Linux ip route command reference by example


NOTE: All the commands below take effect immediately after you hit Enter, and do NOT survive reboot.

ip address - Manage IP address(es) on interfaces

 ip address show                     #show all IP addresses (also ip ad sh), mtu, MAC addresses
 ip address show ens36               #show IP addresses of a particular interface
 ip address show up                  #only show IPs of those interfaces that are up
 ip address show dynamic|permanent   #show dynamic (DHCP) or static IPv6/IPv4 addresss
 ip address add 192.0.2.1/27 dev ens36   #add a new IP address to the interface

First address you added will be used as SOURCE address for outgoing traffic by default, it is often called primary address . Receiving will do for all added IPs

 ip address add 192.0.2.1/29 dev ens36 label ens36:hahaha  # add IP and label it
 ip address delete 192.0.2.1/29 dev ens36                   # delete Ip address from interface
 ip address flush dev ens36                                 # delete all IPs from an interface

ip route - Manage routing table

If you set up a static route and interface through which it is available goes down - the route is removed from active routing table as well. Also you cannot add route via inaccessible gateways.

 ip route [show] / ip ro    # Show the routing table, includes IPv4 and IPv6
 ip -6 route       # show only IPv6 , which are not shown by def
 ip -4 route
 ip route add default via 10.10.10.1           # Add default route via next hop
 ip route add default dev ens36                # Add default route via interface
 ip route add 0.0.0.0/0 dev ens36              # Add default route via the interface
 ip route delete default dev ens36             # Delete Default route
 ip route show root 192.0.2.0/24       # you can use supernet to include multiple more specific routes to show, i.e. show this net and SMALLER subnets
 ip route show match 192.0.2.0/29      # show routes to this and LARGER nets
 ip route show exact 192.168.13.0/24   # show routes to EXACT network only
 ip route get 192.176.12.1/24          # simulate resolving of a route in real time
 ip route add 192.192.13.1/24 via 10.13.77.1    # Add new route to 192.192.13.1/24 via nexthop
 ip route add 192.192.13.1/24 dev ens36         # Add new route to 192.192.13.1/24 via interface
 ip route delete 192.192.13.1/24 via 10.13.77.1     # Delete specific route
 ip route delete 192.192.13.1/24               # Delete specific route
 ip route change 192.192.13.1/24 dev ens32     # change some params of existing route
 ip route replace 192.192.13.1/24 dev ens36    # replace if exists add if not
 ip -6 route add default via 2001:db8          # Add IPv6 default route
 ip route add blackhole 192.1.1.0/24           # Black hole some route
 ip route add unreachable 10.10.10.0/24        # Block destination route, sends “Host unreachable”
 ip route add prohibit 10.1.1.1/32             # Block destination route, sends ICMP “Administratively prohibited”
 ip route add throw 10.1.1.1/32                       # Block destination route, sends “net unreachable”
 ip route add 10.10.10.0/24 via 10.1.1.1 metric 5     # Add route with custom metrics
 ip route add default nexthop via 10.10.10.1 weight 1 nexthop dev ens33 weight 10 # Add 2 default routes with custom weight, higher weight is preferred

ip link - Link Management

 ip link show | ip link | ip link list     # Show all available interfaces/links
 ip link show ens33      # Show information about specific interface
 ip link set dev eth0 down | up         # Set interface down or up
 ip link set <dev> name <new name>      # Rename/Add alternative name to the interface, 1st bring interface down
 ip link set dev eth0 address 02:11:22:cc:33:11      # Change MAC address of the interface
 ip link set dev tun0 mtu 1480                       # Set MTU size of interface
 ip link delete <dev>                       # Delete interface, relevant to VLAn and bridges only
 ip link set dev ens36 arp off|on         # disable/enable ARP on interface
 ip link set dev ens36 multicast on|off       # disable/enable multicast on interface
 ip link add name eth0.110 link eth0 type vlan id 110      # Add new VLAN 110 on eth0
 ip link add name eth0.100 link eth0 type vlan proto 802.1ad id 100
ip link add name eth0.100.200 link eth0.100 type vlan proto 802.1q id 200
// QinQ encapsulation (available since kernel 3.10)
 ip link add name peth0 link eth0 type macvlan
 ip link add name dummy10 type dummy       # Create new interface
 ip link add name br0 type bridge          # Create bridge interface
ip link set dev eth0 master br0            # Add eth0 to the bridge
ip link set dev eth0 nomaster
 ip link add ifb10 type ifb                #  Intermediate functional block interface

Interface Grouping.

Links not assigned to any group belong to group 0. Group names are stored in /etc/iproute2/group file, up to 255 groups are possible.

 ip link set dev eth0 group 33
 ip link set dev eth0 group 0
 ip link set group 33 down
 ip link set group 33 mtu 1300
 ip link list group 33

ip neighbor - Managing ARP table

 ip neighbor show                 # Show MAC addresses of the neighbors 
 ip -6 neighbor show
 ip neighbor show dev eth0           # show MAC addresses learned on interface eth0
 ip neighbor flush dev eth0          # Delete all cached MAC addresses on interface eth0
 ip neighbor add 192.1.1.1    lladdr 22:33:44:55:ff:11 dev eth0
 ip neighbor delete 192.1.1.1 lladdr 22:33:44:55:ff:11 dev eth0

Tunnel interfaces

IPIP, SIT (IPV6 in IPV4), IP 6IP6 (IPv6 in IPv6), IPIP6 (IPv4 in IPv6), GRE, VTI kernel 3.6 or later (IPv4 in IPSec) Tunnels are created in DOWN state, dont forget to bring them up

 ip tunnel add tun0 mode ipip local 192.0.2.1 remote 198.13.22.12
 ip link set dev tun0 up
 ip address add 10.1.1.1/30 dev tun0
 ip tunnel add tun9 mode sit local 192.0.2.1 remote 198.21.33.13
 ip link set dev tun9 up
 ip addres add 2001:db8:1::1/64

Gretap tunnel - encapsulate ETH into IPv4 , used to connect L2 segments over L3. L2 interface.

 # ip link add gretap0 type gretap local 192.0.2.1 remote 198.21.13.14

GRE

 ip tunnel add tun7 mode gre local 192.0.2.1 remote 197.13.12.1
 ip link set dev tun7 up
 ip address add 192.168.1.1/30 dev tun7
 ip tunnel add tun11 mode gre local 192.0.2.1 key 1234      # GRE point to multipoint
 ip link set dev tun11 up
 ip add add 10.1.1.1/24 dev tun11
 ip neighbor add 10.1.1.2/24 lladdr 192.0.2.1 dev tun11
 ip tunnel delete tun11
 ip tunnel change tun0 remote 194.13.221.1
 ip tunnel show

Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.