Network Basics – The ip Command
Network Basics – The ip Command
Network commands like ifconfig and route are still popular with users even though they are far past their prime. Their successor, ip, provides the capabilities of several legacy tools with a single, unified syntax.
Humans are creatures of habit: We like to perform sequences of tasks in a familiar order with familiar tools. Given the human desire to stick with what is known, it is little wonder that outdated commands continue in common usage. For instance, many users still rely on the ifconfig
, route
, and arp
network utilities from the net-tools package, even through a capable successor existing in the form of the ip
command, which is part of the iproute2 package [1]. The ip
command was introduced in 1999, along with the .NET4.0 framework, which included support for the IPv6 network protocol in Kernel 2.2.
Current distributions like Ubuntu 18.04 no longer install net-tools [2] by default. If necessary, you could set up the familiar net-tools collection with sudo apt install net-tools
on a Debian-based system. But before you do, consider whether this might be the perfect time to get some experience with ip
instead. The old tools use the same libraries that ip
uses, but they will not see any new features. The future belongs to ip
.
Getting an Overview
The ip
command has the following syntax:
ip [Option (s)] Object Command [Argument(s)]]
The following command:
ip link show
or ip link
for short (or even shorter ip l
) – without admin privileges – outputs a list of all available network cards (Listing 1). In this case, link
acts as object and show
as command. If a command is missing, ip
assumes that you mean show
. The command also allows abbreviations and synonyms, such as ip link ls
.
Listing 1
Outputting Network Cards
The output in Listing 1 shows that the cards enp4s0
and wlp2s0
are inactive. The UP
flag is missing. The vboxnet0
card represents a virtual network interface used by VirtualBox. To additionally display the network addresses, you just need to enter addr
as the object or simply a
instead of link
(Figure 1). The first example in Figure 1 restricts the output to the enp0s31f6
device.
The output from the first command ip addr show
shows both the IPv4 address (inet
) and the IPv6 address (inet6
). The Ethernet address (link/ether
) also appears with ip link
.
ip
can display statistical information that helps with troubleshooting if you pass in the -s
option (see the second command in Figure 1). If you are interested in the routes or the contents of the ARP cache, use ip route show
or ip neighbour show
(Figure 2).
All examples shown so far work without root privileges. You can also use ip
to change the network configuration, but you'll need administrative privileges. To create a virtual network card named dummy0
, type the command ip link add dummy0 type dummy
.
Then activate the virtual device with the ip link set dummy0 up
command. When executing these commands, the system should automatically load the kernel module required for this function. If this does not work, you can load it manually with modprobe dummy
(Figure 3).
If you assign several IP addresses to a network card, the classic ifconfig
command generates network devices with names of the type Device:0
, Device:1
, and so on. The ip
command is similar but uses the label
parameter to assign the alias names (Listing 2).
Listing 2
Assigning an Alias
You can use this name later in iptables scripts, for example, which greatly simplifies the task of creating firewall rules. When choosing the label, you do not necessarily have to follow the form Device:Number
. The identifier only has to start with the name of the network card and can end with any character string. The list is colon-separated.
Under Pseudonym
Before you change network card names with ip
, you should first deactivate the device to avoid side effects. To rename the dummy device dummy0
to test0
, type the lines from Listing 3.
Listing 3
Renaming the Dummy Device
If you want to delete IP addresses, you can use the commands ip addr del IP_address dev device_name
or ip addr flush dev device_name
. The first command removes a single address; the second command removes all addresses of a network card.
Be careful – if you delete the primary IP address of a network card, you automatically remove all the secondary addresses. Figure 4 shows a secondary IP address labeled dummy0:test
. It appears in the output of ip addr show dummy0
as secondary dummy0:test
.
Routing by Rules
Setting up routes to other networks is somewhat different in ip
than with the legacy route
tool. You can activate the default route with the following command:
ip route add default via 192.168.178.1
The via
switch defines the router to use to reach the destination (in this example the default path). To specifically set up a host or network route, replace default
and specify the appropriate information; for example the following command:
ip route add 10.0.0.0/24 via 192.168.178.1
for a path to the network 10.0.0.0/24
.
A classic router analyzes the path to the destination IP address using its routing table. Advanced routing or policy routing, on the other hand, allows a wide range of adaptations. The Linux kernel manages up to 256 different routing tables. Rules defined by the admin stipulate for which packets the system consults which routing table.
You can display the current rules with the ip rule show
command (Figure 4). In the example, the machine forwards packets from 10.0.0.7 via NAT (map-to
). Packets tagged 0x5
by the iptables firewall are processed via Table number 6; packets from sender address 10.0.0.5 are processed via Table 5.
The number in the first column specifies the order in which the system processes the rules. If a package matches a rule, the packet is forwarded using the route associated with the rule. If the table contains a valid route for the package (such as the default route), the system terminates the comparison and sends the package along that route. Otherwise it continues with the remaining routes.
You can also identify tables using names. The name main
represents the main routing table that the route
command outputs. You can name other tables using the /etc/iproute2/rt_tables
file (Listing 4). The routing tables with the numbers 0, 254, and 255 are reserved for the system (lines 1 to 5). The corresponding names also appear in the display of ip rule show
.
Listing 4
rt_tables
A naming system makes it easier to use the routing tables. Just specify the table when creating a route:
ip route add default via 192.168.0.5 table internal
Clever policy routing helps to solve seemingly unsolvable problems. For example, companies often work with two network connections: a leased line with a fixed IP address and a DSL connection. Each port uses its own router. One goal of the configuration could be to handle all Internet browsing traffic via DSL and to reserve the leased line for VPN and email (Figure 5). This configuration works perfectly with ip
.
First, iptables tags all browsing traffic on the firewall connected to the two routers (Listing 5, first line). An ip
command then ensures that the system processes all selected packages using its own table. In this table, you then enter the DSL router (192.168.0.254 in the example) as the default gateway.
Listing 5
Setting Up the Firewall
The firewall now flags each connection to ports 80 (HTTP) or 443 (HTTPS) using the 0x80
flag. Because of this rule, the computer processes the packet in the routing table with the name web
and sends it to the default gateway 192.168.0.254 (the DSL router).
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.