1. Linux ip Command

NAME
       ip - show / manipulate routing, network devices, interfaces and tunnels

SYNOPSIS
       ip [ OPTIONS ] OBJECT { COMMAND | help }

       ip [ -force ] -batch filename

       OBJECT := { link | address | addrlabel | route | rule | neigh | ntable | tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm | netns | l2tp |
               tcp_metrics | token | macsec | vrf | mptcp }

       OPTIONS := { -V[ersion] | -h[uman-readable] | -s[tatistics] | -d[etails] | -r[esolve] | -iec | -f[amily] { inet | inet6 | link } | -4 | -6 | -I | -D | -B |
               -0 | -l[oops] { maximum-addr-flush-attempts } | -o[neline] | -rc[vbuf] [size] | -t[imestamp] | -ts[hort] | -n[etns] name | -N[umeric] | -a[ll] |
               -c[olor] | -br[ief] | -j[son] | -p[retty] }

EXAMPLES
       ip addr
           Shows addresses assigned to all network interfaces.

       ip neigh
           Shows the current neighbour table in kernel.

       ip link set x up
           Bring up interface x.

       ip link set x down
           Bring down interface x.

       ip route
           Show table routes.
Table 1. OBJECTS can be any one of the following and may be written in full or abbreviated form[1]
Object Abbreviated form Purpose

link

l

Network device.

address

a addr

Protocol (IP or IPv6) address on a device.

addrlabel

addrl

Label configuration for protocol address selection.

neighbour

n neigh

ARP or NDISC cache entry.

route

r

Routing table entry.

rule

ru

Rule in routing policy database.

maddress

m maddr

Multicast address.

mroute

mr

Multicast routing cache entry.

tunnel

t

Tunnel over IP.

xfrm

x

Framework for IPsec protocol.

Table 2. Deprecated Linux command and their replacement cheat sheet.
Old command (Deprecated) New command

ifconfig -a

ip a

ifconfig enp6s0 down

ip link set enp6s0 down

ifconfig enp6s0 up

ip link set enp6s0 up

ifconfig enp6s0 192.168.2.24

ip addr add 192.168.2.24/24 dev enp6s0

ifconfig enp6s0 netmask 255.255.255.0

ip addr add 192.168.1.1/24 dev enp6s0

ifconfig enp6s0 mtu 9000

ip link set enp6s0 mtu 9000

ifconfig enp6s0:0 192.168.2.25

ip addr add 192.168.2.25/24 dev enp6s0

netstat

ss

netstat -tulpn

ss -tulpn

netstat -neopa

ss -neopa

netstat -g

ip maddr

route

ip r

route add -net 192.168.2.0 netmask 255.255.255.0 dev enp6s0

ip route add 192.168.2.0/24 dev enp6s0

route add default gw 192.168.2.254

ip route add default via 192.168.2.254

arp -a

ip neigh

arp -v

ip -s neigh

arp -s 192.168.2.33 1:2:3:4:5:6

ip neigh add 192.168.3.33 lladdr 1:2:3:4:5:6 dev enp6s0

arp -i enp6s0 -d 192.168.2.254

ip neigh del 192.168.2.254 dev wlp7s0

1.1. ip route: Routing table management commands

  • Show routing table

    $ ip r
    default via 192.168.91.2 dev ens32
    192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128
    
    $ sudo route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         192.168.91.2    0.0.0.0         UG    0      0        0 ens32
    192.168.91.0    0.0.0.0         255.255.255.0   U     0      0        0 ens32
    
    $ ip r l 192.168.91.0/24
    192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128
  • Delete a route

    $ sudo ip r del default
    $ ip r
    192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128
    
    $ sudo ip r del 192.168.91.0/24
    $ ip r
  • Add a new route

    # ip route add {NETWORK/MASK} via {GATEWAYIP}
    # ip route add {NETWORK/MASK} dev {DEVICE}
    # ## Add default route using ip ##
    # ip route add default {NETWORK/MASK} dev {DEVICE}
    # ip route add default {NETWORK/MASK} via {GATEWAYIP}
    $ sudo ip r add default via 192.168.91.2 dev ens32
    $ ip r
    default via 192.168.91.2 dev ens32
    
    $ sudo ip r add 192.168.91.0/24 dev ens32
    $ ip r
    default via 192.168.91.2 dev ens32
    192.168.91.0/24 dev ens32 scope link

2. Let a Linux as a router

  • Update the default route to another Linux

    $ ip r
    default via 192.168.91.2 dev ens32 onlink
    192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128
    
    $ sudo ip r del default
    $ ip r
    192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128
    
    # set the default gateway to another Linux (192.168.91.137)
    $ sudo ip r add default via 192.168.91.137 dev ens32
    $ ip r
    default via 192.168.91.137 dev ens32
    192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128

2.1. Test networking with ping

  1. Open a terminal and run tcpdump to capture the network packet:

    $ sudo tcpdump -nv host 10.170.108.237
    tcpdump: listening on ens32, link-type EN10MB (Ethernet), snapshot length 262144 bytes
    15:02:58.708055 IP (tos 0x0, ttl 64, id 61339, offset 0, flags [DF], proto ICMP (1), length 84)
        192.168.91.128 > 10.170.108.237: ICMP echo request, id 4621, seq 1, length 64
    15:02:59.715911 IP (tos 0x0, ttl 64, id 61408, offset 0, flags [DF], proto ICMP (1), length 84)
        192.168.91.128 > 10.170.108.237: ICMP echo request, id 4621, seq 2, length 64
    ^C
    2 packets captured
    2 packets received by filter
    0 packets dropped by kernel
  2. Run ping to test networking:

    $ ping -c 2 10.170.108.237
    PING 10.170.108.237 (10.170.108.237) 56(84) bytes of data.
    
    --- 10.170.108.237 ping statistics ---
    2 packets transmitted, 0 received, 100% packet loss, time 1008ms

    Here, we see all the packet were lost. This is beacuse the target Linux host (192.168.91.137) should enable the ip forward feature as below.

    $ sudo sysctl net.ipv4.ip_forward
    net.ipv4.ip_forward = 0
    
    $ sudo sysctl -w net.ipv4.ip_forward=1
    net.ipv4.ip_forward = 1

    Now let’s run the ping at host (192.168.91.128) again:

    $ ping -c 2 10.170.108.237
    PING 10.170.108.237 (10.170.108.237) 56(84) bytes of data.
    64 bytes from 10.170.108.237: icmp_seq=1 ttl=128 time=1.50 ms
    64 bytes from 10.170.108.237: icmp_seq=2 ttl=128 time=1.18 ms
    
    --- 10.170.108.237 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1003ms
    rtt min/avg/max/mdev = 1.175/1.338/1.501/0.163 ms
  3. Show the gateway Linux host (192.168.91.137) route:

    $ ip -d r
    unicast default via 192.168.91.2 dev ens34 proto boot scope global
    unicast 192.168.91.0/24 dev ens34 proto kernel scope link src 192.168.91.131
    unicast 192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.137
  4. Run the traceroute at the source host (192.168.91.128) to print the route trace:

    $ sudo traceroute -I 10.170.108.237
    traceroute to 10.170.108.237 (10.170.108.237), 30 hops max, 60 byte packets
     1  192.168.91.131 (192.168.91.131)  2.323 ms  1.998 ms  1.781 ms
     2  192.168.91.2 (192.168.91.2)  1.636 ms  1.460 ms  1.162 ms
     3  10.170.108.237 (10.170.108.237)  3.304 ms  3.895 ms  6.811 ms