ip command in Linux with examples

  • Post author:
  • Post last modified:November 14, 2024
  • Reading time:17 mins read

1.0 INTRODUCTION

The iproute2 package contains utilities for network and traffic control. The major commands in iproute2 package are the ip command for IPV4 and IPV6 configuration and tc for traffic control. These commands replace the older ifconfig and the route commands of the net-tools package. iproute2 package utilities use the Netlink interface to communicate with the kernel as compared to the ioctl calls used by the net-tools package commands.

2.0 The ip command

The syntax of the ip command is,

ip <OBJECT> <command>

The <OBJECT> can be one of the following:

  • addr,
  • addrlabel,
  • route,
  • rule,
  • neigh,
  • link,
  • tunnel,
  • maddr, and
  • mroute.

Each OBJECT defines a group of commands. We will look at some of these command groups individually.

2.1 ip addr command

The addr object relates to the IP address on a device. There are four commands for ip addr,

  • ip addr add
  • ip addr del
  • ip addr show
  • ip addr flush

Examples:

2.1.1 ip addr show command

ip addr show command displays the IP addresses. 

$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:1d:7d:5b:2b:df brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.36/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::21d:7dff:fe5b:2bdf/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff

The ip addr show command is a replacement for the older ifconfig command. However, ifconfig prints statistics like RX and TX packets, bytes, errors, etc. which is not printed by the ip addr show command. How do we get that? The answer lies in printing the /proc/net/dev file, 

$ cat /proc/net/dev
Inter-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed  
  eth0: 17421735   30107    0    0    0     0          0         0  4301728   25450    0    0    0     0       0          0
  eth1:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
    lo:  160378    1721    0    0    0     0          0         0   160378    1721    0    0    0     0       0          0

Another option is the ip -s link command, which gives the statistics for the network devices. 

$ ip -s link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX: bytes  packets  errors  dropped overrun mcast   
    161021     1725     0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    161021     1725     0       0       0       0      
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:1d:7d:5b:2b:df brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    17470828   30198    0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    4307799    25523    0       0       0       0      
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000  
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast   
    0          0        0       0       0       0      
    TX: bytes  packets  errors  dropped carrier collsns 
    0          0        0       0       0       0

We can pass the device id as a parameter and see the IP addresses assigned to that device. 

$ ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:1d:7d:5b:2b:df brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.36/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::21d:7dff:fe5b:2bdf/64 scope link 
       valid_lft forever preferred_lft forever

The devices are grouped. We can pass the group id as a parameter and see the addresses assigned to devices of that group. For example, for the group default, 

$ ip addr show group default
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:1d:7d:5b:2b:df brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.36/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::21d:7dff:fe5b:2bdf/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff

2.1.2 ip addr add command

We can use the ip addr add command to add IP (IPV4 or IPv6) addresses to a network device. It is possible to add multiple IP addresses to a device. 

$ ip addr add 192.168.2.1 dev eth1
RTNETLINK answers: Operation not permitted
$ sudo ip addr add 192.168.2.1 dev eth1
$ ip addr show eth1
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/32 scope global eth1
       valid_lft forever preferred_lft forever
$ sudo ip addr add 192.168.2.2 dev eth1
$ ip addr show eth1
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/32 scope global eth1
       valid_lft forever preferred_lft forever
    inet 192.168.2.2/32 scope global eth1
       valid_lft forever preferred_lft forever
$ sudo ip addr add ::ffff:192.0.2.3 dev eth1
$ ip addr show eth1
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/32 scope global eth1
       valid_lft forever preferred_lft forever
    inet 192.168.2.2/32 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 ::ffff:192.0.2.3/128 scope global tentative 
       valid_lft forever preferred_lft forever

2.1.3 ip addr del command

Similar to add, we can delete IP address with the ip addr del command. 

$ sudo ip addr add 192.168.2.1 dev eth1
$ sudo ip addr add ::ffff:192.0.2.3 dev eth1
$ ip addr show eth1
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/32 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 ::ffff:192.0.2.3/128 scope global tentative 
       valid_lft forever preferred_lft forever
$ sudo ip addr del 192.168.2.1/32 dev eth1
$ ip addr show eth1
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
    inet6 ::ffff:192.0.2.3/128 scope global tentative 
       valid_lft forever preferred_lft forever

2.1.4 ip addr flush command

The ip addr flush command removes multiple the IP addresses of a device along with any associated (routing) information. For example, 

$ ip addr show enp2s0
2: enp2s0:  mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 30:d0:42:12:e9:66 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.2/32 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet 192.168.2.3/32 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80:0:30:d0:42:12:e9:66/128 scope link tentative 
       valid_lft forever preferred_lft forever
$ 
$ # delete all IP addresses for enp2s0
$ 
$ sudo ip addr flush enp2s0
$ 
$ ip addr show enp2s0
2: enp2s0:  mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 30:d0:42:12:e9:66 brd ff:ff:ff:ff:ff:ff
$ 
$ # Another example
$
$ ip addr show enp2s0
2: enp2s0:  mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 30:d0:42:12:e9:66 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.2/32 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet 192.168.2.3/32 scope global enp2s0
       valid_lft forever preferred_lft forever
    inet6 fe80:0:30:d0:42:12:e9:66/128 scope link tentative 
       valid_lft forever preferred_lft forever
$ 
$ # delete all _IPV4_ addresses
$ 
$ sudo ip -4 addr flush enp2s0
$ 
$ ip addr show enp2s0
2: enp2s0:  mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 30:d0:42:12:e9:66 brd ff:ff:ff:ff:ff:ff
    inet6 fe80:0:30:d0:42:12:e9:66/128 scope link tentative 
       valid_lft forever preferred_lft forever
$

2.2 ip addrlabel command

For making a network connection between two machines, the respective host IP addresses are required. Both the source and target machines can have multiple IP addresses. So a decision has to be made as to which address should be used. The algorithms for selection of respective source and destination IP addresses are given in RFC 3484. The algorithms make use of a policy table. The policy table has precedence and label fields for each IPv6 address prefix. With the ip addrlabel commands, we can list and modify the labels associated with relevant IP address prefix.

The commands for the addrlabel object are:

  • ip addrlabel add
  • ip addrlabel del
  • ip addrlabel list
  • ip addrlabel flush
$ ip addrlabel list
prefix ::1/128 label 0 
prefix ::/96 label 3 
prefix ::ffff:0.0.0.0/96 label 4 
prefix 2001::/32 label 6 
prefix 2001:10::/28 label 7 
prefix 3ffe::/16 label 12 
prefix 2002::/16 label 2 
prefix fec0::/10 label 11 
prefix fc00::/7 label 5 
prefix ::/0 label 1 
$ ip addrlabel list | sort -n --key=4.1
prefix ::1/128 label 0 
prefix ::/0 label 1 
prefix 2002::/16 label 2 
prefix ::/96 label 3 
prefix ::ffff:0.0.0.0/96 label 4 
prefix fc00::/7 label 5 
prefix 2001::/32 label 6 
prefix 2001:10::/28 label 7 
prefix fec0::/10 label 11 
prefix 3ffe::/16 label 12

And, for example, for ip addrlabel add and ip addrlabel del, 

$ sudo ip addrlabel del prefix fec0::/10 label 11
$ ip addrlabel list | sort -n --key=4.1
prefix ::1/128 label 0 
prefix ::/0 label 1 
prefix 2002::/16 label 2 
prefix ::/96 label 3 
prefix ::ffff:0.0.0.0/96 label 4 
prefix fc00::/7 label 5 
prefix 2001::/32 label 6 
prefix 2001:10::/28 label 7 
prefix 3ffe::/16 label 12 
$ sudo ip addrlabel add prefix fec0::/10 label 1
$ ip addrlabel list | sort -n --key=4.1
prefix ::1/128 label 0 
prefix ::/0 label 1 
prefix fec0::/10 label 1 
prefix 2002::/16 label 2 
prefix ::/96 label 3 
prefix ::ffff:0.0.0.0/96 label 4 
prefix fc00::/7 label 5 
prefix 2001::/32 label 6 
prefix 2001:10::/28 label 7 
prefix 3ffe::/16 label 12

2.3 ip route command

The ip route command is for printing and updating the kernel IP routing table. The kernel keeps a routing table which consists of routes for forwarding IP packets on each network interface. The ip route command is a replacement for the earlier route command.

The commands for the route object are:

  • ip route add
  • ip route del
  • ip route change
  • ip route append
  • ip route replace
  • ip route list
  • ip route save
  • ip route restore
  • ip route flush
  • ip route get

Examples: 

$ # print routing table
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
$ # add a route to network 192.168.2.0
$ sudo ip route add 192.168.2.0/24 via 192.168.2.1 dev eth1 proto static
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
192.168.2.0/24 via 192.168.2.1 dev eth1  proto static 
$ # delete route 192.168.2.0/24
$ sudo ip route del 192.168.2.0/24
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
$ # add route to 192.168.2.0 
$ sudo ip route add 192.168.2.0/24 via 192.168.2.1 dev eth1 proto static
$ # change route to 192.168.2.0 via 192.168.2.2
$ sudo ip route change 192.168.2.0/24 via 192.168.2.2 dev eth1 proto static
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
192.168.2.0/24 via 192.168.2.2 dev eth1  proto static 
$ # route 192.168.2.0 back via 192.168.2.1
$ sudo ip route replace 192.168.2.0/24 via 192.168.2.1 dev eth1 proto static
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
192.168.2.0/24 via 192.168.2.1 dev eth1  proto static 
$ # get route to 192.168.2.9
$ ip route get 192.168.2.9
192.168.2.9 dev eth1  src 192.168.2.1 
    cache 
$

There is a concept of route type, which can be unicast, local, broadcast, multicast, throw, unreachable, prohibit, blackhole and nat. The default route type is unicast. We can use other route types to block a route. For example, 

$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
$ sudo ip route add unreachable 192.168.2.1
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
unreachable 192.168.2.1 
$ sudo ip route add prohibit 192.168.2.2
$ sudo ip route add blackhole 192.168.3.0/24
$ sudo ip route add throw 192.168.1.23
$ ip route list
default via 192.168.1.1 dev eth0  proto static 
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.36  metric 1 
throw 192.168.1.23 
unreachable 192.168.2.1 
prohibit 192.168.2.2 
blackhole 192.168.3.0/24 
$

When a routing request returns a destination with unreachable type, and ICMP unreachable is generated and returned to the source address. Similarly, when a routing request returns a destination with prohibit type, and ICMP prohibit is generated and returned to the source address. For blackhole, packet is simply discarded and no ICMP is sent. A throw causes the route lookup process to fail and the route selection process returns to the routing policy database.

2.4 ip link command

The link object relates to network devices. A link is a network device. The commands for the link object are:

  • ip link add
  • ip link delete
  • ip link set
  • ip link show

Examples: 

$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000  
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:1d:7d:5b:2b:df brd ff:ff:ff:ff:ff:ff
4: wlan1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DORMANT group default qlen 1000
    link/ether 7c:dd:90:4e:30:5d brd ff:ff:ff:ff:ff:ff

With ip link add, we can add a virtual link as with ip link delete, we can delete a virtual link. ip link set is used for changing device attributes. ip link set is a replacement for the earlier nameif command. ip link show is used for displaying device attributes. For example, 

$ ip link show
  ...
3: eth1:  mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff
$ sudo ip link set eth1 down
$ ip link show
  ... 
3: eth1:  mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:1b:11:16:2b:da brd ff:ff:ff:ff:ff:ff

2.5 ip neigh command

The Address Resolution Protocol (ARP) deals with the translation of network IP addresses into corresponding physical (like media access control, or MAC) addresses within a single network. The entries for network to physical translation for a network link are kept in system tables. With neigh commands, we can view, add, modify and delete these entries. The commands are,

  • ip neigh add
  • ip neigh del
  • ip neigh change
  • ip neigh replace
  • ip neigh show
  • ip neigh flush

Examples: 

$ ip neigh show
fe80::1 dev eth0 lladdr a6:22:35:f1:d2:99 router STALE
192.168.1.1 dev eth0 lladdr a6:22:35:f1:d2:99 REACHABLE
$ ip neigh add 192.168.1.35 lladdr 58:a2:b5:d1:11:e3 dev eth0 nud perm
$ ip neigh show
fe80::1 dev eth0 lladdr a6:22:35:f1:d2:99 router STALE
192.168.1.1 dev eth0 lladdr a6:22:35:f1:d2:99 REACHABLE
192.168.1.35 dev eth0 lladdr 58:a2:b5:d1:11:e3 PERMANENT
$ sudo ip neigh change 192.168.1.35 dev eth0 nud reachable
$ ip neigh show
fe80::1 dev eth0 lladdr a6:22:35:f1:d2:99 router STALE
192.168.1.1 dev eth0 lladdr a6:22:35:f1:d2:99 REACHABLE
192.168.1.35 dev eth0 lladdr a9:22:56:de:f9:11 REACHABLE
$ sudo ip neigh del 192.168.1.35 dev eth0
$ ip neigh show
fe80::1 dev eth0 lladdr a6:22:35:f1:d2:99 router STALE
192.168.1.1 dev eth0 lladdr a6:22:35:f1:d2:99 REACHABLE
192.168.1.35 dev eth0  FAILED

2.6 Abbreviation

It is possible to abbreviate the ip commands to the maximum extent possible. For example, it is possible to write ip addr show as simply, ip a s. 

$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    ...
$ ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    ...
Tags: , , , , , , , , , , ,

Karunesh Johri

Software developer, working with C and Linux.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments