Print this page
manuals
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man1m/dladm.1m.man.txt
+++ new/usr/src/man/man1m/dladm.1m.man.txt
1 1 DLADM(1M) Maintenance Commands DLADM(1M)
2 2
3 3
4 4
5 5 NAME
6 6 dladm - administer data links
7 7
8 8 SYNOPSIS
9 9 dladm show-link [-P] [-s [-i interval]] [[-p] -o field[,...]] [link]
10 - dladm rename-link [-R root-dir] link new-link
10 + dladm rename-link [-R root-dir] [-z zonename] link new-link
11 11
12 12
13 13 dladm delete-phys phys-link
14 14 dladm show-phys [-m | -H | -P] [[-p] -o field[,...]] [phys-link]
15 15
16 16
17 17 dladm create-aggr [-t] [-R root-dir] [-P policy] [-L mode]
18 18 [-T time] [-u address] -l ether-link1 [-l ether-link2...] aggr-link
19 19 dladm modify-aggr [-t] [-R root-dir] [-P policy] [-L mode]
20 20 [-T time] [-u address] aggr-link
21 21 dladm delete-aggr [-t] [-R root-dir] aggr-link
22 22 dladm add-aggr [-t] [-R root-dir] -l ether-link1 [-l ether-link2...]
23 23 aggr-link
24 24 dladm remove-aggr [-t] [-R root-dir] -l ether-link1 [-l ether-link2...]
25 25 aggr-link
26 26 dladm show-aggr [-PLx] [-s [-i interval]] [[-p] -o field[,...]]
27 27 [aggr-link]
28 28
29 29
30 30 dladm create-bridge [-P protect] [-R root-dir] [-p priority]
31 31 [-m max-age] [-h hello-time] [-d forward-delay] [-f force-protocol]
32 32 [-l link...] bridge-name
33 33
34 34
35 35 dladm modify-bridge [-P protect] [-R root-dir] [-p priority]
36 36 [-m max-age] [-h hello-time] [-d forward-delay] [-f force-protocol]
37 37 bridge-name
38 38
39 39
40 40 dladm delete-bridge [-R root-dir] bridge-name
41 41
42 42
43 43 dladm add-bridge [-R root-dir] -l link [-l link...]bridge-name
44 44
45 45
46 46 dladm remove-bridge [-R root-dir] -l link [-l link...] bridge-name
47 47
48 48
49 49 dladm show-bridge [-flt] [-s [-i interval]] [[-p] -o field,...]
50 50 [bridge-name]
51 51
52 52
53 53 dladm create-vlan [-ft] [-R root-dir] -l ether-link -v vid [vlan-link]
54 54 dladm delete-vlan [-t] [-R root-dir] vlan-link
55 55 dladm show-vlan [-P] [[-p] -o field[,...]] [vlan-link]
56 56
57 57
58 58 dladm scan-wifi [[-p] -o field[,...]] [wifi-link]
|
↓ open down ↓ |
38 lines elided |
↑ open up ↑ |
59 59 dladm connect-wifi [-e essid] [-i bssid] [-k key,...]
60 60 [-s none | wep | wpa ] [-a open | shared] [-b bss | ibss] [-c]
61 61 [-m a | b | g] [-T time] [wifi-link]
62 62 dladm disconnect-wifi [-a] [wifi-link]
63 63 dladm show-wifi [[-p] -o field[,...]] [wifi-link]
64 64
65 65
66 66 dladm show-ether [-x] [[-p] -o field[,...]] [ether-link]
67 67
68 68
69 - dladm set-linkprop [-t] [-R root-dir] -p prop=value[,...] link
70 - dladm reset-linkprop [-t] [-R root-dir] [-p prop[,...]] link
71 - dladm show-linkprop [-P] [[-c] -o field[,...]] [-p prop[,...]] [link]
69 + dladm set-linkprop [-t] [-R root-dir] [-z zonename] -p prop=value[,...]
70 + link
71 + dladm reset-linkprop [-t] [-R root-dir] [-z zonename] [-p prop[,...]] link
72 + dladm show-linkprop [-P] [-z zonename] [[-c] -o field[,...]]
73 + [-p prop[,...]] [link]
72 74
73 75
74 76 dladm create-secobj [-t] [-R root-dir] [-f file] -c class secobj
75 77 dladm delete-secobj [-t] [-R root-dir] secobj[,...]
76 78 dladm show-secobj [-P] [[-p] -o field[,...]] [secobj,...]
77 79
78 80
79 81 dladm create-vnic [-t] -l link [-R root-dir] [-m value | auto |
80 82 {factory -n slot-identifier]} | {random [-r prefix]}]
81 83 [-v vlan-id] [-p prop=value[,...]] vnic-link
82 - dladm delete-vnic [-t] [-R root-dir] vnic-link
84 + dladm delete-vnic [-t] [-R root-dir] [-z zonename] vnic-link
83 85 dladm show-vnic [-pP] [-s [-i interval]] [-o field[,...]]
84 - [-l link] [vnic-link]
86 + [-l link] [-z zonename] [vnic-link]
85 87
86 88
87 89 dladm create-etherstub [-t] [-R root-dir] etherstub
88 90 dladm delete-etherstub [-t] [-R root-dir] etherstub
89 91 dladm show-etherstub [etherstub]
90 92
91 93
92 94 dladm create-iptun [-t] [-R root-dir] -T type [-s tsrc] [-d tdst]
93 95 iptun-link
94 96 dladm modify-iptun [-t] [-R root-dir] [-s tsrc] [-d tdst] iptun-link
95 97 dladm delete-iptun [-t] [-R root-dir] iptun-link
96 98 dladm show-iptun [-P] [[-p] -o field[,...]] [iptun-link]
97 99
98 100
99 101 dladm show-usage [-a] -f filename [-p plotfile -F format] [-s time]
100 102 [-e time] [link]
101 103
102 104
103 105 DESCRIPTION
104 106 The dladm command is used to administer data-links. A data-link is
105 107 represented in the system as a STREAMS DLPI (v2) interface which can be
106 108 plumbed under protocol stacks such as TCP/IP. Each data-link relies on
107 109 either a single network device or an aggregation of devices to send
108 110 packets to or receive packets from a network.
109 111
110 112
111 113 Each dladm subcommand operates on one of the following objects:
112 114
113 115 link
114 116 A datalink, identified by a name. In general, the name can use any
115 117 alphanumeric characters (or the underscore, _), but must start with
116 118 an alphabetic character and end with a number. A datalink name can
117 119 be at most 31 characters, and the ending number must be between 0
118 120 and 4294967294 (inclusive). The ending number must not begin with a
119 121 zero. Datalink names between 3 and 8 characters are recommended.
120 122
121 123 Some subcommands operate only on certain types or classes of
122 124 datalinks. For those cases, the following object names are used:
123 125
124 126 phys-link
125 127 A physical datalink.
126 128
127 129
128 130 vlan-link
129 131 A VLAN datalink.
130 132
131 133
132 134 aggr-link
133 135 An aggregation datalink (or a key; see NOTES).
134 136
135 137
136 138 ether-link
137 139 A physical Ethernet datalink.
138 140
139 141
140 142 wifi-link
141 143 A WiFi datalink.
142 144
143 145
144 146 vnic-link
145 147 A virtual network interface created on a link or an etherstub.
146 148 It is a pseudo device that can be treated as if it were an
147 149 network interface card on a machine.
148 150
149 151
150 152 iptun-link
151 153 An IP tunnel link.
152 154
153 155
154 156
155 157 dev
156 158 A network device, identified by concatenation of a driver name and
157 159 an instance number.
158 160
159 161
160 162 etherstub
161 163 An Ethernet stub can be used instead of a physical NIC to create
162 164 VNICs. VNICs created on an etherstub will appear to be connected
163 165 through a virtual switch, allowing complete virtual networks to be
164 166 built without physical hardware.
165 167
166 168
167 169 bridge
168 170 A bridge instance, identified by an administratively-chosen name.
169 171 The name may use any alphanumeric characters or the underscore, _,
170 172 but must start and end with an alphabetic character. A bridge name
171 173 can be at most 31 characters. The name default is reserved, as are
172 174 all names starting with SUNW.
173 175
174 176 Note that appending a zero (0) to a bridge name produces a valid
175 177 link name, used for observability.
176 178
177 179
178 180 secobj
179 181 A secure object, identified by an administratively-chosen name. The
180 182 name can use any alphanumeric characters, as well as underscore
181 183 (_), period (.), and hyphen (-). A secure object name can be at
182 184 most 32 characters.
183 185
184 186
185 187 Options
186 188 Each dladm subcommand has its own set of options. However, many of the
187 189 subcommands have the following as a common option:
188 190
189 191 -R root-dir, --root-dir=root-dir
190 192 Specifies an alternate root directory where the operation-such as
191 193 creation, deletion, or renaming-should apply.
192 194
193 195
194 196 SUBCOMMANDS
195 197 The following subcommands are supported:
196 198
197 199 dladm show-link [-P] [-s [-i interval]] [[-p] -o field[,...]][link]
198 200 Show link configuration information (the default) or statistics,
199 201 either for all datalinks or for the specified link link. By
200 202 default, the system is configured with one datalink for each known
201 203 network device.
202 204
203 205 -o field[,...], --output=field[,...]
204 206 A case-insensitive, comma-separated list of output fields to
205 207 display. When not modified by the -s option (described below),
206 208 the field name must be one of the fields listed below, or the
207 209 special value all to display all fields. By default (without
208 210 -o), show-link displays all fields.
209 211
210 212 LINK
211 213 The name of the datalink.
212 214
213 215
214 216 CLASS
215 217 The class of the datalink. dladm distinguishes between the
216 218 following classes:
217 219
218 220 phys
219 221 A physical datalink. The show-phys subcommand displays
220 222 more detail for this class of datalink.
221 223
222 224
223 225 aggr
224 226 An IEEE 802.3ad link aggregation. The show-aggr
225 227 subcommand displays more detail for this class of
226 228 datalink.
227 229
228 230
229 231 vlan
230 232 A VLAN datalink. The show-vlan subcommand displays more
231 233 detail for this class of datalink.
232 234
233 235
234 236 vnic
235 237 A virtual network interface. The show-vnic subcommand
236 238 displays more detail for this class of datalink.
237 239
238 240
239 241
240 242 MTU
241 243 The maximum transmission unit size for the datalink being
242 244 displayed.
243 245
244 246
245 247 STATE
246 248 The link state of the datalink. The state can be up, down,
247 249 or unknown.
248 250
249 251
250 252 BRIDGE
251 253 The name of the bridge to which this link is assigned, if
252 254 any.
253 255
254 256
255 257 OVER
256 258 The physical datalink(s) over which the datalink is
257 259 operating. This applies to aggr, bridge, and vlan classes
258 260 of datalinks. A VLAN is created over a single physical
259 261 datalink, a bridge has multiple attached links, and an
260 262 aggregation is comprised of one or more physical datalinks.
261 263
262 264 When the -o option is used in conjunction with the -s option,
263 265 used to display link statistics, the field name must be one of
264 266 the fields listed below, or the special value all to display
265 267 all fields
266 268
267 269 LINK
268 270 The name of the datalink.
269 271
270 272
271 273 IPACKETS
272 274 Number of packets received on this link.
273 275
274 276
275 277 RBYTES
276 278 Number of bytes received on this link.
277 279
278 280
279 281 IERRORS
280 282 Number of input errors.
281 283
282 284
283 285 OPACKETS
284 286 Number of packets sent on this link.
285 287
286 288
287 289 OBYTES
288 290 Number of bytes received on this link.
289 291
290 292
291 293 OERRORS
292 294 Number of output errors.
293 295
294 296
295 297
296 298 -p, --parseable
297 299 Display using a stable machine-parseable format. The -o option is
298 300 required with -p. See "Parseable Output Format", below.
299 301
300 302
301 303 -P, --persistent
302 304 Display the persistent link configuration.
303 305
304 306
305 307 -s, --statistics
|
↓ open down ↓ |
211 lines elided |
↑ open up ↑ |
306 308 Display link statistics.
307 309
308 310
309 311 -i interval, --interval=interval
310 312 Used with the -s option to specify an interval, in seconds, at
311 313 which statistics should be displayed. If this option is not
312 314 specified, statistics will be displayed only once.
313 315
314 316
315 317
316 - dladm rename-link [-R root-dir] link new-link
318 + dladm rename-link [-R root-dir] [-z zonename] link new-link
317 319 Rename link to new-link. This is used to give a link a meaningful
318 320 name, or to associate existing link configuration such as link
319 321 properties of a removed device with a new device. See the EXAMPLES
320 322 section for specific examples of how this subcommand is used.
321 323
322 324 -R root-dir, --root-dir=root-dir
323 325 See "Options," above.
324 326
325 327
328 + -z zonename
329 + A link assigned to a zone can only be renamed while the zone is
330 + in the ready state.
326 331
332 +
333 +
327 334 dladm delete-phys phys-link
328 335 This command is used to delete the persistent configuration of a
329 336 link associated with physical hardware which has been removed from
330 337 the system. See the EXAMPLES section.
331 338
332 339
333 340 dladm show-phys [-m | -H | -P] [[-p] -o field[,...]] [phys-link]
334 341 Show the physical device and attributes of all physical links, or
335 342 of the named physical link. Without -P, only physical links that are
336 343 available on the running system are displayed.
337 344
338 345 -H
339 346 Show hardware resource usage, as returned by the NIC driver.
340 347 Output from -H displays the following elements:
341 348
342 349 LINK
343 350 A physical device corresponding to a NIC driver.
344 351
345 352
346 353 GROUP
347 354 A collection of rings.
348 355
349 356
350 357 GROUPTYPE
351 358 RX or TX. All rings in a group are of the same group type.
352 359
353 360
354 361 RINGS
355 362 A hardware resource used by a data link, subject to
356 363 assignment by a driver to different groups.
357 364
358 365
359 366 CLIENTS
360 367 MAC clients that are using the rings within a group.
361 368
362 369
363 370
364 371 -m
365 372 Show MAC addresses and related information. Output from -m
366 373 displays the following elements:
367 374
368 375 LINK
369 376 A physical device corresponding to a NIC driver.
370 377
371 378 SLOT
372 379 When a given physical device has multiple factory MAC
373 380 addresses, this indicates the slot of the corresponding MAC
374 381 address which can be used as part of a call to create-vnic.
375 382
376 383 ADDRESS
377 384 Displays the MAC address of the device.
378 385
379 386 INUSE
380 387 Displays whether or not a MAC Address is actively being
381 388 used.
382 389
383 390 CLIENT
384 391 MAC clients that are using the address.
385 392
386 393 -o field, --output=field
387 394 A case-insensitive, comma-separated list of output fields to
388 395 display. The field name must be one of the fields listed below,
389 396 or the special value all, to display all fields. Note that if
390 397 either -H or -m are specified, then the valid options are those
391 398 described in their respective sections. For each link, the
392 399 following fields can be displayed:
393 400
394 401 LINK
395 402 The name of the datalink.
396 403
397 404
398 405 MEDIA
399 406 The media type provided by the physical datalink.
400 407
401 408
402 409 STATE
403 410 The state of the link. This can be up, down, or unknown.
404 411
405 412
406 413 SPEED
407 414 The current speed of the link, in megabits per second.
408 415
409 416
410 417 DUPLEX
411 418 For Ethernet links, the full/half duplex status of the link
412 419 is displayed if the link state is up. The duplex is
413 420 displayed as unknown in all other cases.
414 421
415 422
416 423 DEVICE
417 424 The name of the physical device under this link.
418 425
419 426
420 427
421 428 -p, --parseable
422 429 Display using a stable machine-parseable format. The -o option is
423 430 required with -p. See "Parseable Output Format", below.
424 431
425 432
426 433 -P, --persistent
427 434 This option displays persistent configuration for all links,
428 435 including those that have been removed from the system. The
429 436 output provides a FLAGS column in which the r flag indicates
430 437 that the physical device associated with a physical link has
431 438 been removed. For such links, delete-phys can be used to purge
432 439 the link's configuration from the system.
433 440
434 441
435 442
436 443 dladm create-aggr [-t] [-R root-dir] [-P policy] [-L mode] [-T time] [-u
437 444 address] -l ether-link1 [-l ether-link2...] aggr-link
438 445 Combine a set of links into a single IEEE 802.3ad link aggregation
439 446 named aggr-link. The use of an integer key to generate a link name
440 447 for the aggregation is also supported for backward compatibility.
441 448 Many of the *-aggr subcommands below also support the use of a key
442 449 to refer to a given aggregation, but use of the aggregation link
443 450 name is preferred. See the NOTES section for more information on
444 451 keys.
445 452
446 453 dladm supports a number of port selection policies for an
447 454 aggregation of ports. (See the description of the -P option, below.)
448 455 If you do not specify a policy, create-aggr uses the default, the L4
449 456 policy, described under the -P option.
450 457
451 458 -l ether-link, --link=ether-link
452 459 Each Ethernet link (or port) in the aggregation is specified
453 460 using an -l option followed by the name of the link to be
454 461 included in the aggregation. Multiple links are included in
455 462 the aggregation by specifying multiple -l options. For backward
456 463 compatibility with previous versions of Solaris, the dladm
457 464 command also supports the using the -d option (or --dev) with a
458 465 device name to specify links by their underlying device name.
459 466 The other *-aggr subcommands that take -loptions also accept -d.
460 467
461 468
462 469 -t, --temporary
463 470 Specifies that the aggregation is temporary. Temporary
464 471 aggregations last until the next reboot.
465 472
466 473
467 474 -R root-dir, --root-dir=root-dir
468 475 See "Options," above.
469 476
470 477
471 478 -P policy, --policy=policy
472 479 Specifies the port selection policy to use for load spreading
473 480 of outbound traffic. The policy specifies which dev object is
474 481 used to send packets. A policy is a list of one or more layers
475 482 specifiers separated by commas. A layer specifier is one of the
476 483 following:
477 484
478 485 L2
479 486 Select outbound device according to source and destination
480 487 MAC addresses of the packet.
481 488
482 489
483 490 L3
484 491 Select outbound device according to source and destination
485 492 IP addresses of the packet.
486 493
487 494
488 495 L4
489 496 Select outbound device according to the upper layer
490 497 protocol information contained in the packet. For TCP and
491 498 UDP, this includes source and destination ports. For IPsec,
492 499 this includes the SPI (Security Parameters Index).
493 500
494 501 For example, to use upper layer protocol information, the
495 502 following policy can be used:
496 503
497 504 -P L4
498 505
499 506
500 507 Note that policy L4 is the default.
501 508
502 509 To use the source and destination MAC addresses as well as the
503 510 source and destination IP addresses, the following policy can
504 511 be used:
505 512
506 513 -P L2,L3
507 514
508 515
509 516
510 517
511 518 -L mode, --lacp-mode=mode
512 519 Specifies whether LACP should be used and, if used, the mode in
513 520 which it should operate. Supported values are off, active or
514 521 passive.
515 522
516 523
517 524 -T time, --lacp-timer=time
518 525 Specifies the LACP timer value. The supported values are short
519 526 or longjjj.
520 527
521 528
522 529 -u address, --unicast=address
523 530 Specifies a fixed unicast hardware address to be used for the
524 531 aggregation. If this option is not specified, then an address
525 532 is automatically chosen from the set of addresses of the
526 533 component devices.
527 534
528 535
529 536
530 537 dladm modify-aggr [-t] [-R root-dir] [-P policy] [-L mode] [-T time] [-u
531 538 address] aggr-link
532 539 Modify the parameters of the specified aggregation.
533 540
534 541 -t, --temporary
535 542 Specifies that the modification is temporary. Temporary
536 543 aggregations last until the next reboot.
537 544
538 545
539 546 -R root-dir, --root-dir=root-dir
540 547 See "Options," above.
541 548
542 549
543 550 -P policy, --policy=policy
544 551 Specifies the port selection policy to use for load spreading
545 552 of outbound traffic. See dladm create-aggr for a description of
546 553 valid policy values.
547 554
548 555
549 556 -L mode, --lacp-mode=mode
550 557 Specifies whether LACP should be used and, if used, the mode in
551 558 which it should operate. Supported values are off, active, or
552 559 passive.
553 560
554 561
555 562 -T time, --lacp-timer=time
556 563 Specifies the LACP timer value. The supported values are short
557 564 or long.
558 565
559 566
560 567 -u address, --unicast=address
561 568 Specifies a fixed unicast hardware address to be used for the
562 569 aggregation. If this option is not specified, then an address
563 570 is automatically chosen from the set of addresses of the
564 571 component devices.
565 572
566 573
567 574
568 575 dladm delete-aggr [-t] [-R root-dir] aggr-link
569 576 Deletes the specified aggregation.
570 577
571 578 -t, --temporary
572 579 Specifies that the deletion is temporary. Temporary deletions
573 580 last until the next reboot.
574 581
575 582
576 583 -R root-dir, --root-dir=root-dir
577 584 See "Options," above.
578 585
579 586
580 587
581 588 dladm add-aggr [-t] [-R root-dir] -l ether-link1 [--link=ether-link2...] aggr-
582 589 link
583 590 Adds links to the specified aggregation.
584 591
585 592 -l ether-link, --link=ether-link
586 593 Specifies an Ethernet link to add to the aggregation. Multiple
587 594 links can be added by supplying multiple -l options.
588 595
589 596
590 597 -t, --temporary
591 598 Specifies that the additions are temporary. Temporary additions
592 599 last until the next reboot.
593 600
594 601
595 602 -R root-dir, --root-dir=root-dir
596 603 See "Options," above.
597 604
598 605
599 606
600 607 dladm remove-aggr [-t] [-R root-dir] -l ether-link1 [--l=ether-link2...] aggr-
601 608 link
602 609 Removes links from the specified aggregation.
603 610
604 611 -l ether-link, --link=ether-link
605 612 Specifies an Ethernet link to remove from the aggregation.
606 613 Multiple links can be added by supplying multiple -l options.
607 614
608 615
609 616 -t, --temporary
610 617 Specifies that the removals are temporary. Temporary removal
611 618 last until the next reboot.
612 619
613 620
614 621 -R root-dir, --root-dir=root-dir
615 622 See "Options," above.
616 623
617 624
618 625
619 626 dladm show-aggr [-PLx] [-s [-i interval]] [[-p] -o field[,...]] [aggr-link]
620 627 Show aggregation configuration (the default), LACP information, or
621 628 statistics, either for all aggregations or for the specified
622 629 aggregation.
623 630
624 631 By default (with no options), the following fields can be
625 632 displayed:
626 633
627 634 LINK
628 635 The name of the aggregation link.
629 636
630 637
631 638 POLICY
632 639 The LACP policy of the aggregation. See the create-aggr -P option
633 640 for a description of the possible values.
634 641
635 642
636 643 ADDRPOLICY
637 644 Either auto, if the aggregation is configured to automatically
638 645 configure its unicast MAC address (the default if the -u option
639 646 was not used to create or modify the aggregation), or fixed, if
640 647 -u was used to set a fixed MAC address.
641 648
642 649
643 650 LACPACTIVITY
644 651 The LACP mode of the aggregation. Possible values are off,
645 652 active, or passive, as set by the -l option to create-aggr or
646 653 modify-aggr.
647 654
648 655
649 656 LACPTIMER
650 657 The LACP timer value of the aggregation as set by the -T option
651 658 of create-aggr or modify-aggr.
652 659
653 660
654 661 FLAGS
655 662 A set of state flags associated with the aggregation. The only
656 663 possible flag is f, which is displayed if the administrator
657 664 forced the creation the aggregation using the -f option to
658 665 create-aggr. Other flags might be defined in the future.
659 666
660 667 The show-aggr command accepts the following options:
661 668
662 669 -L, --lacp
663 670 Displays detailed LACP information for the aggregation link and
664 671 each underlying port. Most of the state information displayed
665 672 by this option is defined by IEEE 802.3. With this option, the
666 673 following fields can be displayed:
667 674
668 675 LINK
669 676 The name of the aggregation link.
670 677
671 678
672 679 PORT
673 680 The name of one of the underlying aggregation ports.
674 681
675 682
676 683 AGGREGATABLE
677 684 Whether the port can be added to the aggregation.
678 685
679 686
680 687 SYNC
681 688 If yes, the system considers the port to be synchronized
682 689 and part of the aggregation.
683 690
684 691
685 692 COLL
686 693 If yes, collection of incoming frames is enabled on the
687 694 associated port.
688 695
689 696
690 697 DIST
691 698 If yes, distribution of outgoing frames is enabled on the
692 699 associated port.
693 700
694 701
695 702 DEFAULTED
696 703 If yes, the port is using defaulted partner information
697 704 (that is, has not received LACP data from the LACP
698 705 partner).
699 706
700 707
701 708 EXPIRED
702 709 If yes, the receive state of the port is in the EXPIRED
703 710 state.
704 711
705 712
706 713
707 714 -x, --extended
708 715 Display additional aggregation information including detailed
709 716 information on each underlying port. With -x, the following
710 717 fields can be displayed:
711 718
712 719 LINK
713 720 The name of the aggregation link.
714 721
715 722
716 723 PORT
717 724 The name of one of the underlying aggregation ports.
718 725
719 726
720 727 SPEED
721 728 The speed of the link or port in megabits per second.
722 729
723 730
724 731 DUPLEX
725 732 The full/half duplex status of the link or port is
726 733 displayed if the link state is up. The duplex status is
727 734 displayed as unknown in all other cases.
728 735
729 736
730 737 STATE
731 738 The link state. This can be up, down, or unknown.
732 739
733 740
734 741 ADDRESS
735 742 The MAC address of the link or port.
736 743
737 744
738 745 PORTSTATE
739 746 This indicates whether the individual aggregation port is
740 747 in the standby or attached state.
741 748
742 749
743 750
744 751 -o field[,...], --output=field[,...]
745 752 A case-insensitive, comma-separated list of output fields to
746 753 display. The field name must be one of the fields listed above,
747 754 or the special value all, to display all fields. The fields
748 755 applicable to the -o option are limited to those listed under
749 756 each output mode. For example, if using -L, only the fields
750 757 listed under -L, above, can be used with -o.
751 758
752 759
753 760 -p, --parseable
754 761 Display using a stable machine-parseable format. The -o option is
755 762 required with -p. See "Parseable Output Format", below.
756 763
757 764
758 765 -P, --persistent
759 766 Display the persistent aggregation configuration rather than
760 767 the state of the running system.
761 768
762 769
763 770 -s, --statistics
764 771 Displays aggregation statistics.
765 772
766 773
767 774 -i interval, --interval=interval
768 775 Used with the -s option to specify an interval, in seconds, at
769 776 which statistics should be displayed. If this option is not
770 777 specified, statistics will be displayed only once.
771 778
772 779
773 780
774 781 dladm create-bridge [ -P protect] [-R root-dir] [ -p priority] [ -m max-age] [
775 782 -h hello-time] [ -d forward-delay] [ -f force-protocol] [-l link...] bridge-
776 783 name
777 784 Create an 802.1D bridge instance and optionally assign one or more
778 785 network links to the new bridge. By default, no bridge instances
779 786 are present on the system.
780 787
781 788 In order to bridge between links, you must create at least one
782 789 bridge instance. Each bridge instance is separate, and there is no
783 790 forwarding connection between bridges.
784 791
785 792 -P protect, --protect=protect
786 793 Specifies a protection method. The defined protection methods
787 794 are stp for the Spanning Tree Protocol and trill for TRILL,
788 795 which is used on RBridges. The default value is stp.
789 796
790 797
791 798 -R root-dir, --root-dir=root-dir
792 799 See "Options," above.
793 800
794 801
795 802 -p priority, --priority=priority
796 803 Specifies the Bridge Priority. This sets the IEEE STP priority
797 804 value for determining the root bridge node in the network. The
798 805 default value is 32768. Valid values are 0 (highest priority)
799 806 to 61440 (lowest priority), in increments of 4096.
800 807
801 808 If a value not evenly divisible by 4096 is used, the system
802 809 silently rounds downward to the next lower value that is
803 810 divisible by 4096.
804 811
805 812
806 813 -m max-age, --max-age=max-age
807 814 Specifies the maximum age for configuration information in
808 815 seconds. This sets the STP Bridge Max Age parameter. This value
809 816 is used for all nodes in the network if this node is the root
810 817 bridge. Bridge link information older than this time is
811 818 discarded. It defaults to 20 seconds. Valid values are from 6
812 819 to 40 seconds. See the -d forward-delay parameter for additional
813 820 constraints.
814 821
815 822
816 823 -h hello-time, --hello-time=hello-time
817 824 Specifies the STP Bridge Hello Time parameter. When this node
818 825 is the root node, it sends Configuration BPDUs at this interval
819 826 throughout the network. The default value is 2 seconds. Valid
820 827 values are from 1 to 10 seconds. See the -d forward-delay
821 828 parameter for additional constraints.
822 829
823 830
824 831 -d forward-delay, --forward-delay=forward-delay
825 832 Specifies the STP Bridge Forward Delay parameter. When this
826 833 node is the root node, then all bridges in the network use this
827 834 timer to sequence the link states when a port is enabled. The
828 835 default value is 15 seconds. Valid values are from 4 to 30
829 836 seconds.
830 837
831 838 Bridges must obey the following two constraints:
832 839
833 840 2 * (forward-delay - 1.0) >= max-age
834 841
835 842 max-age >= 2 * (hello-time + 1.0)
836 843
837 844
838 845 Any parameter setting that would violate those constraints is
839 846 treated as an error and causes the command to fail with a
840 847 diagnostic message. The message provides valid alternatives to
841 848 the supplied values.
842 849
843 850
844 851 -f force-protocol, --force-protocol=force-protocol
845 852 Specifies the MSTP forced maximum supported protocol. The
846 853 default value is 3. Valid values are non-negative integers. The
847 854 current implementation does not support RSTP or MSTP, so this
848 855 currently has no effect. However, to prevent MSTP from being
849 856 used in the future, the parameter may be set to 0 for STP only
850 857 or 2 for STP and RSTP.
851 858
852 859
853 860 -l link, --link=link
854 861 Specifies one or more links to add to the newly-created bridge.
855 862 This is similar to creating the bridge and then adding one or
856 863 more links, as with the add-bridge subcommand. However, if any
857 864 of the links cannot be added, the entire command fails, and the
858 865 new bridge itself is not created. To add multiple links on the
859 866 same command line, repeat this option for each link. You are
860 867 permitted to create bridges without links. For more information
861 868 about link assignments, see the add-bridge subcommand.
862 869
863 870 Bridge creation and link assignment require the PRIV_SYS_DL_CONFIG
864 871 privilege. Bridge creation might fail if the optional bridging
865 872 feature is not installed on the system.
866 873
867 874
868 875 dladm modify-bridge [ -P protect] [-R root-dir] [ -p priority] [ -m max-age] [
869 876 -h hello-time] [ -d forward-delay] [ -f force-protocol] [-l link...] bridge-
870 877 name
871 878 Modify the operational parameters of an existing bridge. The
872 879 options are the same as for the create-bridge subcommand, except
873 880 that the -l option is not permitted. To add links to an existing
874 881 bridge, use the add-bridge subcommand.
875 882
876 883 Bridge parameter modification requires the PRIV_SYS_DL_CONFIG
877 884 privilege.
878 885
879 886
880 887 dladm delete-bridge [-R root-dir] bridge-name
881 888 Delete a bridge instance. The bridge being deleted must not have
882 889 any attached links. Use the remove-bridge subcommand to deactivate
883 890 links before deleting a bridge.
884 891
885 892 Bridge deletion requires the PRIV_SYS_DL_CONFIG privilege.
886 893
887 894 The -R (--root-dir) option is the same as for the create-bridge
888 895 subcommand.
889 896
890 897
891 898 dladm add-bridge [-R root-dir] -l link [-l link...] bridge-name
892 899 Add one or more links to an existing bridge. If multiple links are
893 900 specified, and adding any one of them results in an error, the
894 901 command fails and no changes are made to the system.
895 902
896 903 Link addition to a bridge requires the PRIV_SYS_DL_CONFIG
897 904 privilege.
898 905
899 906 A link may be a member of at most one bridge. An error occurs when
900 907 you attempt to add a link that already belongs to another bridge.
901 908 To move a link from one bridge instance to another, remove it from
902 909 the current bridge before adding it to a new one.
903 910
904 911 The links assigned to a bridge must not also be VLANs, VNICs, or
905 912 tunnels. Only physical Ethernet datalinks, aggregation datalinks,
906 913 wireless links, and Ethernet stubs are permitted to be assigned to
907 914 a bridge.
908 915
909 916 Links assigned to a bridge must all have the same MTU. This is
910 917 checked when the link is assigned. The link is added to the bridge
911 918 in a deactivated form if it is not the first link on the bridge and
912 919 it has a differing MTU.
913 920
914 921 Note that systems using bridging should not set the eeprom(1M)
915 922 local-mac-address? variable to false.
916 923
917 924 The options are the same as for the create-bridge subcommand.
918 925
919 926
920 927 dladm remove-bridge [-R root-dir] -l link [-l link...] bridge-name
921 928 Remove one or more links from a bridge instance. If multiple links
922 929 are specified, and removing any one of them would result in an
923 930 error, the command fails and none are removed.
924 931
925 932 Link removal from a bridge requires the PRIV_SYS_DL_CONFIG
926 933 privilege.
927 934
928 935 The options are the same as for the create-bridge subcommand.
929 936
930 937
931 938 dladm show-bridge [-flt] [-s [-i interval]] [[-p] -o field,...] [bridge-name]
932 939 Show the running status and configuration of bridges, their
933 940 attached links, learned forwarding entries, and TRILL nickname
934 941 databases. When showing overall bridge status and configuration,
935 942 the bridge name can be omitted to show all bridges. The other forms
936 943 require a specified bridge.
937 944
938 945 The show-bridge subcommand accepts the following options:
939 946
940 947 -i interval, --interval=interval
941 948 Used with the -s option to specify an interval, in seconds, at
942 949 which statistics should be displayed. If this option is not
943 950 specified, statistics will be displayed only once.
944 951
945 952
946 953 -s, --statistics
947 954 Display statistics for the specified bridges or for a given
948 955 bridge's attached links. This option cannot be used with the -f
949 956 and -t options.
950 957
951 958
952 959 -p, --parseable
953 960 Display using a stable machine-parsable format. See "Parsable
954 961 Output Format," below.
955 962
956 963
957 964 -o field[,...], --output=field[,...]
958 965 A case-insensitive, comma-separated list of output fields to
959 966 display. The field names are described below. The special value
960 967 all displays all fields. Each set of fields has its own default
961 968 set to display when -o is not specified.
962 969
963 970 By default, the show-bridge subcommand shows bridge configuration.
964 971 The following fields can be shown:
965 972
966 973 BRIDGE
967 974 The name of the bridge.
968 975
969 976
970 977 ADDRESS
971 978 The Bridge Unique Identifier value (MAC address).
972 979
973 980
974 981 PRIORITY
975 982 Configured priority value; set by -p with create-bridge and
976 983 modify-bridge.
977 984
978 985
979 986 BMAXAGE
980 987 Configured bridge maximum age; set by -m with create-bridge and
981 988 modify-bridge.
982 989
983 990
984 991 BHELLOTIME
985 992 Configured bridge hello time; set by -h with create-bridge and
986 993 modify-bridge.
987 994
988 995
989 996 BFWDDELAY
990 997 Configured forwarding delay; set by -d with create-bridge and
991 998 modify-bridge.
992 999
993 1000
994 1001 FORCEPROTO
995 1002 Configured forced maximum protocol; set by -f with create-bridge
996 1003 and modify-bridge.
997 1004
998 1005
999 1006 TCTIME
1000 1007 Time, in seconds, since last topology change.
1001 1008
1002 1009
1003 1010 TCCOUNT
1004 1011 Count of the number of topology changes.
1005 1012
1006 1013
1007 1014 TCHANGE
1008 1015 This indicates that a topology change was detected.
1009 1016
1010 1017
1011 1018 DESROOT
1012 1019 Bridge Identifier of the root node.
1013 1020
1014 1021
1015 1022 ROOTCOST
1016 1023 Cost of the path to the root node.
1017 1024
1018 1025
1019 1026 ROOTPORT
1020 1027 Port number used to reach the root node.
1021 1028
1022 1029
1023 1030 MAXAGE
1024 1031 Maximum age value from the root node.
1025 1032
1026 1033
1027 1034 HELLOTIME
1028 1035 Hello time value from the root node.
1029 1036
1030 1037
1031 1038 FWDDELAY
1032 1039 Forward delay value from the root node.
1033 1040
1034 1041
1035 1042 HOLDTIME
1036 1043 Minimum BPDU interval.
1037 1044
1038 1045 By default, when the -o option is not specified, only the BRIDGE,
1039 1046 ADDRESS, PRIORITY, and DESROOT fields are shown.
1040 1047
1041 1048 When the -s option is specified, the show-bridge subcommand shows
1042 1049 bridge statistics. The following fields can be shown:
1043 1050
1044 1051 BRIDGE
1045 1052 Bridge name.
1046 1053
1047 1054
1048 1055 DROPS
1049 1056 Number of packets dropped due to resource problems.
1050 1057
1051 1058
1052 1059 FORWARDS
1053 1060 Number of packets forwarded from one link to another.
1054 1061
1055 1062
1056 1063 MBCAST
1057 1064 Number of multicast and broadcast packets handled by the
1058 1065 bridge.
1059 1066
1060 1067
1061 1068 RECV
1062 1069 Number of packets received on all attached links.
1063 1070
1064 1071
1065 1072 SENT
1066 1073 Number of packets sent on all attached links.
1067 1074
1068 1075
1069 1076 UNKNOWN
1070 1077 Number of packets handled that have an unknown destination.
1071 1078 Such packets are sent to all links.
1072 1079
1073 1080 By default, when the -o option is not specified, only the BRIDGE,
1074 1081 DROPS, and FORWARDS fields are shown.
1075 1082
1076 1083 The show-bridge subcommand also accepts the following options:
1077 1084
1078 1085 -l, --link
1079 1086 Displays link-related status and statistics information for all
1080 1087 links attached to a single bridge instance. By using this
1081 1088 option and without the -s option, the following fields can be
1082 1089 displayed for each link:
1083 1090
1084 1091 LINK
1085 1092 The link name.
1086 1093
1087 1094
1088 1095 INDEX
1089 1096 Port (link) index number on the bridge.
1090 1097
1091 1098
1092 1099 STATE
1093 1100 State of the link. The state can be disabled, discarding,
1094 1101 learning, forwarding, non-stp, or bad-mtu.
1095 1102
1096 1103
1097 1104 UPTIME
1098 1105 Number of seconds since the last reset or initialization.
1099 1106
1100 1107
1101 1108 OPERCOST
1102 1109 Actual cost in use (1-65535).
1103 1110
1104 1111
1105 1112 OPERP2P
1106 1113 This indicates whether point-to-point (P2P) mode been
1107 1114 detected.
1108 1115
1109 1116
1110 1117 OPEREDGE
1111 1118 This indicates whether edge mode has been detected.
1112 1119
1113 1120
1114 1121 DESROOT
1115 1122 The Root Bridge Identifier that has been seen on this port.
1116 1123
1117 1124
1118 1125 DESCOST
1119 1126 Path cost to the network root node through the designated
1120 1127 port.
1121 1128
1122 1129
1123 1130 DESBRIDGE
1124 1131 Bridge Identifier for this port.
1125 1132
1126 1133
1127 1134 DESPORT
1128 1135 The ID and priority of the port used to transmit
1129 1136 configuration messages for this port.
1130 1137
1131 1138
1132 1139 TCACK
1133 1140 This indicates whether Topology Change Acknowledge has been
1134 1141 seen.
1135 1142
1136 1143 When the -l option is specified without the -o option, only the
1137 1144 LINK, STATE, UPTIME, and DESROOT fields are shown.
1138 1145
1139 1146 When the -l option is specified, the -s option can be used to
1140 1147 display the following fields for each link:
1141 1148
1142 1149 LINK
1143 1150 Link name.
1144 1151
1145 1152
1146 1153 CFGBPDU
1147 1154 Number of configuration BPDUs received.
1148 1155
1149 1156
1150 1157 TCNBPDU
1151 1158 Number of topology change BPDUs received.
1152 1159
1153 1160
1154 1161 RSTPBPDU
1155 1162 Number of Rapid Spanning Tree BPDUs received.
1156 1163
1157 1164
1158 1165 TXBPDU
1159 1166 Number of BPDUs transmitted.
1160 1167
1161 1168
1162 1169 DROPS
1163 1170 Number of packets dropped due to resource problems.
1164 1171
1165 1172
1166 1173 RECV
1167 1174 Number of packets received by the bridge.
1168 1175
1169 1176
1170 1177 XMIT
1171 1178 Number of packets sent by the bridge.
1172 1179
1173 1180 When the -o option is not specified, only the LINK, DROPS, RECV,
1174 1181 and XMIT fields are shown.
1175 1182
1176 1183
1177 1184 -f, --forwarding
1178 1185 Displays forwarding entries for a single bridge instance. With
1179 1186 this option, the following fields can be shown for each
1180 1187 forwarding entry:
1181 1188
1182 1189 DEST
1183 1190 Destination MAC address.
1184 1191
1185 1192
1186 1193 AGE
1187 1194 Age of entry in seconds and milliseconds. Omitted for local
1188 1195 entries.
1189 1196
1190 1197
1191 1198 FLAGS
1192 1199 The L (local) flag is shown if the MAC address belongs to
1193 1200 an attached link or to a VNIC on one of the attached links.
1194 1201
1195 1202
1196 1203 OUTPUT
1197 1204 For local entries, this is the name of the attached link
1198 1205 that has the MAC address. Otherwise, for bridges that use
1199 1206 Spanning Tree Protocol, this is the output interface name.
1200 1207 For RBridges, this is the output TRILL nickname.
1201 1208
1202 1209 When the -o option is not specified, the DEST, AGE, FLAGS, and
1203 1210 OUTPUT fields are shown.
1204 1211
1205 1212
1206 1213 -t, --trill
1207 1214 Displays TRILL nickname entries for a single bridge instance.
1208 1215 With this option, the following fields can be shown for each
1209 1216 TRILL nickname entry:
1210 1217
1211 1218 NICK
1212 1219 TRILL nickname for this RBridge, which is a number from 1
1213 1220 to 65535.
1214 1221
1215 1222
1216 1223 FLAGS
1217 1224 The L flag is shown if the nickname identifies the local
1218 1225 system.
1219 1226
1220 1227
1221 1228 LINK
1222 1229 Link name for output when sending messages to this RBridge.
1223 1230
1224 1231
1225 1232 NEXTHOP
1226 1233 MAC address of the next hop RBridge that is used to reach
1227 1234 the RBridge with this nickname.
1228 1235
1229 1236 When the -o option is not specified, the NICK, FLAGS, LINK, and
1230 1237 NEXTHOP fields are shown.
1231 1238
1232 1239
1233 1240
1234 1241 dladm create-vlan [-ft] [-R root-dir] -l ether-link -v vid [vlan-link]
1235 1242 Create a tagged VLAN link with an ID of vid over Ethernet link
1236 1243 ether-link. The name of the VLAN link can be specified as vlan-link.
1237 1244 If the name is not specified, a name will be automatically
1238 1245 generated (assuming that ether-link is namePPA) as:
1239 1246
1240 1247 <name><1000 * vlan-tag + PPA>
1241 1248
1242 1249
1243 1250 For example, if ether-link is bge1 and vid is 2, the name generated
1244 1251 is bge2001.
1245 1252
1246 1253 -f, --force
1247 1254 Force the creation of the VLAN link. Some devices do not allow
1248 1255 frame sizes large enough to include a VLAN header. When
1249 1256 creating a VLAN link over such a device, the -f option is
1250 1257 needed, and the MTU of the IP interfaces on the resulting VLAN
1251 1258 must be set to 1496 instead of 1500.
1252 1259
1253 1260
1254 1261 -l ether-link
1255 1262 Specifies Ethernet link over which VLAN is created.
1256 1263
1257 1264
1258 1265 -t, --temporary
1259 1266 Specifies that the VLAN link is temporary. Temporary VLAN links
1260 1267 last until the next reboot.
1261 1268
1262 1269
1263 1270 -R root-dir, --root-dir=root-dir
1264 1271 See "Options," above.
1265 1272
1266 1273
1267 1274
1268 1275 dladm delete-vlan [-t] [-R root-dir] vlan-link
1269 1276 Delete the VLAN link specified.
1270 1277
1271 1278 The delete-vlansubcommand accepts the following options:
1272 1279
1273 1280 -t, --temporary
1274 1281 Specifies that the deletion is temporary. Temporary deletions
1275 1282 last until the next reboot.
1276 1283
1277 1284
1278 1285 -R root-dir, --root-dir=root-dir
1279 1286 See "Options," above.
1280 1287
1281 1288
1282 1289
1283 1290 dladm show-vlan [-P] [[-p] -o field[,...]] [vlan-link]
1284 1291 Display VLAN configuration for all VLAN links or for the specified
1285 1292 VLAN link.
1286 1293
1287 1294 The show-vlansubcommand accepts the following options:
1288 1295
1289 1296 -o field[,...], --output=field[,...]
1290 1297 A case-insensitive, comma-separated list of output fields to
1291 1298 display. The field name must be one of the fields listed below,
1292 1299 or the special value all, to display all fields. For each VLAN
1293 1300 link, the following fields can be displayed:
1294 1301
1295 1302 LINK
1296 1303 The name of the VLAN link.
1297 1304
1298 1305
1299 1306 VID
1300 1307 The ID associated with the VLAN.
1301 1308
1302 1309
1303 1310 OVER
1304 1311 The name of the physical link over which this VLAN is
1305 1312 configured.
1306 1313
1307 1314
1308 1315 FLAGS
1309 1316 A set of flags associated with the VLAN link. Possible
1310 1317 flags are:
1311 1318
1312 1319 f
1313 1320 The VLAN was created using the -f option to create-vlan.
1314 1321
1315 1322
1316 1323 i
1317 1324 The VLAN was implicitly created when the DLPI link was
1318 1325 opened. These VLAN links are automatically deleted on
1319 1326 last close of the DLPI link (for example, when the IP
1320 1327 interface associated with the VLAN link is unplumbed).
1321 1328
1322 1329 Additional flags might be defined in the future.
1323 1330
1324 1331
1325 1332
1326 1333 -p, --parseable
1327 1334 Display using a stable machine-parseable format. The -o option is
1328 1335 required with -p. See "Parseable Output Format", below.
1329 1336
1330 1337
1331 1338 -P, --persistent
1332 1339 Display the persistent VLAN configuration rather than the state
1333 1340 of the running system.
1334 1341
1335 1342
1336 1343
1337 1344 dladm scan-wifi [[-p] -o field[,...]] [wifi-link]
1338 1345 Scans for WiFi networks, either on all WiFi links, or just on the
1339 1346 specified wifi-link.
1340 1347
1341 1348 By default, currently all fields but BSSTYPE are displayed.
1342 1349
1343 1350 -o field[,...], --output=field[,...]
1344 1351 A case-insensitive, comma-separated list of output fields to
1345 1352 display. The field name must be one of the fields listed below,
1346 1353 or the special value all to display all fields. For each WiFi
1347 1354 network found, the following fields can be displayed:
1348 1355
1349 1356 LINK
1350 1357 The name of the link the WiFi network is on.
1351 1358
1352 1359
1353 1360 ESSID
1354 1361 The ESSID (name) of the WiFi network.
1355 1362
1356 1363
1357 1364 BSSID
1358 1365 Either the hardware address of the WiFi network's Access
1359 1366 Point (for BSS networks), or the WiFi network's randomly
1360 1367 generated unique token (for IBSS networks).
1361 1368
1362 1369
1363 1370 SEC
1364 1371 Either none for a WiFi network that uses no security, wep
1365 1372 for a WiFi network that requires WEP (Wired Equivalent
1366 1373 Privacy), or wpa for a WiFi network that requires WPA (Wi-Fi
1367 1374 Protected Access).
1368 1375
1369 1376
1370 1377 MODE
1371 1378 The supported connection modes: one or more of a, b, or g.
1372 1379
1373 1380
1374 1381 STRENGTH
1375 1382 The strength of the signal: one of excellent, very good,
1376 1383 good, weak, or very weak.
1377 1384
1378 1385
1379 1386 SPEED
1380 1387 The maximum speed of the WiFi network, in megabits per
1381 1388 second.
1382 1389
1383 1390
1384 1391 BSSTYPE
1385 1392 Either bss for BSS (infrastructure) networks, or ibss for
1386 1393 IBSS (ad-hoc) networks.
1387 1394
1388 1395
1389 1396
1390 1397 -p, --parseable
1391 1398 Display using a stable machine-parseable format. The -o option is
1392 1399 required with -p. See "Parseable Output Format", below.
1393 1400
1394 1401
1395 1402
1396 1403 dladm connect-wifi [-e essid] [-i bssid] [-k key,...] [-s none | wep | wpa]
1397 1404 [-a open|shared] [-b bss|ibss] [-c] [-m a|b|g] [-T time] [wifi-link]
1398 1405 Connects to a WiFi network. This consists of four steps: discovery,
1399 1406 filtration, prioritization, and association. However, to enable
1400 1407 connections to non-broadcast WiFi networks and to improve
1401 1408 performance, if a BSSID or ESSID is specified using the -e or -i
1402 1409 options, then the first three steps are skipped and connect-wifi
1403 1410 immediately attempts to associate with a BSSID or ESSID that
1404 1411 matches the rest of the provided parameters. If this association
1405 1412 fails, but there is a possibility that other networks matching the
1406 1413 specified criteria exist, then the traditional discovery process
1407 1414 begins as specified below.
1408 1415
1409 1416 The discovery step finds all available WiFi networks on the
1410 1417 specified WiFi link, which must not yet be connected. For
1411 1418 administrative convenience, if there is only one WiFi link on the
1412 1419 system, wifi-link can be omitted.
1413 1420
1414 1421 Once discovery is complete, the list of networks is filtered
1415 1422 according to the value of the following options:
1416 1423
1417 1424 -e essid, --essid=essid
1418 1425 Networks that do not have the same essid are filtered out.
1419 1426
1420 1427
1421 1428 -b bss|ibss, --bsstype=bss|ibss
1422 1429 Networks that do not have the same bsstype are filtered out.
1423 1430
1424 1431
1425 1432 -m a|b|g, --mode=a|b|g
1426 1433 Networks not appropriate for the specified 802.11 mode are
1427 1434 filtered out.
1428 1435
1429 1436
1430 1437 -k key,..., --key=key, ...
1431 1438 Use the specified secobj named by the key to connect to the
1432 1439 network. Networks not appropriate for the specified keys are
1433 1440 filtered out.
1434 1441
1435 1442
1436 1443 -s none|wep|wpa, --sec=none|wep|wpa
1437 1444 Networks not appropriate for the specified security mode are
1438 1445 filtered out.
1439 1446
1440 1447 Next, the remaining networks are prioritized, first by signal
1441 1448 strength, and then by maximum speed. Finally, an attempt is made to
1442 1449 associate with each network in the list, in order, until one
1443 1450 succeeds or no networks remain.
1444 1451
1445 1452 In addition to the options described above, the following options
1446 1453 also control the behavior of connect-wifi:
1447 1454
1448 1455 -a open|shared, --auth=open|shared
1449 1456 Connect using the specified authentication mode. By default,
1450 1457 open and shared are tried in order.
1451 1458
1452 1459
1453 1460 -c, --create-ibss
1454 1461 Used with -b ibss to create a new ad-hoc network if one matching
1455 1462 the specified ESSID cannot be found. If no ESSID is specified,
1456 1463 then -c -b ibss always triggers the creation of a new ad-hoc
1457 1464 network.
1458 1465
1459 1466
1460 1467 -T time, --timeout=time
1461 1468 Specifies the number of seconds to wait for association to
1462 1469 succeed. If time is forever, then the associate will wait
1463 1470 indefinitely. The current default is ten seconds, but this
1464 1471 might change in the future. Timeouts shorter than the default
1465 1472 might not succeed reliably.
1466 1473
1467 1474
1468 1475 -k key,..., --key=key,...
1469 1476 In addition to the filtering previously described, the
1470 1477 specified keys will be used to secure the association. The
1471 1478 security mode to use will be based on the key class; if a
1472 1479 security mode was explicitly specified, it must be compatible
1473 1480 with the key class. All keys must be of the same class.
1474 1481
1475 1482 For security modes that support multiple key slots, the slot to
1476 1483 place the key will be specified by a colon followed by an
1477 1484 index. Therefore, -k mykey:3 places mykey in slot 3. By default,
1478 1485 slot 1 is assumed. For security modes that support multiple
1479 1486 keys, a comma-separated list can be specified, with the first
1480 1487 key being the active key.
1481 1488
1482 1489
1483 1490
1484 1491 dladm disconnect-wifi [-a] [wifi-link]
1485 1492 Disconnect from one or more WiFi networks. If wifi-link specifies a
1486 1493 connected WiFi link, then it is disconnected. For administrative
1487 1494 convenience, if only one WiFi link is connected, wifi-link can be
1488 1495 omitted.
1489 1496
1490 1497 -a, --all-links
1491 1498 Disconnects from all connected links. This is primarily
1492 1499 intended for use by scripts.
1493 1500
1494 1501
1495 1502
1496 1503 dladm show-wifi [[-p] -o field,...] [wifi-link]
1497 1504 Shows WiFi configuration information either for all WiFi links or
1498 1505 for the specified link wifi-link.
1499 1506
1500 1507 -o field,..., --output=field
1501 1508 A case-insensitive, comma-separated list of output fields to
1502 1509 display. The field name must be one of the fields listed below,
1503 1510 or the special value all, to display all fields. For each WiFi
1504 1511 link, the following fields can be displayed:
1505 1512
1506 1513 LINK
1507 1514 The name of the link being displayed.
1508 1515
1509 1516
1510 1517 STATUS
1511 1518 Either connected if the link is connected, or disconnected
1512 1519 if it is not connected. If the link is disconnected, all
1513 1520 remaining fields have the value --.
1514 1521
1515 1522
1516 1523 ESSID
1517 1524 The ESSID (name) of the connected WiFi network.
1518 1525
1519 1526
1520 1527 BSSID
1521 1528 Either the hardware address of the WiFi network's Access
1522 1529 Point (for BSS networks), or the WiFi network's randomly
1523 1530 generated unique token (for IBSS networks).
1524 1531
1525 1532
1526 1533 SEC
1527 1534 Either none for a WiFi network that uses no security, wep
1528 1535 for a WiFi network that requires WEP, or wpa for a WiFi
1529 1536 network that requires WPA.
1530 1537
1531 1538
1532 1539 MODE
1533 1540 The supported connection modes: one or more of a, b, or g.
1534 1541
1535 1542
1536 1543 STRENGTH
1537 1544 The connection strength: one of excellent, very good, good,
1538 1545 weak, or very weak.
1539 1546
1540 1547
1541 1548 SPEED
1542 1549 The connection speed, in megabits per second.
1543 1550
1544 1551
1545 1552 AUTH
1546 1553 Either open or shared (see connect-wifi).
1547 1554
1548 1555
1549 1556 BSSTYPE
1550 1557 Either bss for BSS (infrastructure) networks, or ibss for
1551 1558 IBSS (ad-hoc) networks.
1552 1559
1553 1560 By default, currently all fields but AUTH, BSSID, BSSTYPE are
1554 1561 displayed.
1555 1562
1556 1563
1557 1564 -p, --parseable
1558 1565 Displays using a stable machine-parseable format. The -o option
1559 1566 is required with -p. See "Parseable Output Format", below.
1560 1567
1561 1568
1562 1569
1563 1570 dladm show-ether [-x] [[-p] -o field,...] [ether-link]
1564 1571 Shows state information either for all physical Ethernet links or
1565 1572 for a specified physical Ethernet link.
1566 1573
1567 1574 The show-ether subcommand accepts the following options:
1568 1575
1569 1576 -o field,..., --output=field
1570 1577 A case-insensitive, comma-separated list of output fields to
1571 1578 display. The field name must be one of the fields listed below,
1572 1579 or the special value all to display all fields. For each link,
1573 1580 the following fields can be displayed:
1574 1581
1575 1582 LINK
1576 1583 The name of the link being displayed.
1577 1584
1578 1585
1579 1586 PTYPE
1580 1587 Parameter type, where current indicates the negotiated
1581 1588 state of the link, capable indicates capabilities supported
1582 1589 by the device, adv indicates the advertised capabilities,
1583 1590 and peeradv indicates the capabilities advertised by the
1584 1591 link-partner.
1585 1592
1586 1593
1587 1594 STATE
1588 1595 The state of the link.
1589 1596
1590 1597
1591 1598 AUTO
1592 1599 A yes/no value indicating whether auto-negotiation is
1593 1600 advertised.
1594 1601
1595 1602
1596 1603 SPEED-DUPLEX
1597 1604 Combinations of speed and duplex values available. The
1598 1605 units of speed are encoded with a trailing suffix of G
1599 1606 (Gigabits/s) or M (Mb/s). Duplex values are encoded as f
1600 1607 (full-duplex) or h (half-duplex).
1601 1608
1602 1609
1603 1610 PAUSE
1604 1611 Flow control information. Can be no, indicating no flow
1605 1612 control is available; tx, indicating that the end-point can
1606 1613 transmit pause frames, but ignores any received pause
1607 1614 frames; rx, indicating that the end-point receives and acts
1608 1615 upon received pause frames; or bi, indicating bi-directional
1609 1616 flow-control.
1610 1617
1611 1618
1612 1619 REM_FAULT
1613 1620 Fault detection information. Valid values are none or
1614 1621 fault.
1615 1622
1616 1623 By default, all fields except REM_FAULT are displayed for the
1617 1624 "current" PTYPE.
1618 1625
1619 1626
1620 1627 -p, --parseable
|
↓ open down ↓ |
1284 lines elided |
↑ open up ↑ |
1621 1628 Displays using a stable machine-parseable format. The -o option
1622 1629 is required with -p. See "Parseable Output Format", below.
1623 1630
1624 1631
1625 1632 -x, --extended
1626 1633 Extended output is displayed for PTYPE values of current,
1627 1634 capable, adv and peeradv.
1628 1635
1629 1636
1630 1637
1631 - dladm set-linkprop [-t] [-R root-dir] -p prop=value[,...] link
1638 + dladm set-linkprop [-t] [-R root-dir] [-z zonename] -p prop=value[,...] link
1632 1639 Sets the values of one or more properties on the link specified.
1633 1640 The list of properties and their possible values depend on the link
1634 1641 type, the network device driver, and networking hardware. These
1635 1642 properties can be retrieved using show-linkprop.
1636 1643
1637 1644 -t, --temporary
1638 1645 Specifies that the changes are temporary. Temporary changes
1639 1646 last until the next reboot.
1640 1647
1641 1648
1642 1649 -R root-dir, --root-dir=root-dir
1643 1650 See "Options," above.
1644 1651
1645 1652
1653 + -z zonenme
1654 + Operate on a link that has been delegated to the specified
1655 + zone.
1656 +
1657 +
1646 1658 -p prop=value[,...], --prop prop=value[,...]
1647 1659 A comma-separated list of properties to set to the specified
1648 1660 values.
1649 1661
1650 1662 Note that when the persistent value is set, the temporary value
1651 1663 changes to the same value.
1652 1664
1653 1665
1654 - dladm reset-linkprop [-t] [-R root-dir] [-p prop,...] link
1666 + dladm reset-linkprop [-t] [-R root-dir] [-z zonename] [-p prop,...] link
1655 1667 Resets one or more properties to their values on the link
1656 1668 specified. Properties are reset to the values they had at startup.
1657 1669 If no properties are specified, all properties are reset. See show-
1658 1670 linkprop for a description of properties.
1659 1671
1660 1672 -t, --temporary
1661 1673 Specifies that the resets are temporary. Values are reset to
1662 1674 default values. Temporary resets last until the next reboot.
1663 1675
1664 1676
1665 1677 -R root-dir, --root-dir=root-dir
1666 1678 See "Options," above.
1667 1679
1668 1680
1681 + -z zonenme
1682 + Operate on a link that has been delegated to the specified
1683 + zone.
1684 +
1685 +
1669 1686 -p prop, ..., --prop=prop, ...
1670 1687 A comma-separated list of properties to reset.
1671 1688
1672 1689 Note that when the persistent value is reset, the temporary value
1673 1690 changes to the same value.
1674 1691
1675 1692
1676 - dladm show-linkprop [-P] [[-c] -o field[,...]][-p prop[,...]] [link]
1693 + dladm show-linkprop [-P] [-z zonename] [[-c] -o field[,...]][-p prop[,...]]
1694 + [link]
1677 1695 Show the current or persistent values of one or more properties,
1678 1696 either for all datalinks or for the specified link. By default,
1679 1697 current values are shown. If no properties are specified, all
1680 1698 available link properties are displayed. For each property, the
1681 1699 following fields are displayed:
1682 1700
1683 1701 -o field[,...], --output=field
1684 1702 A case-insensitive, comma-separated list of output fields to
1685 1703 display. The field name must be one of the fields listed below,
1686 1704 or the special value all to display all fields. For each link,
1687 1705 the following fields can be displayed:
1688 1706
1689 1707 LINK
1690 1708 The name of the datalink.
1691 1709
1692 1710
1693 1711 PROPERTY
1694 1712 The name of the property.
1695 1713
1696 1714
1697 1715 PERM
1698 1716 The read/write permissions of the property. The value shown
1699 1717 is one of ro or rw.
1700 1718
1701 1719
1702 1720 VALUE
1703 1721 The current (or persistent) property value. If the value is
1704 1722 not set, it is shown as --. If it is unknown, the value is
1705 1723 shown as ?. Persistent values that are not set or have been
1706 1724 reset will be shown as -- and will use the system DEFAULT
1707 1725 value (if any).
1708 1726
1709 1727
1710 1728 DEFAULT
1711 1729 The default value of the property. If the property has no
1712 1730 default value, -- is shown.
1713 1731
1714 1732
1715 1733 POSSIBLE
1716 1734 A comma-separated list of the values the property can have.
1717 1735 If the values span a numeric range, min - max might be
1718 1736 shown as shorthand. If the possible values are unknown or
1719 1737 unbounded, -- is shown.
1720 1738
1721 1739 The list of properties depends on the link type and network
1722 1740 device driver, and the available values for a given property
1723 1741 further depends on the underlying network hardware and its
1724 1742 state. General link properties are documented in the LINK
1725 1743 PROPERTIES section. However, link properties that begin with
1726 1744 "_" (underbar) are specific to a given link or its underlying
1727 1745 network device and subject to change or removal. See the
1728 1746 appropriate network device driver man page for details.
1729 1747
1730 1748
|
↓ open down ↓ |
44 lines elided |
↑ open up ↑ |
1731 1749 -c, --parseable
1732 1750 Display using a stable machine-parseable format. The -o option is
1733 1751 required with this option. See "Parseable Output Format",
1734 1752 below.
1735 1753
1736 1754
1737 1755 -P, --persistent
1738 1756 Display persistent link property information
1739 1757
1740 1758
1759 + -z zonenme
1760 + Operate on a link that has been delegated to the specified
1761 + zone.
1762 +
1763 +
1741 1764 -p prop, ..., --prop=prop, ...
1742 1765 A comma-separated list of properties to show. See the sections
1743 1766 on link properties following subcommand descriptions.
1744 1767
1745 1768
1746 1769
1747 1770 dladm create-secobj [-t] [-R root-dir] [-f file] -c class secobj
1748 1771 Create a secure object named secobj in the specified class to be
1749 1772 later used as a WEP or WPA key in connecting to an encrypted
1750 1773 network. The value of the secure object can either be provided
1751 1774 interactively or read from a file. The sequence of interactive
1752 1775 prompts and the file format depends on the class of the secure
1753 1776 object.
1754 1777
1755 1778 Currently, the classes wep and wpa are supported. The WEP (Wired
1756 1779 Equivalent Privacy) key can be either 5 or 13 bytes long. It can be
1757 1780 provided either as an ASCII or hexadecimal string -- thus, 12345
1758 1781 and 0x3132333435 are equivalent 5-byte keys (the 0x prefix can be
1759 1782 omitted). A file containing a WEP key must consist of a single line
1760 1783 using either WEP key format. The WPA (Wi-Fi Protected Access) key
1761 1784 must be provided as an ASCII string with a length between 8 and 63
1762 1785 bytes.
1763 1786
1764 1787 This subcommand is only usable by users or roles that belong to the
1765 1788 "Network Link Security" RBAC profile.
1766 1789
1767 1790 -c class, --class=class
1768 1791 class can be wep or wpa. See preceding discussion.
1769 1792
1770 1793
1771 1794 -t, --temporary
1772 1795 Specifies that the creation is temporary. Temporary creation
1773 1796 last until the next reboot.
1774 1797
1775 1798
1776 1799 -R root-dir, --root-dir=root-dir
1777 1800 See "Options," above.
1778 1801
1779 1802
1780 1803 -f file, --file=file
1781 1804 Specifies a file that should be used to obtain the secure
1782 1805 object's value. The format of this file depends on the secure
1783 1806 object class. See the EXAMPLES section for an example of using
1784 1807 this option to set a WEP key.
1785 1808
1786 1809
1787 1810
1788 1811 dladm delete-secobj [-t] [-R root-dir] secobj[,...]
1789 1812 Delete one or more specified secure objects. This subcommand is
1790 1813 only usable by users or roles that belong to the "Network Link
1791 1814 Security" RBAC profile.
1792 1815
1793 1816 -t, --temporary
1794 1817 Specifies that the deletions are temporary. Temporary deletions
1795 1818 last until the next reboot.
1796 1819
1797 1820
1798 1821 -R root-dir, --root-dir=root-dir
1799 1822 See "Options," above.
1800 1823
1801 1824
1802 1825
1803 1826 dladm show-secobj [-P] [[-p] -o field[,...]] [secobj,...]
1804 1827 Show current or persistent secure object information. If one or
1805 1828 more secure objects are specified, then information for each is
1806 1829 displayed. Otherwise, all current or persistent secure objects are
1807 1830 displayed.
1808 1831
1809 1832 By default, current secure objects are displayed, which are all
1810 1833 secure objects that have either been persistently created and not
1811 1834 temporarily deleted, or temporarily created.
1812 1835
1813 1836 For security reasons, it is not possible to show the value of a
1814 1837 secure object.
1815 1838
1816 1839 -o field[,...] , --output=field[,...]
1817 1840 A case-insensitive, comma-separated list of output fields to
1818 1841 display. The field name must be one of the fields listed below.
1819 1842 For displayed secure object, the following fields can be shown:
1820 1843
1821 1844 OBJECT
1822 1845 The name of the secure object.
1823 1846
1824 1847
1825 1848 CLASS
1826 1849 The class of the secure object.
1827 1850
1828 1851
1829 1852
1830 1853 -p, --parseable
1831 1854 Display using a stable machine-parseable format. The -o option is
1832 1855 required with -p. See "Parseable Output Format", below.
1833 1856
1834 1857
1835 1858 -P, --persistent
1836 1859 Display persistent secure object information
1837 1860
1838 1861
1839 1862
1840 1863 dladm create-vnic [-t] -l link [-R root-dir] [-m value | auto | {factory [-n
1841 1864 slot-identifier]} | {random [-r prefix]}] [-v vlan-id] [-p prop=value[,...]]
1842 1865 vnic-link
1843 1866 Create a VNIC with name vnic-link over the specified link.
1844 1867
1845 1868 -t, --temporary
1846 1869 Specifies that the VNIC is temporary. Temporary VNICs last
1847 1870 until the next reboot.
1848 1871
1849 1872
1850 1873 -R root-dir, --root-dir=root-dir
1851 1874 See "Options," above.
1852 1875
1853 1876
1854 1877 -l link, --link=link
1855 1878 link can be a physical link or an etherstub.
1856 1879
1857 1880
1858 1881 -m value | keyword, --mac-address=value | keyword
1859 1882 Sets the VNIC's MAC address based on the specified value or
1860 1883 keyword. If value is not a keyword, it is interpreted as a
1861 1884 unicast MAC address, which must be valid for the underlying
1862 1885 NIC. The following special keywords can be used:
1863 1886
1864 1887 factory [-n slot-identifier],
1865 1888 factory [--slot=slot-identifier]
1866 1889 Assign a factory MAC address to the VNIC. When a factory
1867 1890 MAC address is requested, -m can be combined with the -n
1868 1891 option to specify a MAC address slot to be used. If -n is
1869 1892 not specified, the system will choose the next available
1870 1893 factory MAC address. The -m option of the show-phys
1871 1894 subcommand can be used to display the list of factory MAC
1872 1895 addresses, their slot identifiers, and their availability.
1873 1896
1874 1897
1875 1898 random [-r prefix],
1876 1899 random [--mac-prefix=prefix]
1877 1900 Assign a random MAC address to the VNIC. A default prefix
1878 1901 consisting of a valid IEEE OUI with the local bit set will
1879 1902 be used. That prefix can be overridden with the -r option.
1880 1903
1881 1904
1882 1905 auto
1883 1906 Try and use a factory MAC address first. If none is
1884 1907 available, assign a random MAC address. auto is the default
1885 1908 action if the -m option is not specified.
1886 1909
1887 1910
1888 1911 -v vlan-id
1889 1912 Enable VLAN tagging for this VNIC. The VLAN tag will have
|
↓ open down ↓ |
139 lines elided |
↑ open up ↑ |
1890 1913 id vlan-id.
1891 1914
1892 1915
1893 1916
1894 1917 -p prop=value,..., --prop prop=value,...
1895 1918 A comma-separated list of properties to set to the specified
1896 1919 values.
1897 1920
1898 1921
1899 1922
1900 - dladm delete-vnic [-t] [-R root-dir] vnic-link
1923 + dladm delete-vnic [-t] [-R root-dir] [-z zonename] vnic-link
1901 1924 Deletes the specified VNIC.
1902 1925
1903 1926 -t, --temporary
1904 1927 Specifies that the deletion is temporary. Temporary deletions
1905 1928 last until the next reboot.
1906 1929
1907 1930
1908 1931 -R root-dir, --root-dir=root-dir
1909 1932 See "Options," above.
1910 1933
1911 1934
1935 + -z zonenme
1936 + Operate on a link that has been delegated to the specified
1937 + zone.
1912 1938
1913 - dladm show-vnic [-pP] [-s [-i interval]] [-o field[,...]] [-l link] [vnic-
1914 - link]
1939 +
1940 +
1941 + dladm show-vnic [-pP] [-s [-i interval]] [-o field[,...]] [-l link] [-z
1942 + zonename] [vnic-link]
1915 1943 Show VNIC configuration information (the default) or statistics,
1916 1944 for all VNICs, all VNICs on a link, or only the specified vnic-link.
1917 1945
1918 1946 -o field[,...] , --output=field[,...]
1919 1947 A case-insensitive, comma-separated list of output fields to
1920 1948 display. The field name must be one of the fields listed below.
1921 1949 The field name must be one of the fields listed below, or the
1922 1950 special value all to display all fields. By default (without
1923 1951 -o), show-vnic displays all fields.
1924 1952
1925 1953 LINK
1926 1954 The name of the VNIC.
1927 1955
1928 1956
1929 1957 OVER
1930 1958 The name of the physical link over which this VNIC is
1931 1959 configured.
1932 1960
1933 1961
1934 1962 SPEED
1935 1963 The maximum speed of the VNIC, in megabits per second.
1936 1964
1937 1965
1938 1966 MACADDRESS
1939 1967 MAC address of the VNIC.
1940 1968
1941 1969
1942 1970 MACADDRTYPE
1943 1971 MAC address type of the VNIC. dladm distinguishes among the
1944 1972 following MAC address types:
1945 1973
1946 1974 random
1947 1975 A random address assigned to the VNIC.
1948 1976
1949 1977
1950 1978 factory
1951 1979 A factory MAC address used by the VNIC.
1952 1980
1953 1981
1954 1982
1955 1983
1956 1984 -p, --parseable
1957 1985 Display using a stable machine-parseable format. The -o option is
1958 1986 required with -p. See "Parseable Output Format", below.
1959 1987
1960 1988
1961 1989 -P, --persistent
1962 1990 Display the persistent VNIC configuration.
1963 1991
1964 1992
1965 1993 -s, --statistics
1966 1994 Displays VNIC statistics.
1967 1995
1968 1996
|
↓ open down ↓ |
44 lines elided |
↑ open up ↑ |
1969 1997 -i interval, --interval=interval
1970 1998 Used with the -s option to specify an interval, in seconds, at
1971 1999 which statistics should be displayed. If this option is not
1972 2000 specified, statistics will be displayed only once.
1973 2001
1974 2002
1975 2003 -l link, --link=link
1976 2004 Display information for all VNICs on the named link.
1977 2005
1978 2006
2007 + -z zonenme
2008 + Operate on a link that has been delegated to the specified
2009 + zone.
2010 +
2011 +
1979 2012
1980 2013 dladm create-etherstub [-t] [-R root-dir] etherstub
1981 2014 Create an etherstub with the specified name.
1982 2015
1983 2016 -t, --temporary
1984 2017 Specifies that the etherstub is temporary. Temporary etherstubs
1985 2018 do not persist across reboots.
1986 2019
1987 2020
1988 2021 -R root-dir, --root-dir=root-dir
1989 2022 See "Options," above.
1990 2023
1991 2024 VNICs can be created on top of etherstubs instead of physical NICs.
1992 2025 As with physical NICs, such a creation causes the stack to
1993 2026 implicitly create a virtual switch between the VNICs created on top
1994 2027 of the same etherstub.
1995 2028
1996 2029
1997 2030 dladm delete-etherstub [-t] [-R root-dir] etherstub
1998 2031 Delete the specified etherstub.
1999 2032
2000 2033 -t, --temporary
2001 2034 Specifies that the deletion is temporary. Temporary deletions
2002 2035 last until the next reboot.
2003 2036
2004 2037
2005 2038 -R root-dir, --root-dir=root-dir
2006 2039 See "Options," above.
2007 2040
2008 2041
2009 2042
2010 2043 dladm show-etherstub [etherstub]
2011 2044 Show all configured etherstubs by default, or the specified
2012 2045 etherstub if etherstub is specified.
2013 2046
2014 2047
2015 2048 dladm create-iptun [-t] [-R root-dir] -T type [-s tsrc] [-d tdst] iptun-link
2016 2049 Create an IP tunnel link named iptun-link. Such links can
2017 2050 additionally be protected with IPsec using ipsecconf(1M).
2018 2051
2019 2052 An IP tunnel is conceptually comprised of two parts: a virtual link
2020 2053 between two or more IP nodes, and an IP interface above this link
2021 2054 that allows the system to transmit and receive IP packets
2022 2055 encapsulated by the underlying link. This subcommand creates a
2023 2056 virtual link. The ifconfig(1M) command is used to configure IP
2024 2057 interfaces above the link.
2025 2058
2026 2059 -t, --temporary
2027 2060 Specifies that the IP tunnel link is temporary. Temporary
2028 2061 tunnels last until the next reboot.
2029 2062
2030 2063
2031 2064 -R root-dir, --root-dir=root-dir
2032 2065 See "Options," above.
2033 2066
2034 2067
2035 2068 -T type, --tunnel-type=type
2036 2069 Specifies the type of tunnel to be created. The type must be
2037 2070 one of the following:
2038 2071
2039 2072 ipv4
2040 2073 A point-to-point, IP-over-IP tunnel between two IPv4 nodes.
2041 2074 This type of tunnel requires IPv4 source and destination
2042 2075 addresses to function. IPv4 and IPv6 interfaces can be
2043 2076 plumbed above such a tunnel to create IPv4-over-IPv4 and
2044 2077 IPv6-over-IPv4 tunneling configurations.
2045 2078
2046 2079
2047 2080 ipv6
2048 2081 A point-to-point, IP-over-IP tunnel between two IPv6 nodes as
2049 2082 defined in IETF RFC 2473. This type of tunnel requires IPv6
2050 2083 source and destination addresses to function. IPv4 and IPv6
2051 2084 interfaces can be plumbed above such a tunnel to create
2052 2085 IPv4-over-IPv6 and IPv6-over-IPv6 tunneling configurations.
2053 2086
2054 2087
2055 2088 6to4
2056 2089 A 6to4, point-to-multipoint tunnel as defined in IETF RFC
2057 2090 3056. This type of tunnel requires an IPv4 source address
2058 2091 to function. An IPv6 interface is plumbed on such a tunnel
2059 2092 link to configure a 6to4 router.
2060 2093
2061 2094
2062 2095
2063 2096 -s tsrc, --tunnel-src=tsrc
2064 2097 Literal IP address or hostname corresponding to the tunnel
2065 2098 source. If a hostname is specified, it will be resolved to IP
2066 2099 addresses, and one of those IP addresses will be used as the
2067 2100 tunnel source. Because IP tunnels are created before naming
2068 2101 services have been brought online during the boot process, it
2069 2102 is important that any hostname used be included in /etc/hosts.
2070 2103
2071 2104
2072 2105 -d tdst, --tunnel-dst=tdst
2073 2106 Literal IP address or hostname corresponding to the tunnel
2074 2107 destination.
2075 2108
2076 2109
2077 2110
2078 2111 dladm modify-iptun [-t] [-R root-dir] [-s tsrc] [-d tdst] iptun-link
2079 2112 Modify the parameters of the specified IP tunnel.
2080 2113
2081 2114 -t, --temporary
2082 2115 Specifies that the modification is temporary. Temporary
2083 2116 modifications last until the next reboot.
2084 2117
2085 2118
2086 2119 -R root-dir, --root-dir=root-dir
2087 2120 See "Options," above.
2088 2121
2089 2122
2090 2123 -s tsrc, --tunnel-src=tsrc
2091 2124 Specifies a new tunnel source address. See create-iptun for a
2092 2125 description.
2093 2126
2094 2127
2095 2128 -d tdst, --tunnel-dst=tdst
2096 2129 Specifies a new tunnel destination address. See create-iptun for
2097 2130 a description.
2098 2131
2099 2132
2100 2133
2101 2134 dladm delete-iptun [-t] [-R root-dir] iptun-link
2102 2135 Delete the specified IP tunnel link.
2103 2136
2104 2137 -t, --temporary
2105 2138 Specifies that the deletion is temporary. Temporary deletions
2106 2139 last until the next reboot.
2107 2140
2108 2141
2109 2142 -R root-dir, --root-dir=root-dir
2110 2143 See "Options," above.
2111 2144
2112 2145
2113 2146
2114 2147 dladm show-iptun [-P] [[-p] -o field[,...]] [iptun-link]
2115 2148 Show IP tunnel link configuration for a single IP tunnel or all IP
2116 2149 tunnels.
2117 2150
2118 2151 -P, --persistent
2119 2152 Display the persistent IP tunnel configuration.
2120 2153
2121 2154
2122 2155 -p, --parseable
2123 2156 Display using a stable machine-parseable format. The -o option
2124 2157 is required with -p. See "Parseable Output Format", below.
2125 2158
2126 2159
2127 2160 -o field[,...], --output=field[,...]
2128 2161 A case-insensitive, comma-separated list of output fields to
2129 2162 display. The field name must be one of the fields listed below,
2130 2163 or the special value all, to display all fields. By default
2131 2164 (without -o), show-iptun displays all fields.
2132 2165
2133 2166 LINK
2134 2167 The name of the IP tunnel link.
2135 2168
2136 2169
2137 2170 TYPE
2138 2171 Type of tunnel as specified by the -T option of create-iptun.
2139 2172
2140 2173
2141 2174 FLAGS
2142 2175 A set of flags associated with the IP tunnel link. Possible
2143 2176 flags are:
2144 2177
2145 2178 s
2146 2179 The IP tunnel link is protected by IPsec policy. To
2147 2180 display the IPsec policy associated with the tunnel
2148 2181 link, enter:
2149 2182
2150 2183 # ipsecconf -ln -i tunnel-link
2151 2184
2152 2185
2153 2186 See ipsecconf(1M) for more details on how to configure
2154 2187 IPsec policy.
2155 2188
2156 2189
2157 2190 i
2158 2191 The IP tunnel link was implicitly created with
2159 2192 ifconfig(1M), and will be automatically deleted when it
2160 2193 is no longer referenced (that is, when the last IP
2161 2194 interface over the tunnel is unplumbed). See
2162 2195 ifconfig(1M) for details on implicit tunnel creation.
2163 2196
2164 2197
2165 2198
2166 2199 SOURCE
2167 2200 The tunnel source address.
2168 2201
2169 2202
2170 2203 DESTINATION
2171 2204 The tunnel destination address.
2172 2205
2173 2206
2174 2207
2175 2208
2176 2209 dladm show-usage [-a] -f filename [-p plotfile -F format] [-s time] [-e time]
2177 2210 [link]
2178 2211 Show the historical network usage from a stored extended accounting
2179 2212 file. Configuration and enabling of network accounting through
2180 2213 acctadm(1M) is required. The default output will be the summary of
2181 2214 network usage for the entire period of time in which extended
2182 2215 accounting was enabled.
2183 2216
2184 2217 -a
2185 2218 Display all historical network usage for the specified period
2186 2219 of time during which extended accounting is enabled. This
2187 2220 includes the usage information for the links that have already
2188 2221 been deleted.
2189 2222
2190 2223
2191 2224 -f filename, --file=filename
2192 2225 Read extended accounting records of network usage from
2193 2226 filename.
2194 2227
2195 2228
2196 2229 -F format, --format=format
2197 2230 Specifies the format of plotfile that is specified by the -p
2198 2231 option. As of this release, gnuplot is the only supported
2199 2232 format.
2200 2233
2201 2234
2202 2235 -p plotfile, --plot=plotfile
2203 2236 Write network usage data to a file of the format specified by
2204 2237 the -F option, which is required.
2205 2238
2206 2239
2207 2240 -s time, --start=time
2208 2241 -e time, --stop=time
2209 2242 Start and stop times for data display. Time is in the format
2210 2243 MM/DD/YYYY,hh:mm:ss.
2211 2244
2212 2245
2213 2246 link
2214 2247 If specified, display the network usage only for the named
2215 2248 link. Otherwise, display network usage for all links.
2216 2249
2217 2250
2218 2251
2219 2252 Parseable Output Format
2220 2253 Many dladm subcommands have an option that displays output in a
2221 2254 machine-parseable format. The output format is one or more lines of
2222 2255 colon (:) delimited fields. The fields displayed are specific to the
2223 2256 subcommand used and are listed under the entry for the -o option for a
2224 2257 given subcommand. Output includes only those fields requested by means
2225 2258 of the -o option, in the order requested.
2226 2259
2227 2260
2228 2261 When you request multiple fields, any literal colon characters are
2229 2262 escaped by a backslash (\) before being output. Similarly, literal
2230 2263 backslash characters will also be escaped (\\). This escape format is
2231 2264 parseable by using shell read(1) functions with the environment
2232 2265 variable IFS=: (see EXAMPLES, below). Note that escaping is not done
2233 2266 when you request only a single field.
2234 2267
2235 2268 General Link Properties
2236 2269 The following general link properties are supported:
2237 2270
2238 2271 allowed-ips
2239 2272 A comma-seperated list of IP addresses that are allowed on the
2240 2273 interface.
2241 2274
2242 2275 An address in CIDR format with no host address specified is used to
2243 2276 indicate that any address on that subnet is allowed (e.g.
2244 2277 192.168.10.0/24 means any address in the range 192.168.10.0 -
2245 2278 192.168.10.255 is allowed).
2246 2279
2247 2280
2248 2281 autopush
2249 2282 Specifies the set of STREAMS modules to push on the stream
2250 2283 associated with a link when its DLPI device is opened. It is a
2251 2284 space-delimited list of modules.
2252 2285
2253 2286 The optional special character sequence [anchor] indicates that a
2254 2287 STREAMS anchor should be placed on the stream at the module
2255 2288 previously specified in the list. It is an error to specify more
2256 2289 than one anchor or to have an anchor first in the list.
2257 2290
2258 2291 The autopush property is preferred over the more general
2259 2292 autopush(1M) command.
2260 2293
2261 2294
2262 2295 cpus
2263 2296 Bind the processing of packets for a given data link to a processor
2264 2297 or a set of processors. The value can be a comma-separated list of
2265 2298 one or more processor ids. If the list consists of more than one
2266 2299 processor, the processing will spread out to all the processors.
2267 2300 Connection to processor affinity and packet ordering for any
2268 2301 individual connection will be maintained.
2269 2302
2270 2303 The processor or set of processors are not exclusively reserved for
2271 2304 the link. Only the kernel threads and interrupts associated with
2272 2305 processing of the link are bound to the processor or the set of
2273 2306 processors specified. In case it is desired that processors be
2274 2307 dedicated to the link, psrset(1M) can be used to create a processor
2275 2308 set and then specifying the processors from the processor set to
2276 2309 bind the link to.
2277 2310
2278 2311 If the link was already bound to processor or set of processors due
2279 2312 to a previous operation, the binding will be removed and the new
2280 2313 set of processors will be used instead.
2281 2314
2282 2315 The default is no CPU binding, which is to say that the processing
2283 2316 of packets is not bound to any specific processor or processor set.
2284 2317
2285 2318
2286 2319 learn_limit
2287 2320 Limits the number of new or changed MAC sources to be learned over
2288 2321 a bridge link. When the number exceeds this value, learning on that
2289 2322 link is temporarily disabled. Only non-VLAN, non-VNIC type links have
2290 2323 this property.
2291 2324
2292 2325 The default value is 1000. Valid values are greater or equal to 0.
2293 2326
2294 2327
2295 2328 learn_decay
2296 2329 Specifies the decay rate for source changes limited by learn_limit.
2297 2330 This number is subtracted from the counter for a bridge link every
2298 2331 5 seconds. Only non-VLAN, non-VNIC type links have this property.
2299 2332
2300 2333 The default value is 200. Valid values are greater or equal to 0.
2301 2334
2302 2335
2303 2336 maxbw
2304 2337 Sets the full duplex bandwidth for the link. The bandwidth is
2305 2338 specified as an integer with one of the scale suffixes (K, M, or G
2306 2339 for Kbps, Mbps, and Gbps). If no units are specified, the input
2307 2340 value will be read as Mbps. The default is no bandwidth limit.
2308 2341
2309 2342
2310 2343 priority
2311 2344 Sets the relative priority for the link. The value can be given as
2312 2345 one of the tokens high, medium, or low. The default is high.
2313 2346
2314 2347
2315 2348 stp
2316 2349 Enables or disables Spanning Tree Protocol on a bridge link.
2317 2350 Setting this value to 0 disables Spanning Tree, and puts the link
2318 2351 into forwarding mode with BPDU guarding enabled. This mode is
2319 2352 appropriate for point-to-point links connected only to end nodes.
2320 2353 Only non-VLAN, non-VNIC type links have this property. The default
2321 2354 value is 1, to enable STP.
2322 2355
2323 2356
2324 2357 forward
2325 2358 Enables or disables forwarding for a VLAN. Setting this value to 0
2326 2359 disables bridge forwarding for a VLAN link. Disabling bridge
2327 2360 forwarding removes that VLAN from the "allowed set" for the bridge.
2328 2361 The default value is 1, to enable bridge forwarding for configured
2329 2362 VLANs.
2330 2363
2331 2364
2332 2365 default_tag
2333 2366 Sets the default VLAN ID that is assumed for untagged packets sent
2334 2367 to and received from this link. Only non-VLAN, non-VNIC type links
2335 2368 have this property. Setting this value to 0 disables the bridge
2336 2369 forwarding of untagged packets to and from the port. The default
2337 2370 value is VLAN ID 1. Valid values values are from 0 to 4094.
2338 2371
2339 2372
2340 2373 stp_priority
2341 2374 Sets the STP and RSTP Port Priority value, which is used to
2342 2375 determine the preferred root port on a bridge. Lower numerical
2343 2376 values are higher priority. The default value is 128. Valid values
2344 2377 range from 0 to 255.
2345 2378
2346 2379
2347 2380 stp_cost
2348 2381 Sets the STP and RSTP cost for using the link. The default value is
2349 2382 auto, which sets the cost based on link speed, using 100 for
2350 2383 10Mbps, 19 for 100Mbps, 4 for 1Gbps, and 2 for 10Gbps. Valid values
2351 2384 range from 1 to 65535.
2352 2385
2353 2386
2354 2387 stp_edge
2355 2388 Enables or disables bridge edge port detection. If set to 0
2356 2389 (false), the system assumes that the port is connected to other
2357 2390 bridges even if no bridge PDUs of any type are seen. The default
2358 2391 value is 1, which detects edge ports automatically.
2359 2392
2360 2393
2361 2394 stp_p2p
2362 2395 Sets bridge point-to-point operation mode. Possible values are true,
2363 2396 false, and auto. When set to auto, point-to-point connections are
2364 2397 automatically discovered. When set to true, the port mode is forced
2365 2398 to use point-to-point. When set to false, the port mode is forced to
2366 2399 use normal multipoint mode. The default value is auto.
2367 2400
2368 2401
2369 2402 stp_mcheck
2370 2403 Triggers the system to run the RSTP Force BPDU Migration Check
2371 2404 procedure on this link. The procedure is triggered by setting the
2372 2405 property value to 1. The property is automatically reset back to 0.
2373 2406 This value cannot be set unless the following are true:
2374 2407
2375 2408 o The link is bridged
2376 2409
2377 2410 o The bridge is protected by Spanning Tree
2378 2411
2379 2412 o The bridge force-protocol value is at least 2 (RSTP)
2380 2413 The default value is 0.
2381 2414
2382 2415
2383 2416 zone
2384 2417 Specifies the zone to which the link belongs. This property can be
2385 2418 modified only temporarily through dladm, and thus the -t option must
2386 2419 be specified. To modify the zone assignment such that it persists
2387 2420 across reboots, please use zonecfg(1M). Possible values consist of
2388 2421 any exclusive-IP zone currently running on the system. By default,
2389 2422 the zone binding is as per zonecfg(1M).
2390 2423
2391 2424
2392 2425 Wifi Link Properties
2393 2426 The following WiFi link properties are supported. Note that the ability
2394 2427 to set a given property to a given value depends on the driver and
2395 2428 hardware.
2396 2429
2397 2430 channel
2398 2431 Specifies the channel to use. This property can be modified only by
2399 2432 certain WiFi links when in IBSS mode. The default value and allowed
2400 2433 range of values varies by regulatory domain.
2401 2434
2402 2435
2403 2436 powermode
2404 2437 Specifies the power management mode of the WiFi link. Possible
2405 2438 values are off (disable power management), max (maximum power
2406 2439 savings), and fast (performance-sensitive power management). Default
2407 2440 is off.
2408 2441
2409 2442
2410 2443 radio
2411 2444 Specifies the radio mode of the WiFi link. Possible values are on
2412 2445 or off. Default is on.
2413 2446
2414 2447
2415 2448 speed
2416 2449 Specifies a fixed speed for the WiFi link, in megabits per second.
2417 2450 The set of possible values depends on the driver and hardware (but
2418 2451 is shown by show-linkprop); common speeds include 1, 2, 11, and 54.
2419 2452 By default, there is no fixed speed.
2420 2453
2421 2454
2422 2455 Ethernet Link Properties
2423 2456 The following MII Properties, as documented in ieee802.3(5), are
2424 2457 supported in read-only mode:
2425 2458
2426 2459 o duplex
2427 2460
2428 2461 o state
2429 2462
2430 2463 o adv_autoneg_cap
2431 2464
2432 2465 o adv_10gfdx_cap
2433 2466
2434 2467 o adv_1000fdx_cap
2435 2468
2436 2469 o adv_1000hdx_cap
2437 2470
2438 2471 o adv_100fdx_cap
2439 2472
2440 2473 o adv_100hdx_cap
2441 2474
2442 2475 o adv_10fdx_cap
2443 2476
2444 2477 o adv_10hdx_cap
2445 2478
2446 2479
2447 2480 Each adv_ property (for example, adv_10fdx_cap) also has a read/write
2448 2481 counterpart en_ property (for example, en_10fdx_cap) controlling
2449 2482 parameters used at auto-negotiation. In the absence of Power Management,
2450 2483 the adv* speed/duplex parameters provide the values that are both
2451 2484 negotiated and currently effective in hardware. However, with Power
2452 2485 Management enabled, the speed/duplex capabilities currently exposed in
2453 2486 hardware might be a subset of the set of bits that were used in initial
2454 2487 link parameter negotiation. Thus the MII adv_* parameters are marked
2455 2488 read-only, with an additional set of en_* parameters for configuring
2456 2489 speed and duplex properties at initial negotiation.
2457 2490
2458 2491
2459 2492 Note that the adv_autoneg_cap does not have an en_autoneg_cap
2460 2493 counterpart: the adv_autoneg_cap is a 0/1 switch that turns off/on
2461 2494 autonegotiation itself, and therefore cannot be impacted by Power
2462 2495 Management.
2463 2496
2464 2497
2465 2498 In addition, the following Ethernet properties are reported:
2466 2499
2467 2500 speed
2468 2501 (read-only) The operating speed of the device, in Mbps.
2469 2502
2470 2503
2471 2504 mtu
2472 2505 The maximum client SDU (Send Data Unit) supported by the device.
2473 2506 Valid range is 68-65536.
2474 2507
2475 2508
2476 2509 flowctrl
2477 2510 Establishes flow-control modes that will be advertised by the
2478 2511 device. Valid input is one of:
2479 2512
2480 2513 no
2481 2514 No flow control enabled.
2482 2515
2483 2516
2484 2517 rx
2485 2518 Receive, and act upon incoming pause frames.
2486 2519
2487 2520
2488 2521 tx
2489 2522 Transmit pause frames to the peer when congestion occurs, but
2490 2523 ignore received pause frames.
2491 2524
2492 2525
2493 2526 bi
2494 2527 Bidirectional flow control.
2495 2528
2496 2529 Note that the actual settings for this value are constrained by the
2497 2530 capabilities allowed by the device and the link partner.
2498 2531
2499 2532
2500 2533 secondary-macs
2501 2534 A comma-seperated list of additional MAC addresses that are allowed
2502 2535 on the interface.
2503 2536
2504 2537
2505 2538 tagmode
2506 2539 This link property controls the conditions in which 802.1Q VLAN
2507 2540 tags will be inserted in packets being transmitted on the link. Two
2508 2541 mode values can be assigned to this property:
2509 2542
2510 2543 normal
2511 2544 Insert a VLAN tag in outgoing packets under the
2512 2545 following conditions:
2513 2546
2514 2547 o The packet belongs to a VLAN.
2515 2548
2516 2549 o The user requested priority tagging.
2517 2550
2518 2551
2519 2552 vlanonly
2520 2553 Insert a VLAN tag only when the outgoing packet belongs
2521 2554 to a VLAN. If a tag is being inserted in this mode and
2522 2555 the user has also requested a non-zero priority, the
2523 2556 priority is honored and included in the VLAN tag.
2524 2557
2525 2558 The default value is vlanonly.
2526 2559
2527 2560
2528 2561 IP Tunnel Link Properties
2529 2562 The following IP tunnel link properties are supported.
2530 2563
2531 2564 hoplimit
2532 2565 Specifies the IPv4 TTL or IPv6 hop limit for the encapsulating
2533 2566 outer IP header of a tunnel link. This property exists for all
2534 2567 tunnel types. The default value is 64.
2535 2568
2536 2569
2537 2570 encaplimit
2538 2571 Specifies the IPv6 encapsulation limit for an IPv6 tunnel as
2539 2572 defined in RFC 2473. This value is the tunnel nesting limit for a
2540 2573 given tunneled packet. The default value is 4. A value of 0
2541 2574 disables the encapsulation limit.
2542 2575
2543 2576
2544 2577 EXAMPLES
2545 2578 Example 1 Configuring an Aggregation
2546 2579
2547 2580
2548 2581 To configure a data-link over an aggregation of devices bge0 and bge1
2549 2582 with key 1, enter the following command:
2550 2583
2551 2584
2552 2585 # dladm create-aggr -d bge0 -d bge1 1
2553 2586
2554 2587
2555 2588
2556 2589 Example 2 Connecting to a WiFi Link
2557 2590
2558 2591
2559 2592 To connect to the most optimal available unsecured network on a system
2560 2593 with a single WiFi link (as per the prioritization rules specified for
2561 2594 connect-wifi), enter the following command:
2562 2595
2563 2596
2564 2597 # dladm connect-wifi
2565 2598
2566 2599
2567 2600
2568 2601 Example 3 Creating a WiFi Key
2569 2602
2570 2603
2571 2604 To interactively create the WEP key mykey, enter the following command:
2572 2605
2573 2606
2574 2607 # dladm create-secobj -c wep mykey
2575 2608
2576 2609
2577 2610
2578 2611
2579 2612 Alternatively, to non-interactively create the WEP key mykey using the
2580 2613 contents of a file:
2581 2614
2582 2615
2583 2616 # umask 077
2584 2617 # cat >/tmp/mykey.$$ <<EOF
2585 2618 12345
2586 2619 EOF
2587 2620 # dladm create-secobj -c wep -f /tmp/mykey.$$ mykey
2588 2621 # rm /tmp/mykey.$$
2589 2622
2590 2623
2591 2624
2592 2625 Example 4 Connecting to a Specified Encrypted WiFi Link
2593 2626
2594 2627
2595 2628 To use key mykey to connect to ESSID wlan on link ath0, enter the
2596 2629 following command:
2597 2630
2598 2631
2599 2632 # dladm connect-wifi -k mykey -e wlan ath0
2600 2633
2601 2634
2602 2635
2603 2636 Example 5 Changing a Link Property
2604 2637
2605 2638
2606 2639 To set powermode to the value fast on link pcwl0, enter the following
2607 2640 command:
2608 2641
2609 2642
2610 2643 # dladm set-linkprop -p powermode=fast pcwl0
2611 2644
2612 2645
2613 2646
2614 2647 Example 6 Connecting to a WPA-Protected WiFi Link
2615 2648
2616 2649
2617 2650 Create a WPA key psk and enter the following command:
2618 2651
2619 2652
2620 2653 # dladm create-secobj -c wpa psk
2621 2654
2622 2655
2623 2656
2624 2657
2625 2658 To then use key psk to connect to ESSID wlan on link ath0, enter the
2626 2659 following command:
2627 2660
2628 2661
2629 2662 # dladm connect-wifi -k psk -e wlan ath0
2630 2663
2631 2664
2632 2665
2633 2666 Example 7 Renaming a Link
2634 2667
2635 2668
2636 2669 To rename the bge0 link to mgmt0, enter the following command:
2637 2670
2638 2671
2639 2672 # dladm rename-link bge0 mgmt0
2640 2673
2641 2674
2642 2675
2643 2676 Example 8 Replacing a Network Card
2644 2677
2645 2678
2646 2679 Consider that the bge0 device, whose link was named mgmt0 as shown in
2647 2680 the previous example, needs to be replaced with a ce0 device because of
2648 2681 a hardware failure. The bge0 NIC is physically removed, and replaced
2649 2682 with a new ce0 NIC. To associate the newly added ce0 device with the
2650 2683 mgmt0 configuration previously associated with bge0, enter the
2651 2684 following command:
2652 2685
2653 2686
2654 2687 # dladm rename-link ce0 mgmt0
2655 2688
2656 2689
2657 2690
2658 2691 Example 9 Removing a Network Card
2659 2692
2660 2693
2661 2694 Suppose that in the previous example, the intent is not to replace the
2662 2695 bge0 NIC with another NIC, but rather to remove and not replace the
2663 2696 hardware. In that case, the mgmt0 datalink configuration is not slated
2664 2697 to be associated with a different physical device as shown in the
2665 2698 previous example, but needs to be deleted. Enter the following command
2666 2699 to delete the datalink configuration associated with the mgmt0
2667 2700 datalink, whose physical hardware (bge0 in this case) has been removed:
2668 2701
2669 2702
2670 2703 # dladm delete-phys mgmt0
2671 2704
2672 2705
2673 2706
2674 2707 Example 10 Using Parseable Output to Capture a Single Field
2675 2708
2676 2709
2677 2710 The following assignment saves the MTU of link net0 to a variable named
2678 2711 mtu.
2679 2712
2680 2713
2681 2714 # mtu=`dladm show-link -p -o mtu net0`
2682 2715
2683 2716
2684 2717
2685 2718 Example 11 Using Parseable Output to Iterate over Links
2686 2719
2687 2720
2688 2721 The following script displays the state of each link on the system.
2689 2722
2690 2723
2691 2724 # dladm show-link -p -o link,state | while IFS=: read link state; do
2692 2725 print "Link $link is in state $state"
2693 2726 done
2694 2727
2695 2728
2696 2729
2697 2730 Example 12 Configuring VNICs
2698 2731
2699 2732
2700 2733 Create two VNICs with names hello0 and test1 over a single physical
2701 2734 link bge0:
2702 2735
2703 2736
2704 2737 # dladm create-vnic -l bge0 hello0
2705 2738 # dladm create-vnic -l bge0 test1
2706 2739
2707 2740
2708 2741
2709 2742 Example 13 Configuring VNICs and Allocating Bandwidth and Priority
2710 2743
2711 2744
2712 2745 Create two VNICs with names hello0 and test1 over a single physical
2713 2746 link bge0 and make hello0 a high priority VNIC with a factory-assigned
2714 2747 MAC address with a maximum bandwidth of 50 Mbps. Make test1 a low
2715 2748 priority VNIC with a random MAC address and a maximum bandwidth of
2716 2749 100Mbps.
2717 2750
2718 2751
2719 2752 # dladm create-vnic -l bge0 -m factory -p maxbw=50,priority=high hello0
2720 2753 # dladm create-vnic -l bge0 -m random -p maxbw=100M,priority=low test1
2721 2754
2722 2755
2723 2756
2724 2757 Example 14 Configuring a VNIC with a Factory MAC Address
2725 2758
2726 2759
2727 2760 First, list the available factory MAC addresses and choose one of them:
2728 2761
2729 2762
2730 2763 # dladm show-phys -m bge0
2731 2764 LINK SLOT ADDRESS INUSE CLIENT
2732 2765 bge0 primary 0:e0:81:27:d4:47 yes bge0
2733 2766 bge0 1 8:0:20:fe:4e:a5 no
2734 2767 bge0 2 8:0:20:fe:4e:a6 no
2735 2768 bge0 3 8:0:20:fe:4e:a7 no
2736 2769
2737 2770
2738 2771
2739 2772
2740 2773 Create a VNIC named hello0 and use slot 1's address:
2741 2774
2742 2775
2743 2776 # dladm create-vnic -l bge0 -m factory -n 1 hello0
2744 2777 # dladm show-phys -m bge0
2745 2778 LINK SLOT ADDRESS INUSE CLIENT
2746 2779 bge0 primary 0:e0:81:27:d4:47 yes bge0
2747 2780 bge0 1 8:0:20:fe:4e:a5 yes hello0
2748 2781 bge0 2 8:0:20:fe:4e:a6 no
2749 2782 bge0 3 8:0:20:fe:4e:a7 no
2750 2783
2751 2784
2752 2785
2753 2786 Example 15 Creating a VNIC with User-Specified MAC Address, Binding it
2754 2787 to Set of Processors
2755 2788
2756 2789
2757 2790 Create a VNIC with name hello0, with a user specified MAC address, and
2758 2791 a processor binding 0, 1, 2, 3.
2759 2792
2760 2793
2761 2794 # dladm create-vnic -l bge0 -m 8:0:20:fe:4e:b8 -p cpus=0,1,2,3 hello0
2762 2795
2763 2796
2764 2797
2765 2798 Example 16 Creating a Virtual Network Without a Physical NIC
2766 2799
2767 2800
2768 2801 First, create an etherstub with name stub1:
2769 2802
2770 2803
2771 2804 # dladm create-etherstub stub1
2772 2805
2773 2806
2774 2807
2775 2808
2776 2809 Create two VNICs with names hello0 and test1 on the etherstub. This
2777 2810 operation implicitly creates a virtual switch connecting hello0 and
2778 2811 test1.
2779 2812
2780 2813
2781 2814 # dladm create-vnic -l stub1 hello0
2782 2815 # dladm create-vnic -l stub1 test1
2783 2816
2784 2817
2785 2818
2786 2819 Example 17 Showing Network Usage
2787 2820
2788 2821
2789 2822 Network usage statistics can be stored using the extended accounting
2790 2823 facility, acctadm(1M).
2791 2824
2792 2825
2793 2826 # acctadm -e basic -f /var/log/net.log net
2794 2827 # acctadm net
2795 2828 Network accounting: active
2796 2829 Network accounting file: /var/log/net.log
2797 2830 Tracked Network resources: basic
2798 2831 Untracked Network resources: src_ip,dst_ip,src_port,dst_port,protocol,
2799 2832 dsfield
2800 2833
2801 2834
2802 2835
2803 2836
2804 2837 The saved historical data can be retrieved in summary form using the
2805 2838 show-usage subcommand:
2806 2839
2807 2840
2808 2841 # dladm show-usage -f /var/log/net.log
2809 2842 LINK DURATION IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH
2810 2843 e1000g0 80 1031 546908 0 0 2.44 Kbps
2811 2844
2812 2845
2813 2846
2814 2847 Example 18 Displaying Bridge Information
2815 2848
2816 2849
2817 2850 The following commands use the show-bridge subcommand with no and
2818 2851 various options.
2819 2852
2820 2853
2821 2854 # dladm show-bridge
2822 2855 BRIDGE PROTECT ADDRESS PRIORITY DESROOT
2823 2856 foo stp 32768/8:0:20:bf:f 32768 8192/0:d0:0:76:14:38
2824 2857 bar stp 32768/8:0:20:e5:8 32768 8192/0:d0:0:76:14:38
2825 2858
2826 2859 # dladm show-bridge -l foo
2827 2860 LINK STATE UPTIME DESROOT
2828 2861 hme0 forwarding 117 8192/0:d0:0:76:14:38
2829 2862 qfe1 forwarding 117 8192/0:d0:0:76:14:38
2830 2863
2831 2864 # dladm show-bridge -s foo
2832 2865 BRIDGE DROPS FORWARDS
2833 2866 foo 0 302
2834 2867
2835 2868 # dladm show-bridge -ls foo
2836 2869 LINK DROPS RECV XMIT
2837 2870 hme0 0 360832 31797
2838 2871 qfe1 0 322311 356852
2839 2872
2840 2873 # dladm show-bridge -f foo
2841 2874 DEST AGE FLAGS OUTPUT
2842 2875 8:0:20:bc:a7:dc 10.860 -- hme0
2843 2876 8:0:20:bf:f9:69 -- L hme0
2844 2877 8:0:20:c0:20:26 17.420 -- hme0
2845 2878 8:0:20:e5:86:11 -- L qfe1
2846 2879
2847 2880
2848 2881
2849 2882 Example 19 Creating an IPv4 Tunnel
2850 2883
2851 2884
2852 2885 The following sequence of commands creates and then displays a
2853 2886 persistent IPv4 tunnel link named mytunnel0 between 66.1.2.3 and
2854 2887 192.4.5.6:
2855 2888
2856 2889
2857 2890 # dladm create-iptun -T ipv4 -s 66.1.2.3 -d 192.4.5.6 mytunnel0
2858 2891 # dladm show-iptun mytunnel0
2859 2892 LINK TYPE FLAGS SOURCE DESTINATION
2860 2893 mytunnel0 ipv4 -- 66.1.2.3 192.4.5.6
2861 2894
2862 2895
2863 2896
2864 2897
2865 2898 A point-to-point IP interface can then be created over this tunnel link:
2866 2899
2867 2900
2868 2901 # ifconfig mytunnel0 plumb 10.1.0.1 10.1.0.2 up
2869 2902
2870 2903
2871 2904
2872 2905
2873 2906 As with any other IP interface, configuration persistence for this IP
2874 2907 interface is achieved by placing the desired ifconfig commands (in this
2875 2908 case, the command for "10.1.0.1 10.1.0.2") into
2876 2909 /etc/hostname.mytunnel0.
2877 2910
2878 2911
2879 2912 Example 20 Creating a 6to4 Tunnel
2880 2913
2881 2914
2882 2915 The following command creates a 6to4 tunnel link. The IPv4 address of
2883 2916 the 6to4 router is 75.10.11.12.
2884 2917
2885 2918
2886 2919 # dladm create-iptun -T 6to4 -s 75.10.11.12 sitetunnel0
2887 2920 # dladm show-iptun sitetunnel0
2888 2921 LINK TYPE FLAGS SOURCE DESTINATION
2889 2922 sitetunnel0 6to4 -- 75.10.11.12 --
2890 2923
2891 2924
2892 2925
2893 2926
2894 2927 The following command plumbs an IPv6 interface on this tunnel:
2895 2928
2896 2929
2897 2930 # ifconfig sitetunnel0 inet6 plumb up
2898 2931 # ifconfig sitetunnel0 inet6
2899 2932 sitetunnel0: flags=2200041 <UP,RUNNING,NONUD,IPv6> mtu 65515 index 3
2900 2933 inet tunnel src 75.10.11.12
2901 2934 tunnel hop limit 64
2902 2935 inet6 2002:4b0a:b0c::1/16
2903 2936
2904 2937
2905 2938
2906 2939
2907 2940 Note that the system automatically configures the IPv6 address on the
2908 2941 6to4 IP interface. See ifconfig(1M) for a description of how IPv6
2909 2942 addresses are configured on 6to4 tunnel links.
2910 2943
2911 2944
2912 2945 ATTRIBUTES
2913 2946 See attributes(5) for descriptions of the following attributes:
2914 2947
2915 2948
2916 2949 /usr/sbin
2917 2950
2918 2951
2919 2952
2920 2953
2921 2954 +--------------------+-----------------+
2922 2955 | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
2923 2956 +--------------------+-----------------+
2924 2957 |Interface Stability | Committed |
2925 2958 +--------------------+-----------------+
2926 2959
2927 2960
2928 2961 /sbin
2929 2962
2930 2963
2931 2964
2932 2965
2933 2966 +--------------------+-----------------+
2934 2967 | ATTRIBUTE TYPE | ATTRIBUTE VALUE |
2935 2968 +--------------------+-----------------+
2936 2969 |Interface Stability | Committed |
2937 2970 +--------------------+-----------------+
2938 2971
2939 2972 SEE ALSO
2940 2973 acctadm(1M), autopush(1M), ifconfig(1M), ipsecconf(1M), ndd(1M),
2941 2974 psrset(1M), wpad(1M), zonecfg(1M), attributes(5), ieee802.3(5),
2942 2975 dlpi(7P)
2943 2976
2944 2977 NOTES
2945 2978 The preferred method of referring to an aggregation in the aggregation
2946 2979 subcommands is by its link name. Referring to an aggregation by its
2947 2980 integer key is supported for backward compatibility, but is not
2948 2981 necessary. When creating an aggregation, if a key is specified instead
2949 2982 of a link name, the aggregation's link name will be automatically
2950 2983 generated by dladm as aggrkey.
2951 2984
2952 2985
2953 2986
2954 2987 December 3, 2014 DLADM(1M)
|
↓ open down ↓ |
966 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX