ONLamp.com    
 Published on ONLamp.com (http://www.onlamp.com/)
 See this if you're having trouble printing code examples


FreeBSD Basics FreeBSD Networking Basics

by Dru Lavigne
05/13/2004

Beginners to Unix-like operating systems such as FreeBSD are often stymied by their network settings. Sure, the install process may have set up your NIC for you, but where do you go to view these settings, and how do you proceed if your NIC stops working? Since networking is such an integral part of computing, this article will demonstrate how to verify, configure, and optimize your network settings.

Verifying Your Interface Configuration

If you've come from a Microsoft background, you've probably used either winipcfg or ipconfig /all to verify your network settings at the command line. Unix comes with a similar utility, named ifconfig (for "interface config"). By entering this command, you'll see all of the system's interfaces and their settings. Some versions require you to include the -a, or all, switch.

% ifconfig
rl0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
    options=8<VLAN_MTU>
    ether 00:05:5d:d2:19:b7
    media: Ethernet autoselect (10baseT/UTP)
    status: no carrier
rl1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
    options=8<VLAN_MTU>
    ether 00:05:5d:d1:ff:9d
    media: Ethernet autoselect (10baseT/UTP)
    status: no carrier
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet 192.168.2.12 netmask 0xffffff00 broadcast 192.168.2.255
    ether 00:50:ba:de:36:33
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    inet 127.0.0.1 netmask 0xff000000 

Your output will vary from this, but will contain similarities. This particular system isn't running the default kernel. I've removed the default IPv6, gif, and faith devices from this kernel, so they don't show in the output.

This system does have three physical interfaces (rl0, rl1, and ed0) and the loopback virtual interface (lo0). Different versions of Unix differ in their interface naming convention. For example, Linux uses eth for Ethernet NICs, so would show their names as eth0, eth1, and eth2. BSD uses the driver name for each NIC, allowing you to differentiate between different chipsets and the features available for each driver. To see the documentation for your NIC's driver, read section 4 of its driver manual. Note that you don't include the number of the interface, so look up rl instead of rl0:

% man 4 rl
rl -- RealTek 8129/8139 Fast Ethernet device driver

% man 4 ed
ed -- ethernet device driver

While this system has three NICs, only ed0 is up and running. The two RealTek NICs don't have cables attached, as indicated by the status: no carrier lines. Accordingly, only ed0 has an IP address (192.168.2.12), a subnet mask (0xffffff00), and a broadcast address (192.168.2.255).

That subnet mask is written in hex, as indicated by the beginning 0x. This particular mask isn't too hard to translate into decimal, if you remember that each pair of f characters (ff) is equivalent to 255. Thus, the subnet mask here is 255.255.255.0. If you find a pair of hex numbers that aren't ff (255) or 00 (0), use bc or the built-in calculator to translate that hex pair into decimal for you. For example, if your mask is 0xffffe000:

% bc
bc 1.06
Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.
For details type `warranty'.
ibase=16
E0
224
<Ctrl d>

Here, I asked bc to translate a base 16, or hex, number as input (ibase=16). Remember to convert any letters to uppercase, or you won't get the correct answer. Since e0 is decimal 224, this example mask is 255.255.224.0.

Verifying Your Default Gateway

Note that ifconfig gives the applicable status, MTU, IP address, subnet mask, broadcast address, and Ethernet (or MAC) address of each interface. However, it doesn't give the address of the default gateway or the DNS servers.

To see your default gateway address, use the netstat, or network status, command. Include the -r (routing) switch. Including the -n switch speeds up the results by skipping name resolution:

% netstat -rn
Routing tables

Internet:
Destination      Gateway          Flags    Refs    Use   Netif  Expire
default          192.168.2.100      UGS     0    72664    ed0
127.0.0.1        127.0.0.1          UH      1       46    lo0
192.168.2        link#3             UC      0        0    ed0
192.168.2.12     127.0.0.1          UGHS    0        0    lo0
192.168.2.100    00:48:54:1e:2c:76  UHLW    1        0    ed0   1172

Note: Linux users can also use the route command to receive similar results. The BSD route command works differently; see man route for details. However, netstat -rn works on all operating systems, including Linux and Microsoft operating systems.

In your output, look for the line that begins with the word default. The associated IP address is that of your default gateway. Also look at the flags for that entry. Hopefully they indicate U for up and G for gateway. This indicates that you can communicate with your gateway. If the number in the Use field isn't 0, you've actually sent your gateway that number of packets.

Finally, the last line of this output shows the MAC address of the default gateway.

Verifying Your DNS Settings

The resolver configuration file should contain your DNS settings. You can view that file with:

% more resolv.conf
nameserver 209.226.175.236
nameserver 204.101.251.1
nameserver 204.101.251.2

This particular system contains the IP addresses of three DNS servers. It's a good idea to have the addresses of at least two servers, in case your primary DNS server becomes unavailable.

While you have Internet access, you should know how to query your ISP's DNS servers and to record the results in a book containing your network settings. This will be invaluable if you ever need to recreate these settings manually. If you don't keep such a notebook, you can gather those settings from a system that does have working Internet access.

To find out the IP addresses of your DNS servers, use dig, the domain information groper. Here, I'll ask for the ns, or name server, entries for my ISP:

% dig ns sympatico.ca

; <<>> DiG 8.3 <<>> ns sympatico.ca 
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44589
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; QUERY SECTION:
;;    sympatico.ca, type = NS, class = IN

;; ANSWER SECTION:
sympatico.ca.         6h12m33s IN NS  ns5.bellnexxia.net.
sympatico.ca.         6h12m33s IN NS  ns6.bellnexxia.net.
sympatico.ca.         6h12m33s IN NS  dns1.sympatico.ca.
sympatico.ca.         6h12m33s IN NS  dns2.sympatico.ca.

;; ADDITIONAL SECTION:
ns5.bellnexxia.net.   9m36s IN A      209.226.175.236
ns6.bellnexxia.net.   9m37s IN A      209.226.175.237
dns1.sympatico.ca.    14m7s IN A      204.101.251.1
dns2.sympatico.ca.    3m56s IN A      204.101.251.2

;; Total query time: 46 msec
;; FROM: dru.domain.org to SERVER: 209.226.175.236
;; WHEN: Sun Apr 11 14:30:14 2004
;; MSG SIZE  sent: 30  rcvd: 182

Your output will be divided into several SECTIONs. For now, concentrate on the ANSWER SECTION, which contains the answer to your dig query. My ISP uses four DNS name servers, as seen in my answer. Each name server uses an IN (IPv4) record and a NS (name server) record. However, the answer shows the names of the name servers. You don't want to use names for name resolution; you want the IP addresses of your name servers.

You'll find those names mapped to IP addresses in the ADDITIONAL SECTION.

dig is also handy if you ever forget the name or IP address of your ISP's SMTP or mail server. This time, query for the mx, or mail exchange record. Here, I've shown only the ANSWER SECTION for brevity:

% dig mx sympatico.ca
(snip)
;; ANSWER SECTION:
sympatico.ca.         20m34s IN MX    5 mta2.sympatico.ca.
sympatico.ca.         20m34s IN MX    5 mta3.sympatico.ca.
sympatico.ca.         20m34s IN MX    5 mta1.sympatico.ca.
(snip)

My ISP has three SMTP servers. See that number between the MX and the name of the mail server? That's the priority number. My ISP's mail servers all have the same priority; however, some ISPs use different priorities. If yours does, choose the mail server with the lowest priority number, as it has the highest priority.

Verifying Your DHCP Lease

If your IP settings are assigned by a DHCP server, you can see all of your settings at once by viewing your current lease.

The lease itself is contained within curly brackets. If you have several leases, the one at the top of the file is your most recent lease.

% more /var/db/dhclient.leases
lease {
  interface "ed0";
  fixed-address 192.168.2.12;
  option subnet-mask 255.255.255.0;
  option time-offset -18000;
  option dhcp-lease-time 345600;
  option routers 192.168.2.100;
  option dhcp-message-type 5;
  option dhcp-server-identifier 192.168.2.100;
  option domain-name-servers 209.226.175.236,204.101.251.1,204.101.251.2;
  renew 2 2004/4/13 02:13:03;
  rebind 3 2004/4/14 23:34:37;
  expire 4 2004/4/15 11:34:37;
}

Adding an Interface

It's one thing to know how to verify your interface configuration, but what if you need to configure an interface? Let's say you've just added another NIC to your system. Once your computer reboots, you'll want to verify that the new NIC was recognized. You can use ifconfig and look for an additional interface. You could also search the boot probe messages for found Ethernet addresses. Remember to include a capital E in your search:

% grep Ethernet /var/run/dmesg.boot 
rl0: Ethernet address: 00:05:5d:d2:19:b7
rl1: Ethernet address: 00:05:5d:d1:ff:9d
ed0: <NE2000 PCI Ethernet (RealTek 8029)> port 0x9800-0x981f irq 10 at 
device 11.0 on pci0

If your new NIC is listed, it's ready to be configured -- but what if the new NIC wasn't found at bootup? The first question to ask yourself is, "Have I created a custom kernel?" If so, check your kernel configuration file; you may have removed the driver required by the new NIC.

If that's not the issue, you may have to reboot and examine your CMOS settings. Have you disabled any IRQs? Do you have enabled onboard devices that you don't use? If so, they may be wasting an IRQ, and there aren't any left over for your new NIC. If you do decide to change a CMOS setting, record the original value on a piece of paper. Change one setting, boot up and see if it made a difference. Repeat as necessary.

If the NIC is PCI, check your CMOS PnP OS setting. Sometimes changing it from yes to no will resolve the issue. Also, sometimes seating the NIC in another PCI slot solves the problem. Finally, as a last resort, you can determine if it is an IRQ problem by removing all cards except the new NIC and your video card. If the NIC is recognized, you have more cards than you have IRQs.

Configuring IP Address Information

Once your NIC is recognized, decide whether to set the IP address information manually or to use a DHCP server. Either method requires a change to /etc/rc.conf. If you prefer, you can use /stand/sysinstall, which will edit this file for you. This is the same utility you used when you installed your FreeBSD system. Once the utility starts, choose Configure, then Networking, and then use your space bar to select Interfaces.

Otherwise, edit /etc/rc.conf directly using your favorite text editor. For example, these lines statically assign an IP address and subnet mask to rl0, and set the default gateway:

ifconfig_rl0="inet 192.168.2.25 netmask 255.255.255.0" \
  defaultrouter="192.168.2.100"

Also, if you're using static IP addressing, don't forget to add the IP addresses of your DNS servers to /etc/resolv.conf.

If you instead use a DHCP server to receive your IP address information, you only need to add one line to /etc/rc.conf:

ifconfig_rl0="DHCP"

You don't need to add your default router or DNS server addresses, as the lease assigned by your DNS server should include this information.

When you've saved your changes to /etc/rc.conf, initialize your network settings:

# /etc/netstart

Note: If you ever need to renew your DHCP lease, use this command, but substitute rl0 for the name of your NIC:

# dhclient -r rl0

Optimizing Your Configuration

Unless you have an extremely old NIC, or you specifically purchased a 100Mbps NIC, your NIC is 10/100Mbps. This means it is capable of negotiating a speed of 10 or 100 Mbps. It most likely also negotiates either half-duplex (cannot send and receive simultaneously) or full-duplex (can send and receive simultaneously) operation. This negotiation process occurs between the NIC and the hub or switch at the other end of your networking cable.

Obviously, 100Mbps at full-duplex is much better than 10Mbps at half-duplex. The limiting factor will be the hub or switch; its documentation will indicate its speed and mode of operation. If it doesn't support 100Mbps or full-duplex, you're not getting the most out of your NIC and your networking experience will be much slower.

However, you should also be aware that even if the hub or switch supports 100Mbps and full-duplex mode, the NIC and the hub or switch still renegotiate these values on an ongoing basis. If your NIC is always plugged into the same hub or switch, it makes sense to set these values to save the overhead of negotiation.

Whether you can do this depends upon the driver for your NIC, so carefully read the man 4 for your driver. In my example network, I would be better off unplugging my ed0 and instead using one of the RealTek interfaces. Why? man 4 ed indicates that this particular driver only supports 10Mbps at half-duplex mode (IEEE 802.3 CSMA). However, man 4 rl indicates that this driver can be configured to use 100Mbps and full-duplex operation.

Here is an example of the lines I would use in /etc/rc.conf:

ifconfig_rl0="DHCP"
ifconfig_rl0="100baseTX mediaopt full-duplex"

There are several things to make note of here. One, the manpage will indicate which options are available and how to set them. Two, don't try to add a setting that your NIC driver doesn't support, as indicated by its manpage. Third, don't change your speed and duplex mode to a value that your hub or switch doesn't support!

To see if my changes worked, I'll plug my network cable into rl0 and issue the command /etc/netstart. I'll then check out the results:

% ifconfig rl0
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=8<VLAN_MTU>
    inet 192.168.2.87 netmask 0xffffff00 broadcast 192.168.2.255
    ether 00:05:5d:d2:19:b7
    media: Ethernet autoselect (100baseTX <full-duplex>)
    status: active

Success!

This article has covered most of the configuration scenarios for Ethernet NICs. You should also refer to the "Setting Up Network Interface Cards" section of the handbook.

In the next few articles, I'd like to concentrate on printing.

Dru Lavigne is a network and systems administrator, IT instructor, author and international speaker. She has over a decade of experience administering and teaching Netware, Microsoft, Cisco, Checkpoint, SCO, Solaris, Linux, and BSD systems. A prolific author, she pens the popular FreeBSD Basics column for O'Reilly and is author of BSD Hacks and The Best of FreeBSD Basics.


Read more FreeBSD Basics columns.

Return to the BSD DevCenter.

Copyright © 2009 O'Reilly Media, Inc.