How to Use the ip Command on Linux

A Bash prompt on an Ubuntu-style Linux laptop in a terminal window.
Fatmawati Achmad Zaenuri/Shutterstock

You can configure IP addresses, network interfaces, and routing rules on the fly with the Linux ip command. We’ll show you how you can use this modern replacement of the classic (and now deprecated) ifconfig.

How the ip Command Works

With the ip command, you can adjust the way a Linux computer handles IP addresses, network interfaces controllers (NICs), and routing rules. The changes also take immediate effect—you don’t have to reboot. The ip command can do a lot more than this, but we’ll focus on the most common uses in this article.

The ip command has many subcommands, each of which works on a type of object, such as IP addresses and routes. There are, in turn, many options for each of these objects. It’s this richness of functionality that gives the ip command the granularity you need to perform what can be delicate tasks. This isn’t ax work—it calls for a set of scalpels.

We’ll look at the following objects:

  • Address: IP addresses and ranges.
  • Link: Network interfaces, such as wired connections and Wi-Fi adapters.
  • Route: The rules that manage the routing of traffic sent to addresses via interfaces (links).

Using ip with Addresses

Obviously, you first have to know the settings you’re dealing with. To discover which IP addresses your computer has, you use the ip command with the object address. The default action is show, which lists the IP addresses. You can also omit show and abbreviate address as “addr” or even “a.”

The following commands are all equivalent:

ip address show
ip addr show
ip addr
ip a

The "ip addr" command in a terminal window.

We see two IP addresses, along with a lot of other information. IP addresses are associated with network interface controllers (NICs). The ip command tries to be helpful and provides a bunch of information about the interface, too.

The first IP address is the (internal) loopback address used to communicate within the computer. The second is the actual (external) IP address the computer has on the local area network (LAN).

Let’s break down all the information we received:

  • lo: The network interface name as a string.
  • <LOOPBACK,UP,LOWER_UP>: This is a loopback interface. It’s UP, meaning it’s operational. The physical networking layer (layer one) is also up.
  • mtu 65536: The maximum transfer unit. This is the size of the largest chunk of data this interface can transmit.
  • qdisc noqueue: A qdisc is a queuing mechanism. It schedules the transmission of packets. There are different queuing techniques called disciplines. The noqueue discipline means “send instantly, don’t queue.” This is the default qdisc discipline for virtual devices, such as the loopback address.
  • state UNKNOWN: This can be DOWN (the network interface is not operational), UNKNOWN (the network interface is operational but nothing is connected), or UP (the network is operational and there is a connection).
  • group default: Interfaces can be grouped logically. The default is to place them all in a group called “default.”
  • qlen 1000: The maximum length of the transmission queue.
  • link/loopback: The media access control (MAC) address of the interface.
  • inet 127.0.0.1/8: The IP version 4 address. The part of the address after the forward-slash (/) is Classless Inter-Domain Routing notation (CIDR) representing the subnet mask. It indicates how many leading contiguous bits are set to one in the subnet mask. The value of eight means eight bits. Eight bits set to one represents 255 in binary, so the subnet mask is 255.0.0.0.
  • scope host: The IP address scope. This IP address is only valid inside the computer (the “host”).
  • lo: The interface with which this IP address is associated.
  • valid_lft: Valid lifetime. For an IP version 4 IP address allocated by Dynamic Host Configuration Protocol (DHCP), this is the length of time the IP address is considered valid and able to make and accept connection requests.
  • preferred_lft: Preferred lifetime. For an IP version 4 IP address allocated by DHCP, this is the amount of time the IP address can be used with no restrictions. This should never be larger than the valid_lft value.
  • inet6: The IP version 6 address, scope , valid_lft, and preferred_lft.

The physical interface is more interesting, as we’ll show below:

  • enp0s3: The network interface name as a string. The “en” stands for ethernet, “p0” is the bus number of the ethernet card, and “s3” is the slot number.
  • <BROADCAST,MULTICAST,UP,LOWER_UP>: This interface supports broad- and multicasting, and the interface is UP (operational and connected). The hardware layer of the network (layer one) is also UP.
  • mtu 1500: The maximum transfer unit this interface supports.
  • qdisc fq_codel: The scheduler is using a discipline called “Fair Queuing, Controlled Delay.” It’s designed to provide a fair share of the bandwidth to all the traffic flows that use the queue.
  • state UP: The interface is operational and connected.
  • group default: This interface is in the “default” interface group.
  • qlen 1000: The maximum length of the transmission queue.
  • link/ether: The MAC address of the interface.
  • inet 192.168.4.26/24: The IP version 4 address. The “/24” tells us there are 24 contiguous leading bits set to one in the subnet mask. That’s three groups of eight bits. An eight-bit binary number equates to 255; therefore, the subnet mask is 255.255.255.0.
  • brd 192.168.4.255: The broadcast address for this subnet.
  • scope global: The IP address is valid everywhere on this network.
  • dynamic: The IP address is lost when the interface goes down.
  • noprefixroute: Do not create a route in the route table when this IP address is added. Someone has to add a route manually if he wants to use one with this IP address. Likewise, if this IP address is deleted, don’t look for a route to delete.
  • enp0s3: The interface with which this IP address is associated.
  • valid_lft: Valid lifetime. The time the IP address will be considered valid; 86,240 seconds is 23 hours and 57 minutes.
  • preferred_lft: Preferred lifetime. The time the IP address will operate without any restrictions.
  • inet6: The IP version 6 address, scope, valid_lft, and preferred_lft.

Display Only IPv4 or IPv6 Addresses

If you want to limit the output to the IP version 4 addresses, you can use the -4 option, as follows:

ip -4 addr

The "ip -4 addr" command in a terminal window.

If you want to limit the output to the IP version 6 addresses, you can use the -6 option, as follows:

ip -6 addr

The "ip -6 addr" command in a terminal window.

Display Information for a Single Interface

If you want to see the IP address information for a single interface, you can use the show and dev options, and name the interface, as shown below:

ip addr show dev lo
ip addr show dev enp0s3

The "ip addr show dev lo" and "ip addr show dev enp0s3" commands in a terminal window.

You can also use the -4 or -6 flag to further refine the output so you only see that in which you’re interested.

If you want to see the IP version 4 information related to the addresses on interface enp0s3, type the following command:

ip -4 addr show dev enp0s3

The "ip -4 addr show dev enp0s3" command in a terminal window.

Adding an IP Address

You can use the add and dev options to add an IP address to an interface. You just have to tell the ip command which IP address to add, and to which interface to add it.

We’re going to add the IP address 192.168.4.44 to the enp0s3 interface. We also have to provide the CIDR notation for the subnet mask.

We type the following:

sudo ip addr add 192.168.4.44/24 dev enp0s3

The "sudo ip addr add 192.168.4.44/24 dev enp0s3" command in a terminal window.

We type the following to take another look at the IP version 4 IP addresses on this interface:

ip -4 addr show dev enp0s3

The "ip -4 addr show dev enp0s3" command in a terminal window.

The new IP address is present on this network interface. We jump on another computer and use the following command to see if we can ping the new IP address:

ping 192.168.4.44

The "ping 192.168.4.44" command in a terminal window.

The IP address responds and sends back acknowledgments to the pings. Our new IP address is up and running after one simple ip command.

Deleting an IP Address

To delete an IP address, the command is almost the same as the one to add one, except you replace add with del, as shown below:

sudo ip addr del 192.168.4.44/24 dev enp0s3

The "sudo ip addr del 192.168.4.44/24 dev enp0s3" command in a terminal window.

If we type the following to check, we see the new IP address has been deleted:

ip -4 addr show dev enp0s3

The "ip -4 addr show dev enp0s3" command in a terminal window.

Using ip with Network Interfaces

You use the link object to inspect and work with network interfaces. Type the following command to see the interfaces installed on your computer:

ip link show

The "ip link show" command in a terminal window.

To see a single network interface, just add its name to the command, as shown below:

ip link show enp0s3

The "ip link show enp0s3" command in a terminal window.

Starting and Stopping Links

You can use the set option with either up or down to stop or start a network interface option. You also have to use sudo, as shown below:

sudo ip link set enp0s3 down

The "sudo ip link set enp0s3 down" command in a terminal window.

We type the following to take a look at the network interface:

ip link show enp0s3

The "ip link show enp0s3" command in a terminal window.

The state of the network interface is DOWN. We can use the up option to restart a network interface, as shown below:

sudo ip link set enp0s3 up

The "sudo ip link set enp0s3 up" command in a terminal window.

We type the following to do another quick check on the state of the network interface:

ip link show enp0s3

The "ip link show enp0s3" command in a terminal window.

The network interface was restarted, and the state is shown as UP.

Using ip with Routes

With the route object, you can inspect and manipulate routes. Routes define to where network traffic to different IP addresses is forwarded, and through which network interface.

If the destination computer or device shares a network with the sending computer, the sending computer can forward the packet directly to it.

However, if the destination device is not directly connected, the sending computer forwards the packet to the default router. The router then decides where to send the packet.

To see the routes defined on your computer, type the following command:

ip route

The "ip route" command in a terminal window.

Let’s take a look at the info we received:

  • default: The default rule. This route is used if none of the other rules match what’s being sent.
  • via 192.168.4.1: Routes the packets via the device at 192.168.4.1. This is the IP address of the default router on this network.
  • dev enp0s3: Use this network interface to send the packets to the router.
  • proto dhcp: The routing protocol identifier. DHCP means the routes will be determined dynamically.
  • metric 100: An indication of the preference of the route compared to others. Routes with lower metrics are preferentially used over those with higher metrics. You can use this to give preference to a wired network interface over a Wi-Fi one.

The second route governs traffic to the IP range of 169.254.0.0/16. This is a zero-configuration network, which means it tries to self-configure for intranet communication. However, you can’t use it to send packets outside the immediate network.

The principle behind zero-configuration networks is they don’t rely on DHCP and other services being present and active. They only need to see TCP/IP in order to self-identify to each of the other devices on the network.

Let’s take a look:

  • 169.254.0.0/16: The range of IP addresses this routing rule governs. If the computer communicates on this IP range, this rule cuts in.
  • dev enp0s3: The network interface the traffic governed by this route will use.
  • scope link: The scope is link, which means the scope is limited to the network to which this computer is directly connected.
  • metric 1000: This is a high metric and isn’t a preferred route.

The third route governs traffic to the IP address range of 192.168.4.0/24. This is the IP address range of the local network to which this computer is connected. It’s for communication across, but within, that network.

Let’s break it down:

  • 192.168.4.1/24: The range of IP addresses this routing rule governs. If the computer communicates within this IP range, this rule triggers and controls the packet routing.
  • dev enp0s3: The interface through which this route will send packets.
  • proto kernel: The route created by the kernel during auto-configuration.
  • scope link: The scope is link, which means the scope is limited to the immediate network to which this computer is connected.
  • src 192.168.4.26: The IP address from which packets sent by this route originate.
  • metric 100: This low metric indicates a preferred route.

Display Information for a Single Route

If you want to focus on the details of a particular route, you can add the list option and IP address range of the route to the command as follows:

ip route list 192.168.4.0/24

The "ip route list 192.168.4.0/24" command in a terminal window.

Adding a Route

We just added a new network interface card to this computer. We type the following and see it’s showing up as enp0s8:

ip link show

The "ip link show" command in a terminal window.

We’ll add a new route to the computer to use this new interface. First, we type the following to associate an IP address with the interface:

sudo ip addr add 192.168.121.1/24 dev enp0s8

The "sudo ip addr add 192.168.121.1/24 dev enp0s8" command in a terminal window.

A default route using the existing IP address is added to the new interface. We use the delete option, as shown below, to delete the route and provide its details:

sudo ip route delete default via 192.168.4.1 dev enp0s8

The "sudo ip route delete default via 192.168.4.1 dev enp0s8" command in a terminal window.

We’ll now use the add option to add our new route. The new interface will handle network traffic in the 192.168.121.0/24 IP address range. We’ll give it a metric of 100; because it will be the only route handling this traffic, the metric is pretty much academic.

We type the following:

sudo ip route add 192.168.121.0/24 dev enp0s8 metric 100

The "sudo ip route add 192.168.121.0/24 dev enp0s8 metric 100" command in a terminal window.

Now, we type the following to see what it gives us:

ip route

The "ip route" command in a terminal window.

Our new route is now in place. However, we still have the 192.168.4.0/24 route that points to interface enp0s8—we type the following to remove it:

sudo ip route delete 192.168.4.0/24 dev enp0s8

The "sudo ip route delete 192.168.4.0/24 dev enp0s8" command in a terminal window.

We should now have a new route that points all traffic destined for IP range 192.168.121.0/24 through interface enp0s8. It should also be the only route that uses our new interface.

We type the following to confirm:

ip route

The "ip route" command in a terminal window.

Taken Route, Not Taken Root

The great thing about these commands is they’re not permanent. If you want to clear them, just reboot your system. This means you can experiment with them until they work the way you want. And it’s a very good thing if you make a terrible mess of your system—a simple reboot will restore order.

On the other hand, if you want the changes to be permanent, you have to do some more work. Exactly what varies depending on the distribution family, but they all involve changing config files.

This way, though, you can test-drive commands before you make anything permanent.

Nieuwste artikelen

spot_img

Related Stories

Leave A Reply

Vul alstublieft uw commentaar in!
Vul hier uw naam in