310.Li 192.0.2.45 ,
2311with the CIDR network prefix
2312.Li /28 ,
2313to the interface
2314.Li ed0 ,
2315using
2316.Cm add
2317as a synonym for the canonical form of the option
2318.Cm alias :
2319.Dl # ifconfig ed0 inet 192.0.2.45/28 add
2320.Pp
2321Remove the IPv4 address
2322.Li 192.0.2.45
2323from the interface
2324.Li ed0 :
2325.Dl # ifconfig ed0 inet 192.0.2.45 -alias
2326.Pp
2327Add the IPv6 address
2328.Li 2001:DB8:DBDB::123/48
2329to the interface
2330.Li em0 :
2331.Dl # ifconfig em0 inet6 2001:db8:bdbd::123 prefixlen 48 alias
2332Note that lower case hexadecimal IPv6 addresses are acceptable.
2333.Pp
2334Remove the IPv6 address added in the above example,
2335using the
2336.Li /
2337character as shorthand for the network prefix,
2338and using
2339.Cm delete
2340as a synonym for the canonical form of the option
2341.Fl alias :
2342.Dl # ifconfig em0 inet6 2001:db8:bdbd::123/48 delete
2343.Pp
2344Configure the interface
2345.Li xl0 ,
2346to use 100baseTX, full duplex Ethernet media options:
2347.Dl # ifconfig xl0 media 100baseTX mediaopt full-duplex
2348.Pp
2349Create the software network interface
2350.Li gif1 :
2351.Dl # ifconfig gif1 create
2352.Pp
2353Destroy the software network interface
2354.Li gif1 :
2355.Dl # ifconfig gif1 destroy
2356.Sh DIAGNOSTICS
2357Messages indicating the specified interface does not exist, the
2358requested address is unknown, or the user is not privileged and
2359tried to alter an interface's configuration.
2360.Sh SEE ALSO
2361.Xr netstat 1 ,
2362.Xr carp 4 ,
2363.Xr netintro 4 ,
2364.Xr pfsync 4 ,
2365.Xr polling 4 ,
2366.Xr vlan 4 ,
2367.\" .Xr eon 5 ,
2368.Xr rc 8 ,
2369.Xr routed 8 ,
2370.Xr sysctl 8
2371.Sh HISTORY
2372The
2373.Nm
2374utility appeared in
2375.Bx 4.2 .
2376.Sh BUGS
2377Basic IPv6 node operation requires a link-local address on each
2378interface configured for IPv6.
2379Normally, such an address is automatically configured by the
2380kernel on each interface added to the system; this behaviour may
2381be disabled by setting the sysctl MIB variable
2382.Va net.inet6.ip6.auto_linklocal
2383to 0.
2384.Pp
2385If you delete such an address using
2386.Nm ,
2387the kernel may act very odd.
2388Do this at your own risk.
2389