In Linux we have many way to work on interface level. Mostly Linux users use ifconfig command to display and configure interface configuration. But it deprecated and in new Linux version, it replaced with IP command. So in this post we will see how we can work on IP command to check and configure various aspects of Linux interfaces.

SetUP

IP could work on mainly all Linux distributions now days. We will going to work for IP on CentOS 6.10 Machine, which also has ip command installed by-default. Even on latest version like CentOS7 support IP command.

Source rpm used to install for IP command in linux

[root@srv1 ~]# rpm -qf /sbin/ip
iproute-2.6.32-57.el6.x86_64
# cat /etc/redhat-release 
CentOS release 6.10 (Final)

# uname  -r
2.6.32-754.3.5.el6.x86_64

# ip -V
ip utility, iproute2-ss091226

IP command also work on Ubuntu and other Nix distributions as well

root@jarvis:~# lsb_release -d
Description:	Ubuntu 18.04.1 LTS

root@jarvis:~# uname -r
4.15.0-33-generic

root@jarvis:~# ip -V
ip utility, iproute2-ss180129

Let’s check what all important features we have through IP command

1. Identify configured interfaces on the system.
2. Check IP interface status.
3. Mark the interface as up or down.
4. Display and configure on IP routing
5. Configure tunnel over IP.
6. Show ARP.
7. Configure IP address over interfaces, such as deletion, assignation and setup
8. Show multi-cast information

Syntax

Syntax used for IP command

ip [ OPTIONS ] OBJECT { COMMAND | help }

Like above shows in Syntax , we could use some shortcuts for these various options and Objects, if we run ip command without any option it will show some of them like below

[root@srv1 ~]# ip
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |
                   tunnel | maddr | mroute | mrule | monitor | xfrm | token }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec |
                    -f[amily] { inet | inet6 | ipx | dnet | link } |
                    -o[neline] | -t[imestamp] | -b[atch] [filename] |
                    -rc[vbuf] [size]}

To get help, we can easily use same stuff that we just did above.

ip l help
ip r help
ip a help

We Just used abbreviation only, you can use complete options word as well, will effect same. While running above help i hope you get to know that it has nice help provided within ip command itself,

It give basic understanding, how we could manage these options with some shortcuts abbreviations, which is easy to use in daily life.

ip command has many options to use which provide wide area to work on Linux network. As mentioned in Syntax above IP command has options, objects , commands to work on and help to get details on any of them. Let’s start work on it with some basic usage.

IP Address of Interface

Ip command could provide IP address detail of an interface, vlans, interface aliases, virtual interfaces. We could find this in many ways like in below command.

ip a
ip addr

Through above command we could display IP Address of all interfaces. We could further filter things in such way that only specific interfaces or type could display only like below

 Display ipv4 address only
ip -4 a 

 Display ipv6 address only
ip -6 a

In case we like to see only one interface out many assigned on machine.

Syntax

# ip add show INTERFACE

Example

[root@srv1 ~]# ip add show eth1
3: eth1:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.110/24 brd 192.168.123.255 scope global eth1
    inet6 fe80::5054:ff:fe3e:bd02/64 scope link 
       valid_lft forever preferred_lft forever

So in above command output, we can see it shows Interface IP address with its state UP.

We can also assign IP address through same command, like below.

[root@srv1 ~]# ip a list eth1
3: eth1:  mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff

[root@srv1 ~]# ip a add 192.168.123.100/24 dev eth1

3: eth1:  mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.100/24 scope global eth1

In case you need to add interface alias, can do like below command

[root@srv1 ~]# ip a add 192.168.123.101/24 dev eth1 label eth1:1
[root@srv1 ~]# ip a show eth1
3: eth1:  mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.100/24 scope global eth1
    inet 192.168.123.101/24 scope global secondary eth1:1

While deleting same primary interface and alias of same we just need to mention IP that need to delete from interface, it will delete whatever interface contain that IP, either secondary or primary like below.

[root@srv1 ~]# ip a show eth1
3: eth1:  mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.171/24 scope global eth1
    inet 192.168.123.172/24 scope global secondary eth1:1

[root@srv1 ~]# ip a del 192.168.123.172/24 dev eth1

[root@srv1 ~]# ip a show eth1
3: eth1:  mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.171/24 scope global eth1

Above we delete alias IP address assigned on, same could use to delete primary interface IP address.

In case like to see these interface information in one line use -o options like below.

[root@srv1 ~]# ip  -o a show eth1
3: eth1:  mtu 1500 qdisc pfifo_fast state UP qlen 1000\    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
3: eth1    inet 192.168.123.171/24 scope global eth1
3: eth1    inet 192.168.123.172/24 scope global secondary eth1:1
3: eth1    inet6 fe80::5054:ff:fe3e:bd02/64 scope link \       valid_lft forever preferred_lft forever

we can also see colour output as well through IP command with -c option like below

Flush Ip address

In case we need to flush all Ip address from interface

[root@srv1 ~]# ip a show eth1
3: eth1:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.123.171/24 scope global eth1
    inet 192.168.123.172/24 scope global secondary eth1:1
[root@srv1 ~]# ip a flush dev eth1

[root@srv1 ~]# ip a show eth1
3: eth1:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff

In case you like to see details while deleting it

[root@srv1 ~]# ip -s  -s a flush dev eth1
3: eth1    inet 192.168.123.172/24 scope global secondary eth1:1
3: eth1    inet 192.168.123.171/24 scope global eth1

*** Round 1, deleting 2 addresses ***
*** Flush is complete after 1 round ***

If you need to flush all from host, below is trick that i used sometime.

[root@srv1 ~]# ip -s -s a f to 0/0
2: eth0    inet 192.168.123.151/24 brd 192.168.123.255 scope global secondary eth0
2: eth0    inet 192.168.123.150/24 brd 192.168.123.255 scope global secondary eth0
3: eth1    inet 192.168.123.172/24 scope global secondary eth1:1
1: lo    inet 127.0.0.1/8 scope host lo
2: eth0    inet 192.168.123.170/24 brd 192.168.123.255 scope global eth0
3: eth1    inet 192.168.123.171/24 scope global eth1

*** Round 1, deleting 6 addresses ***
*** Flush is complete after 1 round ***

In case need to flush some network IP address from various

Can also flush specific IP Address, where ever it assign.

ip -s -s n f 192.168.123.112
192.168.123.112 dev virbr0 lladdr 52:54:00:3e:bd:01 used 135/135/106 probes 4 STALE

*** Round 1, deleting 1 entries ***
*** Flush is complete after 1 round ***

Change Interface status

Could use to change interface state like below.

[root@srv1 ~]# ip link set eth1 up
eth1: link up, 100Mbps, full-duplex, lpa 0x05E1

Same could use for down as well

ip link set eth1 down

Increase or decrease txqueuelen

We can also increase or decrease txqueuelen on interface level, like below.

3: eth1:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
[root@srv1 ~]# ip link set eth1 txqueuelen 10000
[root@srv1 ~]# ip link show eth1
3: eth1:  mtu 1500 qdisc pfifo_fast state UP qlen 10000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff

Increase or Decrease MTU

Can also increase or decrease MTU (maximum transmission unit) through IP command.

[root@srv1 ~]# ip link show eth1
3: eth1:  mtu 1500qdisc pfifo_fast state UP qlen 10000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff
[root@srv1 ~]# ip link set eth1 mtu 2000
eth1: link up, 100Mbps, full-duplex, lpa 0x05E1
[root@srv1 ~]# ip link show eth1
3: eth1:  mtu 2000 qdisc pfifo_fast state UP qlen 10000
    link/ether 52:54:00:3e:bd:02 brd ff:ff:ff:ff:ff:ff

Manage ARP

Can also check and work on arp of machine.

 ip n show
192.168.43.1 dev wlp2s0 lladdr 4c:49:e3:6e:e8:75 REACHABLE
192.168.123.171 dev virbr0 lladdr 52:54:00:3e:bd:01 STALE
192.168.123.170 dev virbr0 lladdr 52:54:00:3e:bd:01 STALE
fe80::e1f4:e3bc:bc12:4dee dev wlp2s0 lladdr 4c:49:e3:6e:e8:75 router REACHABLE
fe80::1089:4ff:fed9:ce17 dev wlp2s0 lladdr 4c:49:e3:6e:e8:75 router REACHABLE

Last column show status of arp machine, those could have below values and description.sometime these are also called nud (neighbour unreachability detection).

  • none — the state of the neighbour is void.
  • incomplete — the neighbour is in the process of resolution.
  • :

  • reachable — the neighbour is valid and apparently reachable.
  • stale — the neighbour is valid, but is probably already unreachable, so the kernel will try to check it at the first transmission.
  • delay — a packet has been sent to the stale neighbour and the kernel is waiting for confirmation.
  • probe — the delay timer expired but no confirmation was received. The kernel has started to probe the neighbour with ARP/NDISC messages.
  • failed — resolution has failed.
  • noarp — the neighbour is valid. No attempts to check the entry will be made.
  • permanent — it is a noarp entry, but only the administrator may remove the entry from the neighbour table.

We could delete old and add new ARP entries like below in machine or for particular interface as well

 ip ne show dev wlp2s0 
192.168.43.1 lladdr 4c:49:e3:6e:e8:75 REACHABLE
fe80::e1f4:e3bc:bc12:4dee lladdr 4c:49:e3:6e:e8:75 router STALE
fe80::1089:4ff:fed9:ce17 lladdr 4c:49:e3:6e:e8:75 router STALE

▶ ip ne del 192.168.43.1 dev wlp2s0 ip ne show dev wlp2s0
fe80::e1f4:e3bc:bc12:4dee lladdr 4c:49:e3:6e:e8:75 router STALE
fe80::1089:4ff:fed9:ce17 lladdr 4c:49:e3:6e:e8:75 router STALE

To delete all ARP on machine.

ip -s -s n flush all
192.168.43.1 dev wlp2s0 lladdr 4c:49:e3:6e:e8:75 ref 1 used 132/8/127 probes 1 REACHABLE
192.168.123.170 dev virbr0 lladdr 52:54:00:3e:bd:01 used 986/945/913 probes 4 STALE
fe80::e1f4:e3bc:bc12:4dee dev wlp2s0 lladdr 4c:49:e3:6e:e8:75 router ref 1 used 129/5/129 probes 1 REACHABLE
fe80::1089:4ff:fed9:ce17 dev wlp2s0 lladdr 4c:49:e3:6e:e8:75 router ref 1 used 22/21/21 probes 1 REACHABLE

*** Round 1, deleting 4 entries ***
*** Flush is complete after 1 round ***

In same way we can add it as well as like below.

ip ne add 192.168.43.1 lladdr 4c:49:e3:6e:e8:75 dev wlp2s0

▶ ip ne show dev wlp2s0                                     
192.168.43.1 lladdr 4c:49:e3:6e:e8:75 PERMANENT
fe80::e1f4:e3bc:bc12:4dee lladdr 4c:49:e3:6e:e8:75 router REACHABLE
fe80::1089:4ff:fed9:ce17 lladdr 4c:49:e3:6e:e8:75 router REACHABLE

We can also changed its state from permanent to reachable.

 ip ne chg 192.168.43.1 dev wlp2s0 nud reachable

▶ ip ne show dev wlp2s0                          
192.168.43.1 lladdr 4c:49:e3:6e:e8:75 REACHABLE

We can also flush complete ARP of host or interface, i suggest only be done in case you know what you doing, Deleting arp could cause some drops.

ip n f 192.168.123.170

or 

ip -s -s -n -f 192.168.123.170

or 

ip -s -s -n -f dev eth0

Managing Routing table

We can also see, add and delete Linux routing table through IP command.

Syntax

ip r

ip r l

ip r sh

Example

▶ ip r
default via 192.168.43.1 dev wlp2s0 proto dhcp metric 600 
169.254.0.0/16 dev virbr0 scope link metric 1000 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
192.168.43.0/24 dev wlp2s0 proto kernel scope link src 192.168.43.47 metric 600
192.168.123.0/24 dev virbr0 proto kernel scope link src 192.168.123.1 

We can add new route

ip route add NETWORK dev DEVICE-interface

ip route add NETWORK via GATEWAY dev DEVICE-interface

ip route add -net 

In same way we can delete route as well.Deleting route could cause unreachable for some destination.

ip r del default

or 

ip r del NETWORK dev DEVICE-interface

We can also see possible route for any destination like below.

▶  ip r get 54.239.33.92
54.239.33.92 via 192.168.43.1 dev wlp2s0 src 192.168.43.47 uid 0 
    cache