interface name unit, for example, en0 .
| up Mark an interface up. Happens automatically when setting the first address on an interface.
If the interface was reset when previously marked down, the hardware will be initialized.
| down Mark an interface down. the system will not attempt to transmit messages through that interface.
The interface will be reset to disable reception as well.
| address
host name,
Internet address: dot notation
CIDR notation to include the netmask. (eample: 192.168.0.1/26 .)
For the inet6 the prefix length using the slash notation, ( example: ::1/128 .
link-level (link) address: series of colon-separated hex digits. to set a new MAC address on an ethernet interface,
if the interface is up, it will be brought down and then back up.
| address_family affects interpretation of the remaining parameters.
Since an interface can receive transmissions in differing protocols with different naming schemes, specifying the address family is recommended.
Families are inet , inet6 , and link (aka ether and lladdr )
Default inet .
| broadcast (Inet only.) the address to use to broadcasts to the network. Default: address with a host part of all 1's.
For example 192.168.45.255 (ie. 255 =11111111)
| prefixlen len (Inet6 only.) bits for subdividing networks into sub-networks. between 0 to 128. almost always 64
| arp
-arp Enable/disable Address Resolution Protocol to map network level addresses and link level addresses (default). mapping between Internet and MAC addresses
| dest_address other end of a point-to-point link.
| mtu n maximum transmission unit size in bytes
| netmask mask (Inet only.) Define portion of address for subdividing networks into sub-networks.
The mask includes the network part of the local address and the subnet part, which is taken from the host field of the address.
The mask can be specified as a single hexadecimal number example: 0xFFFFFF00, dot-notation (example: 255.255.255.0) , or
CIDR notation after the address (example: 192.168.1.1/24 or
with a pseudo-network name listed in the network table networks(5)
The mask contains 1's for the bit positions in the 32-bit address which are to be used for the network and subnet parts, and 0's for the host part.
The mask should contain at least the standard network portion, and the subnet field should be contiguous with the network portion.
| metric n Set the routing metric, default 0, used by the routing protocol
(routed(8)). Higher metrics have the effect of making a route less favorable; metrics are counted as additional
hops to the destination network or host.
| alias
add Establish an additional network address for this interface.
Useful when changing network address while still accepting packets addressed to the old interface.
If the address is on the same subnet as the first network address for this interface, a non-conflicting netmask must be given,
Usually 0xffffffff is most appropriate.
-alias
delete
remove | Remove the address specified.
| anycast (Inet6 only.) address configured is an anycast address.
Only routers may configure anycast addresses.
| debug -debug Enable/disable driver dependent debugging code;
| lladdr addr
etherr link-level address on an interface.
New MAC address on an ethernet interface, addr is a series of colon separated hex digits.
If the interface is up it will be briefly brought down and back up
| media type Some interfaces support the mutually exclusive use of different physical media connectors.
For example, a 10Mbit/s Ethernet interface might support either AUI or twisted pair connectors. Setting the media
type to 10base5/AUI would change the currently active connector to the AUI port. Setting it to 10baseT/UTP would
activate twisted pair.
| mediaopt -mediaopt optsi opts is a comma delimited list of options.
| offload functions to the NIC (Network INterface Card ) vs performing then in the driver software.
|
rxcsum
-rxcsum
txcsum
-txcsumenable/disable receive / transmit checksuming
| tso -tso enable/disable Tcp Segmentation Offloading
| lro
-lroenable/disable large receive offloading,
|
av
-av enable/disable 802.1 AVB
|
vlanmtu
-vlanmtu
vlanhwtag
-vlanhwtag enable/disable VLAN support, and reception of extended frames or hardwate tag processing
, must be issued on a physical interface associated with vlan(4), not on a vlan(4) interface itself.
| create d Create network pseudo-device.
If the interface is given without a unit number, create a new device with an arbitrary unit number.
If creation of an arbitrary device is successful, the new device name is output to standard output
|
link
0link[0-2] Enable/disable special processing of the link level.
in general used to select special modes of operation.
An example: enable SLIP (Serial Line INterface Protocol) compression, or to select the connector type for some Ethernet cards.
| parameters for ICMPv6 Neighbor Discovery Protocol. Note that the address family keyword inet6 is needed for them:
|
nud
-nud Perform/don't perform network unreachability detection (NUD).
|
ifdisabled -ifdisable Disable all IPv6 communication
|
insecure
-insecure Disable/do not disable the processing of Secure Neighbor Discovery (SEND).
| parameters specific to link aggregate interfaces:
|
bonddev -bondiface
If the interface is a bond pseudo device, associate physical interface iface with it. Default:
in LACP (Link Aggregation Control Protocol) mode (see bondmode below). In this mode, the device
conforms to the IEEE 802.3ad Link Aggregation specification.
If this is the first physical interface to be associated with the bond interface, it inherits the
ethernet address from the physical interface. Physical interfaces that are added to the bond have their ethernet
address programmed so that all members of the bond have the same ethernet address.
If the physical interface is removed using -bonddev , a new ethernet address is chosen from the remaining interfaces, and all interfaces are programmed with the new ethernet address.
If no remaining interfaces exist, the bond interface's ethernet address is cleared.
Once the physical interface is successfully associated with the bond interface, all received packets are
diverted to the bond interface. The physical interface is no longer useable on its own, and remains that way
until it is removed from the bond using -bonddev.
The link status of the bond interface depends on the state of link aggregation. If no active partner is
detected, the link status will remain inactive.
To monitor the 802.3ad Link Aggregation state, use -b
A physical interface that is associated with a vlan pseudo device cannot at the same time be associated with a
bond pseudo device. A physical interface cannot be associated with more than one bond pseudo device at the same time.
It is not possible to associate a bond with pseudo interfaces such as vlan. Only physical ethernet interfaces
may be associated with a bond.
-bonddev iface
disassociate the physical interface iface from it.
If the physical iface is the last interface in the bond, the bond interface clears its link address.
|
bondmode lacp | static
default lacp.
static mode, a member interface is made an active part of the link aggregate as long as the link status is active.
| The following parameters are specific to IP tunnel interfaces, gif(4):
|
tunnel src_addr dest_addr
-tunnel
deletetunnel
Configure/unconfigure the physical source and destination address for IP tunnel interfaces. The arguments
are the outer source/destination for the encapsulating IPv4/IPv6 header.
|
specific to bridge interfaces:
| addm interface
Add the interface named by interface as a member of the bridge. The interface is put into promiscuous mode so
that it can receive every packet sent on the network.
| deletem interface
| cache options
| maxaddr size bridge address cache to size, default: 100 .
| timeout seconds of address cache . zero: don't expired. default :240 seconds.
| addr Display the addresses that have been learned
| static interface-name address Add a static entry into the address cache pointing to interface-name.
| deladdr address Delete address from cache.
| flush Delete dynamically-learned addresses from cache.
| flushall Delete all addresses
| discover interface
-discover Mark/unMark interface as discovering . When the bridge has no address
for the destination of a packet, the bridge will forward the packet to all member interfaces
marked as discovering. This is the default for all interfaces added to a bridge.
|
learn
-learninterface
Mark/clear an interface as learning . When a packet arrives on such an interface, the source of
the packet is entered into the address cache as being a destination on the interface's segment.
default for all interfaces added to a bridge.
| Spanning Tree Protocol used to detect and remove loops in a network topology.
|
stp -stp interface Enable/disable STP
| maxage seconds time that a STP configuration is valid. default: 20 , minimum 6 , maximum is 40 .
| fwddelay seconds time until an interface begins forwarding packets when STP is enabled. default 15 minimum 4 and maximum 30 .
| hellotime seconds time between broadcasting of STP configuration messages.
may only be changed when operating in legacy STP mode. default 2 . minimum 1 maximum 2 .
| priority value default 32768. minimum 0 and maximum 61440.
| ifpriority interface value STP priority default: 128, minimum: 0, maximum: 240.
| ifpathcost interface value STP path cost default calculated from the link speed.
0 (zero) sets cost to automatic, . minimum 1 maximum 200000000.
| ifmaxaddr interface size maximum number of hosts allowed from an interface,
packets with unknown source addresses are dropped until an existing host cache entry expires or is removed. Set to 0 to disable.
| hostfilter interface address
accept incoming packet only if they match the given MAC address and IP
address -- use the command twice to set both type of addresses. Other filtering restrictions apply.
| -hostfilter interface Allow traffic from any host on that interface.
|
vlan interfaces:
| vlan vlan_tag 16-bit number which is used to create an 802.1Q VLAN header
for packets sent from the vlan(4) interface. Note that vlan and vlandev must both be set at the same time.
| vlandev
-landev iface
Associate/disassociate the physical interface iface with a vlan(4) interface. Packets transmitted through the vlan(4) interface will be diverted to the specified physical interface iface with 802.1Q VLAN encapsulation. Packets with
802.1Q encapsulation received by the parent interface with the correct VLAN tag will be diverted to the associated vlan pseudo-interface.
The vlan interface is assigned a copy of the parent interface's flags and the parent's ethernet address.
vlandev and vlan must both be set at the same time.
If the vlan interface already has a physical interface associated with it, this command will fail.
To change the association to another physical interface, the existing association must be cleared first.
If the hardware tagging capability is set on the parent interface, the vlan pseudo interface's behavior
changes: the vlan interface recognizes that the parent interface supports insertion and extraction of VLAN
tags on its own (usually in firmware) and that it should pass packets to and from the parent unaltered.
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |