iproute2
iproute2 is a collection of tools combined under a single command that is used to manipulate the IP network configuration ( IPv4 and IPv6 ) of a Linux system.
The original author is Alexey Kuznetsov (known for his QoS implementation in the Linux kernel), the current maintainer is Stephen Hemminger. iproute2 uses Linux 'netlink interface to communicate directly with the kernel.
iproute2 was developed as a replacement for the "classic" network tools such as ifconfig , route etc. It combines all configuration options that were previously handled by these separate programs in the ip command . The classic commands are being replaced by iproute2.
In addition, part of the packet of the command tc , which is used to control network traffic ( t raffic c ontrol ).
syntax
The individual parts of iproute2 are addressed in the following way, here using the example of address . The name can be shortened as long as it is clear:
ip addr [befehl] [argumente]
To work with IPv6, call ip as follows:
ip -6 addr [befehl] [argumente]
command is another sub-command with arguments n. help always outputs a kind of syntax help , here ip addr help :
Usage: ip addr {add|change|replace} IFADDR dev STRING [ LIFETIME ]
[ CONFFLAG-LIST ]
ip addr del IFADDR dev STRING
ip addr {show|flush} [ dev STRING ] [ scope SCOPE-ID ]
[ to PREFIX ] [ FLAG-LIST ] [ label PATTERN ]
IFADDR := PREFIX | ADDR peer PREFIX
[ broadcast ADDR ] [ anycast ADDR ]
[ label STRING ] [ scope SCOPE-ID ]
SCOPE-ID := [ host | link | global | NUMBER ]
FLAG-LIST := [ FLAG-LIST ] FLAG
FLAG := [ permanent | dynamic | secondary | primary |
tentative | deprecated | dadfailed | temporary |
CONFFLAG-LIST ]
CONFFLAG-LIST := [ CONFFLAG-LIST ] CONFFLAG
CONFFLAG := [ home | nodad ]
LIFETIME := [ valid_lft LFT ] [ preferred_lft LFT ]
LFT := forever | SECONDS
As can be seen from this, arguments are mostly couples like
dev INTERFACE
For complete sample commands see section #Examples .
Parts
- address
- manipulates the IP addresses of the interfaces (network interfaces) and other parameters such as broadcast addresses, multicast ...
- link
- manipulates the network interfaces on the Ethernet level. Allows settings such as promiscuous mode on / off, ARP on / off, or the MAC address to be changed.
- maddr
- changes, removes, shows or sets multicast addresses at Ethernet and IP level.
- monitor
- shows changes to the network interfaces (for example NDP router advertisements or ARP messages that provide information about addresses and routes)
- mroute
- Information on multicast routing tables
- neighbor
- manipulates and shows ARP and NDP tables.
- netns
- manages network namespaces
- ntable
- informs about NDP and ARP tables
- route
- manipulates, shows and sets IP routes (replacement for route )
- rule
- manipulates rules in the routing policy database RPDB, which defines which routing tables are used for which subnets
- tunnel
- creates, changes and deletes IP tunnels (e.g. tunnel broker -p41 tunnel)
- tuntap
- manipulates TUN / TAP interfaces
Examples
For a better understanding, here are a few examples that could occur in everyday use:
Assignment of a fixed IP address and configuration of the routing table
ip addr add 10.10.1.1/16 broadcast 10.10.255.255 dev eth0 ip route add default via 10.10.0.0
Creating a SIT tunnel (IPv6 over IPv4), see tunnel broker
ip tunnel add sit0 mode sit remote 192.0.2.32 local 10.10.4.2 ttl 255 ip link set sit0 up ip -6 route add ::/0 dev sit0
Display of the routing and neighbors tables
ip route show ip neigh show
Forging the MAC address
ip link set dev eth0 address aa:bb:cc:dd:ee:ff
Web links
- IP Command Reference, Alexey N. Kuznetsov Institute for Nuclear Research, Moscow; April 14, 1999 (English)
- Introduction to iproute2
- iproute2 documentation (PDF; 513 kB)