Linux ip route command reference by example
- ip address - Manage IP address(es) on interfaces
- ip route - Manage routing table
- ip link - Link Management
- Interface Grouping.
- ip neighbor - Managing ARP table
- Tunnel interfaces
- GRE
NOTE: All the commands below take effect immediately after you hit Enter, and do NOT survive reboot.
ip address - Manage IP address(es) on interfaces
ip address show #show all IP addresses (also ip ad sh), mtu, MAC addresses
ip address show ens36 #show IP addresses of a particular interface
ip address show up #only show IPs of those interfaces that are up
ip address show dynamic|permanent #show dynamic (DHCP) or static IPv6/IPv4 addresss
ip address add 192.0.2.1/27 dev ens36 #add a new IP address to the interface
First address you added will be used as SOURCE address for outgoing traffic by default, it is often called primary address . Receiving will do for all added IPs
ip address add 192.0.2.1/29 dev ens36 label ens36:hahaha # add IP and label it
ip address delete 192.0.2.1/29 dev ens36 # delete Ip address from interface
ip address flush dev ens36 # delete all IPs from an interface
ip route - Manage routing table
If you set up a static route and interface through which it is available goes down - the route is removed from active routing table as well. Also you cannot add route via inaccessible gateways.
ip route [show] / ip ro # Show the routing table, includes IPv4 and IPv6
ip -6 route # show only IPv6 , which are not shown by def
ip -4 route
ip route add default via 10.10.10.1 # Add default route via next hop
ip route add default dev ens36 # Add default route via interface
ip route add 0.0.0.0/0 dev ens36 # Add default route via the interface
ip route delete default dev ens36 # Delete Default route
ip route show root 192.0.2.0/24 # you can use supernet to include multiple more specific routes to show, i.e. show this net and SMALLER subnets
ip route show match 192.0.2.0/29 # show routes to this and LARGER nets
ip route show exact 192.168.13.0/24 # show routes to EXACT network only
ip route get 192.176.12.1/24 # simulate resolving of a route in real time
ip route add 192.192.13.1/24 via 10.13.77.1 # Add new route to 192.192.13.1/24 via nexthop
ip route add 192.192.13.1/24 dev ens36 # Add new route to 192.192.13.1/24 via interface
ip route delete 192.192.13.1/24 via 10.13.77.1 # Delete specific route
ip route delete 192.192.13.1/24 # Delete specific route
ip route change 192.192.13.1/24 dev ens32 # change some params of existing route
ip route replace 192.192.13.1/24 dev ens36 # replace if exists add if not
ip -6 route add default via 2001:db8 # Add IPv6 default route
ip route add blackhole 192.1.1.0/24 # Black hole some route
ip route add unreachable 10.10.10.0/24 # Block destination route, sends “Host unreachable”
ip route add prohibit 10.1.1.1/32 # Block destination route, sends ICMP “Administratively prohibited”
ip route add throw 10.1.1.1/32 # Block destination route, sends “net unreachable”
ip route add 10.10.10.0/24 via 10.1.1.1 metric 5 # Add route with custom metrics
ip route add default nexthop via 10.10.10.1 weight 1 nexthop dev ens33 weight 10 # Add 2 default routes with custom weight, higher weight is preferred
ip link - Link Management
ip link show | ip link | ip link list # Show all available interfaces/links
ip link show ens33 # Show information about specific interface
ip link set dev eth0 down | up # Set interface down or up
ip link set <dev> name <new name> # Rename/Add alternative name to the interface, 1st bring interface down
ip link set dev eth0 address 02:11:22:cc:33:11 # Change MAC address of the interface
ip link set dev tun0 mtu 1480 # Set MTU size of interface
ip link delete <dev> # Delete interface, relevant to VLAn and bridges only
ip link set dev ens36 arp off|on # disable/enable ARP on interface
ip link set dev ens36 multicast on|off # disable/enable multicast on interface
ip link add name eth0.110 link eth0 type vlan id 110 # Add new VLAN 110 on eth0
ip link add name eth0.100 link eth0 type vlan proto 802.1ad id 100
ip link add name eth0.100.200 link eth0.100 type vlan proto 802.1q id 200
// QinQ encapsulation (available since kernel 3.10)
ip link add name peth0 link eth0 type macvlan
ip link add name dummy10 type dummy # Create new interface
ip link add name br0 type bridge # Create bridge interface
ip link set dev eth0 master br0 # Add eth0 to the bridge
ip link set dev eth0 nomaster
ip link add ifb10 type ifb # Intermediate functional block interface
Interface Grouping.
Links not assigned to any group belong to group 0. Group names are stored in /etc/iproute2/group file, up to 255 groups are possible.
ip link set dev eth0 group 33
ip link set dev eth0 group 0
ip link set group 33 down
ip link set group 33 mtu 1300
ip link list group 33
ip neighbor - Managing ARP table
ip neighbor show # Show MAC addresses of the neighbors
ip -6 neighbor show
ip neighbor show dev eth0 # show MAC addresses learned on interface eth0
ip neighbor flush dev eth0 # Delete all cached MAC addresses on interface eth0
ip neighbor add 192.1.1.1 lladdr 22:33:44:55:ff:11 dev eth0
ip neighbor delete 192.1.1.1 lladdr 22:33:44:55:ff:11 dev eth0
Tunnel interfaces
IPIP, SIT (IPV6 in IPV4), IP 6IP6 (IPv6 in IPv6), IPIP6 (IPv4 in IPv6), GRE, VTI kernel 3.6 or later (IPv4 in IPSec) Tunnels are created in DOWN state, dont forget to bring them up
ip tunnel add tun0 mode ipip local 192.0.2.1 remote 198.13.22.12
ip link set dev tun0 up
ip address add 10.1.1.1/30 dev tun0
ip tunnel add tun9 mode sit local 192.0.2.1 remote 198.21.33.13
ip link set dev tun9 up
ip addres add 2001:db8:1::1/64
Gretap tunnel - encapsulate ETH into IPv4 , used to connect L2 segments over L3. L2 interface.
# ip link add gretap0 type gretap local 192.0.2.1 remote 198.21.13.14
GRE
ip tunnel add tun7 mode gre local 192.0.2.1 remote 197.13.12.1
ip link set dev tun7 up
ip address add 192.168.1.1/30 dev tun7
ip tunnel add tun11 mode gre local 192.0.2.1 key 1234 # GRE point to multipoint
ip link set dev tun11 up
ip add add 10.1.1.1/24 dev tun11
ip neighbor add 10.1.1.2/24 lladdr 192.0.2.1 dev tun11
ip tunnel delete tun11
ip tunnel change tun0 remote 194.13.221.1
ip tunnel show
Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.