613 lines
12 KiB
HTML
613 lines
12 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>All About ifconfig</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.57"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux Network Administrators Guide"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Configuring TCP/IP Networking"
|
|
HREF="x-087-2-iface.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Interface Configuration for IP"
|
|
HREF="x-087-2-iface.interface.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="The netstat Command"
|
|
HREF="x-087-2-iface.netstat.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux Network Administrators Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x-087-2-iface.interface.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 5. Configuring TCP/IP Networking</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x-087-2-iface.netstat.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="X-087-2-IFACE.IFCONFIG"
|
|
>5.8. All About ifconfig</A
|
|
></H1
|
|
><P
|
|
>There are many more parameters to <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> than we
|
|
have described so far. Its normal invocation is this:
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>ifconfig <TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>interface</I
|
|
></TT
|
|
> [<TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>address</I
|
|
></TT
|
|
> [<TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>parameters</I
|
|
></TT
|
|
>]]</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
><TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>interface</I
|
|
></TT
|
|
> is the interface name, and
|
|
<TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>address</I
|
|
></TT
|
|
> is the IP address to be assigned to the
|
|
interface. This may be either an IP address in dotted quad notation or a
|
|
name that <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> will look up in
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/etc/hosts</TT
|
|
>.</P
|
|
><P
|
|
> If <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> is invoked with only the interface
|
|
name, it displays that interface's configuration. When invoked without
|
|
any parameters, it displays all interfaces you have configured so far;
|
|
a <TT
|
|
CLASS="OPTION"
|
|
>–a</TT
|
|
> option forces it to show the inactive ones
|
|
as well. A sample invocation for the Ethernet interface
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>eth0</TT
|
|
> may look like this:
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
># <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>ifconfig eth0</B
|
|
></TT
|
|
>
|
|
eth0 Link encap 10Mbps Ethernet HWaddr 00:00:C0:90:B3:42
|
|
inet addr 172.16.1.2 Bcast 172.16.1.255 Mask 255.255.255.0
|
|
UP BROADCAST RUNNING MTU 1500 Metric 0
|
|
RX packets 3136 errors 217 dropped 7 overrun 26
|
|
TX packets 1752 errors 25 dropped 0 overrun 0</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
>
|
|
The <TT
|
|
CLASS="LITERAL"
|
|
>MTU</TT
|
|
> and <TT
|
|
CLASS="LITERAL"
|
|
>Metric</TT
|
|
> fields show the
|
|
current MTU and metric value for that interface. The metric value is
|
|
traditionally used by some operating systems to compute the cost of a route.
|
|
Linux doesn't use this value yet, but defines it for compatibility,
|
|
nevertheless.</P
|
|
><P
|
|
>The <TT
|
|
CLASS="LITERAL"
|
|
>RX</TT
|
|
> and <TT
|
|
CLASS="LITERAL"
|
|
>TX</TT
|
|
> lines show how
|
|
many packets have been received or transmitted error free, how many
|
|
errors occurred, how many packets were dropped (probably because of
|
|
low memory), and how many were lost because of an overrun. Receiver
|
|
overruns usually occur when packets come in faster than the kernel can
|
|
service the last interrupt. The flag values printed by
|
|
<B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> roughly correspond to the names of its
|
|
command-line options; they will be explained later.</P
|
|
><P
|
|
>The following is a list of parameters recognized by <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
>
|
|
with the corresponding flag names. Options that simply turn on a feature also
|
|
allow it to be turned off again by preceding the option name by a
|
|
dash (–).</P
|
|
><P
|
|
></P
|
|
><DIV
|
|
CLASS="VARIABLELIST"
|
|
><DL
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>up</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>This option makes an interface accessible to the IP layer. This option
|
|
is implied when an <TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>address</I
|
|
></TT
|
|
> is given on the
|
|
command line. It may also be used to reenable an interface that has
|
|
been taken down temporarily using the <TT
|
|
CLASS="LITERAL"
|
|
>down</TT
|
|
> option.</P
|
|
><P
|
|
>This option corresponds to the flags <TT
|
|
CLASS="OPTION"
|
|
>UP</TT
|
|
> and
|
|
<TT
|
|
CLASS="OPTION"
|
|
>RUNNING</TT
|
|
>.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>down</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>This option marks an interface inaccessible to the IP layer. This
|
|
effectively disables any IP traffic through the interface. Note that
|
|
this option will also automatically delete all routing entries that
|
|
use this interface.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>netmask</TT
|
|
> <TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>mask</I
|
|
></TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>
|
|
This option assigns a subnet mask to be used by the interface. It may
|
|
be given as either a 32-bit hexadecimal number preceded by 0x, or as a
|
|
dotted quad of decimal numbers. While the dotted quad format is more
|
|
common, the hexadecimal representation is often easier to work
|
|
with. Netmasks are essentially binary, and it is easier to do
|
|
binary-to-hexadecimal than binary-to-decimal conversion.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>pointopoint</TT
|
|
> <TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>address</I
|
|
></TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
> This option is
|
|
used for point-to-point IP links that involve only two hosts. This option is
|
|
needed to configure SLIP or PLIP interfaces, for example. If a point-to-point address has been set, <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> displays
|
|
the <TT
|
|
CLASS="OPTION"
|
|
>POINTOPOINT</TT
|
|
> flag.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>broadcast</TT
|
|
>
|
|
<TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>address</I
|
|
></TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>
|
|
|
|
The broadcast address is usually made up from the network number by
|
|
setting all bits of the host part. Some IP implementations (systems
|
|
derived from BSD 4.2, for instance) use a different scheme in which
|
|
all host part bits are cleared instead. The
|
|
<TT
|
|
CLASS="OPTION"
|
|
>broadcast</TT
|
|
> option adapts to these strange
|
|
environments. If a broadcast address has been set, <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> displays the <TT
|
|
CLASS="OPTION"
|
|
>BROADCAST</TT
|
|
> flag.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>irq</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>
|
|
This option allows you to set the IRQ line used by certain devices. This is
|
|
especially useful for PLIP, but may also be useful for certain Ethernet cards.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>metric</TT
|
|
> <TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>number</I
|
|
></TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>
|
|
|
|
|
|
This option may be used to assign a metric value to the routing table entry
|
|
created for the interface. This metric is used by the Routing Information
|
|
Protocol (RIP) to build routing tables for the
|
|
network.<A
|
|
NAME="X-087-2-FNTC11"
|
|
HREF="#FTN.X-087-2-FNTC11"
|
|
>[1]</A
|
|
>
|
|
|
|
The default metric used by <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> is zero. If
|
|
you don't run a RIP daemon, you don't need this option at all; if you do, you
|
|
will rarely need to change the metric value.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>mtu</TT
|
|
> <TT
|
|
CLASS="REPLACEABLE"
|
|
><I
|
|
>bytes</I
|
|
></TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
> This sets the Maximum Transmission Unit, which is the maximum number of octets
|
|
the interface is able to handle in one transaction. For Ethernets, the MTU
|
|
defaults to 1,500 (the largest allowable size of an Ethernet packet); for SLIP
|
|
interfaces, it is 296. (There is no constraint on the MTU of SLIP links; this
|
|
value is a good compromise.)</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>arp</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
> This is an option specific to broadcast networks such as Ethernets or packet
|
|
radio. It enables the use of the Address Resolution Protocol (ARP) to detect
|
|
the physical addresses of hosts attached to the network. For broadcast
|
|
networks, it is on by default. If ARP is disabled, <B
|
|
CLASS="COMMAND"
|
|
>ifconfig</B
|
|
> displays the <TT
|
|
CLASS="OPTION"
|
|
>NOARP</TT
|
|
> flag.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>–arp</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>This option disables the use of ARP on this interface.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>promisc</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>
|
|
This option puts the interface in promiscuous mode. On a broadcast
|
|
network, this makes the interface receive all packets, regardless of
|
|
whether they were destined for this host or not. This allows network
|
|
traffic analysis using packet filters and such, also called
|
|
<I
|
|
CLASS="EMPHASIS"
|
|
>Ethernet snooping</I
|
|
>. Usually, this is a good
|
|
technique for hunting down network problems that are otherwise hard to
|
|
detect. Tools such as <B
|
|
CLASS="COMMAND"
|
|
>tcpdump</B
|
|
> rely on this.</P
|
|
><P
|
|
>On the other hand, this option allows attackers to do nasty things,
|
|
such as skim the traffic of your network for passwords. You can
|
|
protect against this type of attack by prohibiting just anyone from
|
|
plugging their computers into your Ethernet. You could also use
|
|
secure authentication protocols, such as Kerberos or the secure shell
|
|
login suite.<A
|
|
NAME="X-087-2-FNTC12"
|
|
HREF="#FTN.X-087-2-FNTC12"
|
|
>[2]</A
|
|
> This option corresponds to the <TT
|
|
CLASS="OPTION"
|
|
>PROMISC</TT
|
|
> flag.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>–promisc</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>This option turns promiscuous mode off.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>allmulti</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
> Multicast addresses are like Ethernet broadcast addresses, except that
|
|
instead of automatically including everybody, the only people who
|
|
receive packets sent to a multicast address are those programmed to
|
|
listen to it. This is useful for applications like Ethernet-based
|
|
videoconferencing or network audio, to which only those interested can
|
|
listen. Multicast addressing is supported by most, but not all,
|
|
Ethernet drivers. When this option is enabled, the interface receives
|
|
and passes multicast packets for processing. This option corresponds to the <TT
|
|
CLASS="OPTION"
|
|
>ALLMULTI</TT
|
|
> flag.</P
|
|
></DD
|
|
><DT
|
|
><TT
|
|
CLASS="LITERAL"
|
|
>–allmulti</TT
|
|
></DT
|
|
><DD
|
|
><P
|
|
>This option turns multicast addresses off.</P
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
></DIV
|
|
><H3
|
|
CLASS="FOOTNOTES"
|
|
>Notes</H3
|
|
><TABLE
|
|
BORDER="0"
|
|
CLASS="FOOTNOTES"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="5%"
|
|
><A
|
|
NAME="FTN.X-087-2-FNTC11"
|
|
HREF="x-087-2-iface.ifconfig.html#X-087-2-FNTC11"
|
|
>[1]</A
|
|
></TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="95%"
|
|
><P
|
|
>RIP chooses the optimal route to a given host based on the “length”
|
|
of the path. It is computed by summing up the individual metric values of each
|
|
host-to-host link. By default, a hop has length 1, but this may be any
|
|
positive integer less than 16. (A route length of 16 is equal to infinity.
|
|
Such routes are considered unusable.) The <TT
|
|
CLASS="OPTION"
|
|
>metric</TT
|
|
> parameter
|
|
sets this hop cost, which is then broadcast by the routing daemon.</P
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="5%"
|
|
><A
|
|
NAME="FTN.X-087-2-FNTC12"
|
|
HREF="x-087-2-iface.ifconfig.html#X-087-2-FNTC12"
|
|
>[2]</A
|
|
></TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
WIDTH="95%"
|
|
><P
|
|
> ssh can be obtained
|
|
from <SPAN
|
|
CLASS="SYSTEMITEM"
|
|
>ftp.cs.hut.fi</SPAN
|
|
> in
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/pub/ssh</TT
|
|
>.</P
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-iface.interface.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-iface.netstat.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Interface Configuration for IP</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-iface.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>The netstat Command</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |