diff options
Diffstat (limited to 'usr/src/man/man8/dladm.8')
| -rw-r--r-- | usr/src/man/man8/dladm.8 | 6184 |
1 files changed, 6184 insertions, 0 deletions
diff --git a/usr/src/man/man8/dladm.8 b/usr/src/man/man8/dladm.8 new file mode 100644 index 0000000000..694ff6fd9d --- /dev/null +++ b/usr/src/man/man8/dladm.8 @@ -0,0 +1,6184 @@ +.\" +.\" Sun Microsystems, Inc. gratefully acknowledges The Open Group for +.\" permission to reproduce portions of its copyrighted documentation. +.\" Original documentation from The Open Group can be obtained online at +.\" http://www.opengroup.org/bookstore/. +.\" +.\" The Institute of Electrical and Electronics Engineers and The Open +.\" Group, have given us permission to reprint portions of their +.\" documentation. +.\" +.\" In the following statement, the phrase ``this text'' refers to portions +.\" of the system documentation. +.\" +.\" Portions of this text are reprinted and reproduced in electronic form +.\" in the SunOS Reference Manual, from IEEE Std 1003.1, 2004 Edition, +.\" Standard for Information Technology -- Portable Operating System +.\" Interface (POSIX), The Open Group Base Specifications Issue 6, +.\" Copyright (C) 2001-2004 by the Institute of Electrical and Electronics +.\" Engineers, Inc and The Open Group. In the event of any discrepancy +.\" between these versions and the original IEEE and The Open Group +.\" Standard, the original IEEE and The Open Group Standard is the referee +.\" document. The original Standard can be obtained online at +.\" http://www.opengroup.org/unix/online.html. +.\" +.\" This notice shall appear on any product containing this material. +.\" +.\" The contents of this file are subject to the terms of the +.\" Common Development and Distribution License (the "License"). +.\" You may not use this file except in compliance with the License. +.\" +.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +.\" or http://www.opensolaris.org/os/licensing. +.\" See the License for the specific language governing permissions +.\" and limitations under the License. +.\" +.\" When distributing Covered Code, include this CDDL HEADER in each +.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE. +.\" If applicable, add the following below this CDDL HEADER, with the +.\" fields enclosed by brackets "[]" replaced with your own identifying +.\" information: Portions Copyright [yyyy] [name of copyright owner] +.\" +.\" +.\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved +.\" Copyright 2017 Joyent, Inc. +.\" Copyright 2020 RackTop Systems, Inc. +.\" Copyright 2021 OmniOS Community Edition (OmniOSce) Association. +.\" +.TH DLADM 8 "October 20, 2021" +.SH NAME +dladm \- administer data links +.SH SYNOPSIS +\fBdladm help\fR + +.LP +.nf +\fBdladm show-link\fR [\fB-P\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIlink\fR] +\fBdladm rename-link\fR [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fIlink\fR \fInew-link\fR +.fi + +.LP +.nf +\fBdladm delete-phys\fR \fIphys-link\fR +\fBdladm show-phys\fR [\fB-m\fR | \fB-H\fR | \fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIphys-link\fR] +.fi + +.LP +.nf +\fBdladm create-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR \fIpolicy\fR] [\fB-L\fR \fImode\fR] + [\fB-T\fR \fItime\fR] [\fB-u\fR \fIaddress\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...] \fIaggr-link\fR +\fBdladm modify-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR \fIpolicy\fR] [\fB-L\fR \fImode\fR] + [\fB-T\fR \fItime\fR] [\fB-u\fR \fIaddress\fR] \fIaggr-link\fR +\fBdladm delete-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIaggr-link\fR +\fBdladm add-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...] + \fIaggr-link\fR +\fBdladm remove-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...] + \fIaggr-link\fR +\fBdladm show-aggr\fR [\fB-PLx\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] + [\fIaggr-link\fR] +.fi + +.LP +.nf +\fBdladm create-bridge\fR [\fB-P\fR \fIprotect\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR \fIpriority\fR] + [\fB-m\fR \fImax-age\fR] [\fB-h\fR \fIhello-time\fR] [\fB-d\fR \fIforward-delay\fR] [\fB-f\fR \fIforce-protocol\fR] + [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR +.fi + +.LP +.nf +\fBdladm modify-bridge\fR [\fB-P\fR \fIprotect\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-p\fR \fIpriority\fR] + [\fB-m\fR \fImax-age\fR] [\fB-h\fR \fIhello-time\fR] [\fB-d\fR \fIforward-delay\fR] [\fB-f\fR \fIforce-protocol\fR] + \fIbridge-name\fR +.fi + +.LP +.nf +\fBdladm delete-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fIbridge-name\fR +.fi + +.LP +.nf +\fBdladm add-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR [\fB-l\fR \fIlink\fR...]\fIbridge-name\fR +.fi + +.LP +.nf +\fBdladm remove-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR +.fi + +.LP +.nf +\fBdladm show-bridge\fR [\fB-flt\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [[\fB-p\fR] \fB-o\fR \fIfield\fR,...] + [\fIbridge-name\fR] +.fi + +.LP +.nf +\fBdladm create-vlan\fR [\fB-ft\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIether-link\fR \fB-v\fR \fIvid\fR [\fIvlan-link\fR] +\fBdladm delete-vlan\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIvlan-link\fR +\fBdladm show-vlan\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIvlan-link\fR] +.fi + +.LP +.nf +\fBdladm scan-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIwifi-link\fR] +\fBdladm connect-wifi\fR [\fB-e\fR \fIessid\fR] [\fB-i\fR \fIbssid\fR] [\fB-k\fR \fIkey\fR,...] + [\fB-s\fR none | wep | wpa ] [\fB-a\fR open | shared] [\fB-b\fR bss | ibss] [\fB-c\fR] + [\fB-m\fR a | b | g] [\fB-T\fR \fItime\fR] [\fIwifi-link\fR] +\fBdladm disconnect-wifi\fR [\fB-a\fR] [\fIwifi-link\fR] +\fBdladm show-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIwifi-link\fR] +.fi + +.LP +.nf +\fBdladm show-ether\fR [\fB-x\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIether-link\fR] +.fi + +.LP +.nf +\fBdladm set-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] + \fIlink\fR +\fBdladm reset-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] [\fB-p\fR \fIprop\fR[,...]] \fIlink\fR +\fBdladm show-linkprop\fR [\fB-P\fR] [\fB-z\fR \fIzonename\fR] [[\fB-c\fR] \fB-o\fR \fIfield\fR[,...]] + [\fB-p\fR \fIprop\fR[,...]] [\fIlink\fR] +.fi + +.LP +.nf +\fBdladm create-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-f\fR \fIfile\fR] \fB-c\fR \fIclass\fR \fIsecobj\fR +\fBdladm delete-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIsecobj\fR[,...] +\fBdladm show-secobj\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIsecobj\fR,...] +.fi + +.LP +.nf +\fBdladm create-vnic\fR [\fB-t\fR] \fB-l\fR \fIlink\fR [\fB-R\fR \fIroot-dir\fR] [\fB-m\fR \fIvalue\fR | auto | + {factory \fB-n\fR \fIslot-identifier\fR]} | {random [\fB-r\fR \fIprefix\fR]}] + [\fB-v\fR \fIvlan-id\fR] [\fB-p\fR \fIprop\fR=\fIvalue\fR[,...]] \fIvnic-link\fR +\fBdladm delete-vnic\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fIvnic-link\fR +\fBdladm show-vnic\fR [\fB-pP\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [\fB-o\fR \fIfield\fR[,...]] + [\fB-l\fR \fIlink\fR] [\fB-z\fR \fIzonename\fR] [\fIvnic-link\fR] +.fi + +.LP +.nf +\fBdladm create-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIetherstub\fR +\fBdladm delete-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIetherstub\fR +\fBdladm show-etherstub\fR [\fIetherstub\fR] +.fi + +.LP +.nf +\fBdladm create-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-T\fR \fItype\fR + [-a {local|remote}=<addr>[,...]] \fIiptun-link\fR +\fBdladm modify-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [-a {local|remote}=<addr>[,...]] + \fIiptun-link\fR +\fBdladm delete-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fIiptun-link\fR +\fBdladm show-iptun\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIiptun-link\fR] +.fi + +.LP +.nf +\fBdladm create-overlay\fR [\fB-t\fR] \fB-e\fR \fIencap\fR \fB-s\fR \fIsearch\fR \fB-v\fR \fIvnetid\fR [\fB-p\fR \fIprop\fR=\fIvalue\fR[,...]] \fIoverlay\fR +\fBdladm delete-overlay\fR \fIoverlay\fR +\fBdladm modify-overlay\fR \fB-d\fR \fImac\fR | \fB-f\fR | \fB-s\fR \fImac=ip:port\fR \fIoverlay\fR +\fBdladm show-overlay\fR [ \fB-f\fR | \fB-t\fR ] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIoverlay\fR] +.fi + +.LP +.nf +\fBdladm show-usage\fR [\fB-a\fR] \fB-f\fR \fIfilename\fR [\fB-p\fR \fIplotfile\fR \fB-F\fR \fIformat\fR] [\fB-s\fR \fItime\fR] + [\fB-e\fR \fItime\fR] [\fIlink\fR] +.fi + +.SH DESCRIPTION +The \fBdladm\fR command is used to administer data-links. A data-link is +represented in the system as a \fBSTREAMS DLPI\fR (v2) interface which can be +plumbed under protocol stacks such as \fBTCP/IP\fR. Each data-link relies on +either a single network device or an aggregation of devices to send packets to +or receive packets from a network. +.sp +.LP +Each \fBdladm\fR subcommand operates on one of the following objects: +.sp +.ne 2 +.na +\fB\fBlink\fR\fR +.ad +.sp .6 +.RS 4n +A datalink, identified by a name. In general, the name can use any alphanumeric +characters (or the underscore, \fB_\fR), but must start with an alphabetic +character and end with a number. A datalink name can be at most 31 characters, +and the ending number must be between 0 and 4294967294 (inclusive). The ending +number must not begin with a zero. Datalink names between 3 and 8 characters +are recommended. +.sp +Some subcommands operate only on certain types or classes of datalinks. For +those cases, the following object names are used: +.sp +.ne 2 +.na +\fB\fBphys-link\fR\fR +.ad +.sp .6 +.RS 4n +A physical datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBvlan-link\fR\fR +.ad +.sp .6 +.RS 4n +A VLAN datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBaggr-link\fR\fR +.ad +.sp .6 +.RS 4n +An aggregation datalink (or a key; see NOTES). +.RE + +.sp +.ne 2 +.na +\fB\fBether-link\fR\fR +.ad +.sp .6 +.RS 4n +A physical Ethernet datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBwifi-link\fR\fR +.ad +.sp .6 +.RS 4n +A WiFi datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBvnic-link\fR\fR +.ad +.sp .6 +.RS 4n +A virtual network interface created on a link, an \fBetherstub\fR, or \fBan +overlay\fR. It is a pseudo device that can be treated as if it were an network +interface card on a machine. +.RE + +.sp +.ne 2 +.na +\fB\fBiptun-link\fR\fR +.ad +.sp .6 +.RS 4n +An IP tunnel link. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdev\fR\fR +.ad +.sp .6 +.RS 4n +A network device, identified by concatenation of a driver name and an instance +number. +.RE + +.sp +.ne 2 +.na +\fB\fBetherstub\fR\fR +.ad +.sp .6 +.RS 4n +An Ethernet stub can be used instead of a physical NIC to create VNICs. VNICs +created on an \fBetherstub\fR will appear to be connected through a virtual +switch, allowing complete virtual networks to be built without physical +hardware. +.RE + +.sp +.ne 2 +.na +\fB\fBbridge\fR\fR +.ad +.sp .6 +.RS 4n +A bridge instance, identified by an administratively-chosen name. The name may +use any alphanumeric characters or the underscore, \fB_\fR, but must start and +end with an alphabetic character. A bridge name can be at most 31 characters. +The name \fBdefault\fR is reserved, as are all names starting with \fBSUNW\fR. +.sp +Note that appending a zero (\fB0\fR) to a bridge name produces a valid link +name, used for observability. +.RE + +.sp +.ne 2 +.na +\fB\fBsecobj\fR\fR +.ad +.sp .6 +.RS 4n +A secure object, identified by an administratively-chosen name. The name can +use any alphanumeric characters, as well as underscore (\fB_\fR), period +(\fB\&.\fR), and hyphen (\fB-\fR). A secure object name can be at most 32 +characters. +.RE + +.sp +.ne 2 +.na +.B overlay +.ad +.sp .6 +.RS 4n +An overlay instance, identified by an administratively-chosen name. An overlay +can be used to create or join an existing software defined network. +VNICs created on an overlay will appear to be connected by a local virtual +switch and will also be connected to interfaces on matching overlays provided by +other hosts. For more information on overlay devices, see \fBoverlay\fR(5). +.RE + +.SS "Options" +Each \fBdladm\fR subcommand has its own set of options. However, many of the +subcommands have the following as a common option: +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +Specifies an alternate root directory where the operation-such as creation, +deletion, or renaming-should apply. +.RE + +.SS "SUBCOMMANDS" +When invoked with no arguments, +\fBdladm\fR +shows the link configuration information, in the same way as +\fBdladm show-link\fR. +.sp +The following subcommands are supported: +.sp +.ne 2 +.na +\fBdladm help\fR +.ad +.sp .6 +.RS 4n +Display brief command usage. +.RE +.sp +.ne 2 +.na +\fB\fBdladm show-link\fR [\fB-P\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] +[[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]][\fIlink\fR]\fR +.ad +.sp .6 +.RS 4n +Show link configuration information (the default) or statistics, either for all +datalinks or for the specified link \fIlink\fR. By default, the system is +configured with one datalink for each known network device. +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. When not +modified by the \fB-s\fR option (described below), the field name must be one +of the fields listed below, or the special value \fBall\fR to display all +fields. By default (without \fB-o\fR), \fBshow-link\fR displays all fields. +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBCLASS\fR\fR +.ad +.sp .6 +.RS 4n +The class of the datalink. \fBdladm\fR distinguishes between the following +classes: +.sp +.ne 2 +.na +\fB\fBphys\fR\fR +.ad +.sp .6 +.RS 4n +A physical datalink. The \fBshow-phys\fR subcommand displays more detail for +this class of datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBaggr\fR\fR +.ad +.sp .6 +.RS 4n +An IEEE 802.3ad link aggregation. The \fBshow-aggr\fR subcommand displays more +detail for this class of datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBvlan\fR\fR +.ad +.sp .6 +.RS 4n +A VLAN datalink. The \fBshow-vlan\fR subcommand displays more detail for this +class of datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBvnic\fR\fR +.ad +.sp .6 +.RS 4n +A virtual network interface. The \fBshow-vnic\fR subcommand displays more +detail for this class of datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBoverlay\fR\fR +.ad +.sp .6 +.RS 4n +A virtual device that is used to create or join a software defined +network. The \fBshow-overlay\fR subcommand displays more detail for this +class of datalink. +.RE + + +.RE + +.sp +.ne 2 +.na +\fB\fBMTU\fR\fR +.ad +.sp .6 +.RS 4n +The maximum transmission unit size for the datalink being displayed. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATE\fR\fR +.ad +.sp .6 +.RS 4n +The link state of the datalink. The state can be \fBup\fR, \fBdown\fR, or +\fBunknown\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBBRIDGE\fR\fR +.ad +.sp .6 +.RS 4n +The name of the bridge to which this link is assigned, if any. +.RE + +.sp +.ne 2 +.na +\fB\fBOVER\fR\fR +.ad +.sp .6 +.RS 4n +The physical datalink(s) over which the datalink is operating. This applies to +\fBaggr\fR, \fBbridge\fR, and \fBvlan\fR classes of datalinks. A VLAN is +created over a single physical datalink, a bridge has multiple attached links, +and an aggregation is comprised of one or more physical datalinks. +.RE + +When the \fB-o\fR option is used in conjunction with the \fB-s\fR option, used +to display link statistics, the field name must be one of the fields listed +below, or the special value \fBall\fR to display all fields +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBIPACKETS\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets received on this link. +.RE + +.sp +.ne 2 +.na +\fB\fBRBYTES\fR\fR +.ad +.sp .6 +.RS 4n +Number of bytes received on this link. +.RE + +.sp +.ne 2 +.na +\fB\fBIERRORS\fR\fR +.ad +.sp .6 +.RS 4n +Number of input errors. +.RE + +.sp +.ne 2 +.na +\fB\fBOPACKETS\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets sent on this link. +.RE + +.sp +.ne 2 +.na +\fB\fBOBYTES\fR\fR +.ad +.sp .6 +.RS 4n +Number of bytes sent on this link. +.RE + +.sp +.ne 2 +.na +\fB\fBOERRORS\fR\fR +.ad +.sp .6 +.RS 4n +Number of output errors. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display the persistent link configuration. +.RE + +.sp +.ne 2 +.na +\fB\fB-s\fR, \fB--statistics\fR\fR +.ad +.sp .6 +.RS 4n +Display link statistics. +.RE + +.sp +.ne 2 +.na +\fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR +.ad +.sp .6 +.RS 4n +Used with the \fB-s\fR option to specify an interval, in seconds, at which +statistics should be displayed. If this option is not specified, statistics +will be displayed only once. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm rename-link\fR [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fIlink\fR \fInew-link\fR\fR +.ad +.sp .6 +.RS 4n +Rename \fIlink\fR to \fInew-link\fR. This is used to give a link a meaningful +name, or to associate existing link configuration such as link properties of a +removed device with a new device. See the \fBEXAMPLES\fR section for specific +examples of how this subcommand is used. +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-z\fR \fIzonename\fR +.ad +.sp .6 +.RS 4n +A link assigned to a zone can only be renamed while the zone is in the ready state. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-phys\fR \fIphys-link\fR\fR +.ad +.sp .6 +.RS 4n +This command is used to delete the persistent configuration of a link +associated with physical hardware which has been removed from the system. See +the \fBEXAMPLES\fR section. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-phys\fR [\fB-m\fR | \fB-H\fR | \fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] +[\fIphys-link\fR]\fR +.ad +.sp .6 +.RS 4n +Show the physical device and attributes of all physical links, or of the named +physical link. Without \fB-P\fR, only physical links that are available on the +running system are displayed. +.sp +.ne 2 +.na +\fB\fB-H\fR\fR +.ad +.sp .6 +.RS 4n +Show hardware resource usage, as returned by the NIC driver. Output from +\fB-H\fR displays the following elements: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +A physical device corresponding to a NIC driver. +.RE + +.sp +.ne 2 +.na +\fB\fBGROUP\fR\fR +.ad +.sp .6 +.RS 4n +A collection of rings. +.RE + +.sp +.ne 2 +.na +\fB\fBGROUPTYPE\fR\fR +.ad +.sp .6 +.RS 4n +RX or TX. All rings in a group are of the same group type. +.RE + +.sp +.ne 2 +.na +\fB\fBRINGS\fR\fR +.ad +.sp .6 +.RS 4n +A hardware resource used by a data link, subject to assignment by a driver to +different groups. +.RE + +.sp +.ne 2 +.na +\fB\fBCLIENTS\fR\fR +.ad +.sp .6 +.RS 4n +MAC clients that are using the rings within a group. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-m\fR\fR +.ad +.sp .6 +.RS 4n +Show MAC addresses and related information. Output from \fB-m\fR +displays the following elements: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +A physical device corresponding to a NIC driver. +.RE +.sp +.ne 2 +.na +\fB\fBSLOT\fR\fR +.ad +.sp .6 +.RS 4n +When a given physical device has multiple factory MAC addresses, this +indicates the slot of the corresponding MAC address which can be used as +part of a call to \fBcreate-vnic\fR. +.RE +.sp +.ne 2 +.na +\fB\fBADDRESS\fR\fR +.ad +.sp .6 +.RS 4n +Displays the MAC address of the device. +.RE +.sp +.ne 2 +.na +\fB\fBINUSE\fR\fR +.ad +.sp .6 +.RS 4n +Displays whether or not a MAC Address is actively being used. +.RE +.sp +.ne 2 +.na +\fB\fBCLIENT\fR\fR +.ad +.sp .6 +.RS 4n +MAC clients that are using the address. +.RE +.RE +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR, \fB--output\fR=\fIfield\fR\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR, to +display all fields. Note that if either \fB-H\fR or \fB-m\fR are specified, then +the valid options are those described in their respective sections. For each +link, the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBMEDIA\fR\fR +.ad +.sp .6 +.RS 4n +The media type provided by the physical datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATE\fR\fR +.ad +.sp .6 +.RS 4n +The state of the link. This can be \fBup\fR, \fBdown\fR, or \fBunknown\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBSPEED\fR\fR +.ad +.sp .6 +.RS 4n +The current speed of the link, in megabits per second. +.RE + +.sp +.ne 2 +.na +\fB\fBDUPLEX\fR\fR +.ad +.sp .6 +.RS 4n +For Ethernet links, the full/half duplex status of the link is displayed if the +link state is \fBup\fR. The duplex is displayed as \fBunknown\fR in all other +cases. +.RE + +.sp +.ne 2 +.na +\fB\fBDEVICE\fR\fR +.ad +.sp .6 +.RS 4n +The name of the physical device under this link. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +This option displays persistent configuration for all links, including those +that have been removed from the system. The output provides a \fBFLAGS\fR +column in which the \fBr\fR flag indicates that the physical device associated +with a physical link has been removed. For such links, \fBdelete-phys\fR can be +used to purge the link's configuration from the system. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm create-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR +\fIpolicy\fR] [\fB-L\fR \fImode\fR] [\fB-T\fR \fItime\fR] [\fB-u\fR +\fIaddress\fR] \fB-l\fR \fIether-link1\fR [\fB-l\fR \fIether-link2\fR...] +\fIaggr-link\fR\fR +.ad +.sp .6 +.RS 4n +Combine a set of links into a single IEEE 802.3ad link aggregation named +\fIaggr-link\fR. The use of an integer \fIkey\fR to generate a link name for +the aggregation is also supported for backward compatibility. Many of the +\fB*\fR\fB-aggr\fR subcommands below also support the use of a \fIkey\fR to +refer to a given aggregation, but use of the aggregation link name is +preferred. See the \fBNOTES\fR section for more information on keys. +.sp +\fBdladm\fR supports a number of port selection policies for an aggregation of +ports. (See the description of the \fB-P\fR option, below.) If you do not +specify a policy, \fBcreate-aggr\fR uses the default, the L4 policy, described +under the \fB-P\fR option. +.sp +.ne 2 +.na +\fB\fB-l\fR \fIether-link\fR, \fB--link\fR=\fIether-link\fR\fR +.ad +.sp .6 +.RS 4n +Each Ethernet link (or port) in the aggregation is specified using an \fB-l\fR +option followed by the name of the link to be included in the aggregation. +Multiple links are included in the aggregation by specifying multiple \fB-l\fR +options. For backward compatibility with previous versions of Solaris, the +\fBdladm\fR command also supports the using the \fB-d\fR option (or +\fB--dev\fR) with a device name to specify links by their underlying device +name. The other \fB*\fR\fB-aggr\fR subcommands that take \fB-l\fR options also +accept \fB-d\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the aggregation is temporary. Temporary aggregations last until +the next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR \fIpolicy\fR, \fB--policy\fR=\fIpolicy\fR\fR +.ad +.br +.na +\fB\fR +.ad +.sp .6 +.RS 4n +Specifies the port selection policy to use for load spreading of outbound +traffic. The policy specifies which \fIdev\fR object is used to send packets. A +policy is a list of one or more layers specifiers separated by commas. A layer +specifier is one of the following: +.sp +.ne 2 +.na +\fB\fBL2\fR\fR +.ad +.sp .6 +.RS 4n +Select outbound device according to source and destination \fBMAC\fR addresses +of the packet. +.RE + +.sp +.ne 2 +.na +\fB\fBL3\fR\fR +.ad +.sp .6 +.RS 4n +Select outbound device according to source and destination \fBIP\fR addresses +of the packet. +.RE + +.sp +.ne 2 +.na +\fB\fBL4\fR\fR +.ad +.sp .6 +.RS 4n +Select outbound device according to the upper layer protocol information +contained in the packet. For \fBTCP\fR and \fBUDP\fR, this includes source and +destination ports. For IPsec, this includes the \fBSPI\fR (Security Parameters +Index). +.RE + +For example, to use upper layer protocol information, the following policy can +be used: +.sp +.in +2 +.nf +-P L4 +.fi +.in -2 +.sp + +Note that policy L4 is the default. +.sp +To use the source and destination \fBMAC\fR addresses as well as the source and +destination \fBIP\fR addresses, the following policy can be used: +.sp +.in +2 +.nf +-P L2,L3 +.fi +.in -2 +.sp + +.RE + +.sp +.ne 2 +.na +\fB\fB-L\fR \fImode\fR, \fB--lacp-mode\fR=\fImode\fR\fR +.ad +.sp .6 +.RS 4n +Specifies whether \fBLACP\fR should be used and, if used, the mode in which it +should operate. Supported values are \fBoff\fR, \fBactive\fR or \fBpassive\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-T\fR \fItime\fR, \fB--lacp-timer\fR=\fItime\fR\fR +.ad +.br +.na +\fB\fR +.ad +.sp .6 +.RS 4n +Specifies the \fBLACP\fR timer value. The supported values are \fBshort\fR or +\fBlong\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-u\fR \fIaddress\fR, \fB--unicast\fR=\fIaddress\fR\fR +.ad +.sp .6 +.RS 4n +Specifies a fixed unicast hardware address to be used for the aggregation. If +this option is not specified, then an address is automatically chosen from the +set of addresses of the component devices. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm modify-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-P\fR +\fIpolicy\fR] [\fB-L\fR \fImode\fR] [\fB-T\fR \fItime\fR] [\fB-u\fR +\fIaddress\fR] \fIaggr-link\fR\fR +.ad +.sp .6 +.RS 4n +Modify the parameters of the specified aggregation. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the modification is temporary. Temporary aggregations last until +the next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR \fIpolicy\fR, \fB--policy\fR=\fIpolicy\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the port selection policy to use for load spreading of outbound +traffic. See \fBdladm create-aggr\fR for a description of valid policy values. +.RE + +.sp +.ne 2 +.na +\fB\fB-L\fR \fImode\fR, \fB--lacp-mode\fR=\fImode\fR\fR +.ad +.sp .6 +.RS 4n +Specifies whether \fBLACP\fR should be used and, if used, the mode in which it +should operate. Supported values are \fBoff\fR, \fBactive\fR, or \fBpassive\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-T\fR \fItime\fR, \fB--lacp-timer\fR=\fItime\fR\fR +.ad +.br +.na +\fB\fR +.ad +.sp .6 +.RS 4n +Specifies the \fBLACP\fR timer value. The supported values are \fBshort\fR or +\fBlong\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-u\fR \fIaddress\fR, \fB--unicast\fR=\fIaddress\fR\fR +.ad +.sp .6 +.RS 4n +Specifies a fixed unicast hardware address to be used for the aggregation. If +this option is not specified, then an address is automatically chosen from the +set of addresses of the component devices. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +\fIaggr-link\fR\fR +.ad +.sp .6 +.RS 4n +Deletes the specified aggregation. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the deletion is temporary. Temporary deletions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm add-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR +\fIether-link1\fR [\fB--link\fR=\fIether-link2\fR...] \fIaggr-link\fR\fR +.ad +.sp .6 +.RS 4n +Adds links to the specified aggregation. +.sp +.ne 2 +.na +\fB\fB-l\fR \fIether-link\fR, \fB--link\fR=\fIether-link\fR\fR +.ad +.sp .6 +.RS 4n +Specifies an Ethernet link to add to the aggregation. Multiple links can be +added by supplying multiple \fB-l\fR options. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the additions are temporary. Temporary additions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm remove-aggr\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR +\fIether-link1\fR [\fB--l\fR=\fIether-link2\fR...] \fIaggr-link\fR\fR +.ad +.sp .6 +.RS 4n +Removes links from the specified aggregation. +.sp +.ne 2 +.na +\fB\fB-l\fR \fIether-link\fR, \fB--link\fR=\fIether-link\fR\fR +.ad +.sp .6 +.RS 4n +Specifies an Ethernet link to remove from the aggregation. Multiple links can +be added by supplying multiple \fB-l\fR options. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the removals are temporary. Temporary removal last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-aggr\fR [\fB-PLx\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] +[[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIaggr-link\fR]\fR +.ad +.sp .6 +.RS 4n +Show aggregation configuration (the default), \fBLACP\fR information, or +statistics, either for all aggregations or for the specified aggregation. +.sp +By default (with no options), the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the aggregation link. +.RE + +.sp +.ne 2 +.na +\fB\fBPOLICY\fR\fR +.ad +.sp .6 +.RS 4n +The LACP policy of the aggregation. See the \fBcreate-aggr\fR \fB-P\fR option +for a description of the possible values. +.RE + +.sp +.ne 2 +.na +\fB\fBADDRPOLICY\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBauto\fR, if the aggregation is configured to automatically configure +its unicast MAC address (the default if the \fB-u\fR option was not used to +create or modify the aggregation), or \fBfixed\fR, if \fB-u\fR was used to set +a fixed MAC address. +.RE + +.sp +.ne 2 +.na +\fB\fBLACPACTIVITY\fR\fR +.ad +.sp .6 +.RS 4n +The LACP mode of the aggregation. Possible values are \fBoff\fR, \fBactive\fR, +or \fBpassive\fR, as set by the \fB-l\fR option to \fBcreate-aggr\fR or +\fBmodify-aggr\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBLACPTIMER\fR\fR +.ad +.sp .6 +.RS 4n +The LACP timer value of the aggregation as set by the \fB-T\fR option of +\fBcreate-aggr\fR or \fBmodify-aggr\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBFLAGS\fR\fR +.ad +.sp .6 +.RS 4n +A set of state flags associated with the aggregation. The only possible flag is +\fBf\fR, which is displayed if the administrator forced the creation the +aggregation using the \fB-f\fR option to \fBcreate-aggr\fR. Other flags might +be defined in the future. +.RE + +The \fBshow-aggr\fR command accepts the following options: +.sp +.ne 2 +.na +\fB\fB-L\fR, \fB--lacp\fR\fR +.ad +.sp .6 +.RS 4n +Displays detailed \fBLACP\fR information for the aggregation link and each +underlying port. Most of the state information displayed by this option is +defined by IEEE 802.3. With this option, the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the aggregation link. +.RE + +.sp +.ne 2 +.na +\fB\fBPORT\fR\fR +.ad +.sp .6 +.RS 4n +The name of one of the underlying aggregation ports. +.RE + +.sp +.ne 2 +.na +\fB\fBAGGREGATABLE\fR\fR +.ad +.sp .6 +.RS 4n +Whether the port can be added to the aggregation. +.RE + +.sp +.ne 2 +.na +\fB\fBSYNC\fR\fR +.ad +.sp .6 +.RS 4n +If \fByes\fR, the system considers the port to be synchronized and part of the +aggregation. +.RE + +.sp +.ne 2 +.na +\fB\fBCOLL\fR\fR +.ad +.sp .6 +.RS 4n +If \fByes\fR, collection of incoming frames is enabled on the associated port. +.RE + +.sp +.ne 2 +.na +\fB\fBDIST\fR\fR +.ad +.sp .6 +.RS 4n +If \fByes\fR, distribution of outgoing frames is enabled on the associated +port. +.RE + +.sp +.ne 2 +.na +\fB\fBDEFAULTED\fR\fR +.ad +.sp .6 +.RS 4n +If \fByes\fR, the port is using defaulted partner information (that is, has not +received LACP data from the LACP partner). +.RE + +.sp +.ne 2 +.na +\fB\fBEXPIRED\fR\fR +.ad +.sp .6 +.RS 4n +If \fByes\fR, the receive state of the port is in the \fBEXPIRED\fR state. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-x\fR, \fB--extended\fR\fR +.ad +.sp .6 +.RS 4n +Display additional aggregation information including detailed information on +each underlying port. With \fB-x\fR, the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the aggregation link. +.RE + +.sp +.ne 2 +.na +\fB\fBPORT\fR\fR +.ad +.sp .6 +.RS 4n +The name of one of the underlying aggregation ports. +.RE + +.sp +.ne 2 +.na +\fB\fBSPEED\fR\fR +.ad +.sp .6 +.RS 4n +The speed of the link or port in megabits per second. +.RE + +.sp +.ne 2 +.na +\fB\fBDUPLEX\fR\fR +.ad +.sp .6 +.RS 4n +The full/half duplex status of the link or port is displayed if the link state +is \fBup\fR. The duplex status is displayed as \fBunknown\fR in all other +cases. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATE\fR\fR +.ad +.sp .6 +.RS 4n +The link state. This can be \fBup\fR, \fBdown\fR, or \fBunknown\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBADDRESS\fR\fR +.ad +.sp .6 +.RS 4n +The MAC address of the link or port. +.RE + +.sp +.ne 2 +.na +\fB\fBPORTSTATE\fR\fR +.ad +.sp .6 +.RS 4n +This indicates whether the individual aggregation port is in the \fBstandby\fR +or \fBattached\fR state. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed above, or the special value \fBall\fR, to +display all fields. The fields applicable to the \fB-o\fR option are limited to +those listed under each output mode. For example, if using \fB-L\fR, only the +fields listed under \fB-L\fR, above, can be used with \fB-o\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display the persistent aggregation configuration rather than the state of the +running system. +.RE + +.sp +.ne 2 +.na +\fB\fB-s\fR, \fB--statistics\fR\fR +.ad +.sp .6 +.RS 4n +Displays aggregation statistics. +.RE + +.sp +.ne 2 +.na +\fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR +.ad +.sp .6 +.RS 4n +Used with the \fB-s\fR option to specify an interval, in seconds, at which +statistics should be displayed. If this option is not specified, statistics +will be displayed only once. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm create-bridge\fR [ \fB-P\fR \fIprotect\fR] [\fB-R\fR +\fIroot-dir\fR] [ \fB-p\fR \fIpriority\fR] [ \fB-m\fR \fImax-age\fR] [ \fB-h\fR +\fIhello-time\fR] [ \fB-d\fR \fIforward-delay\fR] [ \fB-f\fR +\fIforce-protocol\fR] [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR +.ad +.sp .6 +.RS 4n +Create an 802.1D bridge instance and optionally assign one or more network +links to the new bridge. By default, no bridge instances are present on the +system. +.sp +In order to bridge between links, you must create at least one bridge instance. +Each bridge instance is separate, and there is no forwarding connection between +bridges. +.sp +.ne 2 +.na +\fB\fB-P\fR \fIprotect\fR, \fB--protect\fR=\fIprotect\fR\fR +.ad +.sp .6 +.RS 4n +Specifies a protection method. The defined protection methods are \fBstp\fR for +the Spanning Tree Protocol and trill for \fBTRILL\fR, which is used on +RBridges. The default value is \fBstp\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIpriority\fR, \fB--priority\fR=\fIpriority\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the Bridge Priority. This sets the IEEE STP priority value for +determining the root bridge node in the network. The default value is +\fB32768\fR. Valid values are \fB0\fR (highest priority) to \fB61440\fR (lowest +priority), in increments of 4096. +.sp +If a value not evenly divisible by 4096 is used, the system silently rounds +downward to the next lower value that is divisible by 4096. +.RE + +.sp +.ne 2 +.na +\fB\fB-m\fR \fImax-age\fR, \fB--max-age\fR=\fImax-age\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the maximum age for configuration information in seconds. This sets +the STP Bridge Max Age parameter. This value is used for all nodes in the +network if this node is the root bridge. Bridge link information older than +this time is discarded. It defaults to 20 seconds. Valid values are from 6 to +40 seconds. See the \fB-d\fR \fIforward-delay\fR parameter for additional +constraints. +.RE + +.sp +.ne 2 +.na +\fB\fB-h\fR \fIhello-time\fR, \fB--hello-time\fR=\fIhello-time\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the STP Bridge Hello Time parameter. When this node is the root node, +it sends Configuration BPDUs at this interval throughout the network. The +default value is 2 seconds. Valid values are from 1 to 10 seconds. See the +\fB-d\fR \fIforward-delay\fR parameter for additional constraints. +.RE + +.sp +.ne 2 +.na +\fB\fB-d\fR \fIforward-delay\fR, \fB--forward-delay\fR=\fIforward-delay\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the STP Bridge Forward Delay parameter. When this node is the root +node, then all bridges in the network use this timer to sequence the link +states when a port is enabled. The default value is 15 seconds. Valid values +are from 4 to 30 seconds. +.sp +Bridges must obey the following two constraints: +.sp +.in +2 +.nf +2 * (\fIforward-delay\fR - 1.0) >= \fImax-age\fR + +\fImax-age\fR >= 2 * (\fIhello-time\fR + 1.0) +.fi +.in -2 +.sp + +Any parameter setting that would violate those constraints is treated as an +error and causes the command to fail with a diagnostic message. The message +provides valid alternatives to the supplied values. +.RE + +.sp +.ne 2 +.na +\fB\fB-f\fR \fIforce-protocol\fR, +\fB--force-protocol\fR=\fIforce-protocol\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the MSTP forced maximum supported protocol. The default value is 3. +Valid values are non-negative integers. The current implementation does not +support RSTP or MSTP, so this currently has no effect. However, to prevent MSTP +from being used in the future, the parameter may be set to \fB0\fR for STP only +or \fB2\fR for STP and RSTP. +.RE + +.sp +.ne 2 +.na +\fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR +.ad +.sp .6 +.RS 4n +Specifies one or more links to add to the newly-created bridge. This is similar +to creating the bridge and then adding one or more links, as with the +\fBadd-bridge\fR subcommand. However, if any of the links cannot be added, the +entire command fails, and the new bridge itself is not created. To add multiple +links on the same command line, repeat this option for each link. You are +permitted to create bridges without links. For more information about link +assignments, see the \fBadd-bridge\fR subcommand. +.RE + +Bridge creation and link assignment require the \fBPRIV_SYS_DL_CONFIG\fR +privilege. Bridge creation might fail if the optional bridging feature is not +installed on the system. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm modify-bridge\fR [ \fB-P\fR \fIprotect\fR] [\fB-R\fR +\fIroot-dir\fR] [ \fB-p\fR \fIpriority\fR] [ \fB-m\fR \fImax-age\fR] [ \fB-h\fR +\fIhello-time\fR] [ \fB-d\fR \fIforward-delay\fR] [ \fB-f\fR +\fIforce-protocol\fR] [\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR +.ad +.sp .6 +.RS 4n +Modify the operational parameters of an existing bridge. The options are the +same as for the \fBcreate-bridge\fR subcommand, except that the \fB-l\fR option +is not permitted. To add links to an existing bridge, use the \fBadd-bridge\fR +subcommand. +.sp +Bridge parameter modification requires the \fBPRIV_SYS_DL_CONFIG\fR privilege. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fIbridge-name\fR\fR +.ad +.sp .6 +.RS 4n +Delete a bridge instance. The bridge being deleted must not have any attached +links. Use the \fBremove-bridge\fR subcommand to deactivate links before +deleting a bridge. +.sp +Bridge deletion requires the \fBPRIV_SYS_DL_CONFIG\fR privilege. +.sp +The \fB-R\fR (\fB--root-dir\fR) option is the same as for the +\fBcreate-bridge\fR subcommand. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm add-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR +[\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR +.ad +.sp .6 +.RS 4n +Add one or more links to an existing bridge. If multiple links are specified, +and adding any one of them results in an error, the command fails and no +changes are made to the system. +.sp +Link addition to a bridge requires the \fBPRIV_SYS_DL_CONFIG\fR privilege. +.sp +A link may be a member of at most one bridge. An error occurs when you attempt +to add a link that already belongs to another bridge. To move a link from one +bridge instance to another, remove it from the current bridge before adding it +to a new one. +.sp +The links assigned to a bridge must not also be VLANs, VNICs, or tunnels. Only +physical Ethernet datalinks, aggregation datalinks, wireless links, and +Ethernet stubs are permitted to be assigned to a bridge. +.sp +Links assigned to a bridge must all have the same MTU. This is checked when the +link is assigned. The link is added to the bridge in a deactivated form if it +is not the first link on the bridge and it has a differing MTU. +.sp +Note that systems using bridging should not set the \fBeeprom\fR(8) +\fBlocal-mac-address?\fR variable to false. +.sp +The options are the same as for the \fBcreate-bridge\fR subcommand. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm remove-bridge\fR [\fB-R\fR \fIroot-dir\fR] \fB-l\fR \fIlink\fR +[\fB-l\fR \fIlink\fR...] \fIbridge-name\fR\fR +.ad +.sp .6 +.RS 4n +Remove one or more links from a bridge instance. If multiple links are +specified, and removing any one of them would result in an error, the command +fails and none are removed. +.sp +Link removal from a bridge requires the \fBPRIV_SYS_DL_CONFIG\fR privilege. +.sp +The options are the same as for the \fBcreate-bridge\fR subcommand. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-bridge\fR [\fB-flt\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] +[[\fB-p\fR] \fB-o\fR \fIfield\fR,...] [\fIbridge-name\fR]\fR +.ad +.sp .6 +.RS 4n +Show the running status and configuration of bridges, their attached links, +learned forwarding entries, and \fBTRILL\fR nickname databases. When showing +overall bridge status and configuration, the bridge name can be omitted to show +all bridges. The other forms require a specified bridge. +.sp +The show-bridge subcommand accepts the following options: +.sp +.ne 2 +.na +\fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR +.ad +.sp .6 +.RS 4n +Used with the \fB-s\fR option to specify an interval, in seconds, at which +statistics should be displayed. If this option is not specified, statistics +will be displayed only once. +.RE + +.sp +.ne 2 +.na +\fB\fB-s\fR, \fB--statistics\fR\fR +.ad +.sp .6 +.RS 4n +Display statistics for the specified bridges or for a given bridge's attached +links. This option cannot be used with the \fB-f\fR and \fB-t\fR options. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. See "Parsable Output Format," +below. +.RE + +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +names are described below. The special value all displays all fields. Each set +of fields has its own default set to display when \fB-o\fR is not specified. +.RE + +By default, the \fBshow-bridge\fR subcommand shows bridge configuration. The +following fields can be shown: +.sp +.ne 2 +.na +\fB\fBBRIDGE\fR\fR +.ad +.sp .6 +.RS 4n +The name of the bridge. +.RE + +.sp +.ne 2 +.na +\fB\fBADDRESS\fR\fR +.ad +.sp .6 +.RS 4n +The Bridge Unique Identifier value (MAC address). +.RE + +.sp +.ne 2 +.na +\fB\fBPRIORITY\fR\fR +.ad +.sp .6 +.RS 4n +Configured priority value; set by \fB-p\fR with \fBcreate-bridge\fR and +\fBmodify-bridge\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBBMAXAGE\fR\fR +.ad +.sp .6 +.RS 4n +Configured bridge maximum age; set by \fB-m\fR with \fBcreate-bridge\fR and +\fBmodify-bridge\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBBHELLOTIME\fR\fR +.ad +.sp .6 +.RS 4n +Configured bridge hello time; set by \fB-h\fR with \fBcreate-bridge\fR and +\fBmodify-bridge\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBBFWDDELAY\fR\fR +.ad +.sp .6 +.RS 4n +Configured forwarding delay; set by \fB-d\fR with \fBcreate-bridge\fR and +\fBmodify-bridge\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBFORCEPROTO\fR\fR +.ad +.sp .6 +.RS 4n +Configured forced maximum protocol; set by \fB-f\fR with \fBcreate-bridge\fR +and \fBmodify-bridge\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBTCTIME\fR\fR +.ad +.sp .6 +.RS 4n +Time, in seconds, since last topology change. +.RE + +.sp +.ne 2 +.na +\fB\fBTCCOUNT\fR\fR +.ad +.sp .6 +.RS 4n +Count of the number of topology changes. +.RE + +.sp +.ne 2 +.na +\fB\fBTCHANGE\fR\fR +.ad +.sp .6 +.RS 4n +This indicates that a topology change was detected. +.RE + +.sp +.ne 2 +.na +\fB\fBDESROOT\fR\fR +.ad +.sp .6 +.RS 4n +Bridge Identifier of the root node. +.RE + +.sp +.ne 2 +.na +\fB\fBROOTCOST\fR\fR +.ad +.sp .6 +.RS 4n +Cost of the path to the root node. +.RE + +.sp +.ne 2 +.na +\fB\fBROOTPORT\fR\fR +.ad +.sp .6 +.RS 4n +Port number used to reach the root node. +.RE + +.sp +.ne 2 +.na +\fB\fBMAXAGE\fR\fR +.ad +.sp .6 +.RS 4n +Maximum age value from the root node. +.RE + +.sp +.ne 2 +.na +\fB\fBHELLOTIME\fR\fR +.ad +.sp .6 +.RS 4n +Hello time value from the root node. +.RE + +.sp +.ne 2 +.na +\fB\fBFWDDELAY\fR\fR +.ad +.sp .6 +.RS 4n +Forward delay value from the root node. +.RE + +.sp +.ne 2 +.na +\fB\fBHOLDTIME\fR\fR +.ad +.sp .6 +.RS 4n +Minimum BPDU interval. +.RE + +By default, when the \fB-o\fR option is not specified, only the \fBBRIDGE\fR, +\fBADDRESS\fR, \fBPRIORITY\fR, and \fBDESROOT\fR fields are shown. +.sp +When the \fB-s\fR option is specified, the \fBshow-bridge\fR subcommand shows +bridge statistics. The following fields can be shown: +.sp +.ne 2 +.na +\fB\fBBRIDGE\fR\fR +.ad +.sp .6 +.RS 4n +Bridge name. +.RE + +.sp +.ne 2 +.na +\fB\fBDROPS\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets dropped due to resource problems. +.RE + +.sp +.ne 2 +.na +\fB\fBFORWARDS\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets forwarded from one link to another. +.RE + +.sp +.ne 2 +.na +\fB\fBMBCAST\fR\fR +.ad +.sp .6 +.RS 4n +Number of multicast and broadcast packets handled by the bridge. +.RE + +.sp +.ne 2 +.na +\fB\fBRECV\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets received on all attached links. +.RE + +.sp +.ne 2 +.na +\fB\fBSENT\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets sent on all attached links. +.RE + +.sp +.ne 2 +.na +\fB\fBUNKNOWN\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets handled that have an unknown destination. Such packets are +sent to all links. +.RE + +By default, when the \fB-o\fR option is not specified, only the \fBBRIDGE\fR, +\fBDROPS\fR, and \fBFORWARDS\fR fields are shown. +.sp +The \fBshow-bridge\fR subcommand also accepts the following options: +.sp +.ne 2 +.na +\fB\fB-l\fR, \fB--link\fR\fR +.ad +.sp .6 +.RS 4n +Displays link-related status and statistics information for all links attached +to a single bridge instance. By using this option and without the \fB-s\fR +option, the following fields can be displayed for each link: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The link name. +.RE + +.sp +.ne 2 +.na +\fB\fBINDEX\fR\fR +.ad +.sp .6 +.RS 4n +Port (link) index number on the bridge. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATE\fR\fR +.ad +.sp .6 +.RS 4n +State of the link. The state can be \fBdisabled\fR, \fBdiscarding\fR, +\fBlearning\fR, \fBforwarding\fR, \fBnon-stp\fR, or \fBbad-mtu\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBUPTIME\fR\fR +.ad +.sp .6 +.RS 4n +Number of seconds since the last reset or initialization. +.RE + +.sp +.ne 2 +.na +\fB\fBOPERCOST\fR\fR +.ad +.sp .6 +.RS 4n +Actual cost in use (1-65535). +.RE + +.sp +.ne 2 +.na +\fB\fBOPERP2P\fR\fR +.ad +.sp .6 +.RS 4n +This indicates whether point-to-point (\fBP2P\fR) mode been detected. +.RE + +.sp +.ne 2 +.na +\fB\fBOPEREDGE\fR\fR +.ad +.sp .6 +.RS 4n +This indicates whether edge mode has been detected. +.RE + +.sp +.ne 2 +.na +\fB\fBDESROOT\fR\fR +.ad +.sp .6 +.RS 4n +The Root Bridge Identifier that has been seen on this port. +.RE + +.sp +.ne 2 +.na +\fB\fBDESCOST\fR\fR +.ad +.sp .6 +.RS 4n +Path cost to the network root node through the designated port. +.RE + +.sp +.ne 2 +.na +\fB\fBDESBRIDGE\fR\fR +.ad +.sp .6 +.RS 4n +Bridge Identifier for this port. +.RE + +.sp +.ne 2 +.na +\fB\fBDESPORT\fR\fR +.ad +.sp .6 +.RS 4n +The ID and priority of the port used to transmit configuration messages for +this port. +.RE + +.sp +.ne 2 +.na +\fB\fBTCACK\fR\fR +.ad +.sp .6 +.RS 4n +This indicates whether Topology Change Acknowledge has been seen. +.RE + +When the \fB-l\fR option is specified without the \fB-o\fR option, only the +\fBLINK\fR, \fBSTATE\fR, \fBUPTIME\fR, and \fBDESROOT\fR fields are shown. +.sp +When the \fB-l\fR option is specified, the \fB-s\fR option can be used to +display the following fields for each link: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +Link name. +.RE + +.sp +.ne 2 +.na +\fB\fBCFGBPDU\fR\fR +.ad +.sp .6 +.RS 4n +Number of configuration BPDUs received. +.RE + +.sp +.ne 2 +.na +\fB\fBTCNBPDU\fR\fR +.ad +.sp .6 +.RS 4n +Number of topology change BPDUs received. +.RE + +.sp +.ne 2 +.na +\fB\fBRSTPBPDU\fR\fR +.ad +.sp .6 +.RS 4n +Number of Rapid Spanning Tree BPDUs received. +.RE + +.sp +.ne 2 +.na +\fB\fBTXBPDU\fR\fR +.ad +.sp .6 +.RS 4n +Number of BPDUs transmitted. +.RE + +.sp +.ne 2 +.na +\fB\fBDROPS\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets dropped due to resource problems. +.RE + +.sp +.ne 2 +.na +\fB\fBRECV\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets received by the bridge. +.RE + +.sp +.ne 2 +.na +\fB\fBXMIT\fR\fR +.ad +.sp .6 +.RS 4n +Number of packets sent by the bridge. +.RE + +When the \fB-o\fR option is not specified, only the \fBLINK\fR, \fBDROPS\fR, +\fBRECV\fR, and \fBXMIT\fR fields are shown. +.RE + +.sp +.ne 2 +.na +\fB\fB-f\fR, \fB--forwarding\fR\fR +.ad +.sp .6 +.RS 4n +Displays forwarding entries for a single bridge instance. With this option, the +following fields can be shown for each forwarding entry: +.sp +.ne 2 +.na +\fB\fBDEST\fR\fR +.ad +.sp .6 +.RS 4n +Destination MAC address. +.RE + +.sp +.ne 2 +.na +\fB\fBAGE\fR\fR +.ad +.sp .6 +.RS 4n +Age of entry in seconds and milliseconds. Omitted for local entries. +.RE + +.sp +.ne 2 +.na +\fB\fBFLAGS\fR\fR +.ad +.sp .6 +.RS 4n +The \fBL\fR (local) flag is shown if the MAC address belongs to an attached +link or to a VNIC on one of the attached links. +.RE + +.sp +.ne 2 +.na +\fB\fBOUTPUT\fR\fR +.ad +.sp .6 +.RS 4n +For local entries, this is the name of the attached link that has the MAC +address. Otherwise, for bridges that use Spanning Tree Protocol, this is the +output interface name. For RBridges, this is the output \fBTRILL\fR nickname. +.RE + +When the \fB-o\fR option is not specified, the \fBDEST\fR, \fBAGE\fR, +\fBFLAGS\fR, and \fBOUTPUT\fR fields are shown. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--trill\fR\fR +.ad +.sp .6 +.RS 4n +Displays \fBTRILL\fR nickname entries for a single bridge instance. With this +option, the following fields can be shown for each \fBTRILL\fR nickname entry: +.sp +.ne 2 +.na +\fB\fBNICK\fR\fR +.ad +.sp .6 +.RS 4n +\fBTRILL\fR nickname for this RBridge, which is a number from 1 to 65535. +.RE + +.sp +.ne 2 +.na +\fB\fBFLAGS\fR\fR +.ad +.sp .6 +.RS 4n +The \fBL\fR flag is shown if the nickname identifies the local system. +.RE + +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +Link name for output when sending messages to this RBridge. +.RE + +.sp +.ne 2 +.na +\fB\fBNEXTHOP\fR\fR +.ad +.sp .6 +.RS 4n +MAC address of the next hop RBridge that is used to reach the RBridge with this +nickname. +.RE + +When the \fB-o\fR option is not specified, the \fBNICK\fR, \fBFLAGS\fR, +\fBLINK\fR, and \fBNEXTHOP\fR fields are shown. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm create-vlan\fR [\fB-ft\fR] [\fB-R\fR \fIroot-dir\fR] \fB-l\fR +\fIether-link\fR \fB-v\fR \fIvid\fR [\fIvlan-link\fR]\fR +.ad +.sp .6 +.RS 4n +Create a tagged VLAN link with an ID of \fIvid\fR over Ethernet link +\fIether-link\fR. The name of the VLAN link can be specified as +\fIvlan\fR-\fIlink\fR. If the name is not specified, a name will be +automatically generated (assuming that \fIether-link\fR is \fIname\fR\fIPPA\fR) +as: +.sp +.in +2 +.nf +<\fIname\fR><1000 * \fIvlan-tag\fR + \fIPPA\fR> +.fi +.in -2 +.sp + +For example, if \fIether-link\fR is \fBbge1\fR and \fIvid\fR is 2, the name +generated is \fBbge2001\fR. +.sp +.ne 2 +.na +\fB\fB-f\fR, \fB--force\fR\fR +.ad +.sp .6 +.RS 4n +Force the creation of the VLAN link. Some devices do not allow frame sizes +large enough to include a VLAN header. When creating a VLAN link over such a +device, the \fB-f\fR option is needed, and the MTU of the IP interfaces on the +resulting VLAN must be set to 1496 instead of 1500. +.RE + +.sp +.ne 2 +.na +\fB\fB-l\fR \fIether-link\fR\fR +.ad +.sp .6 +.RS 4n +Specifies Ethernet link over which VLAN is created. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the VLAN link is temporary. Temporary VLAN links last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-vlan\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +\fIvlan-link\fR\fR +.ad +.sp .6 +.RS 4n +Delete the VLAN link specified. +.sp +The \fBdelete-vlan\fR subcommand accepts the following options: +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the deletion is temporary. Temporary deletions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-vlan\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] +[\fIvlan-link\fR]\fR +.ad +.sp .6 +.RS 4n +Display VLAN configuration for all VLAN links or for the specified VLAN link. +.sp +The \fBshow-vlan\fR subcommand accepts the following options: +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR, to +display all fields. For each VLAN link, the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the VLAN link. +.RE + +.sp +.ne 2 +.na +\fB\fBVID\fR\fR +.ad +.sp .6 +.RS 4n +The ID associated with the VLAN. +.RE + +.sp +.ne 2 +.na +\fB\fBOVER\fR\fR +.ad +.sp .6 +.RS 4n +The name of the physical link over which this VLAN is configured. +.RE + +.sp +.ne 2 +.na +\fB\fBFLAGS\fR\fR +.ad +.sp .6 +.RS 4n +A set of flags associated with the VLAN link. Possible flags are: +.sp +.ne 2 +.na +\fB\fBf\fR\fR +.ad +.sp .6 +.RS 4n +The VLAN was created using the \fB-f\fR option to \fBcreate-vlan\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBi\fR\fR +.ad +.sp .6 +.RS 4n +The VLAN was implicitly created when the DLPI link was opened. These VLAN links +are automatically deleted on last close of the DLPI link (for example, when the +IP interface associated with the VLAN link is unplumbed). +.RE + +Additional flags might be defined in the future. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display the persistent VLAN configuration rather than the state of the running +system. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm scan-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] +[\fIwifi-link\fR]\fR +.ad +.sp .6 +.RS 4n +Scans for \fBWiFi\fR networks, either on all \fBWiFi\fR links, or just on the +specified \fIwifi-link\fR. +.sp +By default, currently all fields but \fBBSSTYPE\fR are displayed. +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR to +display all fields. For each \fBWiFi\fR network found, the following fields can +be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the link the \fBWiFi\fR network is on. +.RE + +.sp +.ne 2 +.na +\fB\fBESSID\fR\fR +.ad +.sp .6 +.RS 4n +The \fBESSID\fR (name) of the \fBWiFi\fR network. +.RE + +.sp +.ne 2 +.na +\fB\fBBSSID\fR\fR +.ad +.sp .6 +.RS 4n +Either the hardware address of the \fBWiFi\fR network's Access Point (for +\fBBSS\fR networks), or the \fBWiFi\fR network's randomly generated unique +token (for \fBIBSS\fR networks). +.RE + +.sp +.ne 2 +.na +\fB\fBSEC\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBnone\fR for a \fBWiFi\fR network that uses no security, \fBwep\fR for +a \fBWiFi\fR network that requires WEP (Wired Equivalent Privacy), or \fBwpa\fR +for a WiFi network that requires WPA (Wi-Fi Protected Access). +.RE + +.sp +.ne 2 +.na +\fB\fBMODE\fR\fR +.ad +.sp .6 +.RS 4n +The supported connection modes: one or more of \fBa\fR, \fBb\fR, or \fBg\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBSTRENGTH\fR\fR +.ad +.sp .6 +.RS 4n +The strength of the signal: one of \fBexcellent\fR, \fBvery good\fR, +\fBgood\fR, \fBweak\fR, or \fBvery weak\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBSPEED\fR\fR +.ad +.sp .6 +.RS 4n +The maximum speed of the \fBWiFi\fR network, in megabits per second. +.RE + +.sp +.ne 2 +.na +\fB\fBBSSTYPE\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBbss\fR for \fBBSS\fR (infrastructure) networks, or \fBibss\fR for +\fBIBSS\fR (ad-hoc) networks. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm connect-wifi\fR [\fB-e\fR \fIessid\fR] [\fB-i\fR \fIbssid\fR] +[\fB-k\fR \fIkey\fR,...] [\fB-s\fR \fBnone\fR | \fBwep\fR | \fBwpa\fR] +[\fB-a\fR \fBopen\fR|\fBshared\fR] [\fB-b\fR \fBbss\fR|\fBibss\fR] [\fB-c\fR] +[\fB-m\fR \fBa\fR|\fBb\fR|\fBg\fR] [\fB-T\fR \fItime\fR] [\fIwifi-link\fR]\fR +.ad +.sp .6 +.RS 4n +Connects to a \fBWiFi\fR network. This consists of four steps: \fIdiscovery\fR, +\fIfiltration\fR, \fIprioritization\fR, and \fIassociation\fR. However, to +enable connections to non-broadcast \fBWiFi\fR networks and to improve +performance, if a \fBBSSID\fR or \fBESSID\fR is specified using the \fB-e\fR or +\fB-i\fR options, then the first three steps are skipped and \fBconnect-wifi\fR +immediately attempts to associate with a \fBBSSID\fR or \fBESSID\fR that +matches the rest of the provided parameters. If this association fails, but +there is a possibility that other networks matching the specified criteria +exist, then the traditional discovery process begins as specified below. +.sp +The discovery step finds all available \fBWiFi\fR networks on the specified +WiFi link, which must not yet be connected. For administrative convenience, if +there is only one \fBWiFi\fR link on the system, \fIwifi-link\fR can be +omitted. +.sp +Once discovery is complete, the list of networks is filtered according to the +value of the following options: +.sp +.ne 2 +.na +\fB\fB-e\fR \fIessid,\fR \fB--essid\fR=\fIessid\fR\fR +.ad +.sp .6 +.RS 4n +Networks that do not have the same \fIessid\fR are filtered out. +.RE + +.sp +.ne 2 +.na +\fB\fB-b\fR \fBbss\fR|\fBibss\fR, \fB--bsstype\fR=\fBbss\fR|\fBibss\fR\fR +.ad +.sp .6 +.RS 4n +Networks that do not have the same \fBbsstype\fR are filtered out. +.RE + +.sp +.ne 2 +.na +\fB\fB-m\fR \fBa\fR|\fBb\fR|\fBg\fR, \fB--mode\fR=\fBa\fR|\fBb\fR|\fBg\fR\fR +.ad +.sp .6 +.RS 4n +Networks not appropriate for the specified 802.11 mode are filtered out. +.RE + +.sp +.ne 2 +.na +\fB\fB-k\fR \fIkey,...\fR, \fB--key\fR=\fIkey, ...\fR\fR +.ad +.sp .6 +.RS 4n +Use the specified \fBsecobj\fR named by the key to connect to the network. +Networks not appropriate for the specified keys are filtered out. +.RE + +.sp +.ne 2 +.na +\fB\fB-s\fR \fBnone\fR|\fBwep\fR|\fBwpa\fR, +\fB--sec\fR=\fBnone\fR|\fBwep\fR|\fBwpa\fR\fR +.ad +.sp .6 +.RS 4n +Networks not appropriate for the specified security mode are filtered out. +.RE + +Next, the remaining networks are prioritized, first by signal strength, and +then by maximum speed. Finally, an attempt is made to associate with each +network in the list, in order, until one succeeds or no networks remain. +.sp +In addition to the options described above, the following options also control +the behavior of \fBconnect-wifi\fR: +.sp +.ne 2 +.na +\fB\fB-a\fR \fBopen\fR|\fBshared\fR, \fB--auth\fR=\fBopen\fR|\fBshared\fR\fR +.ad +.sp .6 +.RS 4n +Connect using the specified authentication mode. By default, \fBopen\fR and +\fBshared\fR are tried in order. +.RE + +.sp +.ne 2 +.na +\fB\fB-c\fR, \fB--create-ibss\fR\fR +.ad +.sp .6 +.RS 4n +Used with \fB-b ibss\fR to create a new ad-hoc network if one matching the +specified \fBESSID\fR cannot be found. If no \fBESSID\fR is specified, then +\fB-c -b ibss\fR always triggers the creation of a new ad-hoc network. +.RE + +.sp +.ne 2 +.na +\fB\fB-T\fR \fItime\fR, \fB--timeout\fR=\fItime\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the number of seconds to wait for association to succeed. If +\fItime\fR is \fBforever\fR, then the associate will wait indefinitely. The +current default is ten seconds, but this might change in the future. Timeouts +shorter than the default might not succeed reliably. +.RE + +.sp +.ne 2 +.na +\fB\fB-k\fR \fIkey,...\fR, \fB--key\fR=\fIkey,...\fR\fR +.ad +.sp .6 +.RS 4n +In addition to the filtering previously described, the specified keys will be +used to secure the association. The security mode to use will be based on the +key class; if a security mode was explicitly specified, it must be compatible +with the key class. All keys must be of the same class. +.sp +For security modes that support multiple key slots, the slot to place the key +will be specified by a colon followed by an index. Therefore, \fB-k mykey:3\fR +places \fBmykey\fR in slot 3. By default, slot 1 is assumed. For security modes +that support multiple keys, a comma-separated list can be specified, with the +first key being the active key. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm disconnect-wifi\fR [\fB-a\fR] [\fIwifi-link\fR]\fR +.ad +.sp .6 +.RS 4n +Disconnect from one or more \fBWiFi\fR networks. If \fIwifi-link\fR specifies a +connected \fBWiFi\fR link, then it is disconnected. For administrative +convenience, if only one \fBWiFi\fR link is connected, \fIwifi-link\fR can be +omitted. +.sp +.ne 2 +.na +\fB\fB-a\fR, \fB--all-links\fR\fR +.ad +.sp .6 +.RS 4n +Disconnects from all connected links. This is primarily intended for use by +scripts. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-wifi\fR [[\fB-p\fR] \fB-o\fR \fIfield\fR,...] +[\fIwifi-link\fR]\fR +.ad +.sp .6 +.RS 4n +Shows \fBWiFi\fR configuration information either for all \fBWiFi\fR links or +for the specified link \fIwifi-link\fR. +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield,...\fR, \fB--output\fR=\fIfield\fR\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR, to +display all fields. For each \fBWiFi\fR link, the following fields can be +displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the link being displayed. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATUS\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBconnected\fR if the link is connected, or \fBdisconnected\fR if it is +not connected. If the link is disconnected, all remaining fields have the value +\fB--\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBESSID\fR\fR +.ad +.sp .6 +.RS 4n +The \fBESSID\fR (name) of the connected \fBWiFi\fR network. +.RE + +.sp +.ne 2 +.na +\fB\fBBSSID\fR\fR +.ad +.sp .6 +.RS 4n +Either the hardware address of the \fBWiFi\fR network's Access Point (for +\fBBSS\fR networks), or the \fBWiFi\fR network's randomly generated unique +token (for \fBIBSS\fR networks). +.RE + +.sp +.ne 2 +.na +\fB\fBSEC\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBnone\fR for a \fBWiFi\fR network that uses no security, \fBwep\fR for +a \fBWiFi\fR network that requires WEP, or \fBwpa\fR for a WiFi network that +requires WPA. +.RE + +.sp +.ne 2 +.na +\fB\fBMODE\fR\fR +.ad +.sp .6 +.RS 4n +The supported connection modes: one or more of \fBa\fR, \fBb\fR, or \fBg\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBSTRENGTH\fR\fR +.ad +.sp .6 +.RS 4n +The connection strength: one of \fBexcellent\fR, \fBvery good\fR, \fBgood\fR, +\fBweak\fR, or \fBvery weak\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBSPEED\fR\fR +.ad +.sp .6 +.RS 4n +The connection speed, in megabits per second. +.RE + +.sp +.ne 2 +.na +\fB\fBAUTH\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBopen\fR or \fBshared\fR (see \fBconnect-wifi\fR). +.RE + +.sp +.ne 2 +.na +\fB\fBBSSTYPE\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBbss\fR for \fBBSS\fR (infrastructure) networks, or \fBibss\fR for +\fBIBSS\fR (ad-hoc) networks. +.RE + +By default, currently all fields but \fBAUTH\fR, \fBBSSID\fR, \fBBSSTYPE\fR are +displayed. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Displays using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-ether\fR [\fB-x\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR,...] +[\fIether-link\fR]\fR +.ad +.sp .6 +.RS 4n +Shows state information either for all physical Ethernet links or for a +specified physical Ethernet link. +.sp +The \fBshow-ether\fR subcommand accepts the following options: +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR,..., \fB--output\fR=\fIfield\fR\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR to +display all fields. For each link, the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the link being displayed. +.RE + +.sp +.ne 2 +.na +\fB\fBPTYPE\fR\fR +.ad +.sp .6 +.RS 4n +Parameter type, where \fBcurrent\fR indicates the negotiated state of the link, +\fBcapable\fR indicates capabilities supported by the device, \fBadv\fR +indicates the advertised capabilities, and \fBpeeradv\fR indicates the +capabilities advertised by the link-partner. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATE\fR\fR +.ad +.sp .6 +.RS 4n +The state of the link. +.RE + +.sp +.ne 2 +.na +\fB\fBAUTO\fR\fR +.ad +.sp .6 +.RS 4n +A \fByes\fR/\fBno\fR value indicating whether auto-negotiation is advertised. +.RE + +.sp +.ne 2 +.na +\fB\fBSPEED-DUPLEX\fR\fR +.ad +.sp .6 +.RS 4n +Combinations of speed and duplex values available. The units of speed are +encoded with a trailing suffix of \fBG\fR (Gigabits/s) or \fBM\fR (Mb/s). +Duplex values are encoded as \fBf\fR (full-duplex) or \fBh\fR (half-duplex). +.RE + +.sp +.ne 2 +.na +\fB\fBPAUSE\fR\fR +.ad +.sp .6 +.RS 4n +Flow control information. Can be \fBno\fR, indicating no flow control is +available; \fBtx\fR, indicating that the end-point can transmit pause frames, +but ignores any received pause frames; \fBrx\fR, indicating that the end-point +receives and acts upon received pause frames; or \fBbi\fR, indicating +bi-directional flow-control. +.RE + +.sp +.ne 2 +.na +\fB\fBREM_FAULT\fR\fR +.ad +.sp .6 +.RS 4n +Fault detection information. Valid values are \fBnone\fR or \fBfault\fR. +.RE + +By default, all fields except \fBREM_FAULT\fR are displayed for the "current" +\fBPTYPE\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Displays using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-x\fR, \fB--extended\fR\fR +.ad +.sp .6 +.RS 4n +Extended output is displayed for \fBPTYPE\fR values of \fBcurrent\fR, +\fBcapable\fR, \fBadv\fR and \fBpeeradv\fR. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm set-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fB-p\fR \fIprop\fR=\fIvalue\fR[,...] \fIlink\fR\fR +.ad +.sp .6 +.RS 4n +Sets the values of one or more properties on the link specified. The list of +properties and their possible values depend on the link type, the network +device driver, and networking hardware. These properties can be retrieved using +\fBshow-linkprop\fR. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the changes are temporary. Temporary changes last until the next +reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-z\fR \fIzonename\fR +.ad +.sp .6 +.RS 4n +Operate on a link that has been delegated to the specified zone. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIprop\fR=\fIvalue\fR[,...], \fB--prop\fR +\fIprop\fR=\fIvalue\fR[,...]\fR +.ad +.br +.na +\fB\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of properties to set to the specified values. +.RE + +Note that when the persistent value is set, the temporary value changes to the +same value. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm reset-linkprop\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] [\fB-p\fR \fIprop\fR,...] \fIlink\fR\fR +.ad +.sp .6 +.RS 4n +Resets one or more properties to their values on the link specified. Properties +are reset to the values they had at startup. If no properties are specified, +all properties are reset. See \fBshow-linkprop\fR for a description of +properties. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the resets are temporary. Values are reset to default values. +Temporary resets last until the next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-z\fR \fIzonename\fR +.ad +.sp .6 +.RS 4n +Operate on a link that has been delegated to the specified zone. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIprop, ...\fR, \fB--prop\fR=\fIprop, ...\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of properties to reset. +.RE + +Note that when the persistent value is reset, the temporary value changes to +the same value. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-linkprop\fR [\fB-P\fR] [\fB-z\fR \fIzonename\fR] [[\fB-c\fR] \fB-o\fR \fIfield\fR[,...]][\fB-p\fR \fIprop\fR[,...]] [\fIlink\fR]\fR +.ad +.sp .6 +.RS 4n +Show the current or persistent values of one or more properties, either for all +datalinks or for the specified link. By default, current values are shown. If +no properties are specified, all available link properties are displayed. For +each property, the following fields are displayed: +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR to +display all fields. For each link, the following fields can be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the datalink. +.RE + +.sp +.ne 2 +.na +\fB\fBPROPERTY\fR\fR +.ad +.sp .6 +.RS 4n +The name of the property. +.RE + +.sp +.ne 2 +.na +\fB\fBPERM\fR\fR +.ad +.sp .6 +.RS 4n +The read/write permissions of the property. The value shown is one of \fBro\fR +or \fBrw\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBVALUE\fR\fR +.ad +.sp .6 +.RS 4n +The current (or persistent) property value. If the value is not set, it is +shown as \fB--\fR. If it is unknown, the value is shown as \fB?\fR. Persistent +values that are not set or have been reset will be shown as \fB--\fR and will +use the system \fBDEFAULT\fR value (if any). +.RE + +.sp +.ne 2 +.na +\fB\fBDEFAULT\fR\fR +.ad +.sp .6 +.RS 4n +The default value of the property. If the property has no default value, +\fB--\fR is shown. +.RE + +.sp +.ne 2 +.na +\fB\fBPOSSIBLE\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of the values the property can have. If the values span +a numeric range, \fImin\fR - \fImax\fR might be shown as shorthand. If the +possible values are unknown or unbounded, \fB--\fR is shown. +.RE + +The list of properties depends on the link type and network device driver, and +the available values for a given property further depends on the underlying +network hardware and its state. General link properties are documented in the +\fBLINK PROPERTIES\fR section. However, link properties that begin with +"\fB_\fR" (underbar) are specific to a given link or its underlying network +device and subject to change or removal. See the appropriate network device +driver man page for details. +.RE + +.sp +.ne 2 +.na +\fB\fB-c\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with this option. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display persistent link property information +.RE + +.sp +.ne 2 +.na +\fB\fB-z\fR \fIzonename\fR +.ad +.sp .6 +.RS 4n +Operate on a link that has been delegated to the specified zone. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIprop, ...\fR, \fB--prop\fR=\fIprop, ...\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of properties to show. See the sections on link +properties following subcommand descriptions. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm create-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-f\fR +\fIfile\fR] \fB-c\fR \fIclass\fR \fIsecobj\fR\fR +.ad +.sp .6 +.RS 4n +Create a secure object named \fIsecobj\fR in the specified \fIclass\fR to be +later used as a WEP or WPA key in connecting to an encrypted network. The value +of the secure object can either be provided interactively or read from a file. +The sequence of interactive prompts and the file format depends on the class of +the secure object. +.sp +Currently, the classes \fBwep\fR and \fBwpa\fR are supported. The \fBWEP\fR +(Wired Equivalent Privacy) key can be either 5 or 13 bytes long. It can be +provided either as an \fBASCII\fR or hexadecimal string -- thus, \fB12345\fR +and \fB0x3132333435\fR are equivalent 5-byte keys (the \fB0x\fR prefix can be +omitted). A file containing a \fBWEP\fR key must consist of a single line using +either \fBWEP\fR key format. The WPA (Wi-Fi Protected Access) key must be +provided as an ASCII string with a length between 8 and 63 bytes. +.sp +This subcommand is only usable by users or roles that belong to the "Network +Link Security" \fBRBAC\fR profile. +.sp +.ne 2 +.na +\fB\fB-c\fR \fIclass\fR, \fB--class\fR=\fIclass\fR\fR +.ad +.sp .6 +.RS 4n +\fIclass\fR can be \fBwep\fR or \fBwpa\fR. See preceding discussion. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the creation is temporary. Temporary creation last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-f\fR \fIfile\fR, \fB--file\fR=\fIfile\fR\fR +.ad +.sp .6 +.RS 4n +Specifies a file that should be used to obtain the secure object's value. The +format of this file depends on the secure object class. See the \fBEXAMPLES\fR +section for an example of using this option to set a \fBWEP\fR key. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-secobj\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +\fIsecobj\fR[,...]\fR +.ad +.sp .6 +.RS 4n +Delete one or more specified secure objects. This subcommand is only usable by +users or roles that belong to the "Network Link Security" \fBRBAC\fR profile. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the deletions are temporary. Temporary deletions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-secobj\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] +[\fIsecobj\fR,...]\fR +.ad +.sp .6 +.RS 4n +Show current or persistent secure object information. If one or more secure +objects are specified, then information for each is displayed. Otherwise, all +current or persistent secure objects are displayed. +.sp +By default, current secure objects are displayed, which are all secure objects +that have either been persistently created and not temporarily deleted, or +temporarily created. +.sp +For security reasons, it is not possible to show the value of a secure object. +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...] , \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below. For displayed secure object, the +following fields can be shown: +.sp +.ne 2 +.na +\fB\fBOBJECT\fR\fR +.ad +.sp .6 +.RS 4n +The name of the secure object. +.RE + +.sp +.ne 2 +.na +\fB\fBCLASS\fR\fR +.ad +.sp .6 +.RS 4n +The class of the secure object. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display persistent secure object information +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm create-vnic\fR [\fB-t\fR] \fB-l\fR \fIlink\fR [\fB-R\fR +\fIroot-dir\fR] [\fB-m\fR \fIvalue\fR | auto | {factory [\fB-n\fR +\fIslot-identifier\fR]} | {random [\fB-r\fR \fIprefix\fR]}] [\fB-v\fR +\fIvlan-id\fR] [\fB-p\fR \fIprop\fR=\fIvalue\fR[,...]] \fIvnic-link\fR\fR +.ad +.sp .6 +.RS 4n +Create a VNIC with name \fIvnic-link\fR over the specified link. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the VNIC is temporary. Temporary VNICs last until the next +reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR +.ad +.sp .6 +.RS 4n +\fIlink\fR can be a physical link or an \fBetherstub\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-m\fR \fIvalue\fR | \fIkeyword\fR, \fB--mac-address\fR=\fIvalue\fR | +\fIkeyword\fR\fR +.ad +.sp .6 +.RS 4n +Sets the VNIC's MAC address based on the specified value or keyword. If +\fIvalue\fR is not a keyword, it is interpreted as a unicast MAC address, which +must be valid for the underlying NIC. The following special keywords can be +used: +.sp +.ne 2 +.na +\fBfactory [\fB-n\fR \fIslot-identifier\fR],\fR +.ad +.br +.na +\fBfactory [\fB--slot\fR=\fIslot-identifier\fR]\fR +.ad +.sp .6 +.RS 4n +Assign a factory MAC address to the VNIC. When a factory MAC address is +requested, \fB-m\fR can be combined with the \fB-n\fR option to specify a MAC +address slot to be used. If \fB-n\fR is not specified, the system will choose +the next available factory MAC address. The \fB-m\fR option of the +\fBshow-phys\fR subcommand can be used to display the list of factory MAC +addresses, their slot identifiers, and their availability. +.RE + +.sp +.ne 2 +.na +\fB\fR +.ad +.br +.na +\fBrandom [\fB-r\fR \fIprefix\fR],\fR +.ad +.br +.na +\fBrandom [\fB--mac-prefix\fR=\fIprefix\fR]\fR +.ad +.sp .6 +.RS 4n +Assign a random MAC address to the VNIC. A default prefix consisting of a valid +IEEE OUI with the local bit set will be used. That prefix can be overridden +with the \fB-r\fR option. +.RE + +.sp +.ne 2 +.na +\fBauto\fR +.ad +.sp .6 +.RS 4n +Try and use a factory MAC address first. If none is available, assign a random +MAC address. \fBauto\fR is the default action if the \fB-m\fR option is not +specified. +.RE + +.sp +.ne 2 +.na +\fB\fB-v\fR \fIvlan-id\fR\fR +.ad +.sp .6 +.RS 4n +Enable VLAN tagging for this VNIC. The VLAN tag will have id \fIvlan-id\fR. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIprop\fR=\fIvalue\fR,..., \fB--prop\fR +\fIprop\fR=\fIvalue\fR,...\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of properties to set to the specified values. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-vnic\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] [\fB-z\fR \fIzonename\fR] \fIvnic-link\fR\fR +.ad +.sp .6 +.RS 4n +Deletes the specified VNIC. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the deletion is temporary. Temporary deletions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-z\fR \fIzonename\fR +.ad +.sp .6 +.RS 4n +Operate on a link that has been delegated to the specified zone. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-vnic\fR [\fB-pP\fR] [\fB-s\fR [\fB-i\fR \fIinterval\fR]] [\fB-o\fR \fIfield\fR[,...]] [\fB-l\fR \fIlink\fR] [\fB-z\fR \fIzonename\fR] [\fIvnic-link\fR]\fR +.ad +.sp .6 +.RS 4n +Show VNIC configuration information (the default) or statistics, for all VNICs, +all VNICs on a link, or only the specified \fIvnic-link\fR. +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...] , \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below. The field name must be one of the +fields listed below, or the special value \fBall\fR to display all fields. By +default (without \fB-o\fR), \fBshow-vnic\fR displays all fields. +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the VNIC. +.RE + +.sp +.ne 2 +.na +\fB\fBOVER\fR\fR +.ad +.sp .6 +.RS 4n +The name of the physical link over which this VNIC is configured. +.RE + +.sp +.ne 2 +.na +\fB\fBSPEED\fR\fR +.ad +.sp .6 +.RS 4n +The maximum speed of the VNIC, in megabits per second. +.RE + +.sp +.ne 2 +.na +\fB\fBMACADDRESS\fR\fR +.ad +.sp .6 +.RS 4n +MAC address of the VNIC. +.RE + +.sp +.ne 2 +.na +\fB\fBMACADDRTYPE\fR\fR +.ad +.sp .6 +.RS 4n +MAC address type of the VNIC. \fBdladm\fR distinguishes among the following MAC +address types: +.sp +.ne 2 +.na +\fB\fBrandom\fR\fR +.ad +.sp .6 +.RS 4n +A random address assigned to the VNIC. +.RE + +.sp +.ne 2 +.na +\fB\fBfactory\fR\fR +.ad +.sp .6 +.RS 4n +A factory MAC address used by the VNIC. +.RE + +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display the persistent VNIC configuration. +.RE + +.sp +.ne 2 +.na +\fB\fB-s\fR, \fB--statistics\fR\fR +.ad +.sp .6 +.RS 4n +Displays VNIC statistics. +.RE + +.sp +.ne 2 +.na +\fB\fB-i\fR \fIinterval\fR, \fB--interval\fR=\fIinterval\fR\fR +.ad +.sp .6 +.RS 4n +Used with the \fB-s\fR option to specify an interval, in seconds, at which +statistics should be displayed. If this option is not specified, statistics +will be displayed only once. +.RE + +.sp +.ne 2 +.na +\fB\fB-l\fR \fIlink\fR, \fB--link\fR=\fIlink\fR\fR +.ad +.sp .6 +.RS 4n +Display information for all VNICs on the named link. +.RE + +.sp +.ne 2 +.na +\fB\fB-z\fR \fIzonename\fR +.ad +.sp .6 +.RS 4n +Operate on a link that has been delegated to the specified zone. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fR +.ad +.br +.na +\fB\fBdladm create-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +\fIetherstub\fR\fR +.ad +.sp .6 +.RS 4n +Create an etherstub with the specified name. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the etherstub is temporary. Temporary etherstubs do not persist +across reboots. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +VNICs can be created on top of etherstubs instead of physical NICs. As with +physical NICs, such a creation causes the stack to implicitly create a virtual +switch between the VNICs created on top of the same etherstub. +.RE + +.sp +.ne 2 +.na +\fB\fR +.ad +.br +.na +\fB\fBdladm delete-etherstub\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +\fIetherstub\fR\fR +.ad +.sp .6 +.RS 4n +Delete the specified etherstub. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the deletion is temporary. Temporary deletions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-etherstub\fR [\fIetherstub\fR]\fR +.ad +.sp .6 +.RS 4n +Show all configured etherstubs by default, or the specified etherstub if +\fIetherstub\fR is specified. +.RE + +.sp +.ne 2 +.na +\fB\fBdladm create-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] \fB-T\fR +\fItype\fR [-a {local|remote}=<addr>[,...]] \fIiptun-link\fR\fR +.ad +.sp .6 +.RS 4n +Create an IP tunnel link named \fIiptun-link\fR. Such links can additionally be +protected with IPsec using \fBipsecconf\fR(8). +.sp +An IP tunnel is conceptually comprised of two parts: a virtual link between two +or more IP nodes, and an IP interface above this link that allows the system to +transmit and receive IP packets encapsulated by the underlying link. This +subcommand creates a virtual link. The \fBifconfig\fR(8) command is used to +configure IP interfaces above the link. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the IP tunnel link is temporary. Temporary tunnels last until +the next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-T\fR \fItype\fR, \fB--tunnel-type\fR=\fItype\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the type of tunnel to be created. The type must be one of the +following: +.sp +.ne 2 +.na +\fB\fBipv4\fR\fR +.ad +.sp .6 +.RS 4n +A point-to-point, IP-over-IP tunnel between two IPv4 nodes. This type of tunnel +requires IPv4 source and destination addresses to function. IPv4 and IPv6 +interfaces can be plumbed above such a tunnel to create IPv4-over-IPv4 and +IPv6-over-IPv4 tunneling configurations. +.RE + +.sp +.ne 2 +.na +\fB\fBipv6\fR\fR +.ad +.sp .6 +.RS 4n +A point-to-point, IP-over-IP tunnel between two IPv6 nodes as defined in IETF +RFC 2473. This type of tunnel requires IPv6 source and destination addresses to +function. IPv4 and IPv6 interfaces can be plumbed above such a tunnel to create +IPv4-over-IPv6 and IPv6-over-IPv6 tunneling configurations. +.RE + +.sp +.ne 2 +.na +\fB\fB6to4\fR\fR +.ad +.sp .6 +.RS 4n +A 6to4, point-to-multipoint tunnel as defined in IETF RFC 3056. This type of +tunnel requires an IPv4 source address to function. An IPv6 interface is +plumbed on such a tunnel link to configure a 6to4 router. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fB-a\fR \fBlocal=\fR\fIaddr\fR +.ad +.sp .6 +.RS 4n +Literal IP address or hostname corresponding to the tunnel source. If a +hostname is specified, it will be resolved to IP addresses, and one of those IP +addresses will be used as the tunnel source. Because IP tunnels are created +before naming services have been brought online during the boot process, it is +important that any hostname used be included in \fB/etc/hosts\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-a\fR \fBremote=\fR\fIaddr\fR +.ad +.sp .6 +.RS 4n +Literal IP address or hostname corresponding to the tunnel destination. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm modify-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +[-a {local|remote}=<addr>[,...]] \fIiptun-link\fR\fR +.ad +.sp .6 +.RS 4n +Modify the parameters of the specified IP tunnel. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the modification is temporary. Temporary modifications last +until the next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.sp +.ne 2 +.na +\fB\fB-a\fR \fBlocal=\fR\fIaddr\fR +.ad +.sp .6 +.RS 4n +Specifies a new tunnel source address. See \fBcreate-iptun\fR for a +description. +.RE + +.sp +.ne 2 +.na +\fB\fB-a\fR \fBremote=\fR\fIaddr\fR +.ad +.sp .6 +.RS 4n +Specifies a new tunnel destination address. See \fBcreate-iptun\fR for a +description. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm delete-iptun\fR [\fB-t\fR] [\fB-R\fR \fIroot-dir\fR] +\fIiptun-link\fR\fR +.ad +.sp .6 +.RS 4n +Delete the specified IP tunnel link. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the deletion is temporary. Temporary deletions last until the +next reboot. +.RE + +.sp +.ne 2 +.na +\fB\fB-R\fR \fIroot-dir\fR, \fB--root-dir\fR=\fIroot-dir\fR\fR +.ad +.sp .6 +.RS 4n +See "Options," above. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-iptun\fR [\fB-P\fR] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] +[\fIiptun-link\fR]\fR +.ad +.sp .6 +.RS 4n +Show IP tunnel link configuration for a single IP tunnel or all IP tunnels. +.sp +.ne 2 +.na +\fB\fB-P\fR, \fB--persistent\fR\fR +.ad +.sp .6 +.RS 4n +Display the persistent IP tunnel configuration. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The -o option is required with +-p. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR[,...]\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed below, or the special value \fBall\fR, to +display all fields. By default (without \fB-o\fR), \fBshow-iptun\fR displays +all fields. +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the IP tunnel link. +.RE + +.sp +.ne 2 +.na +\fB\fBTYPE\fR\fR +.ad +.sp .6 +.RS 4n +Type of tunnel as specified by the \fB-T\fR option of \fBcreate-iptun\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBFLAGS\fR\fR +.ad +.sp .6 +.RS 4n +A set of flags associated with the IP tunnel link. Possible flags are: +.sp +.ne 2 +.na +\fB\fBs\fR\fR +.ad +.sp .6 +.RS 4n +The IP tunnel link is protected by IPsec policy. To display the IPsec policy +associated with the tunnel link, enter: +.sp +.in +2 +.nf +# \fBipsecconf -ln -i \fItunnel-link\fR\fR +.fi +.in -2 +.sp + +See \fBipsecconf\fR(8) for more details on how to configure IPsec policy. +.RE + +.sp +.ne 2 +.na +\fB\fBi\fR\fR +.ad +.sp .6 +.RS 4n +The IP tunnel link was implicitly created with \fBifconfig\fR(8), and will be +automatically deleted when it is no longer referenced (that is, when the last +IP interface over the tunnel is unplumbed). See \fBifconfig\fR(8) for details +on implicit tunnel creation. +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBSOURCE\fR\fR +.ad +.sp .6 +.RS 4n +The tunnel source address. +.RE + +.sp +.ne 2 +.na +\fB\fBDESTINATION\fR\fR +.ad +.sp .6 +.RS 4n +The tunnel destination address. +.RE + +.RE + +.RE + +.sp +.ne 2 +.na +\fBdladm create-overlay\fR \fB-e\fR \fIencap\fR \fB-s\fR \fIsearch\fR +\fB-v\fR \fIvnetid\fR [\fB-p\fR \fIprop\fR=\fIvalue\fR[,...]] \fIoverlay\fR +.ad +.sp .6 +.RS 4n +Create an overlay device named \fIoverlay\fR. +.sp +Overlay devices are similar to etherstubs. VNICs can be created on top +of them. However, unlike an etherstub which is local to the system, an +overlay device can be configured to communicate to remote hosts, +providing a means for network virtualization. The way in which it does +this is described by the encapsulation module and the search plugin. For +more information on these, see \fBoverlay\fR(5). +.sp +An overlay device has a series of required and optional properties. These +properties vary based upon the search and encapsulation modules and are fully +specified in \fBoverlay\fR(5). Not every property needs to be specified - some +have default values which will be used if nothing specific is specified. For +example, the default port for VXLAN comes from its IANA standard. If a +required property is missing, the command will fail and inform you of the +missing properties. +.sp +.ne 2 +.na +\fB\fB-t\fR, \fB--temporary\fR\fR +.ad +.sp .6 +.RS 4n +Specifies that the overlay is temporary. Temporary overlays last until +the next reboot. +.RE + +.sp +.ne 2 +.na +\fB-e\fR \fIencap\fR, \fB--encap\fR=\fIencap\fR +.ad +.sp .6 +.RS 4n +Use \fIencap\fR as the encapsulation plugin for the overlay device +\fIoverlay\fR. The encapsulation plugin determines how packets are transformed +before being put on the wire. +.RE + +.sp +.ne 2 +.na +\fB-s\fR \fIsearch\fR, \fB--search\fR=\fIsearch\fR +.ad +.sp .6 +.RS 4n +Use \fIsearch\fR as the search plugin for \fIoverlay\fR. The search plugin +determines how non-local targets are found and where packets are directed to. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIprop\fR=\fIvalue\fR,..., \fB--prop\fR +\fIprop\fR=\fIvalue\fR,...\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of properties to set to the specified values. +.RE + +.sp +.ne 2 +.na +\fB-v\fR \fIvnetid\fR, \fB--vnetid\fR=\fIvnetid\fR +.ad +.sp .6 +.RS 4n +Sets the virtual networking identifier to \fIvnetid\fR. A virtual network +identifier determines is similar to a VLAN identifier, in that it identifies a +unique virtual network. All overlay devices on the system share the same space +for the virtual network identifier. However, the valid range of identifiers is +determined by the encapsulation plugin specified by \fB-e\fR. +.RE + +.RE + +.sp +.ne 2 +.na +\fBdladm delete-overlay\fR \fIoverlay\fR +.ad +.sp .6 +.RS 4n +Delete the specified overlay. This will fail if there are VNICs on top of the +device. +.RE + +.sp +.ne 2 +.na +\fBdladm modify-overlay\fR \fB-d\fR \fImac\fR | \fB-f\fR | \fB-s\fR \fImac=ip:port\fR \fIoverlay\fR +.ad +.sp .6 +.RS 4n +Modifies the target tables for the specified overlay. +.sp +The different options allow for different ways of modifying the target table. +One of \fB-d\fR, \fB-f\fR, and \fB-s\fR is required. This is not applicable for +all kinds of overlay devices. For more information, see \fBoverlay\fR(5). +.sp +.ne 2 +.na +\fB-d\fR \fImac\fR, \fB--delete-entry\fR=\fImac\fR +.ad +.sp .6 +.RS 4n +Deletes the entry for \fImac\fR from the target table for \fIoverlay\fR. Note, +if a lookup is pending or outstanding, this does not cancel it or stop it from +updating the value. +.RE + +.sp +.ne 2 +.na +\fB-f\fR, \fB--flush-table\fR +.ad +.sp .6 +.RS 4n +Flushes all values in the target table for \fIoverlay\fR. +.RE + +.sp +.ne 2 +.na +\fB-s\fR \fImac\fR=\fIvalue\fR, \fB--set-entry\fR=\fImac\fR=\fIvalue\fR +.ad +.sp .6 +.RS 4n +Sets the value of \fIoverlay\fR's target table entry for \fImac\fR to the +specified value. The specified value varies upon the encapsulation plugin. The +value may be a combination of a MAC address, IP address, and port. Generally, +this looks like [\fImac\fR,][\fIIP\fR:][\fIport\fR]. If a component is the last +one, then there is no need for a separator. eg. if just the MAC address or IP +is needed, it would look like \fImac\fR and \fIIP\fR respectively. +.RE + +.RE + +.sp +.ne 2 +.na +\fBdladm show-overlay\fR [ \fB-f\fR | \fB-t\fR ] [[\fB-p\fR] \fB-o\fR \fIfield\fR[,...]] [\fIoverlay\fR] +.ad +.sp .6 +.RS 4n +Shows overlay configuration (the default), internal target tables (\fB-t\fR), or +the FMA state (\fB-f\fR), either for all overlays or the specified overlay. +.sp +By default (with neither \fB-f\fR or \fB-t\fR specified), the following fields +will be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the overlay. +.RE + +.sp +.ne 2 +.na +\fB\fBPROPERTY\fR\fR +.ad +.sp .6 +.RS 4n +The name of the property. +.RE + +.sp +.ne 2 +.na +\fB\fBPERM\fR\fR +.ad +.sp .6 +.RS 4n +The read/write permissions of the property. The value shown is one of \fBr-\fR +or \fBrw\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBVALUE\fR\fR +.ad +.sp .6 +.RS 4n +The current property value. If the value is not set, it is shown as \fB--\fR. +If it is unknown, the value is shown as \fB?\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBDEFAULT\fR\fR +.ad +.sp .6 +.RS 4n +The default value of the property. If the property has no default value, +\fB--\fR is shown. +.RE + +.sp +.ne 2 +.na +\fB\fBPOSSIBLE\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of the values the property can have. If the values span +a numeric range, \fImin\fR - \fImax\fR might be shown as shorthand. If the +possible values are unknown or unbounded, \fB--\fR is shown. +.RE + +.sp +When the \fB-f\fR option is displayed, the following fields will be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the overlay. +.RE + +.sp +.ne 2 +.na +\fB\fBSTATUS\fR\fR +.ad +.sp .6 +.RS 4n +Either \fBONLINE\fR or \fBDEGRADED\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBDETAILS\fR\fR +.ad +.sp .6 +.RS 4n +When the \fBoverlay\fR's status is \fBONLINE\fR, then this has the value +\fB--\fR. Otherwise, when it is \fBDEGRADED\fR, this field provides a more +detailed explanation as to why it's degraded. +.RE + +.sp +When the \fB-t\fR option is displayed, the following fields will be displayed: +.sp +.ne 2 +.na +\fB\fBLINK\fR\fR +.ad +.sp .6 +.RS 4n +The name of the overlay. +.RE + +.sp +.ne 2 +.na +\fB\fBTARGET\fR\fR +.ad +.sp .6 +.RS 4n +The target MAC address of a table entry. +.RE + +.sp +.ne 2 +.na +\fB\fBDESTINATION\fR\fR +.ad +.sp .6 +.RS 4n +The address that an encapsulated packet will be sent to when a packet has the +address specified by \fBTARGET\fR. +.RE + +The \fBshow-overlay\fR command supports the following options: + +.sp +.ne 2 +.na +\fB-f\fR, \fB--fma\fR +.ad +.sp .6 +.RS 4n +Displays information about an overlay device's FMA state. For more +information on the target table, see \fBoverlay\fR(5). +.RE + +.sp +.ne 2 +.na +\fB\fB-o\fR \fIfield\fR[,...], \fB--output\fR=\fIfield\fR\fR +.ad +.sp .6 +.RS 4n +A case-insensitive, comma-separated list of output fields to display. The field +name must be one of the fields listed above, or the special value \fBall\fR, to +display all fields. The fields applicable to the \fB-o\fR option are limited to +those listed under each output mode. For example, if using \fB-L\fR, only the +fields listed under \fB-L\fR, above, can be used with \fB-o\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR, \fB--parsable\fR\fR +.ad +.sp .6 +.RS 4n +Display using a stable machine-parsable format. The \fB-o\fR option is +required with \fB-p\fR. See "Parsable Output Format", below. +.RE + +.sp +.ne 2 +.na +\fB-t\fR, \fB--target\fR +.ad +.sp .6 +.RS 4n +Displays information about an overlay device's target table. For more +information on the target table, see \fBoverlay\fR(5). +.RE + +.RE + +.sp +.ne 2 +.na +\fB\fBdladm show-usage\fR [\fB-a\fR] \fB-f\fR \fIfilename\fR [\fB-p\fR +\fIplotfile\fR \fB-F\fR \fIformat\fR] [\fB-s\fR \fItime\fR] [\fB-e\fR +\fItime\fR] [\fIlink\fR]\fR +.ad +.sp .6 +.RS 4n +Show the historical network usage from a stored extended accounting file. +Configuration and enabling of network accounting through \fBacctadm\fR(8) is +required. The default output will be the summary of network usage for the +entire period of time in which extended accounting was enabled. +.sp +.ne 2 +.na +\fB\fB-a\fR\fR +.ad +.sp .6 +.RS 4n +Display all historical network usage for the specified period of time during +which extended accounting is enabled. This includes the usage information for +the links that have already been deleted. +.RE + +.sp +.ne 2 +.na +\fB\fB-f\fR \fIfilename\fR, \fB--file\fR=\fIfilename\fR\fR +.ad +.sp .6 +.RS 4n +Read extended accounting records of network usage from \fIfilename\fR. +.RE + +.sp +.ne 2 +.na +\fB\fB-F\fR \fIformat\fR, \fB--format\fR=\fIformat\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the format of \fIplotfile\fR that is specified by the \fB-p\fR +option. As of this release, \fBgnuplot\fR is the only supported format. +.RE + +.sp +.ne 2 +.na +\fB\fB-p\fR \fIplotfile\fR, \fB--plot\fR=\fIplotfile\fR\fR +.ad +.sp .6 +.RS 4n +Write network usage data to a file of the format specified by the \fB-F\fR +option, which is required. +.RE + +.sp +.ne 2 +.na +\fB\fB-s\fR \fItime\fR, \fB--start\fR=\fItime\fR\fR +.ad +.br +.na +\fB\fB-e\fR \fItime\fR, \fB--stop\fR=\fItime\fR\fR +.ad +.sp .6 +.RS 4n +Start and stop times for data display. Time is in the format +\fIMM\fR/\fIDD\fR/\fIYYYY\fR,\fIhh\fR:\fImm\fR:\fIss\fR. +.RE + +.sp +.ne 2 +.na +\fB\fIlink\fR\fR +.ad +.sp .6 +.RS 4n +If specified, display the network usage only for the named link. Otherwise, +display network usage for all links. +.RE + +.RE + +.SS "Parsable Output Format" +Many \fBdladm\fR subcommands have an option that displays output in a +machine-parsable format. The output format is one or more lines of colon +(\fB:\fR) delimited fields. The fields displayed are specific to the subcommand +used and are listed under the entry for the \fB-o\fR option for a given +subcommand. Output includes only those fields requested by means of the +\fB-o\fR option, in the order requested. +.sp +.LP +When you request multiple fields, any literal colon characters are escaped by a +backslash (\fB\e\fR) before being output. Similarly, literal backslash +characters will also be escaped (\fB\e\e\fR). This escape format is parsable +by using shell \fBread\fR(1) functions with the environment variable +\fBIFS=:\fR (see \fBEXAMPLES\fR, below). Note that escaping is not done when +you request only a single field. +.SS "General Link Properties" +The following general link properties are supported: +.sp +.ne 2 +.na +\fB\fBallow-all-dhcp-cids\fR\fR +.ad +.sp .6 +.RS 4n +One of \fBtrue\fR or \fBfalse\fR, to indicate whether or not all DHCP Client +Identifiers should be permitted on this interface when DHCP spoofing protection +is being used. This can be useful in cases where a DHCP client is using RFC +4361-style Client Identifiers, which are based on a value that is opaque to the +Global Zone, but enforcement of MAC addresses in DHCP packets is still desired. +.RE + +.sp +.ne 2 +.na +\fB\fBallowed-dhcp-cids\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of DHCP Client Identifiers that are allowed on the +interface. +.sp +Client identifiers can be written in three different formats: a string of +hexadecimal characters prefixed by \fB0x\fR, indicating the exact bytes used in +the Client Identifier; an RFC 3315 DUID of the form +"1.<hardware\ type>.<time>.<link-layer\ address>" (DUID-LLT), +"2.<enterprise\ number>.<hex\ string>" (DUID-EN), or +"3.<hardware\ type>.<link-layer\ address>" (DUID-LL); or a string of characters +whose byte values should be used as the Client Identifier. +.sp +When specifying a string of hexadecimal characters prefixed by \fB0x\fR or as +part of a DUID-EN string, an even number of hexadecimal characters must be +provided in order to fully specify each byte. +.RE + +.sp +.ne 2 +.na +\fB\fBallowed-ips\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of IP addresses that are allowed on the interface. +.sp +An address in CIDR format with no host address specified is used to indicate +that any address on that subnet is allowed (e.g. 192.168.10.0/24 means any +address in the range 192.168.10.0 - 192.168.10.255 is allowed). +.RE + +.sp +.ne 2 +.na +\fB\fBautopush\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the set of STREAMS modules to push on the stream associated with a +link when its DLPI device is opened. It is a space-delimited list of modules. +.sp +The optional special character sequence \fB[anchor]\fR indicates that a STREAMS +anchor should be placed on the stream at the module previously specified in the +list. It is an error to specify more than one anchor or to have an anchor first +in the list. +.sp +The \fBautopush\fR property is preferred over the more general +\fBautopush\fR(8) command. +.RE + +.sp +.ne 2 +.na +\fB\fBcpus\fR\fR +.ad +.sp .6 +.RS 4n +Bind the processing of packets for a given data link to a processor or a set of +processors. The value can be a comma-separated list of one or more processor +ids. If the list consists of more than one processor, the processing will +spread out to all the processors. Connection to processor affinity and packet +ordering for any individual connection will be maintained. +.sp +The processor or set of processors are not exclusively reserved for the link. +Only the kernel threads and interrupts associated with processing of the link +are bound to the processor or the set of processors specified. In case it is +desired that processors be dedicated to the link, \fBpsrset\fR(8) can be used +to create a processor set and then specifying the processors from the processor +set to bind the link to. +.sp +If the link was already bound to processor or set of processors due to a +previous operation, the binding will be removed and the new set of processors +will be used instead. +.sp +The default is no CPU binding, which is to say that the processing of packets +is not bound to any specific processor or processor set. +.RE + +.sp +.ne 2 +.na +\fB\fBdynamic-methods\fR\fR +.ad +.sp .6 +.RS 4n +When using IP spoofing protection (see \fBprotection\fR), addresses can be +learned dynamically by monitoring certain network traffic, like DHCP +transactions or IPv6 Stateless Address Autoconfiguration (SLAAC). By default, +all learning methods are permitted, but if \fBallowed-ips\fR contains any +addresses, then all methods are disabled, and any packets sent from addresses +previously learned will be dropped. This property allows selecting which ones +are re-enabled, where valid options are \fBdhcpv4\fR, \fBdhcpv6\fR, and +\fBslaac\fR. \fBaddrconf\fR is available as an alias for enabling both +\fBdhcpv6\fR and \fBslaac\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBlearn_limit\fR\fR +.ad +.sp .6 +.RS 4n +Limits the number of new or changed MAC sources to be learned over a bridge +link. When the number exceeds this value, learning on that link is temporarily +disabled. Only non-VLAN, non-VNIC type links have this property. +.sp +The default value is \fB1000\fR. Valid values are greater or equal to 0. +.RE + +.sp +.ne 2 +.na +\fB\fBlearn_decay\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the decay rate for source changes limited by \fBlearn_limit\fR. This +number is subtracted from the counter for a bridge link every 5 seconds. Only +non-VLAN, non-VNIC type links have this property. +.sp +The default value is \fB200\fR. Valid values are greater or equal to 0. +.RE + +.sp +.ne 2 +.na +\fB\fBmaxbw\fR\fR +.ad +.sp .6 +.RS 4n +Sets the full duplex bandwidth for the link. The bandwidth is specified as an +integer with one of the scale suffixes (\fBK\fR, \fBM\fR, or \fBG\fR for Kbps, +Mbps, and Gbps). If no units are specified, the input value will be read as +Mbps. The default is no bandwidth limit. +.RE + +.sp +.ne 2 +.na +\fB\fBpriority\fR\fR +.ad +.sp .6 +.RS 4n +Sets the relative priority for the link. The value can be given as one of the +tokens \fBhigh\fR, \fBmedium\fR, or \fBlow\fR. The default is \fBhigh\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBprotection\fR\fR +.ad +.sp .6 +.RS 4n +This property enables various forms of link protections, which prevent sending +applicable traffic out of this link. Note that since this enforcement happens +late in the networking stack, some observability tools like \fBsnoop\fR(1M) may +still see dropped outbound packets. + +This property should be set to a comma-separated list of protections to enable +on this link, where available protections are: +.sp +.ne 2 +.na +\fBip-nospoof\fR +.ad +.sp .6 +.RS 4n +Prevents sending from IPv4 and IPv6 addresses that have not been permitted +over the NIC. Addresses can be learned dynamically (see \fBdynamic-methods\fR) +or specified explicitly (see \fBallowed-ips\fR). +.RE +.sp +.ne 2 +.na +\fBdhcp-nospoof\fR +.ad +.sp .6 +.RS 4n +Prevents sending DHCP packets whose client hardware address +(CHADDR) field differs from the link-layer address, or from using a Client +Identifier whose value cannot be confirmed to be derived from the link-layer +address. Additional Client Identifiers can be permitted through the +\fBallowed-dhcp-cids\fR and \fBallow-all-dhcp-cids\fR link properties. +.RE +.sp +.ne 2 +.na +\fBmac-nospoof\fR +.ad +.sp .6 +.RS 4n +Prevents sending packets with a link-layer address that differs from the one +associated with the NIC. Additional addresses to allow can be added using the +\fBseconday-macs\fR property. +.RE +.sp +.ne 2 +.na +\fBrestricted\fR +.ad +.sp .6 +.RS 4n +Prevents using a VLAN ID not associated with the NIC and sending packets that +are not IPv4, IPv6 or ARP. +.RE +.RE + +.sp +.ne 2 +.na +\fB\fBstp\fR\fR +.ad +.sp .6 +.RS 4n +Enables or disables Spanning Tree Protocol on a bridge link. Setting this value +to \fB0\fR disables Spanning Tree, and puts the link into forwarding mode with +BPDU guarding enabled. This mode is appropriate for point-to-point links +connected only to end nodes. Only non-VLAN, non-VNIC type links have this +property. The default value is \fB1\fR, to enable STP. +.RE + +.sp +.ne 2 +.na +\fB\fBforward\fR\fR +.ad +.sp .6 +.RS 4n +Enables or disables forwarding for a VLAN. Setting this value to \fB0\fR +disables bridge forwarding for a VLAN link. Disabling bridge forwarding removes +that VLAN from the "allowed set" for the bridge. The default value is \fB1\fR, +to enable bridge forwarding for configured VLANs. +.RE + +.sp +.ne 2 +.na +\fB\fBdefault_tag\fR\fR +.ad +.sp .6 +.RS 4n +Sets the default VLAN ID that is assumed for untagged packets sent to and +received from this link. Only non-VLAN, non-VNIC type links have this property. +Setting this value to \fB0\fR disables the bridge forwarding of untagged +packets to and from the port. The default value is \fBVLAN ID 1\fR. Valid +values values are from 0 to 4094. +.RE + +.sp +.ne 2 +.na +\fB\fBpromisc-filtered\fR\fR +.ad +.sp .6 +.RS 4n +Enables or disables the default filtering of promiscuous mode for certain +classes of links. By default, VNICs will only see unicast traffic destined for it +in promiscuous mode. Not all the unicast traffic from the underlying device +makes it to the VNIC. Disabling this would cause a VNIC, for example, to be able +to see all unicast traffic from the device it is created over. The default value +is on. +.RE + +.sp +.ne 2 +.na +\fB\fBstp_priority\fR\fR +.ad +.sp .6 +.RS 4n +Sets the STP and RSTP Port Priority value, which is used to determine the +preferred root port on a bridge. Lower numerical values are higher priority. +The default value is \fB128\fR. Valid values range from 0 to 255. +.RE + +.sp +.ne 2 +.na +\fB\fBstp_cost\fR\fR +.ad +.sp .6 +.RS 4n +Sets the STP and RSTP cost for using the link. The default value is \fBauto\fR, +which sets the cost based on link speed, using \fB100\fR for 10Mbps, \fB19\fR +for 100Mbps, \fB4\fR for 1Gbps, and \fB2\fR for 10Gbps. Valid values range from +1 to 65535. +.RE + +.sp +.ne 2 +.na +\fB\fBstp_edge\fR\fR +.ad +.sp .6 +.RS 4n +Enables or disables bridge edge port detection. If set to \fB0\fR (false), the +system assumes that the port is connected to other bridges even if no bridge +PDUs of any type are seen. The default value is \fB1\fR, which detects edge +ports automatically. +.RE + +.sp +.ne 2 +.na +\fB\fBstp_p2p\fR\fR +.ad +.sp .6 +.RS 4n +Sets bridge point-to-point operation mode. Possible values are \fBtrue\fR, +\fBfalse\fR, and \fBauto\fR. When set to \fBauto\fR, point-to-point connections +are automatically discovered. When set to \fBtrue\fR, the port mode is forced +to use point-to-point. When set to \fBfalse\fR, the port mode is forced to use +normal multipoint mode. The default value is \fBauto\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBstp_mcheck\fR\fR +.ad +.sp .6 +.RS 4n +Triggers the system to run the RSTP \fBForce BPDU Migration Check\fR procedure +on this link. The procedure is triggered by setting the property value to +\fB1\fR. The property is automatically reset back to \fB0\fR. This value cannot +be set unless the following are true: +.RS +4 +.TP +.ie t \(bu +.el o +The link is bridged +.RE +.RS +4 +.TP +.ie t \(bu +.el o +The bridge is protected by Spanning Tree +.RE +.RS +4 +.TP +.ie t \(bu +.el o +The bridge \fBforce-protocol\fR value is at least 2 (RSTP) +.RE +The default value is 0. +.RE + +.sp +.ne 2 +.na +\fB\fBzone\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the zone to which the link belongs. This property can be modified +only temporarily through \fBdladm\fR, and thus the \fB-t\fR option must be +specified. To modify the zone assignment such that it persists across reboots, +please use \fBzonecfg\fR(8). Possible values consist of any exclusive-IP zone +currently running on the system. By default, the zone binding is as per +\fBzonecfg\fR(8). +.RE + +.SS "Wifi Link Properties" +The following \fBWiFi\fR link properties are supported. Note that the ability +to set a given property to a given value depends on the driver and hardware. +.sp +.ne 2 +.na +\fB\fBchannel\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the channel to use. This property can be modified only by certain +\fBWiFi\fR links when in \fBIBSS\fR mode. The default value and allowed range +of values varies by regulatory domain. +.RE + +.sp +.ne 2 +.na +\fB\fBpowermode\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the power management mode of the \fBWiFi\fR link. Possible values are +\fBoff\fR (disable power management), \fBmax\fR (maximum power savings), and +\fBfast\fR (performance-sensitive power management). Default is \fBoff\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBradio\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the radio mode of the \fBWiFi\fR link. Possible values are \fBon\fR +or \fBoff\fR. Default is \fBon\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBspeed\fR\fR +.ad +.sp .6 +.RS 4n +Specifies a fixed speed for the \fBWiFi\fR link, in megabits per second. The +set of possible values depends on the driver and hardware (but is shown by +\fBshow-linkprop\fR); common speeds include 1, 2, 11, and 54. By default, there +is no fixed speed. +.RE + +.SS "Ethernet Link Properties" +The following MII Properties, as documented in \fBieee802.3\fR(7), are +supported in read-only mode: +.RS +4 +.TP +.ie t \(bu +.el o +\fBduplex\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBstate\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_autoneg_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_10gfdx_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_1000fdx_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_1000hdx_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_100fdx_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_100hdx_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_10fdx_cap\fR +.RE +.RS +4 +.TP +.ie t \(bu +.el o +\fBadv_10hdx_cap\fR +.RE +.sp +.LP +Each \fBadv_\fR property (for example, \fBadv_10fdx_cap\fR) also has a +read/write counterpart \fBen_\fR property (for example, \fBen_10fdx_cap\fR) +controlling parameters used at auto-negotiation. In the absence of Power +Management, the \fBadv\fR* speed/duplex parameters provide the values that are +both negotiated and currently effective in hardware. However, with Power +Management enabled, the speed/duplex capabilities currently exposed in hardware +might be a subset of the set of bits that were used in initial link parameter +negotiation. Thus the MII \fBadv_\fR* parameters are marked read-only, with an +additional set of \fBen_\fR* parameters for configuring speed and duplex +properties at initial negotiation. +.sp +.LP +Note that the \fBadv_autoneg_cap\fR does not have an \fBen_autoneg_cap\fR +counterpart: the \fBadv_autoneg_cap\fR is a 0/1 switch that turns off/on +auto-negotiation itself, and therefore cannot be impacted by Power Management. +.sp +.LP +In addition, the following Ethernet properties are reported: +.sp +.ne 2 +.na +\fB\fBspeed\fR\fR +.ad +.sp .6 +.RS 4n +(read-only) The operating speed of the device, in Mbps. +.RE + +.sp +.ne 2 +.na +\fB\fBmtu\fR\fR +.ad +.sp .6 +.RS 4n +The maximum client SDU (Send Data Unit) supported by the device. Valid range is +68-65536. +.RE + +.sp +.ne 2 +.na +\fB\fBflowctrl\fR\fR +.ad +.sp .6 +.RS 4n +Establishes flow-control modes that will be advertised by the device. Valid +input is one of: +.sp +.ne 2 +.na +\fB\fBno\fR\fR +.ad +.sp .6 +.RS 4n +No flow control enabled. +.RE + +.sp +.ne 2 +.na +\fB\fBrx\fR\fR +.ad +.sp .6 +.RS 4n +Receive, and act upon incoming pause frames. +.RE + +.sp +.ne 2 +.na +\fB\fBtx\fR\fR +.ad +.sp .6 +.RS 4n +Transmit pause frames to the peer when congestion occurs, but ignore received +pause frames. +.RE + +.sp +.ne 2 +.na +\fB\fBbi\fR\fR +.ad +.sp .6 +.RS 4n +Bidirectional flow control. +.RE + +Note that the actual settings for this value are constrained by the +capabilities allowed by the device and the link partner. +.RE + +.sp +.ne 2 +.na +\fB\fBen_fec_cap\fR\fR +.ad +.sp .6 +.RS 4n +Sets the Forward Error Correct (FEC) code(s) to be advertised by the +device. +Valid values are: +.sp +.ne 2 +.na +\fB\fBnone\fR\fR +.ad +.sp .6 +.RS 4n +Allow the device not to use FEC. +.RE + +.sp +.ne 2 +.na +\fB\fBauto\fR\fR +.ad +.sp .6 +.RS 4n +The device will automatically decide which FEC code to use. +.RE + +.sp +.ne 2 +.na +\fB\fBrs\fR\fR +.ad +.sp .6 +.RS 4n +Allow Reed-Solomon FEC code. +.RE + +.sp +.ne 2 +.na +\fB\fBbase-r\fR\fR +.ad +.sp .6 +.RS 4n +Allow Base-R (also known as FireCode) code. +.RE + +Valid input is either \fBauto\fR as a single value, or a comma separated +combination of \fBnone\fR, \fBrs\fR and \fBbase-r\fR. +The default value is \fBauto\fR. +.sp +.LP +Note the actual FEC settings and combinations are constrained by the +capabilities allowed by the device and the link partner. +.RE + +.sp +.ne 2 +.na +\fB\fBadv_fec_cap\fR\fR +.ad +.sp .6 +.RS 4n +(read only) The current negotiated Forward Error Correction code. +.RE + +.sp +.ne 2 +.na +\fB\fBsecondary-macs\fR\fR +.ad +.sp .6 +.RS 4n +A comma-separated list of additional MAC addresses that are allowed on the +interface. +.RE + +.sp +.ne 2 +.na +\fB\fBtagmode\fR\fR +.ad +.sp .6 +.RS 4n +This link property controls the conditions in which 802.1Q VLAN tags will be +inserted in packets being transmitted on the link. Two mode values can be +assigned to this property: +.sp +.ne 2 +.na +\fB\fBnormal\fR\fR +.ad +.RS 12n +Insert a VLAN tag in outgoing packets under the following conditions: +.RS +4 +.TP +.ie t \(bu +.el o +The packet belongs to a VLAN. +.RE +.RS +4 +.TP +.ie t \(bu +.el o +The user requested priority tagging. +.RE +.RE + +.sp +.ne 2 +.na +\fB\fBvlanonly\fR\fR +.ad +.RS 12n +Insert a VLAN tag only when the outgoing packet belongs to a VLAN. If a tag is +being inserted in this mode and the user has also requested a non-zero +priority, the priority is honored and included in the VLAN tag. +.RE + +The default value is \fBvlanonly\fR. +.RE + +.SS "IP Tunnel Link Properties" +The following IP tunnel link properties are supported. +.sp +.ne 2 +.na +\fB\fBhoplimit\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the IPv4 TTL or IPv6 hop limit for the encapsulating outer IP header +of a tunnel link. This property exists for all tunnel types. The default value +is 64. +.RE + +.sp +.ne 2 +.na +\fB\fBencaplimit\fR\fR +.ad +.sp .6 +.RS 4n +Specifies the IPv6 encapsulation limit for an IPv6 tunnel as defined in RFC +2473. This value is the tunnel nesting limit for a given tunneled packet. The +default value is 4. A value of 0 disables the encapsulation limit. +.RE + +.SH EXAMPLES +\fBExample 1 \fRConfiguring an Aggregation +.sp +.LP +To configure a data-link over an aggregation of devices \fBbge0\fR and +\fBbge1\fR with key 1, enter the following command: + +.sp +.in +2 +.nf +# \fBdladm create-aggr -d bge0 -d bge1 1\fR +.fi +.in -2 +.sp + +.LP +\fBExample 2 \fRConnecting to a WiFi Link +.sp +.LP +To connect to the most optimal available unsecured network on a system with a +single \fBWiFi\fR link (as per the prioritization rules specified for +\fBconnect-wifi\fR), enter the following command: + +.sp +.in +2 +.nf +# \fBdladm connect-wifi\fR +.fi +.in -2 +.sp + +.LP +\fBExample 3 \fRCreating a WiFi Key +.sp +.LP +To interactively create the \fBWEP\fR key \fBmykey\fR, enter the following +command: + +.sp +.in +2 +.nf +# \fBdladm create-secobj -c wep mykey\fR +.fi +.in -2 +.sp + +.sp +.LP +Alternatively, to non-interactively create the \fBWEP\fR key \fBmykey\fR using +the contents of a file: + +.sp +.in +2 +.nf +# \fBumask 077\fR + # \fBcat >/tmp/mykey.$$ <<EOF\fR + \fB12345\fR + \fBEOF\fR + # \fBdladm create-secobj -c wep -f /tmp/mykey.$$ mykey\fR + # \fBrm /tmp/mykey.$$\fR +.fi +.in -2 +.sp + +.LP +\fBExample 4 \fRConnecting to a Specified Encrypted WiFi Link +.sp +.LP +To use key \fBmykey\fR to connect to \fBESSID\fR \fBwlan\fR on link \fBath0\fR, +enter the following command: + +.sp +.in +2 +.nf +# \fBdladm connect-wifi -k mykey -e wlan ath0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 5 \fRChanging a Link Property +.sp +.LP +To set \fBpowermode\fR to the value \fBfast\fR on link \fBpcwl0\fR, enter the +following command: + +.sp +.in +2 +.nf +# \fBdladm set-linkprop -p powermode=fast pcwl0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 6 \fRConnecting to a WPA-Protected WiFi Link +.sp +.LP +Create a WPA key \fBpsk\fR and enter the following command: + +.sp +.in +2 +.nf +# \fBdladm create-secobj -c wpa psk\fR +.fi +.in -2 +.sp + +.sp +.LP +To then use key \fBpsk\fR to connect to ESSID \fBwlan\fR on link \fBath0\fR, +enter the following command: + +.sp +.in +2 +.nf +# \fBdladm connect-wifi -k psk -e wlan ath0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 7 \fRRenaming a Link +.sp +.LP +To rename the \fBbge0\fR link to \fBmgmt0\fR, enter the following command: + +.sp +.in +2 +.nf +# \fBdladm rename-link bge0 mgmt0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 8 \fRReplacing a Network Card +.sp +.LP +Consider that the \fBbge0\fR device, whose link was named \fBmgmt0\fR as shown +in the previous example, needs to be replaced with a \fBce0\fR device because +of a hardware failure. The \fBbge0\fR NIC is physically removed, and replaced +with a new \fBce0\fR NIC. To associate the newly added \fBce0\fR device with +the \fBmgmt0\fR configuration previously associated with \fBbge0\fR, enter the +following command: + +.sp +.in +2 +.nf +# \fBdladm rename-link ce0 mgmt0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 9 \fRRemoving a Network Card +.sp +.LP +Suppose that in the previous example, the intent is not to replace the +\fBbge0\fR NIC with another NIC, but rather to remove and not replace the +hardware. In that case, the \fBmgmt0\fR datalink configuration is not slated to +be associated with a different physical device as shown in the previous +example, but needs to be deleted. Enter the following command to delete the +datalink configuration associated with the \fBmgmt0\fR datalink, whose physical +hardware (\fBbge0\fR in this case) has been removed: + +.sp +.in +2 +.nf +# \fBdladm delete-phys mgmt0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 10 \fRUsing Parsable Output to Capture a Single Field +.sp +.LP +The following assignment saves the MTU of link \fBnet0\fR to a variable named +\fBmtu\fR. + +.sp +.in +2 +.nf +# \fBmtu=`dladm show-link -p -o mtu net0`\fR +.fi +.in -2 +.sp + +.LP +\fBExample 11 \fRUsing Parsable Output to Iterate over Links +.sp +.LP +The following script displays the state of each link on the system. + +.sp +.in +2 +.nf +# \fBdladm show-link -p -o link,state | while IFS=: read link state; do + print "Link $link is in state $state" + done\fR +.fi +.in -2 +.sp + +.LP +\fBExample 12 \fRConfiguring VNICs +.sp +.LP +Create two VNICs with names \fBhello0\fR and \fBtest1\fR over a single physical +link \fBbge0\fR: + +.sp +.in +2 +.nf +# \fBdladm create-vnic -l bge0 hello0\fR +# \fBdladm create-vnic -l bge0 test1\fR +.fi +.in -2 +.sp + +.LP +\fBExample 13 \fRConfiguring VNICs and Allocating Bandwidth and Priority +.sp +.LP +Create two VNICs with names \fBhello0\fR and \fBtest1\fR over a single physical +link \fBbge0\fR and make \fBhello0\fR a high priority VNIC with a +factory-assigned MAC address with a maximum bandwidth of 50 Mbps. Make +\fBtest1\fR a low priority VNIC with a random MAC address and a maximum +bandwidth of 100Mbps. + +.sp +.in +2 +.nf +# \fBdladm create-vnic -l bge0 -m factory -p maxbw=50,priority=high hello0\fR +# \fBdladm create-vnic -l bge0 -m random -p maxbw=100M,priority=low test1\fR +.fi +.in -2 +.sp + +.LP +\fBExample 14 \fRConfiguring a VNIC with a Factory MAC Address +.sp +.LP +First, list the available factory MAC addresses and choose one of them: + +.sp +.in +2 +.nf +# \fBdladm show-phys -m bge0\fR +LINK SLOT ADDRESS INUSE CLIENT +bge0 primary 0:e0:81:27:d4:47 yes bge0 +bge0 1 8:0:20:fe:4e:a5 no +bge0 2 8:0:20:fe:4e:a6 no +bge0 3 8:0:20:fe:4e:a7 no +.fi +.in -2 +.sp + +.sp +.LP +Create a VNIC named \fBhello0\fR and use slot 1's address: + +.sp +.in +2 +.nf +# \fBdladm create-vnic -l bge0 -m factory -n 1 hello0\fR +# \fBdladm show-phys -m bge0\fR +LINK SLOT ADDRESS INUSE CLIENT +bge0 primary 0:e0:81:27:d4:47 yes bge0 +bge0 1 8:0:20:fe:4e:a5 yes hello0 +bge0 2 8:0:20:fe:4e:a6 no +bge0 3 8:0:20:fe:4e:a7 no +.fi +.in -2 +.sp + +.LP +\fBExample 15 \fRCreating a VNIC with User-Specified MAC Address, Binding it to +Set of Processors +.sp +.LP +Create a VNIC with name \fBhello0\fR, with a user specified MAC address, and a +processor binding \fB0, 1, 2, 3\fR. + +.sp +.in +2 +.nf +# \fBdladm create-vnic -l bge0 -m 8:0:20:fe:4e:b8 -p cpus=0,1,2,3 hello0\fR +.fi +.in -2 +.sp + +.LP +\fBExample 16 \fRCreating a Virtual Network Without a Physical NIC +.sp +.LP +First, create an etherstub with name \fBstub1\fR: + +.sp +.in +2 +.nf +# \fBdladm create-etherstub stub1\fR +.fi +.in -2 +.sp + +.sp +.LP +Create two VNICs with names \fBhello0\fR and \fBtest1\fR on the etherstub. This +operation implicitly creates a virtual switch connecting \fBhello0\fR and +\fBtest1\fR. + +.sp +.in +2 +.nf +# \fBdladm create-vnic -l stub1 hello0\fR +# \fBdladm create-vnic -l stub1 test1\fR +.fi +.in -2 +.sp + +.LP +\fBExample 17 \fRShowing Network Usage +.sp +.LP +Network usage statistics can be stored using the extended accounting facility, +\fBacctadm\fR(8). + +.sp +.in +2 +.nf +# \fBacctadm -e basic -f /var/log/net.log net\fR +# \fBacctadm net\fR + Network accounting: active + Network accounting file: /var/log/net.log + Tracked Network resources: basic + Untracked Network resources: src_ip,dst_ip,src_port,dst_port,protocol, + dsfield +.fi +.in -2 +.sp + +.sp +.LP +The saved historical data can be retrieved in summary form using the +\fBshow-usage\fR subcommand: + +.sp +.in +2 +.nf +# \fBdladm show-usage -f /var/log/net.log\fR +LINK DURATION IPACKETS RBYTES OPACKETS OBYTES BANDWIDTH +e1000g0 80 1031 546908 0 0 2.44 Kbps +.fi +.in -2 +.sp + +.LP +\fBExample 18 \fRDisplaying Bridge Information +.sp +.LP +The following commands use the \fBshow-bridge\fR subcommand with no and various +options. + +.sp +.in +2 +.nf +# \fBdladm show-bridge\fR +BRIDGE PROTECT ADDRESS PRIORITY DESROOT +foo stp 32768/8:0:20:bf:f 32768 8192/0:d0:0:76:14:38 +bar stp 32768/8:0:20:e5:8 32768 8192/0:d0:0:76:14:38 + +# \fBdladm show-bridge -l foo\fR +LINK STATE UPTIME DESROOT +hme0 forwarding 117 8192/0:d0:0:76:14:38 +qfe1 forwarding 117 8192/0:d0:0:76:14:38 + +# \fBdladm show-bridge -s foo\fR +BRIDGE DROPS FORWARDS +foo 0 302 + +# \fBdladm show-bridge -ls foo\fR +LINK DROPS RECV XMIT +hme0 0 360832 31797 +qfe1 0 322311 356852 + +# \fBdladm show-bridge -f foo\fR +DEST AGE FLAGS OUTPUT +8:0:20:bc:a7:dc 10.860 -- hme0 +8:0:20:bf:f9:69 -- L hme0 +8:0:20:c0:20:26 17.420 -- hme0 +8:0:20:e5:86:11 -- L qfe1 +.fi +.in -2 +.sp + +.LP +\fBExample 19 \fRCreating an IPv4 Tunnel +.sp +.LP +The following sequence of commands creates and then displays a persistent IPv4 +tunnel link named \fBmytunnel0\fR between 66.1.2.3 and 192.4.5.6: + +.sp +.in +2 +.nf +# \fBdladm create-iptun -T ipv4 -s 66.1.2.3 -d 192.4.5.6 mytunnel0\fR +# \fBdladm show-iptun mytunnel0\fR +LINK TYPE FLAGS SOURCE DESTINATION +mytunnel0 ipv4 -- 66.1.2.3 192.4.5.6 +.fi +.in -2 +.sp + +.sp +.LP +A point-to-point IP interface can then be created over this tunnel link: + +.sp +.in +2 +.nf +# \fBifconfig mytunnel0 plumb 10.1.0.1 10.1.0.2 up\fR +.fi +.in -2 +.sp + +.sp +.LP +As with any other IP interface, configuration persistence for this IP interface +is achieved by placing the desired \fBifconfig\fR commands (in this case, the +command for "\fB10.1.0.1 10.1.0.2\fR") into \fB/etc/hostname.mytunnel0\fR. + +.LP +\fBExample 20 \fRCreating a 6to4 Tunnel +.sp +.LP +The following command creates a 6to4 tunnel link. The IPv4 address of the 6to4 +router is 75.10.11.12. + +.sp +.in +2 +.nf +# \fBdladm create-iptun -T 6to4 -s 75.10.11.12 sitetunnel0\fR +# \fBdladm show-iptun sitetunnel0\fR +LINK TYPE FLAGS SOURCE DESTINATION +sitetunnel0 6to4 -- 75.10.11.12 -- +.fi +.in -2 +.sp + +.sp +.LP +The following command plumbs an IPv6 interface on this tunnel: + +.sp +.in +2 +.nf +# \fBifconfig sitetunnel0 inet6 plumb up\fR +# \fBifconfig sitetunnel0 inet6\fR +sitetunnel0: flags=2200041 <UP,RUNNING,NONUD,IPv6> mtu 65515 index 3 + inet tunnel src 75.10.11.12 + tunnel hop limit 64 + inet6 2002:4b0a:b0c::1/16 +.fi +.in -2 +.sp + +.sp +.LP +Note that the system automatically configures the IPv6 address on the 6to4 IP +interface. See \fBifconfig\fR(8) for a description of how IPv6 addresses are +configured on 6to4 tunnel links. + +.SH ATTRIBUTES +See \fBattributes\fR(7) for descriptions of the following attributes: +.sp +.LP +\fB/usr/sbin\fR +.sp + +.sp +.TS +box; +c | c +l | l . +ATTRIBUTE TYPE ATTRIBUTE VALUE +_ +Interface Stability Committed +.TE + +.sp +.LP +\fB/sbin\fR +.sp + +.sp +.TS +box; +c | c +l | l . +ATTRIBUTE TYPE ATTRIBUTE VALUE +_ +Interface Stability Committed +.TE + +.SH SEE ALSO +.BR dlpi (4P), +.BR attributes (7), +.BR ieee802.3 (7), +.BR overlay (7), +.BR acctadm (8), +.BR autopush (8), +.BR ifconfig (8), +.BR ipsecconf (8), +.BR ndd (8), +.BR psrset (8), +.BR wpad (8), +.BR zonecfg (8) +.sp +.LP +R. Droms, Ed., J. Bound, B. Volz, T. Lemon, C. Perkins, M. Carney. \fIRFC 3315: +Dynamic Host Configuration Protocol for IPv6 (DHCPv6)\fR. The Internet Society. +July 2003. +.sp +.LP +T. Lemon, B. Sommerfeld. February 2006. \fIRFC 4361: Node-specific Client +Identifiers for Dynamic Host Configuration Protocol Version Four (DHCPv4)\fR. +The Internet Society. January 2006. +.SH NOTES +The preferred method of referring to an aggregation in the aggregation +subcommands is by its link name. Referring to an aggregation by its integer +\fIkey\fR is supported for backward compatibility, but is not necessary. When +creating an aggregation, if a \fIkey\fR is specified instead of a link name, +the aggregation's link name will be automatically generated by \fBdladm\fR as +\fBaggr\fR\fIkey\fR. |