N days to learn the IP of a linux command

Source: Internet
Author: User
Tags anycast dns names

Use

Show/manipulate routing, devices, policy Routing and tunnels

Usage General format
ip [ OPTIONS ] OBJECT { COMMAND | help }OBJECT := { link | addr | addrlabel | route | rule | neigh | tunnel | maddr | mroute | monitor }OPTIONS := { -V[ersion] | -s[tatistics] | -r[esolve] | -f[amily] { inet | inet6 | ipx | dnet | link } | -o[neline] }
Link format (NIC)
ip link set DEVICE { up | down | arp { on | off } |                    promisc { on | off } |                    allmulticast { on | off } |                    dynamic { on | off } |                    multicast { on | off } |                    txqueuelen PACKETS |                    name NEWNAME |                    address LLADDR | broadcast LLADDR |                    mtu MTU |                    netns PID |                    alias NAME |                    vf NUM [ mac LLADDR ] [ vlan VLANID [ qos VLAN-QOS ] ] [ rate TXRATE ] [ spoofchk { on | off } ] |                  }ip link show [ DEVICE ]
Addr Format (IP address)
ip addr { add | del } IFADDR dev STRINGip addr { show | flush } [ dev STRING ] [ scope SCOPE-ID ] [ to PREFIX ] [ FLAG-LIST ] [ label PATTERN ]IFADDR := PREFIX | ADDR peer PREFIX [ broadcast ADDR ] [ anycast ADDR ] [ label STRING ] [ scope SCOPE-ID ]SCOPE-ID := [ host | link | global | NUMBER ]FLAG-LIST := [ FLAG-LIST ] FLAGFLAG := [ permanent | dynamic | secondary | primary | tentative | deprecated ]
Addrlabel format
ip addrlabel { add | del } prefix PREFIX [ dev DEV ] [ label NUMBER ]ip addrlabel { list | flush }
Route format
IP route {list | flush} selectorip route get ADDRESS [from ADDRESS iif STRING] [oif string] [tos tos]IP Route {A DD | del | Change | Append | Replace | Monitor} Routeselector: = [root PREFIX] [match PREFIX] [exact PREFIX] [table table_id] [proto Rtproto] [type T YPE] [scope scope]route: = Node_spec [info_spec]node_spec: = [TYPE] PREFIX [TOS TOS] [table table_id] [Proto R Tproto] [scope scope] [metric metric]info_spec: = NH OPTIONS FLAGS [nexthop NH] ...  NH: = [via ADDRESS] [dev STRING] [weight number] Nhflagsoptions: = FLAGS [MTU number] [ADVMSS number] [RTT time ] [Rttvar time] [window number] [CWnd number] [Initcwnd number] [Ssthresh realm] [Realms realm] [Rto_min TIM E] [initrwnd number]type: = [Unicast | local | broadcast | multicast | throw | unreachable | prohibit | blackhole | na T]table_id: = [local| main | default | all | Number]scope: = [Host | link | global | Number]flags: = [equalize]nhflags: = [Onlink | Pervasive]rtproto: = [kernel | boot | static | Number]
Rule format
ip rule  [ list | add | del | flush ] SELECTOR ACTIONSELECTOR := [ from PREFIX ] [ to PREFIX ] [ tos TOS ] [ fwmark FWMARK[/MASK] ] [ dev STRING ] [ pref NUMBER ]ACTION := [ table TABLE_ID ] [ nat ADDRESS ] [ realms [SRCREALM/]DSTREALM ]TABLE_ID := [ local | main | default | NUMBER ]
Neigh format
ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR ] [ nud { permanent | noarp | stale | reachable} ] | proxy ADDR } [ dev DEV ]ip neigh { show | flush } [ to PREFIX ] [ dev DEV ] [ nud STATE ]
Tunnel format
ip tunnel { add | change | del | show | prl } [ NAME ]               [ mode MODE ] [ remote ADDR ] [ local ADDR ]               [ [i|o]seq ] [ [i|o]key KEY ] [ [i|o]csum ] ]               [ encaplimit ELIM ] [ ttl TTL ]               [ tos TOS ] [ flowlabel FLOWLABEL ]               [ prl-default ADDR ] [ prl-nodefault ADDR ] [ prl-delete ADDR ]               [ [no]pmtudisc ] [ dev PHYS_DEV ] [ dscp inherit ]MODE :=  { ipip | gre | sit | isatap | ip6ip6 | ipip6 | any }ADDR := { IP_ADDRESS | any }TOS := { NUMBER | inherit }ELIM := { none | 0..255 }TTL := { 1..255 | inherit }KEY := { DOTTED_QUAD | NUMBER }TIME := NUMBER[s|ms]
MADDR format
ip maddr [ add | del ] MULTIADDR dev NAMEip maddr show [ dev NAME ]
Mroute format
ip mroute show [ PREFIX ] [ from PREFIX ] [ iif DEVICE ]
Monitor format
ip monitor [ all | OBJECT-LIST ]
XFRM format
IP xfrm xfrm_object {COMMAND}xfrm_object: = {state | policy | Monitor}IP xfrm State {add | update} ID [xfrm_opt]                [Mode mode]  [Reqid Reqid]  [Seq seq]                [Replay-window SIZE]  [Flag Flag-list]  [EnCap EnCap]                [Sel SELECTOR] [Limit-list]ip xfrm State ALLOCSPI ID [mode mode] [reqid reqid] [seq seq] [min SPI Max SPI]ip xfrm State {D elete |  Get} Idip xfrm State {deleteall | list} [ID] [mode mode] [reqid reqid] [flag flag_list]ip Xfrm State flush [Proto Xfrm_proto]ip XFRM state countid: = [src ADDR] [dst ADDR] [proto Xfrm_proto] [SPI SPI]XF   Rm_proto: = [ESP | ah | comp | route2 | Hao]mode: = [Transport | tunnel | ro | beet] (default=transport) Flag-list: = [Flag-list] Flagflag: = [NOECN | decap-dscp | wildrecv]encap: = Encap-type SPORT dport oaddrencap-type: = ESPINUDP | Espinudp-nonikealgo-list: = [Algo-list] | [ALGO] ALGO: = Algo_type algo_name algo_keyalgO_type: = [Enc | auth | comp]selector: = src Addr[/plen] DST Addr[/plen] [upspec] [Dev dev]upspec: = Proto Proto                [Sport Port] [dport Port] |  [Type number] [Code number]]  Limit-list: = [Limit-list] | [Limit limit] LIMIT: = [[[Time-soft|time-hard|time-use-soft|time-use-hard] SECONDS] | [[Byte-soft|byte-hard] SIZE] | [[Packet-soft|packet-hard] COUNT]ip xfrm Policy {add | update} dir dir SELECTOR [index index] [Ptyp e PTYPE] [action action] [priority priority] [limit-list] [tmpl-list]ip xfrm policy {Delete | g  et} dir dir [SELECTOR | index index] [ptype ptype]ip xfrm policy {deleteall | list} [dir dir] [ SELECTOR] [index index] [action action] [priority priority]IP XFRM policy flush [ptype ptype]i  P xfrm Countptype: = [Main | sub] (default=main) DIR: = [in | out | fwd]selector: = src Addr[/plen] DST Addr[/plen] [ Upspec] [Dev dev]upspec: =Proto Proto [[Sport port] [dport Port] |  [Type number] [Code number]]  ACTION: = [Allow | block] (default=allow) Limit-list: = [Limit-list] | [Limit limit]  LIMIT: = [[[Time-soft|time-hard|time-use-soft|time-use-hard] SECONDS] | [[Byte-soft|byte-hard] SIZE] | [Packet-soft|packet-hard]  Number]tmpl-list: = [Tmpl-list] | [Tmpl Tmpl] TMPL: = ID [mode mode] [reqid reqid] [level level]id: = [src ADDR] [dst ADDR] [proto Xfrm_proto] [SPI S  PI]xfrm_proto: = [ESP | ah | comp | route2 | Hao]mode: = [Transport | tunnel | beet] (default=transport) Level: = [ Required | Use] (default=required) IP xfrm monitor [all | Object-list]
Token format
ip token { COMMAND | help }ip token { set } TOKEN dev DEVip token { get } dev DEVip token { list }
Common options

-V,-version
Print Program version

-S,-stats,-statistics
Output more information, multiple occurrences, more output information

-H,-human,-human-readable
Output information in a way that is suitable for human reading

-iec
Similar to the-H option, the base unit is 1024

-F,-family
Specifies the protocol family used, the value list: inet, Inet6, IPX, dnet, or link, if not specified will be guessed based on the context or use the default protocol family, generally inet. Link is a special family identifier meaning this no networking protocol is involved.
Shorthand form -4 =-F inet, 6 =-F Inet6,-0 =-F link

-O,-oneline
Line display

-R,-resolve
Use the system's name resolver to print DNS names instead of host addresses.

Action Object Description

1 link
-Network device.

2 Address
-Protocol (IP or IPV6) address on a device.

3 Addrlabel
-Label configuration for protocol address selection.

4 neighbour
-ARP or Ndisc cache entry.

5 route
-routing table entry.

6 rule
-rule in Routing policy database.

7 maddress
-Multicast address.

8 Mroute
-Multicast routing cache entry.

9 Tunnel
-Tunnel over IP.

Ten Xfrm
-Framework for IPSEC protocol.

Practice operating the physical NIC

1 displaying network card device information

[[email protected] asia_ucenter]# ip -s link show1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    RX: bytes  packets  errors  dropped overrun mcast       2188533266 2199032  0       0       0       0           TX: bytes  packets  errors  dropped carrier collsns     2188533266 2199032  0       0       0       0       2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000    link/ether 08:00:27:40:a8:72 brd ff:ff:ff:ff:ff:ff    RX: bytes  packets  errors  dropped overrun mcast       12012726   64662    0       0       0       0           TX: bytes  packets  errors  dropped carrier collsns     35491390   77118    0       0       0       0   

2 Turn off or enable the eth0 NIC

# 关闭[[email protected] apk]# ip link set dev eth0 down#开启[[email protected] apk]# ip link set dev eth0 up

3 Enable or disable ARP

# 关闭[[email protected] apk]# ip link set dev eth0 arp off#开启[[email protected] apk]# ip link set dev eth0 arp on

4 Enable or disable multicast

# 关闭[[email protected] apk]# ip link set dev eth0 multicast off#开启[[email protected] apk]# ip link set dev eth0 multicast on

5 Enable or disable the dynamic acquisition of IP (do not know this means?) >_<)
Dynamic on or dynamic off
(Change the DYNAMIC flag on the device.)

6 Modifying the NIC name
Name Name
(The network card is running or other configuration is used to the old name, not recommended changes)

7 Set the Send Queue Length
Mode One: Txqueuelen number
Mode two: Txqlen number

8 Setting the network card device Maximum transmission unit
MTU Number

9 Setting the network card physical address
Address lladdress

10 Set broadcast address related (do not know is this mean?) >_<)
Broadcast Lladdress

BRD lladdress

Peer Lladdress
(Change the link layer broadcast address or the peer address when the interface is pointopoint.)

11 Setting up Virtual route forwarding
Netns PID
(Move the device to the network namespace associated with the process PID.)

12 Setting device aliases
Alias NAME

IP address operation

1 eth0 Device add local ip:10.0.2.5, label name ETH0:0, broadcast address

[[email protected] apk]# ip addr add dev eth0:0 local 10.0.2.5/24 brd + label eth0:0

2 Remove the previously added IP, the parameters need to be the same as before

[[email protected] apk]# ip addr delete dev eth0:0 local 10.0.2.5/24 brd - label eth0:0

3 Displaying IP address information

ip address show - look at protocol addresses       dev NAME (default)              name of device.       scope SCOPE_VAL              only list addresses with this scope.       to PREFIX              only list addresses matching this prefix.       label PATTERN              only list addresses with labels matching the PATTERN.  PATTERN is a usual shell style pattern.       primary and secondary              only list primary (or secondary) addresses.

4 Delete the IP address, the filter condition is the same as the display, cautious operation

ip addr flush arg1 arg2
Neighbor (neighbour)/arp table management

1 Adding a Neighbor node information

[[email protected] apk]# ip neighbour add to 10.0.2.6 dev eth0 lladdr 22:33:aa:33:44:dd nud stale# 邻居节点状态说明permanent     - the neighbour entry is valid forever and can be only be removed administratively.noarp     - the neighbour entry is valid. No attempts to validate this entry will be made but  it  can be removed when its lifetime expires.reachable     - the neighbour entry is valid until the reachability timeout expires.stale      - the neighbour entry is valid but suspicious.  This option to ip neigh does not change the neighbour state if it was valid and the address is not changed by this command.

2 Neighbor node failure: IP 10.0.2.6, node with device name eth0

[[email protected] apk]# ip neighbour delete to 10.0.2.6 dev eth0

3 Show Neighbor Node list, filter parameters and add the same

[[email protected] apk]# ip neighbour list10.0.2.6 dev eth0  FAILED10.0.2.1 dev eth0 lladdr 52:54:00:12:35:00 STALE10.0.2.3 dev eth0 lladdr 08:00:27:4e:35:c1 STALE10.0.2.2 dev eth0 lladdr 52:54:00:12:35:00 REACHABLE

4 Delete Neighbor nodes, filter parameters and add, no filtering parameters, do not do processing
Note: A failure status cannot be removed B after performing this operation, still can see (do not know what is the reason?). >_<)

[[email protected] apk]# ip -s neighbour flush to 10.0.2.6 dev eth0*** Round 1, deleting 1 entries ****** Flush is complete after 1 round ***

5 Change the existing neighbor node ip:10.0.2.6, the physical network card address is: 22:33:AA:33:44:DD, the device name is: eth0 status is stale

[[email protected] apk]# ip -s neighbour change to 10.0.2.6 dev eth0 lladdr 22:33:aa:33:44:dd nud stale
Routing Table Management

1 description
Route type

Unicast-the route entry describes real paths to the destinations covered by the route prefix.unreachable-the  SE Destinations is unreachable.  Packets is discarded and the ICMP message host unreachable is generated. The local senders get an Ehostunreach Error.blackhole-these destinations is unreachable.  Packets is discarded silently. The local senders get an EINVAL Error.prohibit-these destinations is unreachable. Packets is discarded and the ICMP message communication administratively prohibited is generated. The local senders get an eacces error.local-the destinations is assigned to this host. The packets is looped back and delivered locally.broadcast-the destinations is broadcast addresses. The packets is sent as Link Broadcasts.throw-a Special control route used together with policy rules. If such a route is selected, the lookup in this table is terminated pretending the no route was found. Without Policy Routing it is EQuivalent to the absence of the route in the routing table. The packets is dropped and the ICMP message net unreachable is generated. The local senders get an Enetunreach error.nat-a special NAT route.  Destinations covered by the prefix is considered to being dummy (or external) addresses which require translation to real (or Internal) ones before forwarding.  The addresses to translate to is selected with the attribute via. Warning:route NAT is no longer supported in Linux 2.6.anycast-not implemented the destinations is anycast addres Ses assigned to this host. They is mainly equivalent to local with one Difference:such addresses is invalid when used as the source address of Any PACKET.MULTICAST-A special type used for multicast routing. It is not a present in normal routing tables.

2 other, here to steal a lazy, the parameter list is too many, the instructions directly see the command help document it:)

Other types of management

Routing policy, xfrm network security framework, token, monitoring object status, etc.

Resources

"0" Man IP
"1" Linux Network namespace Learning
1190000004059167
"2" Linux IP command use example (GO)
Http://www.cnblogs.com/bamboo-talking/archive/2013/01/10/2855306.html
Simple analysis of "3" Linux xfrm overall framework
6978229
"4" One NIC binds multiple IPs and multiple NICs with one IP setting
Http://www.cnblogs.com/dkblog/archive/2011/07/26/2117383.html
"5" Neighbor table (neighbour table) issues
Https://wenku.baidu.com/view/39fc2d0c581b6bd97f19ea19.html
"6" A router routing table filling exercises, the answer can not understand
https://segmentfault.com/q/1010000002234926
"7" Windows routing table detailed
Https://www.cnblogs.com/croso/p/5309553.html

N days to learn the IP of a linux command

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.