UNIX System Administration Handbook - Evi Nemeth [182]
ifconfig: configure network interfaces
ifconfig enables or disables a network interface, sets its IP address and subnet mask, and sets various other options and parameters. It is usually run at boot time (with command-line parameters taken from config files), but it can also make changes on the fly. Be careful if you are making ifconfig changes and are logged in remotely; many a sysadmin has been locked out this way and had to drive in to fix things.
An ifconfig command most commonly has the form
ifconfig interface address options ... up
For example:
ifconfig en0 128.138.240.1 netmask 255.255.255.0 up
interface identifies the hardware interface to which the command applies. It is usually a two or three-character device name followed by a number. Some common names are ie0, le0, le1, ln0, en0, we0, qe0, hme0, eth0, and lan0; lo0 is the name of the loopback interface. The interface name is derived from the name of the device driver used to run it, and it usually corresponds to the chipset used by the interface (Intel Ethernet, Lance Ethernet, etc.).
ifconfig interface displays the current settings for interface without changing them. Many systems understand -a to mean “all interfaces,” and ifconfig -a can be therefore be used to find out what interfaces are present on the system. If your system does not understand ifconfig -a, try netstat -i to find the interface names.
Under Solaris, network interfaces must be “attached” with ifconfig interface plumb before they become configurable and visible to netstat -i.
The address parameter specifies the interface’s IP address. Many versions of ifconfig also accept a hostname for the address parameter. We prefer to use the actual IP address; if ifconfig is given a hostname (or the output of the hostname command), the potential for boot-time problems is increased. If there’s a problem resolving the hostname, the machine won’t boot or it will boot into a state in which it cannot be accessed from the network, requiring you to physically go to the machine to debug the problem. DNS queries that cannot complete take a long while to time out, making it seem that the machine is hung.
The keyword up turns the interface on; down turns it off.
ifconfig understands many other options. We cover only the most common ones; as always, consult your man pages for the final word on your particular system. ifconfig options all have symbolic names. Listing the option selects it. Some options require an argument, which should be placed immediately after the option name. Some versions of ifconfig used to require an address family parameter, too. Today, that parameter is not required and defaults to inet.
The netmask option sets the subnet mask for the interface and is required if the network is not subnetted according to its address class (A, B, or C). The mask can be specified in dotted decimal notation or as a 4-byte hexadecimal number beginning with 0x. In either case, bits set to 1 are part of the network number, and bits set to 0 are part of the host number.
The broadcast option specifies the IP broadcast address for the interface, expressed in either hex or dotted quad notation. The correct broadcast address is one in which the host part is set to all 1s, and most systems default to this value; they use the netmask and IP address to calculate the broadcast address.
On UNIX, you can set the broadcast address to any IP address that’s valid for the network to which the host is attached. Some sites have chosen weird values for the broadcast address in the hope of avoiding certain types of denial of service attacks that are based on broadcast pings. We dislike this approach for several reasons.
First, it requires you to reset the broadcast address on every host on the local network, which can be a time-consuming chore on a large net. Second, it requires you to be absolutely sure that you reconfigure every host, or broadcast storms can result in which packets travel from machine to machine until their TTLs expire.
Broadcast