xref: /titanic_52/usr/src/man/man1m/ipadm.1m (revision b0f673c4626e4cb1db7785287eaeed2731dfefe8)
te
Copyright (c) 2012, Joyent, Inc. All Rights Reserved
Copyright (c) 2013 by Delphix. All rights reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
IPADM 1M "May 14, 2012"
NAME
ipadm - configure IP network interfaces and protocol properties.
SYNOPSIS

ipadm create-if [-t] interface

ipadm disable-if [-t] interface

ipadm enable-if [-t] interface

ipadm delete-if interface

ipadm show-if [[-p] -o field[,...]] [interface]

ipadm set-ifprop [-t] -p prop=<value[,...]> -m protocol interface

ipadm reset-ifprop [-t] -p prop -m protocol interface

ipadm show-ifprop [[-c]-o field[,...]] [-p prop,...] [-m protocol]
 [interface]

ipadm create-addr [-t] -T static [-d]
 -a {local|remote}=addr[/prefixlen],... addrobj

ipadm create-addr [-t] -T dhcp [-w seconds | forever ] addrobj

ipadm create-addr [-t] -T addrconf [-i interface-id]
 [-p {stateful|stateless}={yes|no},..] addrobj

ipadm down-addr [-t] addrobj

ipadm up-addr [-t] addrobj

ipadm disable-addr [-t] addrobj

ipadm enable-addr [-t] addrobj

ipadm refresh-addr [-i] addrobj

ipadm delete-addr [-r] addrobj

ipadm show-addr [[-p] -o field[,...]] [addrobj]

ipadm set-addrprop [-t] -p prop=<value[,...]> addrobj

ipadm reset-addrprop [-t] -p prop=<value[,...]> addrobj

ipadm show-addrprop [[-c] -o field[,...]] [-p prop,...] [addrobj]

ipadm set-prop [-t] -p prop[+|-]=<value[,...]> protocol

ipadm reset-prop [-t] -p prop protocol

ipadm show-prop [[-c] -o field[,...]] [-p prop[,...]] [protocol]
DESCRIPTION

The ipadm command is a stable replacement for the ifconfig(1M) and ndd(1M) commands. It is used to create IP interfaces and to confgure IP addresses on those interfaces. It is also used to get, set or reset properties on interfaces, addresses and protocols.

For subcommands that take an addrobj, the addrobj specifies a unique address on the system. It is made up of two parts, delimited by a '/'. The first part is the name of the interface and the second part is a string up to 32 characters long. For example, "lo0/v4" is a loopback interface addrobj name.

For subcommands that take a protocol, this can be one of the following values: ip, ipv4, ipv6, icmp, tcp, sctp or udp.

SUBCOMMANDS

The following subcommands are supported: create-if [-t] interface

The create-if subcommand is used to create an IP interface that will handle both IPv4 and IPv6 packets. The interface will be enabled as part of the creation process. The IPv4 interface will have the address 0.0.0.0. The IPv6 interface will have the adress ::. The -t option (also --temporary) means that the creation is temporary and will not be persistent across reboots.

disable-if [-t] interface

The disable-if subcommand is used to disable an IP interface. The -t option (also --temporary) means that the disable is temporary and will not be persistent across reboots.

enable-if [-t] interface

The enable-if subcommand is used to enable an IP interface. The -t option (also --temporary) means that the enable is temporary and will not be persistent across reboots.

\fbdelete-if interface

The delete-if subcommand is used to permanently delete an IP interface.

show-if [[-p] -o field[,...]] [interface]

The show-if subcommand is used to show the current IP interface configuration. The -p option (also --parsable) prints the output in a parsable format. The -o option (also --output) is used to select which fields will be shown. The field value can be one of the following names:

ALL

Display all fields

IFNAME

The name of the interface

STATE

The state can be one of the following values:

ok - resources for the interface have been allocated offline - the interface is offline failed - the interface's datalink is down down - the interface is down disabled - the interface is disabled

CURRENT

A set of single character flags indicating the following:

b - broadcast (mutually exclusive with 'p')

m - multicast

p - point-to-point (mutually exclusive with 'b')

v - virtual interface

I - IPMP

s - IPMP standby

i - IPMP inactive

V - VRRP

a - VRRP accept mode

4 - IPv4

6 - IPv6

PERSISTENT

A set of single character flags showing what configuration will be used the next time the interface is enabled:

s - IPMP standby

4 - IPv4

6 - IPv6

set-ifprop [-t] -p prop=<value[,...]> -m protocol interface

The set-ifprop subcommand is used to set a property's value(s) on the IP interface. The -t option (also --temporary) means that the setting is temporary and will not be persistent across reboots. The -p option (also --prop) specifies the property name and value(s). The property name can be one of the following:

arp

Enables ("on") or disables ("off") ARP.

exchange_routes

Enables ("on") or disables ("off") the exchange of routing data.

forwarding

Enables ("on") or disables ("off") IP forwarding.

metric

Set the routing metric to the numeric value. The value is treated as extra hops to the destination.

mtu

Set the maximum transmission unit to the numeric value.

nud

Enables ("on") or disables ("off") neighbor unreachability detection.

usesrc

Indicates which interface to use for source address selection. A value "none" may also be used.

The -m option (also --module) specifies which protocol the setting applies to.
reset-ifprop [-t] -p prop -m protocol interface

The reset-ifprop subcommand is used to reset an IP interface's property value to the default. The -t option (also --temporary) means that the disable is temporary and will not be persistent across reboots. The -p option (also --prop) specifies the property name. See the set-ifprop subcommand for the list of property names. The -m option (also --module) specifies which protocol the setting applies to.

show-ifprop [[-c]-o field[,...]] [-p prop,...] [-m protocol] [interface]

The show-ifprop subcommand is used to display the property values for one or all of the IP interfaces. The -c option (also --parsable) prints the output in a parsable format. The -o option (also --output) is used to select which fields will be shown. The field value can be one of the following names:

ALL

Display all fields

IFNAME

The name of the interface

PROPERTY

The name of the property

PROTO

The name of the protocol

PERM

If the property is readable ("r") and/or writable ("w").

CURRENT

The value of the property

PERSISTENT

The persistent value of the property

DEFAULT

The default value of the property

POSSIBLE

The possible values for the property

The -p option (also --prop) is used to specify which properties to display. See the set-ifprop subcommand for the list of property names. The -m option (also --module) specifies which protocol to display.
create-addr [-t] -T static [-d] \\ -a {local|remote}=addr[/prefixlen],... addrobj

create-addr [-t] -T dhcp [-w seconds | forever ] addrobj

create-addr [-t] -T addrconf [-i interface-id] \\ [-p {stateful|stateless}={yes|no},..] addrobj

The create-addr subcommand is used to set an address on an IP interface. The address will be enabled but can disabled using the disable-addr subcommand. This subcommand has three different forms, depending on the value of the -T option. The -t option (also --temporary) means that the address is temporary and will not be persistent across reboots. The -T static option creates a static addrobj. This takes the following options:

The -d option (also --down) means the address is down. The -a option (also --address) specifies the address. The "local" or "remote" prefix can be used for a point-to-point interface. In this case, both addresses must be given. Otherwise, the equal sign ("=") should be omitted and the address should be provided by itself and with no second address.

The -T dhcp option causes the address to be obtained via DHCP. This takes the following options:

The -w option (also --wait) gives the time, in seconds, that the command should wait to obtain an address.

The -T addrconf option creates an auto-configured address. This takes the following options:

The -i option (also --interface-id) gives the interface ID to be used. The -p option (also --prop) indicates which method of auto-configuration should be used.

down-addr [-t] addrobj

The down-addr subcommand is used to down the address. This will stop packets from being sent or received. The -t option (also --temporary) means that the down is temporary and will not be persistent across reboots.

up-addr [-t] addrobj

The up-addr subcommand is used to up the address. This will enable packets to be sent and received. The -t option (also --temporary) means that the up is temporary and will not be persistent across reboots.

disable-addr [-t] addrobj

The disable-addr subcommand is used to disable the address. The -t option (also --temporary) means that the disable is temporary and will not be persistent across reboots.

enable-addr [-t] addrobj

The enable-addr subcommand is used to enable the address. The -t option (also --temporary) means that the enable is temporary and will not be persistent across reboots.

refresh-addr [-i] addrobj

The refresh-addr subcommand is used to extend the lease for DHCP addresses. It also restarts duplicate address detection for Static addresses. The -i option (also --inform) means that the network configuration will be obtained from DHCP without taking a lease on the address.

delete-addr [-r] addrobj

The delete-addr subcommand deletes the given address. The -r option (also --release) is used for DHCP-assigned addresses to indicate that the address should be released.

show-addr [[-p] -o field[,...]] [addrobj]

The show-addr subcommand is used to show the current address properties. The -p option (also --parsable) prints the output in a parsable format. The -o option (also --output) is used to select which fields will be shown. The field value can be one of the following names:

ALL

Display all fields

ADDROBJ

The name of the address

TYPE

The type of the address. It can be "static", "dhcp" or "addrconf".

STATE

The state of the address. It can be one of the following values:

disabled s see the disable-addr subcommand down - see the down-addr subcommand duplicate - the address is a duplicate inaccessible - the interface for this address has failed ok - the address is up tentative - duplicate address detection in progress

CURRENT

A set of single character flags indicating the following:

U - up

u - unnumbered (matches another local address)

p - private, not advertised to routing

t - temporary IPv6 address

d - deprecated (not used for outgoing packets)

PERSISTENT

A set of single character flags showing the configuration which will be used when the address is enabled.

U - up

p - private, not advertised to routing

d - deprecated (not used for outgoing packets)

ADDR

The address

set-addrprop [-t] -p prop=<value[,...]> addrobj

The set-addrprop subcommand is used to set a property's value(s) on the addrobj. The -t option (also --temporary) means that the setting is temporary and will not be persistent across reboots. The -p option (also --prop) specifies the property name and value(s). The property name can be one of the following:

broadcast

The broadcast address (read-only)

deprecated

The address should not be used to send packets but can still receive packets. Can be "on" or "off".

prefixlen

The number of bits in the IPv4 netmask or IPv6 prefix.

private

The address is not advertised to routing. Can be "on" or "off".

transmit

Packets can be transmitted. Can be "on" or "off".

zone

The zone the addrobj is in.

reset-addrprop [-t] -p prop addrobj

The reset-addrprop subcommand is used to reset an addrobj's property value to the default. The -t option (also --temporary) means that the disable is temporary and will not be persistent across reboots. The -p option (also --prop) specifies the property name. See the set-addrprop subcommand for the list of property names.

show-addrprop [[-c]-o field[,...]] [-p prop,...] addrobj]

The show-addrprop subcommand is used to display the property values for one or all of the addrobjs. The -c option (also --parsable) prints the output in a parsable format. The -o option (also --output) is used to select which fields will be shown. The field value can be one of the following names:

ALL

Display all fields

ADDROBJ

The name of the addrobj

PROPERTY

The name of the property

PERM

If the property is readable ("r") and/or writable ("w").

CURRENT

The value of the property

PERSISTENT

The persistent value of the property

DEFAULT

The default value of the property

POSSIBLE

The possible values for the property

The -p option (also --prop) is used to specify which properties to display. See the set-addrprop subcommand for the list of property names.
set-prop [-t] -p prop[+|-]=<value[,...]> protocol

The set-prop subcommand is used to set a property's value(s) on the protocol. The -t option (also --temporary) means that the setting is temporary and will not be persistent across reboots. The -p option (also --prop) specifies the property name and value(s). The optional [+|-] syntax can be used to add/remove values from the current list of values on the property. The property name can be one of the following:

ecn

Explicit congestion control (TCP-only) Can be "never", "passive" or "active".

extra_priv_ports

Additional privileged ports (SCTP, TCP or UDP)

forwarding

Packet forwarding is enabled. Can be "on" or "off".

hoplimit

The IPv6 hoplimit.

largest_anon_port

Largest ephemeral port (SCTP, TCP or UDP)

max_buf

Maximum receive or send buffer size (ICMP, SCTP, TCP, or UDP). This also sets the upper limit for the recv_buf and send_buf properties.

recv_buf

Default receive buffer size (ICMP, SCTP, TCP, or UDP). The maximum value for this property is controlled by the max_buf property.

sack

Selective acknowledgement (TCP). Can be "active", "passive" or "never".

send_buf

Default send buffer size (ICMP, SCTP, TCP, or UDP). The maximum value for this property is controlled by the max_buf property.

smallest_anon_port

Smallest ephemeral port (SCTP, TCP or UDP)

smallest_nonpriv_port

Smallest non-privileged port (SCTP, TCP or UDP)

ttl

The IPv4 time-to-live.

reset-prop [-t] -p prop protocol

The reset-prop subcommand is used to reset a protocol's property value to the default. The -t option (also --temporary) means that the disable is temporary and will not be persistent across reboots. The -p option (also --prop) specifies the property name. See the set-prop subcommand for the list of property names.

show-prop [[-c]-o field[,...]] [-p prop,...] protocol]

The show-prop subcommand is used to display the property values for one or all of the protocols. The -c option (also --parsable) prints the output in a parsable format. The -o option (also --output) is used to select which fields will be shown. The field value can be one of the following names:

ALL

Display all fields

PROTO

The name of the protocol

PROPERTY

The name of the property

PERM

If the property is readable ("r") and/or writable ("w").

CURRENT

The value of the property

PERSISTENT

The persistent value of the property

DEFAULT

The default value of the property

POSSIBLE

The possible values for the property

The -p option (also --prop) is used to specify which properties to display. See the set-prop subcommand for the list of property names.
SEE ALSO

ifconfig(1M), dladm(1M), ndd(1M), zonecfg(1M), arp(1M), cfgadm(1M), if_mpadm(1M), nsswitch.conf(4), and dhcp(5).