1. Introduction
The ip command is a versatile tool in Linux for managing network configuration. It comes preinstalled in all modern Linux Distributions – part of the iproute2 package. This package replaces old tools such ifconfig, route etc. The ip command is commonly used to manage IP addresses, network interfaces, routes, ARP cache, and tunnels.
In this guide, we learn about ip command in Linux in detail.
2. ip Command Syntax
The following shows the basic syntax of ip command:
ip [OPTIONS] OBJECT {COMMAND | help}
- OPTIONS – This is optional to define global parameters or specific to a particular object (-s, -d, -r,-f -4, -6, up)
- OBJECT – For manipulation or viewing (like addr, link, route, neigh, maddr, tunnel)
- COMMAND – Action on the object ( like add, del, show, set, etc)
ip command has a bit of complex syntax. It has many different objects and on top each object has its own options.
The ip command requires sudo privilege when requires to change system network configurations such as adding or deleting IP addresses, routes, etc. However, elevated privileges are not required for basic operations such as listing IP addresses or network interfaces.
3. Displaying IP Addresses
You can use ip command to display IP address associated with all network interfaces or on a specific interface.
To display IP addresses for all interfaces:
The following commands are used for the same purpose and give the same results.
ip addr show
The output provides you a list of all the network interfaces (including the loopback interface) their associated IPv4 and IPv6 addresses alongside other information such as the maximum transmission unit (mtu) and transmit queue length (txqueuelen). The output includes other details like the broadcast address, subnet mask, and the current state of the interface (UP or DOWN).
The commands ip address, ip addr and ip a will also show the same results.
To display IP address for a specific interface:
If you want to display IP address for a specific interface for example ens3, type:
ip address show ens3
You can replace ens3 with your available interface name.
4. Add/Delete IP Addresses
Add IP Address to an interface
sudo ip addr 192.168.92.150/255.255.255.0 dev ens33
or using CIDR notation
sudo ip addr 192.168.92.150/24 dev ens33
This add/assign the IP address 192.168.92.150 with a netmask of 255.255.255.0 to the network interface ens33. You can confirm by ip addr show ens33
command. The change is made immediately and no need to restart network service.
Remember, adding IP this way is only temporary, ie on reboot it will be lost. To make permanent changes you need to edit the network configuration file, which depends on the specific Linux distribution and network manager you are using.
If you use ip addr add
to assign an IP address that the interface already has, the command will not produce an error, but it will not assign the IP address either because it’s already there. If it’s a new IP address it simply adds an additional IP address to the network interface. On that note to replace the current IP address, you should first delete the old one using ip addr del
before adding the new one.
Delete IP address from an interface
sudo ip addr del 192.168.92.150/24 dev ens33
This command delete the IP address 192.168.92.150
from the ens33
network interface.
Remember, If you are connected to the device over a network and you remove the IP address, your connection to the device will be lost. During server migration with a new subnet of IPs, we used to delete the existing IP address and add a new IP address in network config files. So when servers boot up in the new location it’s accessible using the new IP address (unless there are no network issues).
4. Managing Network Interfaces with the ip
Command
Display the state of all network interfaces:
ip link show
This command display interface status (UP or DOWN), interface name, MTU size and MAC addresses. The ip link is more focused on the physical or lower-level state of network interfaces.
To narrow down and display information about a specific network interface name – the interface named “ens33”:
ip link show dev ens33
Display detailed network interface statistics
ip -s link
The -s option is used to display detailed statistics. Usually useful to diagnose network problems. It can report errors or dropped packets.
Change the state of a network device/interface
To disable or bring down the interface ens33
sudo ip link set ens33 down
After running this command you can confirm the status of the interface using ip link show.
To enable or bring up the interface ens33:
sudo ip link set ens33 up
Change the txqueuelen
The txqueuelen (transmit queue length) is the length of the transmit queue of the device, which is used to store packets that are ready to be sent over the network. The default value for Ethernet is 1000. The value may vary depending on the network device type.
To check the current txqueuelen value, run ip a command. This will be denoted by the network property named qlen.
You can adjust qlen value to tune your network performance. For example to change txqueuelen value to 5000, type:
sudo ip link set txqueuelen 5000 dev ens33
Change the MTU
MTU, short for Maximum Transmission Unit, is the size of the largest protocol data unit ( PDU ) that can be transmitted in a network. The size is measured in bytes. Ethernet support value from 1500 to 9000 bytes. The most common value is 1500 bytes. Generally, you do not need to change it, commonly MTU values are optimized on servers that are connected to storage devices via switches.
To check MTU value run ip a command:
ip a show ens33
In this example, mtu 1500
indicates that the Maximum Transmission Unit for ens33
is set to 1500 bytes.
To change MTU value, type:
sudo ip link set mtu 2000 dev ens33
In the example, the MTU value of the interface ens33
is changed to 2000.
5. Working with Routes Using the ip Command
Display IP Routing Table
ip route list
This command displays the current routing table in Linux. The ip route show
or ip route
without any additional arguments shows the same results.
To display the specific routing rule for the 192.168.92.0/24 subnet in the system’s routing table:
ip route list 192.168.92.0/24
Add a new route to the routing table
sudo ip route add 192.168.92.0/24 via 192.168.92.1
This command add a new route to the system’s routing table. This command tells the system that in order to reach the 192.168.92.0/24
network, it needs to route traffic through the gateway at 192.168.92.1
.
After adding you can confirm it got added using the ip route command.
Suppose you want to add a default route, via a local gateway such as 192.168.92.1
to be accessed on eth0
, type:
ip route add default via 192.168.92.1 dev eth0
Delete a Route
ip route del 192.168.92.0/24 via 192.168.92.1
This would remove the rule that directs traffic for the 192.168.92.0/24
network through the gateway at 192.168.92.1
. The syntax is nearly identical to the ip route add
command, but it uses del
instead of add
to indicate that a rule should be deleted rather than added.
To delete a default route from the routing table, type:
ip route del default
The default route is often set to the IP address of a router, which then sends the traffic on to its destination.
6. Manipulating ARP or Neighbor Entries with the ip Command
Display IP Neighbor Table ( or ARP table)
ip neigh show
This table maintains a mapping between IP addresses and MAC addresses for all devices on the local network segment. It also shows the neighbor state – ie how recently the neighbor was confirmed to be reachable or not reachable.
Manually Add an entry to ARP table
ip neigh add 192.168.0.2 lladdr A4:C3:F0:9F:56:B9 dev ens33
This command adds an ARP entry of the device with IP 192.168.0.2
and MAC address A4:C3:F0:9F:56:B9
. and to delete the ARP entry:
ip neigh del 192.168.0.2 dev ens33