ip is a new, unique for Linux utility that is a part of iproute2 package. It
was written by Alexey Kuznetsov. It designed to replace old Unix utilities ifconfig,
netstat and route.
RHEL 7 makes the ip utility the new standard way of configuring networking, although the old ifconfig utility is still available (but deprecated;
in CentOS7 it should be installed vi net-tools package, which installs ifconfig, netstat, route, arp and several other commands).
The ip utility has different set of options/parameters in comparison with ifconfig. Which now
need to be memorized, as again this is "a new brave world" of RHEL7. Some typical invocations:
Use ip address to configure and monitor network addresses. See ip address help for option
Use ip route to configure and monitor routing information. See ip route help for option
Use ip link to configure and monitor network link state
For Sysadmins who worked in RHEL6 this is usually pretty foreign utility and you need a cheatsheet to use it productively.
Among them:
So RHEL7 migrated away for earlier RHEL version in which the ifconfig utility was and is still used for validating
network configuration. and netstat for displaying routing table. They still can be used (and probably are preferred option is you
need to manage simultaneously both
RHEL5, RHEL6 and RHEL7.) But as RHEL6 end of life is 2020 you also need to learn new, unique for RHEL7 utilities, which
represent another "new way of doing things", a new brave world, if you wish ;-)
To show current network settings, you can use the ip addr show command (which can be abbreviated as ip a s
or even as ip a). The ip command does not always require you to type the complete option. The command shows the following items about its current status:
Current state: The most important part of this line is the text state UP, which shows that this network card is currently
up and available.
MAC address configuration: This is the unique MAC address that is set for every network card. You can see the MAC address
itself (00:0c:29:b8:8c:eb), as well as the corresponding broadcast address.
IPv4 configuration: This line shows the IP address that is currently set, as well as the subnet mask that is used. You
can also see the broadcast address that is used for this network configuration.
IPv6 configuration: This line shows the current IPv6 address and its configuration.
If you are just interested in the link state of the network interfaces, you can use the ip link show command. This command
(of which you can see the output in Listing 8.2) repeats the link state information of the ip addr show command.
[0]d620@ROOT:~ # ip addr show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp9s0: mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:1c:23:06:cb:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.23/24 brd 192.168.5.255 scope global noprefixroute dynamic enp9s0
valid_lft 70434sec preferred_lft 70434sec
inet6 fe80::4dcf:908b:d93f:808d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: wlp12s0: mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ba:36:3f:be:e5:5f brd ff:ff:ff:ff:ff:ff
4: docker0: mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:3e:20:c0:d0 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
In case the ip link show command
d620@ROOT:~ # ip link show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp9s0: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 00:1c:23:06:cb:e7 brd ff:ff:ff:ff:ff:ff
3: wlp12s0: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether ba:36:3f:be:e5:5f brd ff:ff:ff:ff:ff:ff
4: docker0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:3e:20:c0:d0 brd ff:ff:ff:ff:ff:ff
shows the current link state as down, you can temporarily bring it up again by using
ip link set, which is followed by dev devicename and up (for example, ip link set dev eno16777736 up).
Validating Network Configuration
Type ip -s link. This shows all existing network connections, in addition to statistics about the number of
packets that have been sent and associated error messages.
Type ip addr show. Youll see the current address assignments for network interfaces on your server.
Validating Routing
One important aspect of networking is routing. On every network that needs to communicate to nodes on other networks, routing is
a requirement. Every network has, at least, a default router (also called the default gateway) that is set, and you can see which router
is used as the default router by using the command ip route show Routers use network IDs to determine network traffic. Built
into this router is a routing table, the actual instructions that tell the router what to do with incoming packets and where
to send them.
You should always perform one quick check to verify that your router is set correctly: the default router at all times must be on
the same network as the local IP address that your network card is using.
[130] d620@ROOT:~ # ip route show
default via 192.168.5.1 dev enp9s0 proto dhcp metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.5.0/24 dev enp9s0 proto kernel scope link src 192.168.5.23 metric 100
Checking the Availability of Ports and Services
Network problems can be related to the local IP and router settings but can also be related to network ports that are not available
on your server or on a remote server. To verify availability of ports on your server, you can use the netstat command, or the
newer ss command, which provides the same functionality.
By typing ss -ls you will get summary of used ports
Notice where the port is listening on. Some ports are only listening on the IPv4 loopback address 127.0.0.1 or the IPv6 loopback
address ::1, which means that they are locally accessible only. Other ports are listening on *, which stands for all IPv4 addresses,
or on :::*, which represents all ports on all IPv6 addresses.
Verifying Network Settings
1. Open a root shell to your server and type ip addr show. This shows the current network configuration. Note the
IPv4 address that is used. Notice the network device names that are used; you need these later in this exercise.
2. Type ip route show to verify routing configuration.
3. If your computer is connected to the Internet, you can now use the ping command to verify the connection to
the Internet is working properly. Type ping -c 4 8.8.8.8, for instance, to send four packets to IP address 8.8.8.8. If your
Internet connection is up and running, you should get "echo reply" answers.
4. Type ip addr add 10.0.0.10/24 dev <yourdevicename>.
5. Type ip addr show. Youll see the newly set IP address, in addition to the IP address that was already in use.
6. Type ifconfig. Notice that you do not see the newly set IP address (and there are no options with the ifconfig
command that allow you to see it). This is one example of why you should not use the ifconfig command anymore.
7. Type ss -tul. Youll now see a list of all UDP and TCP ports that are listening on your server.
Display routing table(s)
ip route
Provide IP info / gateway to the new corporate table.
ip route add 192.168.0.0/24 dev eth0 src 192.168.0.99 table corporate
ip route add default via 192.168.0.1 dev eth0 table corporate
Create IP rules to handle inbound / outbound traffic:
ip rule add from 192.168.0.99/32 table corporate
ip rule add to 192.168.0.99/32 table corporate
ip link setDEVICE { up | down | arp { on
| off } |
promisc { on | off } |
allmulti { on | off } |
dynamic { on | off } |
multicast { on | off } |
txqueuelenPACKETS |
nameNEWNAME |
addressLLADDR | broadcastLLADDR |
mtuMTU }
ip mroute show [ PREFIX ] [ fromPREFIX ] [ iifDEVICE ]
ip monitor [ all | LISTofOBJECTS ]
Options
-V, -Version
print the version of the ip utility and exit.
-s, -stats, -statistics
output more information. If the option appears twice or more, the amount
of information increases. As a rule, the information is statistics or some time
values.
-f, -family
followed by protocol family identifier: inet, inet6 or
link ,enforce the protocol family to use. If the option is not present,
the protocol family is guessed from other arguments. If the rest of the command
line does not give enough information to guess the family, ip falls back
to the default one, usually inet or any. link is a special
family identifier meaning that no networking protocol is involved.
-4
shortcut for -family inet.
-6
shortcut for -family inet6.
-0
shortcut for -family link.
-o, -oneline
output each record on a single line, replacing line feeds with the '�
character. This is convenient when you want to count records with wc(1) or to grep(1) the output.
-r, -resolve
use the system's name resolver to print DNS names instead of host addresses.
Ip - Command Syntax
OBJECT
link
- network device.
address
- protocol (IP or IPv6) address on a device.
neighbour
- ARP or NDISC cache entry.
route
- routing table entry.
rule
- rule in routing policy database.
maddress
- multicast address.
mroute
- multicast routing cache entry.
tunnel
- tunnel over IP.
The names of all objects may be written in full or abbreviated form, f.e.
address is abbreviated as addr or just a.
COMMAND
Specifies the action to perform on the object. The set of possible actions
depends on the object type. As a rule, it is possible to add, delete
and show (or list ) objects, but some objects do not allow all
of these operations or have some additional commands. The help command
is available for all objects. It prints out a list of available commands and
argument syntax conventions.
If no command is given, some default command is assumed. Usually it is
list or, if the objects of this class cannot be listed, help.
ip link - network device configuration
link is a network device and the corresponding commands display and change
the state of devices.
ip link set - change device attributes
devNAME(default)
NAME specifies network device to operate on.
up and down
change the state of the device to UP or DOWN.
arp on or arp off
change the NOARP flag on the device.
multicast on or multicast off
change the MULTICAST flag on the device.
dynamic on or dynamic off
change the DYNAMIC flag on the device.
nameNAME
change the name of the device. This operation is not recommended if the
device is running or has some addresses already configured.
txqueuelenNUMBER
txqlenNUMBER
change the transmit queue length of the device.
mtuNUMBER
change the MTU of the device.
addressLLADDRESS
change the station address of the interface.
broadcastLLADDRESS
brdLLADDRESS
peerLLADDRESS
change the link layer broadcast address or the peer address when the interface
is POINTOPOINT.
Warning: If multiple parameter changes are requested, ip aborts
immediately after any of the changes have failed. This is the only case when
ip can move the system to an unpredictable state. The solution is to
avoid changing several parameters with one ip link set call.
ip link show - display device attributes
devNAME(default)
NAME specifies the network device to show. If this argument is omitted
all devices are listed.
up
only display running interfaces.
ip address - protocol address management.
The address is a protocol (IP or IPv6) address attached to a network device.
Each device must have at least one address to use the corresponding protocol. It
is possible to have several different addresses attached to one device. These addresses
are not discriminated, so that the term alias is not quite appropriate for
them and we do not use it in this document.
The ip addr command displays addresses and their properties, adds new
addresses and deletes old ones.
ip address add - add new protocol address.
devNAME
the name of the device to add the address to.
localADDRESS(default)
the address of the interface. The format of the address depends on the protocol.
It is a dotted quad for IP and a sequence of hexadecimal halfwords separated
by colons for IPv6. The ADDRESS may be followed by a slash and a decimal
number which encodes the network prefix length.
peerADDRESS
the address of the remote endpoint for pointopoint interfaces. Again, the
ADDRESS may be followed by a slash and a decimal number, encoding the
network prefix length. If a peer address is specified, the local address cannot
have a prefix length. The network prefix is associated with the peer rather
than with the local address.
broadcastADDRESS
the broadcast address on the interface.
It is possible to use the special symbols '+' and '-' instead
of the broadcast address. In this case, the broadcast address is derived by
setting/resetting the host bits of the interface prefix.
labelNAME
Each address may be tagged with a label string. In order to preserve compatibility
with Linux-2.0 net aliases, this string must coincide with the name of the device
or must be prefixed with the device name followed by colon.
scopeSCOPE_VALUE
the scope of the area where this address is valid. The available scopes
are listed in file /etc/iproute2/rt_scopes. Predefined scope values are:
global - the address is globally valid.
site - (IPv6 only) the address is site local, i.e. it is valid inside
this site.
link - the address is link local, i.e. it is valid only on this device.
host - the address is valid only inside this host.
ip address delete - delete protocol address
Arguments: coincide with the arguments of ip addr add. The
device name is a required argument. The rest are optional. If no arguments are
given, the first address is deleted.
ip address show - look at protocol addresses
devNAME(default)
name of device.
scopeSCOPE_VAL
only list addresses with this scope.
toPREFIX
only list addresses matching this prefix.
labelPATTERN
only list addresses with labels matching the PATTERN. PATTERN
is a usual shell style pattern.
dynamic and permanent
(IPv6 only) only list addresses installed due to stateless address configuration
or only list permanent (not dynamic) addresses.
tentative
(IPv6 only) only list addresses which did not pass duplicate address detection.
deprecated
(IPv6 only) only list deprecated addresses.
primary and secondary
only list primary (or secondary) addresses.
ip address flush - flush protocol addresses
This command flushes the protocol addresses selected by some criteria.
This command has the same arguments as show. The difference is that
it does not run when no arguments are given.
Warning: This command (and other flush commands described below)
is pretty dangerous. If you make a mistake, it will not forgive it, but will
cruelly purge all the addresses.
With the -statistics option, the command becomes verbose. It prints
out the number of deleted addresses and the number of rounds made to flush the
address list. If this option is given twice, ip addr flush also dumps
all the deleted addresses in the format described in the previous subsection.
ip neighbour - neighbour/arp tables management.
neighbour objects establish bindings between protocol addresses and link
layer addresses for hosts sharing the same link. Neighbour entries are organized
into tables. The IPv4 neighbour table is known by another name - the ARP table.
The corresponding commands display neighbour bindings and their properties, add
new neighbour entries and delete old ones.
ip neighbour add - add a new neighbour entry
ip neighbour change - change an existing entry
ip neighbour replace - add a new entry or change an existing one
These commands create new neighbour records or update existing ones.
toADDRESS(default)
the protocol address of the neighbour. It is either an IPv4 or IPv6 address.
devNAME
the interface to which this neighbour is attached.
lladdrLLADDRESS
the link layer address of the neighbour. LLADDRESS can also be
null.
nudNUD_STATE
the state of the neighbour entry. nud is an abbreviation for 'Neigh
bour Unreachability Detection'. The state can take one of the following values:
permanent - the neighbour entry is valid forever and can be only be removed
administratively.
noarp - the neighbour entry is valid. No attempts to validate this entry
will be made but it can be removed when its lifetime expires.
reachable - the neighbour entry is valid until the reachability timeout
expires.
stale - the neighbour entry is valid but suspicious. This option to
ip neigh does not change the neighbour state if it was valid and the address
is not changed by this command.
ip neighbour delete - delete a neighbour entry
This command invalidates a neighbour entry.
The arguments are the same as with ip neigh add, except that lladdr
and nud are ignored.
Warning: Attempts to delete or manually change a noarp entry
created by the kernel may result in unpredictable behaviour. Particularly, the
kernel may try to resolve this address even on a NOARP interface or if
the address is multicast or broadcast.
ip neighbour show - list neighbour entries
This commands displays neighbour tables.
toADDRESS(default)
the prefix selecting the neighbours to list.
devNAME
only list the neighbours attached to this device.
unused
only list neighbours which are not currently in use.
nudNUD_STATE
only list neighbour entries in this state. NUD_STATE takes values
listed below or the special value all which means all states. This option
may occur more than once. If this option is absent, ip lists all entries
except for none and noarp.
ip neighbour flush - flush neighbour entries
This command flushes neighbour tables, selecting entries to flush by some
criteria.
This command has the same arguments as show. The differences are that
it does not run when no arguments are given, and that the default neighbour
states to be flushed do not include permanent and noarp.
With the -statistics option, the command becomes verbose. It prints
out the number of deleted neighbours and the number of rounds made to flush
the neighbour table. If the option is given twice, ip neigh flush also
dumps all the deleted neighbours.
ip route - routing table management
Manipulate route entries in the kernel routing tables keep information about
paths to other networked nodes.
Route types:
unicast - the route entry describes real paths to the destinations
covered by the route prefix.
unreachable - these destinations are unreachable. Packets are discarded
and the ICMP message host unreachable is generated. The local senders
get an EHOSTUNREACH error.
blackhole - these destinations are unreachable. Packets are discarded
silently. The local senders get an EINVAL error.
prohibit - these destinations are unreachable. Packets are discarded
and the ICMP message communication administratively prohibited is generated.
The local senders get an EACCES error.
local - the destinations are assigned to this host. The packets are
looped back and delivered locally.
broadcast - the destinations are broadcast addresses. The packets
are sent as link broadcasts.
throw - a special control route used together with policy rules. If
such a route is selected, lookup in this table is terminated pretending that
no route was found. Without policy routing it is equivalent to the absence of
the route in the routing table. The packets are dropped and the ICMP message
net unreachable is generated. The local senders get an ENETUNREACH
error.
nat - a special NAT route. Destinations covered by the prefix are
considered to be dummy (or external) addresses which require translation to
real (or internal) ones before forwarding. The addresses to translate to are
selected with the attribute Warning: Route NAT is no longer supported
in Linux 2.6.
via.
anycast - not implemented the destinations are anycast
addresses assigned to this host. They are mainly equivalent to local
with one difference: such addresses are invalid when used as the source address
of any packet.
multicast - a special type used for multicast routing. It is not present
in normal routing tables.
Route tables
Linux can pack routes into several routing tables identified by a number
in the range from 1 to 255 or by name from the file /etc/iproute2/rt_tables
main table (ID 254) and the kernel only uses this table when calculating
routes.
Actually, one other table always exists, which is invisible but even more
important. It is the local table (ID 255). This table consists of routes
for local and broadcast addresses. The kernel maintains this table automatically
and the administrator usually need not modify it or even look at it.
The multiple routing tables enter the game when policy routing is
used.
ip route add - add new route
ip route change - change route
ip route replace - change or add new one
toTYPE PREFIX(default)
the destination prefix of the route. If TYPE is omitted, ip
assumes type unicast. Other values of TYPE are listed above.
PREFIX is an IP or IPv6 address optionally followed by a slash and the
prefix length. If the length of the prefix is missing, ip assumes a full-length
host route. There is also a special PREFIXdefault - which is
equivalent to IP 0/0 or to IPv6 ::/0.
tosTOS
dsfieldTOS
the Type Of Service (TOS) key. This key has no associated mask and the longest
match is understood as: First, compare the TOS of the route and of the packet.
If they are not equal, then the packet may still match a route with a zero TOS.
TOS is either an 8 bit hexadecimal number or an identifier from /etc/iproute2/rt_dsfield.
metricNUMBER
preferenceNUMBER
the preference value of the route. NUMBER is an arbitrary 32bit number.
tableTABLEID
the table to add this route to. TABLEID may be a number or a string
from the file /etc/iproute2/rt_tables. If this parameter is omitted,
ip assumes the main table, with the exception of local
, broadcast and nat routes, which are put into the local
table by default.
devNAME
the output device name.
viaADDRESS
the address of the nexthop router. Actually, the sense of this field depends
on the route type. For normal unicast routes it is either the true next
hop router or, if it is a direct route installed in BSD compatibility mode,
it can be a local address of the interface. For NAT routes it is the first address
of the block of translated IP destinations.
srcADDRESS
the source address to prefer when sending to the destinations covered by
the route prefix.
realmREALMID
the realm to which this route is assigned. REALMID may be a number
or a string from the file /etc/iproute2/rt_realms.
mtuMTU
mtu lockMTU
the MTU along the path to the destination. If the modifier lock is
not used, the MTU may be updated by the kernel due to Path MTU Discovery. If
the modifier lock is used, no path MTU discovery will be tried, all packets
will be sent without the DF bit in IPv4 case or fragmented to MTU for IPv6.
windowNUMBER
the maximal window for TCP to advertise to these destinations, measured
in bytes. It limits maximal data bursts that our TCP peers are allowed to send
to us.
rttNUMBER
the initial RTT ('Round Trip Time') estimate.
rttvarNUMBER(2.3.15+ only)
the initial RTT variance estimate.
ssthreshNUMBER(2.3.15+ only)
an estimate for the initial slow start threshold.
cwndNUMBER(2.3.15+ only)
the clamp for congestion window. It is ignored if the lock flag is
not used.
initcwndNUMBER
The maximum initial congestion window (cwnd) size in MSS of a TCP connection.
advmssNUMBER(2.3.15+ only)
the MSS ('Maximal Segment Size') to advertise to these destinations when
establishing TCP connections. If it is not given, Linux uses a default value
calculated from the first hop device MTU. (If the path to these destination
is asymmetric, this guess may be wrong.)
reorderingNUMBER(2.3.15+ only)
Maximal reordering on the path to this destination. If it is not given,
Linux uses the value selected with sysctl variable net/ipv4/tcp_reordering.
nexthopNEXTHOP
the nexthop of a multipath route. NEXTHOP is a complex value with
its own syntax similar to the top level argument lists:
viaADDRESS - is the nexthop router.
devNAME - is the output device.
weightNUMBER - is a weight for this element of a multipath route
reflecting its relative bandwidth or quality.
scopeSCOPE_VAL
the scope of the destinations covered by the route prefix. SCOPE_VAL
may be a number or a string from the file /etc/iproute2/rt_scopes. If
this parameter is omitted, ip assumes scope global for all gatewayed
unicast routes, scope link for direct unicast and broadcast
routes and scope host for local routes.
protocolRTPROTO
the routing protocol identifier of this route. RTPROTO may be a number
or a string from the file /etc/iproute2/rt_protos. If the routing protocol
ID is not given, ip assumes protocol boot (i.e. it assumes the route
was added by someone who doesn't understand what they are doing). Several protocol
values have a fixed interpretation. Namely:
redirect - the route was installed due to an ICMP redirect.
kernel - the route was installed by the kernel during autoconfiguration.
boot - the route was installed during the bootup sequence. If a routing
daemon starts, it will purge all of them.
static - the route was installed by the administrator to override dynamic
routing. Routing daemon will respect them and, probably, even advertise them to
its peers.
ra - the route was installed by Router Discovery protocol.
The rest of the values are not reserved and the administrator is free to
assign (or not to assign) protocol tags.
onlink
pretend that the nexthop is directly attached to this link, even if it does
not match any interface prefix.
equalize
allow packet by packet randomization on multipath routes. Without this modifier,
the route will be frozen to one selected nexthop, so that load splitting will
only occur on per-flow base. equalize only works if the kernel is patched.
ip route delete - delete route
ip route del has the same arguments as ip route add, but their
semantics are a bit different.
Key values (to, tos, preference and table) select
the route to delete. If optional attributes are present, ip verifies
that they coincide with the attributes of the route to delete. If no route with
the given key and attributes was found, ip route del fails.
ip route show - list routes
the command displays the contents of the routing tables or the route(s)
selected by some criteria.
toSELECTOR(default)
only select routes from the given range of destinations. SELECTOR
consists of an optional modifier (root, match or exact)
and a prefix. rootPREFIX selects routes with prefixes not shorter
than PREFIX. F.e. root0/0 selects the entire routing table.
matchPREFIX selects routes with prefixes not longer than PREFIX.
F.e. match10.0/16 selects 10.0/16, 10/8 and
0/0, but it does not select 10.1/16 and 10.0.0/24. And
exactPREFIX (or just PREFIX) selects routes with this exact
prefix. If neither of these options are present, ip assumes root0/0 i.e. it lists the entire table.
tosTOS
dsfieldTOS only select routes with the given TOS.
tableTABLEID
show the routes from this table(s). The default setting is to show
tablemain.TABLEID may either be the ID of a real table
or one of the special values:
all - list all of the tables.
cache - dump the routing cache.
cloned
cached
list cloned routes i.e. routes which were dynamically forked from other routes
because some route attribute (f.e. MTU) was updated. Actually, it is equivalent
to table cache.
fromSELECTOR
the same syntax as for to, but it binds the source address range
rather than destinations. Note that the from option only works with cloned
routes.
protocolRTPROTO
only list routes of this protocol.
scopeSCOPE_VAL
only list routes with this scope.
typeTYPE
only list routes of this type.
devNAME
only list routes going via this device.
viaPREFIX
only list routes going via the nexthop routers selected by PREFIX.
srcPREFIX
only list routes with preferred source addresses selected by PREFIX.
realmREALMID
realmsFROMREALM/TOREALM
only list routes with these realms.
ip route flush - flush routing tables
this command flushes routes selected by some criteria.
The arguments have the same syntax and semantics as the arguments of ip
route show, but routing tables are not listed but purged. The only difference
is the default action: show dumps all the IP main routing table but
flush prints the helper page.
With the -statistics option, the command becomes verbose. It prints
out the number of deleted routes and the number of rounds made to flush the
routing table. If the option is given twice, ip route flush also dumps
all the deleted routes in the format described in the previous subsection.
ip route get - get a single route
this command gets a single route to a destination and prints its contents
exactly as the kernel sees it.
toADDRESS(default)
the destination address.
fromADDRESS
the source address.
tosTOS
dsfieldTOS
the Type Of Service.
iifNAME
the device from which this packet is expected to arrive.
oifNAME
force the output device on which this packet will be routed.
connected
if no source address (option from) was given, relookup the route
with the source set to the preferred address received from the first lookup.
If policy routing is used, it may be a different route.
Note that this operation is not equivalent to ip route show. show
shows existing routes. get resolves them and creates new clones if necessary.
Essentially, get is equivalent to sending a packet along this path. If
the iif argument is not given, the kernel creates a route to output packets
towards the requested destination. This is equivalent to pinging the destination
with a subsequent ip route ls cache, however, no packets are actually
sent. With the iif argument, the kernel pretends that a packet arrived
from this interface and searches for a path to forward the packet.
ip rule - routing policy database management
Rules in the routing policy database control the route selection algorithm.
Classic routing algorithms used in the Internet make routing decisions based
only on the destination address of packets (and in theory, but not in practice,
on the TOS field).
In some circumstances we want to route packets differently depending not only
on destination addresses, but also on other packet fields: source address, IP protocol,
transport protocol ports or even packet payload. This task is called 'policy routing'.
To solve this task, the conventional destination based routing table, ordered
according to the longest match rule, is replaced with a 'routing policy database'
(or RPDB), which selects routes by executing some set of rules.
Each policy routing rule consists of a selector and an action predicate.
The RPDB is scanned in the order of increasing priority. The selector of each rule
is applied to {source address, destination address, incoming interface, tos, fwmark}
and, if the selector matches the packet, the action is performed. The action predicate
may return with success. In this case, it will either give a route or failure indication
and the RPDB lookup is terminated. Otherwise, the RPDB program continues on the
next rule.
Semantically, natural action is to select the nexthop and the output device.
At startup time the kernel configures the default RPDB consisting of three rules:
1.
Priority: 0, Selector: match anything, Action: lookup routing table local
(ID 255). The local table is a special routing table containing high
priority control routes for local and broadcast addresses.
Rule 0 is special. It cannot be deleted or overridden.
2.
Priority: 32766, Selector: match anything, Action: lookup routing table
main (ID 254). The main table is the normal routing table containing
all non-policy routes. This rule may be deleted and/or overridden with other
ones by the administrator.
3.
Priority: 32767, Selector: match anything, Action: lookup routing table
default (ID 253). The default table is empty. It is reserved for
some post-processing if no previous default rules selected the packet. This
rule may also be deleted.
Each RPDB entry has additional attributes. F.e. each rule has a pointer
to some routing table. NAT and masquerading rules have an attribute to select
new IP address to translate/masquerade. Besides that, rules have some optional
attributes, which routes have, namely realms. These values do not override
those contained in the routing tables. They are only used if the route did not
select any attributes.
The RPDB may contain rules of the following types:
unicast - the rule prescribes to return the route found in the routing
table referenced by the rule.
blackhole - the rule prescribes to silently drop the packet.
unreachable - the rule prescribes to generate a 'Network is unreachable'
error.
prohibit - the rule prescribes to generate 'Communication is administratively
prohibited' error.
nat - the rule prescribes to translate the source address of the IP
packet into some other value.
ip rule add - insert a new rule
ip rule delete - delete a rule
typeTYPE(default)
the type of this rule. The list of valid types was given in the previous
subsection.
fromPREFIX
select the source prefix to match.
toPREFIX
select the destination prefix to match.
iifNAME
select the incoming device to match. If the interface is loopback, the rule
only matches packets originating from this host. This means that you may create
separate routing tables for forwarded and local packets and, hence, completely
segregate them.
tosTOS
dsfieldTOS
select the TOS value to match.
fwmarkMARK
select the fwmark value to match.
priorityPREFERENCE
the priority of this rule. Each rule should have an explicitly set unique
priority value.
tableTABLEID
the routing table identifier to lookup if the rule selector matches.
realmsFROM/TO
Realms to select if the rule matched and the routing table lookup succeeded.
Realm TO is only used if the route did not select any realm.
natADDRESS
The base of the IP address block to translate (for source addresses). The
ADDRESS may be either the start of the block of NAT addresses (selected
by NAT routes) or a local host address (or even zero). In the last case the
router does not translate the packets, but masquerades them to this address.
Warning: Changes to the RPDB made with these commands do not become
active immediately. It is assumed that after a script finishes a batch of updates,
it flushes the routing cache with ip route flush cache.
ip rule flush - also dumps all the deleted rules.
This command has no arguments.
ip rule show - list rules
This command has no arguments.
ip maddress - multicast addresses management
maddress objects are multicast addresses.
ip maddress show - list multicast addresses
devNAME(default)
the device name.
ip maddress add - add a multicast address
ip maddress delete - delete a multicast address
these commands attach/detach a static link layer multicast address to listen
on the interface. Note that it is impossible to join protocol multicast groups
statically. This command only manages link layer addresses.
addressLLADDRESS(default)
the link layer multicast address.
devNAME
the device to join/leave this multicast address.
ip mroute - multicast routing cache management
mroute objects are multicast routing cache entries created by a user level
mrouting daemon (f.e. pimd or mrouted ).
Due to the limitations of the current interface to the multicast routing engine,
it is impossible to change mroute objects administratively, so we may only
display them. This limitation will be removed in the future.
ip mroute show - list mroute cache entries
toPREFIX(default)
the prefix selecting the destination multicast addresses to list.
iifNAME
the interface on which multicast packets are received.
fromPREFIX
the prefix selecting the IP source addresses of the multicast route.
ip tunnel - tunnel configuration
tunnel objects are tunnels, encapsulating packets in IPv4 packets and
then sending them over the IP infrastructure.
ip tunnel add - add a new tunnel
ip tunnel change - change an existing tunnel
ip tunnel delete - destroy a tunnel
nameNAME(default)
select the tunnel device name.
modeMODE
set the tunnel mode. Three modes are currently available: ipip,
sit and gre.
remoteADDRESS
set the remote endpoint of the tunnel.
localADDRESS
set the fixed local address for tunneled packets. It must be an address
on another interface of this host.
ttlN
set a fixed TTL N on tunneled packets. N is a number in the
range 1--255. 0 is a special value meaning that packets inherit the TTL value.
The default value is: inherit.
tosT
dsfieldT
set a fixed TOS T on tunneled packets. The default value is: inherit.
devNAME
bind the tunnel to the device NAME so that tunneled packets will
only be routed via this device and will not be able to escape to another device
when the route to endpoint changes.
nopmtudisc
disable Path MTU Discovery on this tunnel. It is enabled by default. Note
that a fixed ttl is incompatible with this option: tunnelling with a fixed ttl
always makes pmtu discovery.
keyK
ikeyK
okeyK
( only GRE tunnels ) use keyed GRE with key K. K is
either a number or an IP address-like dotted quad. The key parameter
sets the key to use in both directions. The ikey and okey parameters
set different keys for input and output.
csum, icsum, ocsum
( only GRE tunnels ) generate/require checksums for tunneled packets.
The ocsum flag calculates checksums for outgoing packets. The icsum
flag requires that all input packets have the correct checksum. The csum
flag is equivalent to the combination icsum ocsum.
seq, iseq, oseq
( only GRE tunnels ) serialize packets. The oseq flag enables
sequencing of outgoing packets. The iseq flag requires that all input
packets are serialized. The seq flag is equivalent to the combination
iseq oseq. It isn't work. Don't use it.
ip tunnel show - list tunnels
This command has no arguments.
ip monitor and rtmon - state monitoring
The ip utility can monitor the state of devices, addresses and routes
continuously. This option has a slightly different format. Namely, the monitor
command is the first in the command line and then the object list follows:
ip monitor [ all | LISTofOBJECTS ]
OBJECT-LIST is the list of object types that we want to monitor. It may
contain link, address and route. If no file argument
is given, ip opens RTNETLINK, listens on it and dumps state changes in the
format described in previous sections.
If a file name is given, it does not listen on RTNETLINK, but opens the file
containing RTNETLINK messages saved in binary format and dumps them. Such a history
file can be generated with the rtmon utility. This utility has a command
line syntax similar to ip monitor. Ideally, rtmon should be started
before the first network configuration command is issued. F.e. if you insert:
rtmon file /var/log/rtmon.log
in a startup script, you will be able to view the full history later.
Certainly, it is possible to start rtmon at any time. It prepends
the history with the state snapshot dumped at the moment of starting.
History
ip was written by Alexey N. Kuznetsov and added in Linux 2.2.
See Also
tc(8)
IP Command reference ip-cref.ps
IP tunnels ip-cref.ps
For years & years we have been using 'ifconfig'
command to perform network related tasks like checking network
interfaces or configuring them. But 'ifconfig' is no longer being
maintained & has been deprecated on the recent versions of Linux.
'ifconfig' command has been replaced with 'ip'
command.
'ip' command is somewhat similar to 'ifconfig' command but
it's much more powerful with much more functionalities attached to it.
'ip' command is able to perform several tasks which were not possible
to perform with 'ifconfig' command.
In this tutorial, we are going to discuss 12 most common uses for
'ip' command, so let's get going,
The ip command is used to assign an address to a network interface and/or configure network interface parameters on Linux operating
systems. This command replaces old good and now deprecated ifconfig command on modern Linux distributions.
Find out which interfaces are configured on the system.
Query the status of a IP interface.
Configure the local loop-back, Ethernet and other IP interfaces.
Mark the interface as up or down.
Configure and modify default and static routing.
Set up tunnel over IP.
Show ARP or NDISC cache entry.
Assign, delete, set up IP address, routes, subnet and other IP information to IP interfaces.
List IP Addresses and property information.
Manage and display the state of all network.
Gather multicast IP addresses info.
Show neighbor objects i.e. ARP cache, invalidate ARP cache, add an entry to ARP cache and more.
Set or delete routing entry.
Find the route an address (say 8.8.8.8 or 192.168.2.24) will take.
Modify the status of interface.
Purpose
Use this command to display and configure the network parameters for host interfaces.
Syntax
ip OBJECT COMMAND
ip [options] OBJECT COMMAND
ip OBJECT help
Understanding ip command OBJECTS syntax
OBJECTS can be any one of the following and may be written in full or abbreviated form:
Object
Abbreviated form
Purpose
link
l
Network device.
address
a addr
Protocol (IP or IPv6) address on a device.
addrlabel
addrl
Label configuration for protocol address selection.
neighbour
n neigh
ARP or NDISC cache entry.
route
r
Routing table entry.
rule
ru
Rule in routing policy database.
maddress
m maddr
Multicast address.
mroute
mr
Multicast routing cache entry.
tunnel
t
Tunnel over IP.
xfrm
x
Framework for IPsec protocol.
To get information about each object use help command as follows:
ip OBJECT help
ip OBJECT h
ip a help
ip r help
Warning : The commands described below must be executed with care. If you make a mistake, you will loos connectivity to the server.
You must take special care while working over the ssh based remote session.
ip command examples
Don't be intimidated by ip command syntax. Let us get started quickly with examples.
Displays info about all network interfaces
Type the following command to list and show all ip address associated on on all network interfaces: ip a
OR ip addr
Sample outputs:
Fig.01 Showing IP address assigned to eth0, eth1, lo using ip command
You can select between IPv4 and IPv6 using the following syntax:
### Only show TCP/IP IPv4 ##
ip -4 a
### Only show TCP/IP IPv6 ###
ip -6 a
It is also possible to specify and list particular interface TCP/IP details:
### Only show eth0 interface ###
ip a show eth0
ip a list eth0
ip a show dev eth0
### Only show running interfaces ###
ip link ls up
Assigns the IP address to the interface
The syntax is as follows to add an IPv4/IPv6 address: ip a add {ip_addr/mask} dev {interface}
To assign 192.168.1.200/255.255.255.0 to eth0, enter: ip a add 192.168.1.200/255.255.255.0 dev eth0
OR ip a add 192.168.1.200/24 dev eth0
ADDING THE BROADCAST ADDRESS ON THE INTERFACE
By default, the ip command does not set any broadcast address unless explicitly requested. So syntax is as follows to set broadcast
ADDRESS: ip addr add brd {ADDDRESS-HERE} dev {interface}
ip addr add broadcast {ADDDRESS-HERE} dev {interface}
ip addr add broadcast 172.20.10.255 dev dummy0
It is possible to use the special symbols such as + and - instead of the broadcast address by setting/resetting
the host bits of the interface pre x. In this example, add the address 192.168.1.50 with netmask 255.255.255.0 (/24) with standard
broadcast and label "eth0Home" to the interface eth0: ip addr add 192.168.1.50/24 brd + dev eth0 label eth0Home
You can set loopback address to the loopback device lo as follows: ip addr add 127.0.0.1/8 dev lo brd + scope host
Remove / Delete the IP address from the interface
The syntax is as follows to remove an IPv4/IPv6 address: ip a del {ipv6_addr_OR_ipv4_addr} dev {interface}
To delete 192.168.1.200/24 from eth0, enter: ip a del 192.168.1.200/24 dev eth0
Flush the IP address from the interface
You can delete or remote an IPv4/IPv6 address one-by-one as
described above . However,
the flush command can remove as flush the IP address as per given condition. For example, you can delete all the IP addresses from
the private network 192.168.2.0/24 using the following command: ip -s -s a f to 192.168.2.0/24
Sample outputs:
2: eth0 inet 192.168.2.201/24 scope global secondary eth0
2: eth0 inet 192.168.2.200/24 scope global eth0
*** Round 1, deleting 2 addresses ***
*** Flush is complete after 1 round ***
You can disable IP address on all the ppp (Point-to-Point) interfaces: ip -4 addr flush label "ppp*"
Here is another example for all the Ethernet interfaces: ip -4 addr flush label "eth*"
How do I change the state of the device to UP or DOWN?
The syntax is as follows: ip link set dev {DEVICE} {up|down}
To make the state of the device eth1 down, enter: ip link set dev eth1 down
To make the state of the device eth1 up, enter: ip link set dev eth1 up
How do I change the txqueuelen of the device?
You can set the
length of the transmit queue of the device using ifconfig command or ip command as follows: ip link set txqueuelen {NUMBER} dev {DEVICE}
In this example, change the default txqueuelen from 1000 to 10000 for the eth0: ip link set txqueuelen 10000 dev eth0
ip a list eth0
How do I change the MTU of the device?
For gigabit networks
you can set maximum transmission units (MTU) sizes (JumboFrames) for better network performance. The syntax is: ip link set mtu {NUMBER} dev {DEVICE}
To change the MTU of the device eth0 to 9000, enter: ip link set mtu 9000 dev eth0
ip a list eth0
Sample outputs:
2: eth0: mtu 9000 qdisc pfifo_fast state UP qlen 1000
link/ether 00:08:9b:c4:30:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth1
inet6 fe80::208:9bff:fec4:3030/64 scope link
valid_lft forever preferred_lft forever
Display neighbour/arp cache
The syntax is: ip n show
ip neigh show
Sample outputs (note: I masked out some data with alphabets):
74.xx.yy.zz dev eth1 lladdr 00:30:48:yy:zz:ww REACHABLE
10.10.29.66 dev eth0 lladdr 00:30:48:c6:0a:d8 REACHABLE
74.ww.yyy.xxx dev eth1 lladdr 00:1a:30:yy:zz:ww REACHABLE
10.10.29.68 dev eth0 lladdr 00:30:48:33:bc:32 REACHABLE
74.fff.uu.cc dev eth1 lladdr 00:30:48:yy:zz:ww STALE
74.rr.ww.fff dev eth1 lladdr 00:30:48:yy:zz:ww DELAY
10.10.29.65 dev eth0 lladdr 00:1a:30:38:a8:00 REACHABLE
10.10.29.74 dev eth0 lladdr 00:30:48:8e:31:ac REACHABLE
The last field show the the state of the " neighbour unreachability detection " machine for this entry:
STALE The neighbour is valid, but is probably already unreachable, so the kernel will try to check it at the first transmission.
DELAY A packet has been sent to the stale neighbour and the kernel is waiting for confirmation.
REACHABLE The neighbour is valid and apparently reachable.
Add a new ARP entry
The syntax is: ip neigh add {IP-HERE} lladdr {MAC/LLADDRESS} dev {DEVICE} nud {STATE}
In this example, add a permanent ARP entry for the neighbour 192.168.1.5 on the device eth0: ip neigh add 192.168.1.5 lladdr 00:1a:30:38:a8:00 dev eth0 nud perm
Where,
neighbour state (nud)
meaning
permanent
The neighbour entry is valid forever and can be only be removed administratively
noarp
The neighbour entry is valid. No attempts to validate this entry will be made but it can be removed when its lifetime expires.
stale
The neighbour entry is valid but suspicious. This option to ip neigh does not change the neighbour state if it was valid
and the address is not changed by this command.
reachable
The neighbour entry is valid until the reachability timeout expires.
Delete a ARP entry
The syntax to invalidate or delete an ARP entry for the neighbour 192.168.1.5 on the device eth1 is as follows. ip neigh del {IPAddress} dev {DEVICE}
ip neigh del 192.168.1.5 dev eth1
CHANGE ARE STATE TO REACHABLE FOR THE NEIGHBOUR 192.168.1.100 ON THE DEVICE ETH1
ip neigh chg 192.168.1.100 dev eth1 nud reachable
Flush ARP entry
This flush or f command flushes neighbour/arp tables, by specifying some condition. The syntax is: ip -s -s n f {IPAddress}
In this example, flush neighbour/arp table ip -s -s n f 192.168.1.5
OR ip -s -s n flush 192.168.1.5
ip route: Routing table management commands
Use the following command to manage or manipulate the kernel routing table.
Show routing table
To display the contents of the routing tables: ip r
ip r list
ip route list
ip r list [options]
ip route
Sample outputs:
default via 192.168.1.254 dev eth1
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.10
Display routing for 192.168.1.0/24: ip r list 192.168.1.0/24
Sample outputs:
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.10
Add a new route
The syntax is: ip route add {NETWORK/MASK} via {GATEWAYIP}
ip route add {NETWORK/MASK} dev {DEVICE}
ip route add default {NETWORK/MASK} dev {DEVICE}
ip route add default {NETWORK/MASK} via {GATEWAYIP}
The syntax is as follows to delete default gateway: ip route del default
In this example, delete the route created in
previous subsection : ip route del 192.168.1.0/24 dev eth0
Old vs. new tool
Deprecated Linux command and their replacement cheat sheet:
Old command (Deprecated)
New command
ifconfig -a
ip a
ifconfig enp6s0 down
ip link set enp6s0 down
ifconfig enp6s0 up
ip link set enp6s0 up
ifconfig enp6s0 192.168.2.24
ip addr add 192.168.2.24/24 dev enp6s0
ifconfig enp6s0 netmask 255.255.255.0
ip addr add 192.168.1.1/24 dev enp6s0
ifconfig enp6s0 mtu 9000
ip link set enp6s0 mtu 9000
ifconfig enp6s0:0 192.168.2.25
ip addr add 192.168.2.25/24 dev enp6s0
netstat
ss
netstat -tulpn
ss -tulpn
netstat -neopa
ss -neopa
netstat -g
ip maddr
route
ip r
route add -net 192.168.2.0 netmask 255.255.255.0 dev enp6s0
ip route add 192.168.2.0/24 dev enp6s0
route add default gw 192.168.2.254
ip route add default via 192.168.2.254
arp -a
ip neigh
arp -v
ip -s neigh
arp -s 192.168.2.33 1:2:3:4:5:6
ip neigh add 192.168.3.33 lladdr 1:2:3:4:5:6 dev enp6s0
I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising
revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft takes a lot
of my time and hard work to produce. If everyone who reads nixCraft, who likes it, helps fund it, my future would be more secure.
You can donate as little as $1 to support nixCraft:
Can you please comment if it is possible to configure a point-to-point interface using the "ip" command set? I am especially
looking to change the broadcast nature of an eth interface (the link encap and network type) to behave as point-to-point link.
At the same time I don't want to use the PPP, or ay other protocol.
How save configuration for after reboot?
there are for example ip route save, but its in binary and mostly useless.
ip command need to have ip xxx dump, with make valid ip calls to make same configuration. same as iptables have iptables-save.
now, in ages of cloud, we need json interface, so we can all power of ip incorporate in couble easy steps to REST interface.
Example 1: Checking network
information for interfaces ( LAN Cards )
To check the network information like IP address, Subnet etc for
the interfaces, use 'ip addr show' command
[linuxtechi@localhost]$ ip addr show
or
[linuxtechi@localhost]$ ip a s
This will show network information related to all interfaces
available on our system, but if we want to view same information for
single interface, command is
[linuxtechi@localhost]$ ip addr show enp0s3
where enp0s3 is the name of the interface.
Example 2: Enabling & disabling
a network interface
To enable a disable
network interface, 'ip' command used is
[linuxtechi@localhost]$ sudo ip link set enp0s3 up
& to disable the network interface we will use 'down' trigger,
[linuxtechi@localhost]$ sudo ip link set enp0s3 down
Example 3: Assigning IP address
& other network information to an interface
To assign IP address to interface, we will use
[linuxtechi@localhost]$ sudo ip addr add 192.168.0.50/255.255.255.0 dev enp0s3
We can also set broadcast address to interface with 'ip' command.
By default no broadcast address is set, so to set a broadcast address
command is
[linuxtechi@localhost]$ sudo ip addr add broadcast 192.168.0.255 dev enp0s3
We can also set standard broadcast address along with IP address by
using the following command,
[linuxtechi@localhost]$ sudo ip addr add 192.168.0.10/24 brd + dev enp0s3
As shown in the above example, we can also use 'brd' in place on
'broadcast' to set broadcast ip address.
Example 4: Removing IP address
from interface
If we want to flush or remove the assigned IP from interface, then
the beneath ip command
[linuxtechi@localhost]$ sudo ip addr del 192.168.0.10/24 dev enp0s3
Example 5: Adding an Alias for
an interface (enp0s3)
To add an alias i.e. assign more than one IP to an interface,
execute below command
[linuxtechi@localhost]$ sudo ip addr add 192.168.0.20/24 dev enp0s3 label enp0s3:1
Example 6: Checking route or
default gateway information
Checking routing information shows us the route a packet will take
to reach the destination. To check the network routing information,
execute the following command,
[linuxtechi@localhost]$ ip route show
In the output we will see the routing information for packets for
all the network interfaces. We can also get the routing information to
a particular ip using,
[linuxtechi@localhost]$ sudo ip route get 192.168.0.1
Example 7: Adding a static route
If we want to change the default route taken by packets, we can do
so with IP command. To assign a default gateway, use following 'ip
route' command
[linuxtechi@localhost]$ sudo ip route add default via 192.168.0.150/24
So now all network packets will travel via 192.168.0.150 as opposed
to old default route. For changing the default route for a single
interface & to make change route further, execute
[linuxtechi@localhost]$ sudo ip route add 172.16.32.32 via 192.168.0.150/24 dev enp0s3
Example 8: Removing a static
route
To remove the a previously changes default route, open terminal &
run,
[linuxtechi@localhost]$ sudo ip route del 192.168.0.150/24
Note:- Changes made to default route using the
above mentioned commands are only temporary & all changes will be lost
after a system has been restarted. To make a persistence route change,
we need to modify / create route-enp0s3 file . Add the following line
to it, demonstration is shown below
[linuxtechi@localhost]$ sudo vi /etc/sysconfig/network-scripts/route-enp0s3
172.16.32.32 via 192.168.0.150/24 dev enp0s3
Save and Exit the file.
If you are using Ubuntu or debian based OS, than the location of
the file is '/etc/network/interfaces' and add the
line "ip route add 172.16.32.32 via 192.168.0.150/24 dev enp0s3" to
the bottom of the file.
Example 9: Checking all ARP
entries
ARP, short for 'Address Resolution Protocol' , is
used to convert an IP address to physical address (also known as MAC
address) & all the IP and their corresponding MAC details are stored
in a table known as ARP cache.
To view entries in ARP cache i.e. MAC addresses of the devices
connected in LAN, the IP command used is
[linuxtechi@localhost]$ ip neigh
Example 10: Modifying ARP
entries
To delete an ARP entry, the command used is
[linuxtechi@localhost]$ sudo ip neigh del 192.168.0.106 dev enp0s3
or if we want to add a new entry to ARP cache, the command is
[linuxtechi@localhost]$ sudo ip neigh add 192.168.0.150 lladdr 33:1g:75:37:r3:84 dev enp0s3 nud perm
where nud means neighbour state,
it can be
perm permanent & can only be removed by
administrator,
noarp entry is valid but can be removed
after lifetime expires,
stale entry is valid but suspicious,
reachable entry is valid until timeout
expires.
Example 11: Checking network
statistics
With 'ip' command we can also view the network statistics like
bytes and packets transferred, errors or dropped packets etc for all
the network interfaces. To view network statistics, use 'ip -s
link' command
[linuxtechi@localhost]$ ip -s link
Example 12: How to get help
If you want to find a option which is not listed in above examples,
then you can look for help. In Fact you can use help for all the
commands. To list all available options that can be used with 'ip'
command, use
[linuxtechi@localhost]$ ip help
Remember that 'ip' command is very important command for Linux
admins and it should be learned and mastered to configure network with
ease. That's it for now, please do provide your suggestions & leave
your queries in the comment box below.
The Last but not LeastTechnology is dominated by
two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt.
Ph.D
FAIR USE NOTICEThis site contains
copyrighted material the use of which has not always been specifically
authorized by the copyright owner. We are making such material available
to advance understanding of computer science, IT technology, economic, scientific, and social
issues. We believe this constitutes a 'fair use' of any such
copyrighted material as provided by section 107 of the US Copyright Law according to which
such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free)
site written by people for whom English is not a native language. Grammar and spelling errors should
be expected. The site contain some broken links as it develops like a living tree...
You can use PayPal to to buy a cup of coffee for authors
of this site
Disclaimer:
The statements, views and opinions presented on this web page are those of the author (or
referenced source) and are
not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society.We do not warrant the correctness
of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be
tracked by Google please disable Javascript for this site. This site is perfectly usable without
Javascript.
8 comment
cron Error: bad username; while reading /etc/cron.d file on Linux
awk / cut: Skip First Two Fields and Print the Rest of Line
Error while loading shared libraries: libXrender.so.1 on Linux
PHP-fpm Too Many Open Files 24 Error (set open file descriptor limit)
How to use curl command with http/2 on MacOS X
How to use curl command with proxy username/password on Linux/ Unix
How do I unzip multiple / many files under Linux?
PHP Fatal error: Call to undefined function gzinflate()
How to install route command on CentOS / RHEL 7
Bash Shell: Trim Leading White Space From Input Variables
How to install wget on a Debian or Ubuntu Linux
PHP Fatal error: Call to undefined function curl_init() in /home/httpd/a/includes/functions.php(1)
RECENTLY UPDATED
