Dr Andrew Scott G7VAV

MBCS, MIET, Member ACM, Member IEEE

Senior Lecturer
School of Computing
and Communications

D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom

June 2025
26	27	28	29	30	31	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	1	2	3	4	5	6

INTERFACES

Section: File formats (5)
Updated: 5 April 2004
Index Return to Main Contents

NAME

/etc/network/interfaces - network interface configuration for ifup and ifdown

DESCRIPTION

/etc/network/interfaces contains network interface configuration information for the ifup(8) and ifdown(8) commands. This is where you configure how your system is connected to the network.

Lines starting with `#' are ignored. Note that end-of-line comments are NOT supported, comments must be on a line of their own.

A line may be extended across multiple lines by making the last character a backslash.

The file consists of zero or more "iface", "mapping", "auto", "allow-" and "source" stanzas. Here is an example.

auto lo eth0
allow-hotplug eth1

iface lo inet loopback

source interfaces.d/machine-dependent

mapping eth0 
        script /usr/local/sbin/map-scheme
        map HOME eth0-home
        map WORK eth0-work

iface eth0-home inet static
        address 192.168.1.1
        netmask 255.255.255.0
        up flush-mail

iface eth0-work inet dhcp

iface eth1 inet dhcp

Lines beginning with the word "auto" are used to identify the physical interfaces to be brought up when ifup is run with the -a option. (This option is used by the system boot scripts.) Physical interface names should follow the word "auto" on the same line. There can be multiple "auto" stanzas. ifup brings the named interfaces up in the order listed.

Lines beginning with "allow-" are used to identify interfaces that should be brought up automatically by various subsytems. This may be done using a command such as "ifup --allow=hotplug eth0 eth1", which will only bring up eth0 or eth1 if it is listed in an "allow-hotplug" line. Note that "allow-auto" and "auto" are synonyms.

Lines beginning with "source" are used to include stanzas from other files, so configuration can be split into many files. The word "source" is followed by the path of file to be sourced. Shell wildcards can be used. (See wordexp(3) for details.)

Stanzas beginning with the word "mapping" are used to determine how a logical interface name is chosen for a physical interface that is to be brought up. The first line of a mapping stanza consists of the word "mapping" followed by a pattern in shell glob syntax. Each mapping stanza must contain a script definition. The named script is run with the physical interface name as its argument and with the contents of all following "map" lines (without the leading "map") in the stanza provided to it on its standard input. The script must print a string on its standard output before exiting. See /usr/share/doc/ifupdown/examples for examples of what the script must print.

Mapping a name consists of searching the remaining mapping patterns and running the script corresponding to the first match; the script outputs the name to which the original is mapped.

ifup is normally given a physical interface name as its first non-option argument. ifup also uses this name as the initial logical name for the interface unless it is accompanied by a suffix of the form =LOGICAL, in which case ifup chooses LOGICAL as the initial logical name for the interface. It then maps this name, possibly more than once according to successive mapping specifications, until no further mappings are possible. If the resulting name is the name of some defined logical interface then ifup attempts to bring up the physical interface as that logical interface. Otherwise ifup exits with an error.

Stanzas defining logical interfaces start with a line consisting of the word "iface" followed by the name of the logical interface. In simple configurations without mapping stanzas this name should simply be the name of the physical interface to which it is to be applied. (The default mapping script is, in effect, the echo command.) The interface name is followed by the name of the address family that the interface uses. This will be "inet" for TCP/IP networking, but there is also some support for IPX networking ("ipx"), and IPv6 networking ("inet6"). Following that is the name of the method used to configure the interface.

Additional options can be given on subsequent lines in the stanza. Which options are available depends on the family and method, as described below. Additional options can be made available by other Debian packages. For example, the wireless-tools package makes available a number of options prefixed with "wireless-" which can be used to configure the interface using iwconfig(8). (See wireless(7) for details.)

Options are usually indented for clarity (as in the example above) but are not required to be.

IFACE OPTIONS

The following "command" options are available for every family and method. Each of these options can be given multiple times in a single stanza, in which case the commands are executed in the order in which they appear in the stanza. (You can ensure a command never fails by suffixing "|| true".)

pre-up command: Run command before bringing the interface up. If this command fails then ifup aborts, refraining from marking the interface as configured, prints an error message, and exits with status 0. This behavior may change in the future.
up command
post-up command: Run command after bringing the interface up. If this command fails then ifup aborts, refraining from marking the interface as configured (even though it has really been configured), prints an error message, and exits with status 0. This behavior may change in the future.
down command
pre-down command: Run command before taking the interface down. If this command fails then ifdown aborts, marks the interface as deconfigured (even though it has not really been deconfigured), and exits with status 0. This behavior may change in the future.
post-down command: Run command after taking the interface down. If this command fails then ifdown aborts, marks the interface as deconfigured, and exits with status 0. This behavior may change in the future.

There exists for each of the above mentioned options a directory /etc/network/if-<option>.d/ the scripts in which are run (with no arguments) using run-parts(8) after the option itself has been processed. Please note that as post-up and pre-down are aliases, no files in the corresponding directories are processed. Please use if-up.d and if-down.d directories instead.

All of these commands have access to the following environment variables.

IFACE: physical name of the interface being processed
LOGICAL: logical name of the interface being processed
ADDRFAM: address family of the interface
METHOD: method of the interface (e.g., static)
MODE: start if run from ifup, stop if run from ifdown
PHASE: as per MODE, but with finer granularity, distinguishing the pre-up, post-up, pre-down and post-down phases.
VERBOSITY: indicates whether --verbose was used; set to 1 if so, 0 if not.
PATH: the command search path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

Additionally, all options given in an interface definition stanza are exported to the environment in upper case with "IF_" prepended and with hyphens converted to underscores and non-alphanumeric characters discarded.

INET ADDRESS FAMILY

This section documents the methods available in the inet address family.

The loopback Method

This method may be used to define the IPv4 loopback interface.

Options

(No options)

The static Method

This method may be used to define ethernet interfaces with statically allocated IPv4 addresses.

Options

address address: Address (dotted quad/netmask) required
netmask mask: Netmask (dotted quad or CIDR)
broadcast broadcast_address: Broadcast address (dotted quad, + or -) Default value: +
metric metric: Routing metric for default gateway (integer)
gateway address: Default gateway (dotted quad)
pointopoint address: Address of other end point (dotted quad). Note the spelling of "point-to".
hwaddress address: Link local address.
mtu size: MTU size
scope: Address validity scope. Possible values: global, link, host

The manual Method

This method may be used to define interfaces for which no configuration is done by default. Such interfaces can be configured manually by means of up and down commands or /etc/network/if-*.d scripts.

Options

(No options)

The dhcp Method

This method may be used to obtain an address via DHCP with any of the tools: dhclient, pump, udhcpc, dhcpcd. (They have been listed in their order of precedence.) If you have a complicated DHCP setup you should note that some of these clients use their own configuration files and do not obtain their configuration information via ifup.

Options

hostname hostname: Hostname to be requested (pump, dhcpcd, udhcpc)
leasehours leasehours: Preferred lease time in hours (pump)
leasetime leasetime: Preferred lease time in seconds (dhcpcd)
vendor vendor: Vendor class identifier (dhcpcd)
client client: Client identifier (dhcpcd, udhcpc)
hwaddress address: Hardware Address.

The bootp Method

This method may be used to obtain an address via bootp.

Options

bootfile file: Tell the server to use file as the bootfile.
server address: Use the IP address address to communicate with the server.
hwaddr addr: Use addr as the hardware address instead of whatever it really is.

The tunnel Method

This method is used to create GRE or IPIP tunnels. You need to have the ip binary from the iproute package. For GRE tunnels, you will need to load the ip_gre module and the ipip module for IPIP tunnels.

Options

address address: Local address (dotted quad) required
mode type: Tunnel type (either GRE or IPIP) required
endpoint address: Address of other tunnel endpoint required
dstaddr address: Remote address (remote address inside tunnel)
local address: Address of the local endpoint
gateway address: Default gateway
ttl time: TTL setting
mtu size: MTU size

The ppp Method

This method uses pon/poff to configure a PPP interface. See those commands for details.

Options

provider name: Use name as the provider (from /etc/ppp/peers).
unit number: Use number as the ppp unit number.
options string: Pass string as additional options to pon.

The wvdial Method

This method uses wvdial to configure a PPP interface. See that command for more details.

Options

provider name: Use name as the provider (from /etc/wvdial.conf).

The ipv4ll Method

This method uses avahi-autoipd to configure an interface with an IPv4 Link-Layer address (169.254.0.0/16 family). This method is also known as APIPA or IPAC, and often colloquially referred to as "Zeroconf address".

Options

(No options)

IPX ADDRESS FAMILY

This section documents the methods available in the ipx address family.

The static Method

This method may be used to setup an IPX interface. It requires the ipx_interface command.

Options

frame type: type of ethernet frames to use (e.g. 802.2)
netnum id: Network number

The dynamic Method

This method may be used to setup an IPX interface dynamically.

Options

frame type: type of ethernet frames to use (e.g. 802.2)

INET6 ADDRESS FAMILY

This section documents the methods available in the inet6 address family.

The auto Method

This method may be used to define interfaces with automatically assigned IPv6 addresses. Using this method on its own doesn't mean that RDNSS options will be applied, too. To make this happen, rdnssd daemon must be installed, properly configured and running. If stateless DHCPv6 support is turned on, then additional network configuration parameters such as DNS and NTP servers will be retrieved from a DHCP server.

Options

privext int: Privacy extensions (RFC3041) (0=off, 1=assign, 2=prefer)
dhcp int: Use stateless DHCPv6 (0=off, 1=on)

The loopback Method

This method may be used to define the IPv6 loopback interface.

Options

(No options)

The static Method

This method may be used to define interfaces with statically assigned IPv6 addresses. By default, stateless autoconfiguration is disabled for this interface.

Options

address address: Address (colon delimited) required
netmask mask: Netmask (number of bits, eg 64) required
gateway address: Default gateway (colon delimited)
media type: Medium type, driver dependent
hwaddress address: Hardware address
mtu size: MTU size
accept_ra int: Accept router advertisements (0=off, 1=on)
autoconf int: Perform stateless autoconfiguration (0=off, 1=on)
privext int: Privacy extensions (RFC3041) (0=off, 1=assign, 2=prefer)
scope: Address validity scope. Possible values: global, site, link, host

The manual Method

Options

(No options)

The dhcp Method

This method may be used to obtain network interface configuration via stateful DHCPv6 with dhclient. In stateful DHCPv6, the DHCP server is responsible for assigning addresses to clients.

Options

hwaddress address: Hardware address

The v4tunnel Method

This method may be used to setup an IPv6-over-IPv4 tunnel. It requires the ip command from the iproute package.

Options

address address: Address (colon delimited)
netmask mask: Netmask (number of bits, eg 64)
endpoint address: Address of other tunnel endpoint (IPv4 dotted quad) required
local address: Address of the local endpoint (IPv4 dotted quad)
gateway address: Default gateway (colon delimited)
ttl time: TTL setting
mtu size: MTU size

The 6to4 Method

This method may be used to setup an 6to4 tunnel. It requires the ip command from the iproute package.

Options

local address: Address of the local endpoint (IPv4 dotted quad) required
ttl time: TTL setting
mtu size: MTU size

CAN ADDRESS FAMILY

This section documents the methods available in the can address family.

The static Method

This method may be used to setup an Controller Area Network (CAN) interface. It requires the the ip command from the iproute package.

Options

bitrate bitrate: bitrate (1..1000000) required
samplepoint samplepoint: sample point (0.000..0.999)
loopback loopback: loop back CAN Messages (on|off)
listenonly listenonly: listen only mode (on|off)
triple triple: activate triple sampling (on|off)
oneshot oneshot: one shot mode (on|off)
berr berr: activate berr reporting (on|off)

KNOWN BUGS/LIMITATIONS

The ifup and ifdown programs work with so-called "physical" interface names. These names are assigned to hardware by the kernel. Unfortunately it can happen that the kernel assigns different physical interface names to the same hardware at different times; for example, what was called "eth0" last time you booted is now called "eth1" and vice versa. This creates a problem if you want to configure the interfaces appropriately. A way to deal with this problem is to use mapping scripts that choose logical interface names according to the properties of the interface hardware. See the get-mac-address.sh script in the examples directory for an example of such a mapping script. See also Debian bug #101728.