Network Basics – The ip Command
Network Basics – The ip Command
Network commands like ifconfig and route are still popular with users even though they are far past their prime. Their successor, ip, provides the capabilities of several legacy tools with a single, unified syntax.
Humans are creatures of habit: We like to perform sequences of tasks in a familiar order with familiar tools. Given the human desire to stick with what is known, it is little wonder that outdated commands continue in common usage. For instance, many users still rely on the ifconfig
, route
, and arp
network utilities from the net-tools package, even through a capable successor existing in the form of the ip
command, which is part of the iproute2 package [1]. The ip
command was introduced in 1999, along with the .NET4.0 framework, which included support for the IPv6 network protocol in Kernel 2.2.
Current distributions like Ubuntu 18.04 no longer install net-tools [2] by default. If necessary, you could set up the familiar net-tools collection with sudo apt install net-tools
on a Debian-based system. But before you do, consider whether this might be the perfect time to get some experience with ip
instead. The old tools use the same libraries that ip
uses, but they will not see any new features. The future belongs to ip
.
Getting an Overview
The ip
command has the following syntax:
ip [Option (s)] Object Command [Argument(s)]]
The following command:
ip link show
or ip link
for short (or even shorter ip l
) – without admin privileges – outputs a list of all available network cards (Listing 1). In this case, link
acts as object and show
as command. If a command is missing, ip
assumes that you mean show
. The command also allows abbreviations and synonyms, such as ip link ls
.
Listing 1
Outputting Network Cards
The output in Listing 1 shows that the cards enp4s0
and wlp2s0
are inactive. The UP
flag is missing. The vboxnet0
card represents a virtual network interface used by VirtualBox. To additionally display the network addresses, you just need to enter addr
as the object or simply a
instead of link
(Figure 1). The first example in Figure 1 restricts the output to the enp0s31f6
device.
The output from the first command ip addr show
shows both the IPv4 address (inet
) and the IPv6 address (inet6
). The Ethernet address (link/ether
) also appears with ip link
.
ip
can display statistical information that helps with troubleshooting if you pass in the -s
option (see the second command in Figure 1). If you are interested in the routes or the contents of the ARP cache, use ip route show
or ip neighbour show
(Figure 2).
All examples shown so far work without root privileges. You can also use ip
to change the network configuration, but you'll need administrative privileges. To create a virtual network card named dummy0
, type the command ip link add dummy0 type dummy
.
Then activate the virtual device with the ip link set dummy0 up
command. When executing these commands, the system should automatically load the kernel module required for this function. If this does not work, you can load it manually with modprobe dummy
(Figure 3).
If you assign several IP addresses to a network card, the classic ifconfig
command generates network devices with names of the type Device:0
, Device:1
, and so on. The ip
command is similar but uses the label
parameter to assign the alias names (Listing 2).
Listing 2
Assigning an Alias
You can use this name later in iptables scripts, for example, which greatly simplifies the task of creating firewall rules. When choosing the label, you do not necessarily have to follow the form Device:Number
. The identifier only has to start with the name of the network card and can end with any character string. The list is colon-separated.
Under Pseudonym
Before you change network card names with ip
, you should first deactivate the device to avoid side effects. To rename the dummy device dummy0
to test0
, type the lines from Listing 3.
Listing 3
Renaming the Dummy Device
If you want to delete IP addresses, you can use the commands ip addr del IP_address dev device_name
or ip addr flush dev device_name
. The first command removes a single address; the second command removes all addresses of a network card.
Be careful – if you delete the primary IP address of a network card, you automatically remove all the secondary addresses. Figure 4 shows a secondary IP address labeled dummy0:test
. It appears in the output of ip addr show dummy0
as secondary dummy0:test
.
Routing by Rules
Setting up routes to other networks is somewhat different in ip
than with the legacy route
tool. You can activate the default route with the following command:
ip route add default via 192.168.178.1
The via
switch defines the router to use to reach the destination (in this example the default path). To specifically set up a host or network route, replace default
and specify the appropriate information; for example the following command:
ip route add 10.0.0.0/24 via 192.168.178.1
for a path to the network 10.0.0.0/24
.
A classic router analyzes the path to the destination IP address using its routing table. Advanced routing or policy routing, on the other hand, allows a wide range of adaptations. The Linux kernel manages up to 256 different routing tables. Rules defined by the admin stipulate for which packets the system consults which routing table.
You can display the current rules with the ip rule show
command (Figure 4). In the example, the machine forwards packets from 10.0.0.7 via NAT (map-to
). Packets tagged 0x5
by the iptables firewall are processed via Table number 6; packets from sender address 10.0.0.5 are processed via Table 5.
The number in the first column specifies the order in which the system processes the rules. If a package matches a rule, the packet is forwarded using the route associated with the rule. If the table contains a valid route for the package (such as the default route), the system terminates the comparison and sends the package along that route. Otherwise it continues with the remaining routes.
You can also identify tables using names. The name main
represents the main routing table that the route
command outputs. You can name other tables using the /etc/iproute2/rt_tables
file (Listing 4). The routing tables with the numbers 0, 254, and 255 are reserved for the system (lines 1 to 5). The corresponding names also appear in the display of ip rule show
.
Listing 4
rt_tables
A naming system makes it easier to use the routing tables. Just specify the table when creating a route:
ip route add default via 192.168.0.5 table internal
Clever policy routing helps to solve seemingly unsolvable problems. For example, companies often work with two network connections: a leased line with a fixed IP address and a DSL connection. Each port uses its own router. One goal of the configuration could be to handle all Internet browsing traffic via DSL and to reserve the leased line for VPN and email (Figure 5). This configuration works perfectly with ip
.
First, iptables tags all browsing traffic on the firewall connected to the two routers (Listing 5, first line). An ip
command then ensures that the system processes all selected packages using its own table. In this table, you then enter the DSL router (192.168.0.254 in the example) as the default gateway.
Listing 5
Setting Up the Firewall
The firewall now flags each connection to ports 80 (HTTP) or 443 (HTTPS) using the 0x80
flag. Because of this rule, the computer processes the packet in the routing table with the name web
and sends it to the default gateway 192.168.0.254 (the DSL router).
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.