First, the role
Linux IP commands are similar to ifconfig, but IP commands are more powerful, and IP is a network configuration tool in the IPROUTE2 software package that uses permissions for Superuser, which is used to display or manipulate Linux hosts for routing, devices, policy routing, and Tunneling.
Second, usage
IP [OPTIONS] OBJECT {COMMAND | help}
IP [-force]-batch filename
OBJECT: = {link | address | addrlabel | route | rule | neigh | ntable | tunnel |
Tuntap | maddress | Mroute | Mrule | Monitor | xfrm | Netns | L2TP |
Tcp_metrics | Token}
OPTIONS: = {-v[ersion] |-h[uman-readable] |-s[tatistics] |-d[etails] |
-r[esolve] | -iec | -f[amily] {inet | inet6 | ipx | dnet | link} | -4 |
-6 | -I. | -D | -B | -0 | -l[oops] {maximum-addr-flush-attempts} |
-o[neline] | -RC[VBUF] [size] | -t[imestamp] | -ts[hort] | -N[ETNS] Name
| -A[LL]}
1. Options: is the option to modify the IP behavior or change its output. All options start with a-character, and are divided into two forms: long and short.
-v,-version Print the IP version and exit.
-h,-human,-human-readable output statistic system, readability.
-s,-stats,-statistics output more detailed information. If this option occurs two or more times, the output information will be more detailed.
-d,-details output for more detailed information
-f,-family This option is followed by protocol types, including inet, Inet6, or link, which emphasize the type of protocol used. If there is not enough information to tell the IP about the protocol type used, the IP will use the default value inet or any. Link is special, which means that no network protocols are involved.
-4 is a shorthand for-family inet.
-6 is a shorthand for-family Inet6.
-0 is a shorthand for-family link.
-o,-oneline uses a single-line output for each row of records, and the return line is replaced with characters. This option is used if you need to process the output of the IP using tools such as WC, grep, and so on.
-r,-resolve Query the domain name resolution system, replace the host IP address with the host name obtained
2, object: Is you want to manage or obtain information objects, IP awareness of the objects include:
Link Network devices
Address of protocol (IP or IPV6) for a device
Neighbour Arp or NDISC buffer entry
Route route Table Entry
Rules in the Rule Routing policy database
Maddress Multicast Address
Mroute Multicast route buffer entry
Tunnel IP Tunnel IP
In addition, all the object names can be abbreviated, for example: address can be abbreviated to addr, or even a.
3. COMMAND: Sets the action performed on the specified object, which is related to the type of the object. In general, IP support objects are added (add), deleted, and displayed (show or list). Some objects do not support these operations, or there are other commands. For all objects, the user can use the Help command for assistance. This command lists the syntax of commands and arguments supported by this object. If you do not specify an action command for an object, IP uses the default command. In general, the default command is list, and if the object cannot be listed, the Help command is executed.
Third, examples
1, IP link set--Change the properties of the device. Abbreviation: Set, S
Example 1:up/down starting/shutting down the device.
# IP link set dev eth0 up
This equals the traditional #ifconfig eth0 up (down)
Example 2: Change the length of the device transmission queue.
Parameter: Txqueuelen number or Txqlen number
#ip Link Set dev eth0 txqueuelen 100
Example 3: Change the value of the network device MTU (maximum transmission unit).
#ip Link Set dev eth0 MTU 1500
Example 4: Modify the MAC address of a network device.
Parameter: Address lladdress
#ip Link Set dev eth0 address 00:01:4f:00:15:f1
2, IP link show--display device properties. Abbreviation: show, list, LST, sh, LS, l
The-s option occurs two or more times, and IP outputs more detailed error information statistics.
Example: # ip-s-S link ls eth0
ETH0:MTU Qdisc CBQ Qlen 100
Link/ether 00:a0:cc:66:18:78 BRD FF:FF:FF:FF:FF:FF
Rx:bytes packets Errors dropped overrun Mcast
2449949362 2786187 0 0 0 0
RX Errors:length CRC Frame FIFO missed
0 0 0) 0 0
Tx:bytes packets errors dropped carrier Collsns
178558497 1783946 332 0 332 35172
TX errors:aborted FIFO window heartbeat
0 0 0 332
This command equals the traditional ifconfig eth0.
3, IP address add--Add a new protocol address. Abbreviation: Add, a
Example 1: Set a string for each address as a label. To be compatible with Linux-2.0 's network aliases, this string must start with the device name, followed by a colon,
# IP Addr Add local 192.168.4.1/28 BRD + label Eth0:1 Dev eth0
Example 2: Add an address 192.168.20.0 on the Ethernet interface eth0, a mask length of 24 bits (155.155.155.0), a standard broadcast address, and a label of Eth0:alias:
# IP Addr Add 192.168.4.2/24 brd + dev eth1 label eth1:1
This command equals the traditional: Ifconfig eth1:1 192.168.4.2
4, IP address delete--Delete a protocol address. Abbreviation: Delete, Del, D
# IP Addr del 192.168.4.1/24 BRD + dev eth0 label eth0:alias1
5, IP Address show--display protocol address. Abbreviation: show, list, LST, sh, LS, l
# IP Addr ls eth0
6, IP Address flush--Clear protocol address. Abbreviation: Flush, F
Example 1: Delete all addresses that belong to the private network 10.0.0.0/8:
# ip-s-S a f to 10/8
Example 2: Canceling the IP address of all Ethernet cards
# ip-4 Addr Flush Label "eth0"
7. IP neighbour--neighbour/arp Table Management command
Abbreviations neighbour, neighbor, Neigh, n
command Add, change, replace, delete, Fulsh, show (or list)
8. IP neighbour Add--Adds a new adjacency entry
IP neighbour change--Modifying an existing entry
IP neighbour replace--Replace an existing entry
Abbreviations: Add, A;change, Chg;replace, REPL
Example 1: On the device eth0, add a permanent ARP entry for address 10.0.0.3:
# IP neigh add 10.0.0.3 lladdr 0:0:0:0:0:1 dev eth0 nud Perm
Example 2: Change the status to reachable
# ip neigh chg 10.0.0.3 dev eth0 nud reachable
9. IP neighbour delete--Delete an adjacency entry
Example 1: Remove an ARP entry on the device eth0 10.0.0.3
# ip neigh del 10.0.0.3 dev eth0
10, IP neighbour show--display the information of the network neighbor. Abbreviation: show, list, sh, ls
Example 1: # ip-s n ls 193.233.7.254
193.233.7.254. Dev eth0 lladdr 00:00:0c:76:3f:85 ref 5 used 12/13/20 Nud reachable
11.. IP neighbour flush--to clear the adjacency entry. Abbreviation: Flush, F
Example 1: (-S can show more information)
# ip-s-S n F 193.233.7.254
12. Routing Table Management
Starting with Linux-2.2, the kernel induces routes into many routing tables, which are numbered and numbered in the range 1 to 255. Also, for convenience, you can name the routing table in/etc/iproute2/rt_tables.
By default, all routes will be inserted into the table main (number 254). In a routing query, the kernel uses only the routing table main.
IP route Add--Add a new route
IP route Change--Modify route
IP route Replace-replaces existing routes
Abbreviations: Add, A;change, Chg;replace, REPL
Example 1: Set the route to the network 10.0.0/24 through the gateway 193.233.7.65
# IP route add 10.0.0/24 via 193.233.7.65
Example 2: Modify the direct route to the network 10.0.0/24 so that it passes through the device dummy
# ip route chg 10.0.0/24 Dev Dummy
Example 3: Implement link load balancing. Join the default multipath route and let Ppp0 and Ppp1 share the load (note: The scope value is not required, it just tells the kernel,
This route is routed through a gateway rather than directly connected. In fact, if you know the address of the remote endpoint, it's better to use the Via parameter to set it up.
# IP route Add default scope global Nexthop dev ppp0 nexthop Dev ppp1
# IP route replace default scope global nexthop dev ppp0 nexthop Dev ppp1
Example 4: Set up a NAT route. Before forwarding packets from 192.203.80.144, network address translation is performed, and this address is converted to 193.233.7.83
# IP route add Nat 192.203.80.142 via 193.233.7.83
Example 5: Implement packet-level load balancing, allowing packets to be emitted randomly from multiple routes. Weight can set weights.
# IP route replace default equalize nexthop via 211.139.218.145 dev eth0 weight 1 nexthop via 211.139.218.145 Dev eth1 Wei Ght 1
IP Route delete--Delete route
Abbreviation: Delete, Del, D
Example 1: Remove a multipath route joined by the previous section command
# IP route del default scope global nexthop dev ppp0 nexthop Dev ppp1
IP route Show--list routes
Abbreviation: show, list, sh, LS, l
Example 1: Calculate the number of routes using the GATED/BGP protocol
# IP route ls Proto GATED/BGP |WC
1413 9891 79010
Example 2: Calculate the number of bars in the route cache, because the properties of the cached route may be greater than one row, so you need to use the-o option
# ip-o Route LS cloned |WC
159 2543 18707
Example 3: List the routes inside the routing table TableID. The default setting is table Main. TableID is either a real routing table ID or a string defined by the/etc/iproute2/rt_tables file,
or the following special values:
All-Lists the routes for all tables;
Cache--Lists the contents of the route cache.
IP RO ls 193.233.7.82 tab cache
Example 4: Listing the contents of a routing table
# IP route ls table fddi153
Example 5: List the contents of the default routing table
# IP Route ls
This command equals the traditional: route
IP route Flush--Erase route table
Example 1: Remove all gateway routes in the routing table main (example: After the routing monitor hangs):
# ip-4 RO Flush Scope Global type unicast
Example 2: Clear all IPv6 routes that are cloned:
# ip-6-s-s RO flush Cache
Example 3: Clear all BGP routes after the gated program has been hung out:
# ip-s ro F Proto GATED/BGP
Example 4: Clear all IPv4 route cache
# IP route Flush Cache
IPV4 routing cache is flushed.
IP route Get--get a single route. Abbreviation: GET, G
Use this command to obtain a route to the destination address and its exact contents.
The IP route get command and the IP Route show command perform different actions. The IP route Show command simply shows the existing route, and the IP route get command will derive a new route if necessary.
Example 1: Searching for routes to 193.233.7.82
# IP Route Get 193.233.7.82
193.233.7.82 Dev eth0 src 193.233.7.65 Realms inr.ac Cache MTU 300 RTT
Example 2: The Search destination address is 193.233.7.82, from 193.233.7.82, the route that arrives from the eth0 device (this command produces a very interesting route, which is a loopback route to 193.233.7.82)
# IP R g 193.233.7.82 from 193.233.7.82 iif eth0
193.233.7.82 from 193.233.7.82 dev eth0 src 193.233.7.65 Realms inr.ac/inr.ac
Cache <src-direct,redirect> MTU (RTT) IIF eth0
IP route--routing policy Database administration commands
Commands: Add, delete, show (or list)
Note: Policy routing is not equal to the routing policy (rouing).
In some cases, we don't just need to determine the route through the destination address of the packet, but there may also be other domains: The source address, the IP protocol, the Transport layer port, or even the payload of the packet.
This is called: Policy Routing.
IP rule Add-Inserts a new rule
IP Rule Delete--delete rule
Abbreviations: Add, A;delete, Del, D
Example 1: Route a packet from the source address 192.203.80/24 by routing table Inr.ruhep
IP ru add from 192.203.80/24 table Inr.ruhep Prio 220
Example 2: Convert the source address of a datagram with a source address of 193.233.7.83 to 192.203.80.144 and route through table 1
IP ru add from 193.233.7.83 nat 192.203.80.144 table 1 Prio 320
Example 3: Delete a useless default rule
IP ru del prio 32767
IP rule Show--list routing rules
Abbreviation: show, list, sh, LS, l
Example 1: # IP ru ls
0:from All lookup Local
32762:from 192.168.4.89 Lookup fddi153
32764:from 192.168.4.88 Lookup fddi153
32766:from All lookup Main
32767:from All Lookup 253
IP maddress--Multicast address management
Abbreviation: show, list, sh, LS, l
IP maddress Show--list multicast addresses
Example 1: # IP maddr ls Dummy
IP maddress Add-Join a multicast address
IP maddress Delete--Remove multicast address
Abbreviations: Add, A;delete, Del, D
With these two commands, we can add/remove the link-layer multicast address that is listening on the network interface. This command only manages link-layer addresses.
Example 1: Add # ip maddr add 33:33:00:00:00:01 dev Dummy
Example 2: View # ip-o maddr ls Dummy
2:dummy
Link 33:33:00:00:00:01 users 2 static
Link 01:00:5e:00:00:01
Example 3: Remove # ip maddr del 33:33:00:00:00:01 dev Dummy
IP mroute--Multicast routing cache management
IP mroute Show--list multicast route cache entries
Abbreviation: show, list, sh, LS, l
Example 1: View # IP Mroute ls
(193.232.127.6, 224.0.1.39) Iif:unresolved
(193.232.244.34, 224.0.1.40) Iif:unresolved
(193.233.7.65, 224.66.66.66) Iif:eth0 Oifs:pimreg
Example 2: View # ip-s Mr Ls 224.66/16
(193.233.7.65, 224.66.66.66) Iif:eth0 Oifs:pimreg
9383 packets, 300256 bytes
IP tunnel--channel configuration
Abbreviation: Tunnel, TUNL
IP tunnel Add--adding a new channel
IP Tunnel Change-modifies an existing channel
IP Tunnel Delete--Deletes a channel
Abbreviations: Add, A;change, Chg;delete, Del, D
Example 1: Establish a point-to-point channel with a maximum TTL of 32
# IP tunnel Add Cisco mode sit remote 192.31.7.104 local 192.203.80.1 TTL 32
IP tunnel Show--list existing channels
Abbreviation: show, list, sh, LS, l
Example 1: # ip-s TUNL ls Cisco
IP monitor and Rtmon--Status monitoring
IP commands can be used to continuously monitor the status of devices, addresses, and routes. The format of this command option is a bit different, the command option is named Monitor, followed by the operand:
IP monitor [file file] [all | Object-list]
Example 1: # Rtmon File/var/log/rtmon.log
Example 2: # IP monitor File/var/log/rtmon.log r
This article from "Engineerqi" blog, declined reprint!
Linux IP Command Summary