Manpages

NAME

ifconfig − configure network interface parameters

SYNOPSIS

/sbin/ifconfig interface [address_family] [ address  [/prefix_length]  [dest_address]] [ addif  address  [/prefix_length]] [ removeif  address  [/prefix_length]] [arp | -arp] [auth_algs authentication algorithm] [encr_algs encryption algorithm] [encr_auth_algs authentication algorithm] [auto-revarp] [ broadcast  address] [deprecated | -deprecated] [ destination  dest_address] [ [failover] | [-failover]] [ group [ [name] | ""] ] [ index  {if_index}] [ metric  n] [modlist] [modinsert mod_name@pos] [modremove mod_name@pos] [ mtu  n] [ netmask  mask] [plumb] [unplumb] [private | -private] [nud | -nud] [ set  [address]  [/netmask]] [ [standby] | [-standby]] [ subnet  subnet_address] [ tdst  tunnel_dest_address] [ token   address/prefix_length] [ tsrc  tunnel_src_address] [trailers | -trailers] [up] [down] [xmit | -xmit]

/usr/sbin/ifconfig interface [address_family] [ address  [/prefix_length]  [dest_address]] [ addif  address  [/prefix_length]] [ removeif  address  [/prefix_length]] [arp | -arp] [auth_algs authentication algorithm] [encr_algs encryption algorithm] [encr_auth_algs authentication algorithm] [auto-revarp] [ broadcast  address] [deprecated | -deprecated] [ destination  dest_address] [ [failover] | [-failover]] [ group [ [name] | ""] ] [ index  {if_index}] [ metric  n] [modlist] [modinsert mod_name@pos] [modremove mod_name@pos] [ mtu  n] [ netmask  mask] [plumb] [unplumb] [private | -private] [nud | -nud] [ set  [address]  [/netmask]] [ [standby] | [-standby]] [ subnet  subnet_address] [ tdst  tunnel_dest_address] [ token   address/prefix_length] [ tsrc  tunnel_src_address] [trailers | -trailers] [up] [down] [xmit | -xmit]

/sbin/ifconfig interface {auto-dhcp | dhcp} [primary] [ wait  seconds] drop | extend | inform | ping | release | start | status

/usr/sbin/ifconfig interface {auto-dhcp | dhcp} [primary] [ wait seconds] drop | extend | inform | ping | release | start | status

DESCRIPTION

The command ifconfig is used to assign an address to a network interface and to configure network interface parameters. The ifconfig command must be used at boot time to define the network address of each interface present on a machine; it may also be used at a later time to redefine an interface’s address or other operating parameters. If no option is specified, ifconfig displays the current configuration for a network interface. If an address family is specified, ifconfig reports only the details specific to that address family. Only the superuser may modify the configuration of a network interface. Options appearing within braces ({}) indicate that one of the options must be specified.

The two versions of ifconfig, /sbin/ifconfig and /usr/sbin/ifconfig, behave differently with respect to name services. The order in which names are looked up by /sbin/ifconfig when the system is booting is fixed and cannot be changed. In contrast, changing /etc/nsswitch.conf may affect the behavior of /usr/sbin/ifconfig. The system administrator may configure the source and lookup order in the tables by means of the name service switch. See nsswitch.conf(4) for more information.

DHCP Configuration
The third and fourth forms of this command are used to control the Dynamic Host Configuration Protocol ("DHCP") configuring of the interface. DHCP is only available on interfaces for which the address family is inet. In this mode, ifconfig is used to control operation of dhcpagent(1M), the DHCP client daemon. Once an interface is placed under DHCP control by using the start operand, ifconfig should not, in normal operation, be used to modify the address or characteristics of the interface. If the address of an interface under DHCP is changed, dhcpagent will remove the interface from its control.

OPTIONS

The following options are supported:
addif
address

Create the next unused logical interface on the specified physical interface.

arp

Enable the use of the Address Resolution Protocol ("ARP") in mapping between network level addresses and link level addresses (default). This is currently implemented for mapping between IPv4 addresses and 10Mb/s Ethernet addresses.

-arp

Disable the use of the ARP.

auth_algs authentication algorithm

For a tunnel, enable IPsec AH with the authentication algorithm specified. The algorithm can be either a number or an algorithm name, including any to express no preference in algorithm. All IPsec tunnel properties must be specified on the same command line. To disable tunnel security, specify an auth_alg of none.

auto-dhcp

Use DHCP to automatically acquire an address for this interface. This option has a completely equivalent alias called dhcp.
primary

Defines the interface as the primary. The interface is defined as the preferred one for the delivery of client-wide configuration data. Only one interface can be the primary at any given time. If another interface is subsequently selected as the primary, it replaces the previous one. Nominating an interface as the primary one will not have much significance once the client work station has booted, as many applications will already have started and been configured with data read from the previous primary interface.

wait seconds

The ifconfig command will wait until the operation either completes or for the interval specified, whichever is the sooner. If no wait interval is given, and the operation is one that cannot complete immediately, ifconfig will wait 30 seconds for the requested operation to complete. The symbolic value forever may be used as well, with obvious meaning.

drop

Remove the specified interface from DHCP control. Additionally, set the IP address to zero and mark the interface as "down".

extend

Attempt to extend the lease on the interface’s IPv4 address. This is not required, as the agent will automatically extend the lease well before it expires.

inform

Obtain network configuration parameters from DHCP without obtaining a lease on an IP address. This is useful in situations where an IP address is obtained through mechanisms other than DHCP.

ping

Check whether the interface given is under DHCP control, which means that the interface is managed by the DHCP agent and is working properly. An exit status of 0 means success. This subcommand has no meaning when the named interface represents more than one interface.

release

Relinquish the IPv4 address on the interface, and mark the interface as "down."

start

Start DHCP on the interface.

status

Display the DHCP configuration status of the interface.

auto-revarp

Use the Reverse Address Resolution Protocol ("RARP") to automatically acquire an address for this interface.

broadcast address

For IPv4 only. Specify the address to use to represent broadcasts to the network. The default broadcast address is the address with a host part of all 1’s. A "+" (plus sign) given for the broadcast value causes the broadcast address to be reset to a default appropriate for the (possibly new) address and netmask. The arguments of ifconfig are interpreted left to right. Therefore

example% ifconfig -a netmask + broadcast +

and

example% ifconfig -a broadcast + netmask +

may result in different values being assigned for the broadcast addresses of the interfaces.

deprecated

Marks the address as a deprecated address. Addresses marked as deprecated will not be used as source address for outbound packets unless either there are no other addresses available on this interface or the application has bound to this address explicitly. The status display shows DEPRECATED as part of flags.

-deprecated

Marks the address as not deprecated.

destination dest_address

Set the destination address for a point-to point interface.

dhcp

This option is an alias for option auto-dhcp

down

Mark an interface "down". When an interface is marked "down", the system does not attempt to transmit messages through that interface. If possible, the interface is reset to disable reception as well. This action does not automatically disable routes using the interface.

encr_auth_algs authentication algorithm

For a tunnel, enable IPsec ESP with the authentication algorithm specified. It can be either a number or an algorithm name, including any or none, to indicate no algorithm preference. If an ESP encryption algorithm is specified but the authentication algorithm is not, the default value for the ESP authentication algorithm will be any.

encr_algs encryption algorithm

For a tunnel, enable IPsec ESP with the encryption algorithm specified. It can be either a number or an algorithm name. Note that all IPsec tunnel properties must be specified on the same command line. To disable tunnel security, specify the value of encr_alg as none. If an ESP authentication algorithm is specified, but the encryption algorithm is not, the default value for the ESP encryption will be null.

-failover

Mark the address as a non-failover address.Addresses marked this way will not failover when the interface fails. Status display shows "NOFAILOVER" as part of flags.

failover

Mark the address as a failover address. This address will failover when the interface fails. Status display does not show "NOFAILOVER" as part of flags.

group [ name |""]

Insert the interface in the multipathing group specified by name. To delete an interface from a group, use a null string "".
When invoked on the logical interface with id zero, the status display shows the group name.

index n

Change the interface index for the interface. The value of n must be an interface index (if_index) that is not used on another interface. if_index will be a non-zero positive number that uniquely identifies the network interface on the system.

metric n

Set the routing metric of the interface to n; if no value is specified, the default is 0. The routing metric is used by the routing protocol. Higher metrics have the effect of making a route less favorable; metrics are counted as addition hops to the destination network or host.

modinsert mod_name@pos

Insert a module with name mod_name to the stream of the device at position pos. The position is relative to the stream head.
Position 0 means directly under stream head.

Based upon the example in the modlist option, use the following command to insert a module with name ipqos under the ip module and above the firewall module:

example% ifconfig hme0 modinsert ipqos@2

A subsequent listing of all the modules in the stream of the device follows:

example% ifconfig hme0 modlist
0 arp
1 ip
2 ipqos
3 firewall
4 hme
modlist

List all the modules in the stream of the device.

The following example lists all the modules in the stream of the device:

example% ifconfig hme0 modlist
0 arp
1 ip
2 firewall
4 hme
modremove
mod_name@pos

Remove a module with name mod_name from the stream of the device at position pos. The position is relative to the stream head.

Based upon the example in the modinsert option, use the following command to remove the firewall module from the stream after inserting the ipqos module:

example% ifconfig hme0 modremove firewall@3

A subsequent listing of all the modules in the stream of the device follows:

example% ifconfig hme0 modlist
0 arp
1 ip
2 ipqos
3 hme

Note that the core IP stack modules, for example, ip and tun modules, cannot be removed.

mtu n

Set the maximum transmission unit of the interface to n. For many types of networks, the mtu has an upper limit, for example, 1500 for Ethernet.

netmask mask

For IPv4 only. Specify how much of the address to reserve for subdividing networks into subnetworks. The mask includes the network part of the local address and the subnet part, which is taken from the host field of the address. The mask contains 1’s for the bit positions in the 32-bit address which are to be used for the network and subnet parts, and 0’s for the host part. The mask should contain at least the standard network portion, and the subnet field should be contiguous with the network portion. The mask can be specified in one of four ways:

1.

with a single hexadecimal number with a leading 0x,

2.

with a dot-notation address,

3.

with a "+" (plus sign) address, or

4.

with a pseudo host name/pseudo network name found in the network database networks(4).

If a "+" (plus sign) is given for the netmask value, the mask is looked up in the netmasks(4) database. This lookup finds the longest matching netmask in the database by starting with the interface’s IPv4 address as the key and iteratively masking off more and more low order bits of the address. This iterative lookup ensures that the netmasks(4) database can be used to specify the netmasks when variable length subnetmasks are used within a network number.

If a pseudo host name/pseudo network name is supplied as the netmask value, netmask data may be located in the hosts or networks database. Names are looked up by first using gethostbyname(3NSL). If not found there, the names are looked up in getnetbyname(3SOCKET). These interfaces may in turn use nsswitch.conf(4) to determine what data store(s) to use to fetch the actual value.

For both inet and inet6, the same information conveyed by mask can be specified as a prefix_length attached to the address parameter.

nud

Enables the neighbor unreachability detection mechanism on a point-to-go interface.

-nud

Disables the neighbor unreachability detection mechanism on a point-to-go interface.

plumb

Open the device associated with the physical interface name and set up the streams needed for IP to use the device. When used with a logical interface name, this command is used to create a specific named logical interface. An interface must be separately plumbed for use by IPv4 and IPv6. The address_family parameter controls whether the ifconfig command applies to IPv4 or IPv6.

Before an interface has been plumbed, , the interface will not show up in the output of the ifconfig -a command.

private

Tells the in.routed routing daemon that the interface should not be advertised.

-private

Specify unadvertised interfaces.

removeif address

Remove the logical interface on the physical interface specified that matches the address specified.

set

Set the address, prefix_length or both, for an interface.

standby

Marks the physical interface as a standby interface. If the interface is marked STANDBY and is part of the multipathing group, the interface will not be selected to send out packets unless some other interface in the group has failed and the network access has been failed over to this standby interface.

The status display shows "STANDBY, INACTIVE" indicating that that the interface is a standby and is also inactive. IFF_INACTIVE will be cleared when some other interface belonging to the same multipathing group fails over to this interface. Once a failback happens, the status display will return to INACTIVE.

-standby

Turns off standby on this interface.

subnet

Set the subnet address for an interface.

tdst tunnel_dest_address

Set the destination address of a tunnel. The address should not be the same as the dest_address of the tunnel, because no packets leave the system over such a tunnel.

token address/prefix_length

Set the IPv6 token of an interface to be used for address autoconfiguration.

example% ifconfig hme0 inet6 token ::1/64

trailers

This flag previously caused a nonstandard encapsulation of inet packets on certain link levels. Drivers supplied with this release no longer use this flag. It is provided for compatibility, but is ignored.

-trailers

Disable the use of a "trailer" link level encapsulation.

tsrc tunnel_src_address

Set the source address of a tunnel. This is the source address on an outer encapsulating IP header. It must be an address of another interface already configured using ifconfig.

unplumb

Close the device associated with this physical interface name and any streams that ifconfig set up for IP to use the device. When used with a logical interface name, the logical interface is removed from the system. After this command is executed, the device name will no longer appear in the output of ifconfig -a.

up

Mark an interface "up". This happens automatically when setting the first address on an interface. The up option enables an interface after an ifconfig down, which reinitializes the hardware.

xmit

Enable an interface to transmit packets. This is the default behavior when the interface is up.

-xmit

Disable transmission of packets on an interface. The interface will continue to receive packets.

OPERANDS

The interface operand, as well as address parameters that affect it, are described below.

interface

A string of the form, name physical-unit, for example, le0 or ie1; or of the form name physical-unit:logical-unit, for example, le0:1; or of the form ip.tunN, for tunnels.

If the interface name starts with a dash (-), it is interpreted as a set of options which specify a set of interfaces. In such a case, -a must be part of the options and any of the additional options below can be added in any order. If one of these interface names is given, the commands following it are applied to all of the interfaces that match.

-a

Apply the commands to all interfaces in the system.

-d

Apply the commands to all "down" interfaces in the system.

-D

Apply the commands to all interfaces not under DHCP (Dynamic Host Configuration Protocol) control.

-u

Apply the commands to all "up" interfaces in the system.

-4

Apply the commands to all IPv4 interfaces.

-6

Apply the commands to all IPv6 interfaces.

address_family

The address family is specified by the address_family parameter. The ifconfig command currently supports the following families: ether, inet, and inet6. If no address family is specified, the default is inet.

address

For the IPv4 family (inet), the address is either a host name present in the host name data base (see hosts(4)) or in the Network Information Service (NIS) map hosts, or an IPv4 address expressed in the Internet standard "dot notation".

For the IPv6 family (inet6), the address is either a host name present in the host name data base (see ipnodes(4)) or in the Network Information Service (NIS) map ipnode, or an IPv6 address expressed in the Internet standard colon-separated hexadecimal format represented as x:x:x:x:x:x:x:x where x is a hexadecimal number between 0 and FFFF.

For the ether address family, the address is an Ethernet address represented as x:x:x: x:x:x where x is a hexadecimal number between 0 and FF.

Some, though not all, of the Ethernet interface cards have their own addresses. To use cards that do not have their own addresses, refer to section 3.2.3(4) of the IEEE 802.3 specification for a definition of the locally administered address space. The use of interface groups should be restricted to those cards with their own addresses (see INTERFACE GROUPS).

prefix_length

For the IPv4 and IPv6 families (inet and inet6), the prefix_length is a number between 0 and the number of bits in the address. For inet, the number of bits in the address is 32; for inet6, the number of bits in the address is 128. The prefix_length denotes the number of leading set bits in the netmask.

dest_address

If the dest_address parameter is supplied in addition to the address parameter, it specifies the address of the correspondent on the other end of a point-to-point link.

tunnel_dest_address

An address that is or will be reachable through an interface other than the tunnel being configured. This tells the tunnel where to send the tunneled packets. This address must not be the same as the tunnel_dest_address being configured.

tunnel_src_address

As address that is attached to an already configured interface that has been configured "up" with ifconfig.

LOGICAL INTERFACES

Solaris TCP/IP allows multiple logical interfaces to be associated with a physical network interface. This allows a single machine to be assigned multiple IP addresses, even though it may have only one network interface. Physical network interfaces have names of the form driver-name physical-unit-number, while logical interfaces have names of the form driver-name physical-unit-number:logical-unit-number. A physical interface is configured into the system using the plumb command. For example:

example% ifconfig le0 plumb

Once a physical interface has been "plumbed", logical interfaces associated with the physical interface can be configured by separate plumb or addif options to the ifconfig command.

example% ifconfig le0:1 plumb

allocates a specific logical interface associated with the physical interface le0. The command

example% ifconfig le0 addif 192.9.200.1/24 up

allocates the next available logical unit number on the le0 physical interface and assigns an address and prefix_length.

A logical interface can be configured with parameters ( address,prefix_length, and so on) different from the physical interface with which it is associated. Logical interfaces that are associated with the same physical interface can be given different parameters as well. Each logical interface must be associated with an existing and "up" physical interface. So, for example, the logical interface le0:1 can only be configured after the physical interface le0 has been plumbed.

To delete a logical interface, use the unplumb or removeif options. For example,

example% ifconfig le0:1 down unplumb

will delete the logical interface le0:1.

INTERFACE GROUPS

If a physical interface shares an IP prefix with another interface, these interfaces are collected into an interface group. IP uses an interface group to rotate source address selection when the source address is unspecified, and in the case of multiple physical interfaces in the same group, to scatter traffic across different IP addresses on a per-IP-destination basis. See netstat(1M) for per-IP-destination information.

This feature may be enabled by using ndd(1M).

One can also use the group keyword to form a multipathing group. When multipathing groups are used, the functionality of the interface group is subsumed into the functionality of the multipathing group. A multipathing group provides failure detection and repair detection for the interfaces in the group. See in.mpathd(1M) and System Administration Guide, Volume 3.

The interface groups formed using ndd(1M) will be made obsolete in the future. Accordingly, it is advisable to use form multipathing groups using the group keyword.

CONFIGURING IPv6 INTERFACES

When an IPv6 physical interface is plumbed and configured "up" with ifconfig, it is automatically assigned an IPv6 link-local address for which the last 64 bits are calculated from the MAC address of the interface.

ifconfig le0 inet6 plumb up

The following example shows that the link-local address has a prefix of fe80::/10.

example% ifconfig le0 inet6
le0: flags=2000841<UP,RUNNING,MULTICAST,IPv6>
mtu 1500 index 2  
inet6 fe80::a00:20ff:fe8e:f3ad/10

If an advertising IPv6 router exists on the link advertising prefixes, then the newly plumbed IPv6 interface will autoconfigure logical interface(s) depending on the prefix advertisements. For example, for prefix advertisements fec0:0:0:55::/64 and 3ff0:0:0:55::/64, the autoconfigured interfaces will look like:

le0:1: flags=2080841<UP,RUNNING,MULTICAST,ADDRCONF,IPv6>
mtu 1500 index 2
inet6 fec0::55:a00:20ff:fe8e:f3ad/64
le0:2: flags=2080841<UP,RUNNING,MULTICAST,ADDRCONF,IPv6>
mtu 1500 index 2
inet6 3ff0::55:a00:20ff:fe8e:f3ad/64

Even if there are no prefix advertisements on the link, you can still assign site-local and global addresses manually, for example:

example% ifconfig le0 inet6 addif fec0::55:a00:20ff:fe8e:f3ad/64 up
example% ifconfig le0 inet6 addif 3ff0::55:a00:20ff:fe8e:f3ad/64 up

To configure boot-time defaults for the interface le0, place the following entries in the /etc/hostname6.le0 file:

addif  fec0::55:a00:20ff:fe8e:f3ad/64 up
addif  3ff0::55:a00:20ff:fe8e:f3ad/64 up

Link-local addresses are only used for on-link communication and are not visible to other subnets.

Configuring IPv6/IPv4 tunnels
An IPv6 over IPv4 tunnel interface can send and receive IPv6 packets encapsulated in an IPv4 packet. Create tunnels at both ends pointing to each other. IPv6 over IPv4 tunnels require the tunnel source and tunnel destination IPv4 and IPv6 addresses. Solaris 8 supports both automatic and configured tunnels. For automatic tunnels, an IPv4-compatible IPv6 address is used. The following demonstrates auto-tunnel configuration:

example% ifconfig ip.atun0 inet6 plumb
example% ifconfig ip.atun0 inet6 tsrc <IPv4-address> \
::<IPv4 address>/96 up

where IPv4-address is the IPv4 address of the interface through which the tunnel traffic will flow, and IPv4-address, ::<IPv4-address>, is the corresponding IPv4-compatible IPv6 address.

The following is an example of a configured tunnel:

example% ifconfig ip.tun0 inet6 plumb tsrc <my-ipv4-address> \
tdst <peer-ipv4-address> up

This creates a configured tunnel between my-ipv4-address and peer-ipv4-address with corresponding link-local addresses. For tunnels with global or site-local addresses, the logical tunnel interfaces need to be configured in the following form:

ifconfig ip.tun0 inet6 addif <my-v6-address> <peer-v6-address> up

For example,

example% ifconfig ip.tun0 inet6 plumb tsrc 109.146.85.57 \
tdst 109.146.85.212 up

example% ifconfig ip.tun0 inet6 addif 2::45 2::46 up

To show all IPv6 interfaces that are up and configured:

example% ifconfig -au6
ip.tun0: flags=2200851<UP,POINTOPOINT,RUNNING,MULTICAST,NONUD,IPv6>
mtu 1480 index 3
inet tunnel src 109.146.85.57 tunnel dst 109.146.85.212
inet6 fe80::6d92:5539/10 --> fe80::6d92:55d4
ip.tun0:1: flags=2200851<UP,POINTOPOINT,RUNNING,MULTICAST,NONUD,IPv6>
mtu 1480 index 3
inet6 2::45/128 --> 2::46

EXAMPLES

Example 1: Using the ifconfig Command

If your workstation is not attached to an Ethernet, the le0 interface should be marked "down" as follows:

example% ifconfig le0 down

Example 2: Printing Addressing Information

To print out the addressing information for each interface, use the following command:

example% ifconfig -a

Example 3: Resetting the Broadcast Address

To reset each interface’s broadcast address after the netmasks have been correctly set, use the next command:

example% ifconfig -a broadcast +

Example 4: Changing the Ethernet Address

To change the Ethernet address for interface le0, use the following command:

example% ifconfig le0 ether aa:1:2:3:4:5

Example 5: Configuring an IP-in-IP Tunnel

To configure an IP-in-IP tunnel, first plumb it with the following command:

example% ifconfig ip.tun0 plumb

Then configure it as a point-to-point interface, supplying the tunnel source and the tunnel destination:

example% ifconfig ip.tun0 myaddr mydestaddr tsrc another_myaddr \
tdst a_dest_addr up

Tunnel security properties must be configured on one invocation of ifconfig:

example% ifconfig ip.tun0 encr_auth_algs md5 encr_algs 3des

Example 6: Requesting a Service Without Algorithm Preference

To request a service without any algorithm preferences, specify any:

example% ifconfig ip.tun0 encr_auth_algs any encr_algs any

Example 7: Disabling All Security

To disable all security, specify any security service with none as the algorithm value:

example% ifconfig ip.tun0 auth_algs none

or

example% ifconfig ip.tun0 encr_algs none

FILES

/etc/netmasks

netmask data

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

/usr/sbin

Image /var/www/mancx/application/src/../www/___/img/man1/man1/ifconfig1.png

/sbin

Image /var/www/mancx/application/src/../www/___/img/man1/man1/ifconfig2.png

SEE ALSO

dhcpinfo(1), dhcpagent(1M), in.mpathd(1M), in.routed(1M), ndd(1M), netstat(1M), ethers(3SOCKET), gethostbyname(3NSL), getnetbyname(3SOCKET), hosts(4), netmasks(4), networks(4), nsswitch.conf(4), attributes(5), arp(7P),ipsecah(7P),ipsecesp(7P),tun(7M)

System Administration Guide, Volume 3

DIAGNOSTICS

ifconfig sends messages that indicate if:

the specified interface does not exist

the requested address is unknown

the user is not privileged and tried to alter an interface’s configuration

NOTES

It is recommended that the names broadcast, down, private, trailers, up, and the other possible option names not be selected when choosing host names. Choosing any one of these names as host names will cause bizarre problems that can be extremely difficult to diagnose.