There are three ipadm subcommands that are used to manage IP interface properties:
show-ifprop –p property interface – Displays the properties of an IP interface and its current values. If you do not use the –p property option, then all of the properties of the IP interface are listed. If you do not specify an IP interface, then all of the properties of all of the IP interfaces are listed.
set-ifprop –p property=value interface – Assigns a value to the IP interface's property.
reset-ifprop –p property interface – Resets the specific property to its default values.
Like datalinks, IP interfaces also have properties that you can customize for your specific network environment. For each interface, two sets of properties exist, one set for IPv4 and the another set for IPv6.
Some properties, including the MTU property, are common to both datalinks and IP interfaces. Thus, you can have one MTU value for a datalink and a different MTU value for the interface that is configured over that link. Further, you can have different MTU values that apply to the IPv4 and IPv6 packets that traverse that IP interface.
When setting MTU properties for an IP interface, keep the following key points in mind:
The value of the MTU setting of an IP interface cannot be larger than the value of the MTU setting of a datalink. In such cases, the ipadm command displays an error message.
If an IP interface's MTU value is different than a datalink's MTU value, IP packets are limited to the MTU value of the IP interface. For example, if a datalink has an MTU value of 9000 bytes and an IP interface as an MTU value of 1500 bytes, IP packets are limited to 1500 bytes. However, other Layer 3 protocols that are using the underlying Layer 2 protocol can send packets up to 9000 bytes.
For instructions on customizing datalink properties, including information about how the MTU setting of a datalink impacts the MTU setting of an IP interface, see Customizing Datalink Properties.
On a network, a host can receive data packets that are destined for another host system. By enabling packet forwarding on the receiving local system, that system can forward the data packet to the destination host. This process is referred to as IP forwarding and is disabled by default in Oracle Solaris.
Packet forwarding is managed by a property that can be set on both IP interfaces and of the TCP/IP protocol. If you want to be selective about how packets are forwarded, you can enable packet forwarding on the IP interface. For example, you might have a system that has multiple NICs, where some NICs are connected to the external network, while other NICs are connected to a private network. You would therefore enable packet forwarding only on some of the interfaces, rather than on all of the interfaces.
You can also enable packet forwarding globally on the system by setting the property of the TCP/IP protocol. See Enabling Packet Forwarding Globally in Administering TCP/IP Networks, IPMP, and IP Tunnels in Oracle Solaris 11.3 for more information.
For example, you would enable packet forwarding on the IP interface as follows:
# ipadm set-ifprop -p forwarding=on -m protocol-version interface
where protocol-version is either IPv4 or IPv6. You must type the command separately for IPv4 and IPv6 packets.
The following example shows how you might enable only IPv4 packet forwarding on your system:
# ipadm show-ifprop -p forwarding net0 IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE net0 forwarding ipv4 rw off off off on,off net0 forwarding ipv6 rw off -- off on,off # ipadm set-ifprop -p forwarding=on -m ipv4 net0 # ipadm show-ifprop net0 IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE ... net0 forwarding ipv4 rw on on off on,off ...
The ipadm command enables you to manage IP address-specific properties.
You can customize IP address properties to manage the following network configuration parameters:
Netmask length
Whether an IP address can be used as a source address for outbound packets
Whether the address belongs to a global or non–global zone
Whether the address is a private address
Use the following ipadm subcommands when working with IP address properties:
show-addrprop –p property addrobj – Displays address properties, depending on the options that you use.
To display the properties of all of the IP addresses, do not specify a property or an address object. To display the values of a single property for all of the IP addresses, specify just that property. To display all of the properties of a specific address object, specify just the address object.
set-addrprop –p property=value addrobj – Assigns values to address properties. Note that you can only set one address property at a time.
reset-addrprop –p property addrobj – Restores any default values to the address property.
As an example, suppose you want to change the netmask of an IP address. The IP address is configured on the IP interface net3and is identified by the address object name net3/v4. The following examples show how to revise the netmask:
# ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/? static ok 127.0.0.1/8 net3/v4 static ok 198.51.100.3/24 # ipadm show-addrprop -p prefixlen net3/v4 ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE net3/v4 prefixlen rw 24 24 24 1-30,32 # ipadm set-addrprop -p prefixlen=8 net3/v4 # ipadm show-addrprop -p prefixlen net3/v4 ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE net3/v4 prefixlen rw 8 24 24 1-30,32