The IP command examples help you config you network interfaces settings in Linux easier and faster. It is a Linux net-tool for system and network administrators. The IP command is used to assign an IP address to a network interface or configure network interface parameters on Linux operating systems. This command replaces old good and now deprecated ifconfig command on modern Linux distributions. Read more about Linux Command Line.
NAME
ip – show / manipulate routing, network devices, interfaces and tunnels.
SYNOPSIS
ip [ OPTIONS ] OBJECT { COMMAND | help }ip [ -force ] -batch filenameOBJECT := { link | address | addrlabel | route | rule | neigh | ntable | tunnel | tuntap |
maddress | mroute | mrule | monitor | xfrm | netns | l2tp | tcp_metrics | token |
macsec }
OPTIONS := { -V[ersion] | -h[uman-readable] | -s[tatistics] | -d[etails] | -r[esolve] | -iec | -f[amily] { inet | inet6 | link } | -4 | -6 | -I | -D | -B | -0 | -l[oops] { maximum-addr-flush-attempts } | -o[neline] | -rc[vbuf] [size] | -t[imestamp] | -ts[hort] | -n[etns] name | -N[umeric] | -a[ll] | -c[olor] | -br[ief] | -j[son] | -p[retty] }
OPTIONS
-V, -VersionPrint the version of the ip utility and exit.
-h, -human, -human-readableOutput statistics with human readable values followed by suffix.
-b, -batch <FILENAME>Read commands from provided file or standard input and invoke them. First failure will cause termination of IP.
-forceDon’t terminate IP on errors in batch mode. If there were any errors during execution of the commands, the application return code will be non zero.
-s, -stats, -statisticsOutput more information. If the option appears twice or more, the amount of information increases. As a rule, the information is statistics or some time values.
-d, -detailsOutput more detailed information.
-l, -loops <COUNT>Specify maximum number of loops the ‘ip address flush‘ logic will attempt before giving up. The default is 10. Zero (0) means loop until all addresses are removed.
-f, -family <FAMILY>Specifies the protocol family to use. The protocol family identifier can be one of inet, inet6, bridge, mpls or link. If this option is not present, the protocol family is guessed from other arguments.
If the rest of the command line does not give enough information to guess the family, ip falls back to the default one, usually inet or any. link is a special family identifier meaning that no networking protocol is involved.
-4 shortcut for -family inet.
-6 shortcut for -family inet6.
-B shortcut for -family bridge.
-M shortcut for -family mpls.
-0 shortcut for -family link.-o, -onelineOutput each record on a single line, replacing line feeds with the ‘\’ character. This is convenient when you want to count records with wc(1) or to grep(1) the output.
-r, -resolveUse the system’s name resolver to print DNS names instead of host addresses.
-n, -netns <NETNS>Switches ip to the specified network namespace NETNS. Actually it just simplifies
executing of:
ip netns exec NETNS ip [ OPTIONS ] OBJECT { COMMAND | help } to ip -n[etns] NETNS [ OPTIONS ] OBJECT { COMMAND | help }
-N, -NumericPrint the number of protocol, scope, dsfield, etc directly instead of converting it to human readable name.
-a, -allExecutes specified command over all objects, it depends if command supports this option.
-c[color][={always|auto|never}Configure color output. If parameter is omitted or always, color output is enabled regardless of stdout state. If parameter is auto, stdout is checked to be a terminal before enabling color output. If parameter is never, color output is disabled.
If specified multiple times, the last one takes precedence. This flag is ignored if -json is also given.
Used color palette can be influenced by COLORFGBG environment variable (see ENVIRONMENT).
-t, -timestampDisplay current time when using monitor option.
-ts, -tshortLike -timestamp, but use shorter format.
-rc, -rcvbuf<SIZE>Set the netlink socket receive buffer size, defaults to 1MB.
-iec print human readable rates in IEC units (e.g. 1Ki = 1024).
-br, -briefPrint only basic information in a tabular format for better readability. This option is currently only supported by ip addr show and ip link show commands.
-j, -jsonOutput results in JavaScript Object Notation (JSON).
-p, -prettyThe default JSON format is compact and more efficient to parse but hard for most users to read. This flag adds indentation for readability.
IP – COMMAND SYNTAX
OBJECT
address – protocol (IP or IPv6) address on a device.
addrlabel – label configuration for protocol address selection.
l2tp – tunnel ethernet over IP (L2TPv3).
link – network device.
maddress – multicast address.
monitor – watch for netlink messages.
mroute – multicast routing cache entry.
mrule – rule in multicast routing policy database.
neighbour– manage ARP or NDISC cache entries.
netns – manage network namespaces.
ntable – manage the neighbor cache’s operation.
route – routing table entry.
rule – rule in routing policy database.
tcp_metrics/tcpmetrics– manage TCP Metrics
token – manage tokenized interface identifiers.
tunnel – tunnel over IP.
tuntap – manage TUN/TAP devices.
xfrm – manage IPSec policies.
The names of all objects may be written in full or abbreviated form, for example address
can be abbreviated as addr or just a.
COMMAND
Specifies the action to perform on the object. The set of possible actions depends on the object type. As a rule, it is possible to add, delete and show (or list ) objects, but some objects do not allow all of these operations or have some additional commands. The help command is available for all objects. It prints out a list of available commands and argument syntax conventions.
If no command is given, some default command is assumed. Usually it is list or, if the objects of this class cannot be listed, help.
ENVIRONMENT
COLORFGBG : If set, it’s value is used for detection whether background is dark or light and use contrast colors for it.
COLORFGBG environment variable usually contains either two or three values separated by semicolons; we want the last value in either case. If this value is 0-6 or 8, chose colors suitable for dark background: COLORFGBG=";0" ip -c a
EXIT STATUS
Exit status is 0 if command was successful, and 1 if there is a syntax error. If an error
was reported by the kernel exit status is 2.
IP Command Examples
ip a Shows addresses assigned to all network interfaces.
ip neigh Shows the current neighbour table in kernel.
ip link set x up Bring up interface x.
ip link set x down Bring down interface x.
ip route Show table routes.
Add an IP address to an interface using the command:
ip addr add [ip_address] dev [interface]If you need to add a broadcast address to an interface use the command:
ip addr add brd [ip_address] dev [interface]To remove an IP address from an interface type:
ip addr del [ip_address] dev [interface]Manage and Display IP Routing Table
ip route helpList all the route entries use either of the following commands:
ip route
ip route listTo view routing for a distinct network, use the following syntax:
ip route list [ip_address]Modify IP Routing Table
To add a new entry in the routing table that can be reached on a specific device, type in the command:ip route add [ip_address] dev [interface]
Or you can add a new route via gateway by typing:ip route add [ip_address] via [gatewayIP]
Also, the command allows you to add a route for all addresses via the local gateway by adding the default option:
ip route add default [ip_address] dev [device]
ip route add default [network/mask] via [gatewayIP]To delete an existing entry in the routing table, use the commands:
ip route del [ip_address]
ip route del default
ip route del [ip_address] dev [interface]Display and Modify IP Neighbor Entries: The neighbor entries tie the protocol address and the link-layer addresses under the same link. Organized into IPv4 tables, they are also called ARP (Address Resolution Protocol) tables.
ip neigh helpTo display neighbor tables, use the following command:
ip neigh showThe output shows the MAC addresses of devices which are part of the system and their state. The state of a device can be:
- REACHABLE – signifies a valid, reachable entry until the timeout expires.
- PERMANENT– signifies an everlasting entry that only an administrator can remove.
- STALE– signifies a valid, yet unreachable entry; to check its state, the kernel checks it at the first transmission.
- DELAY– signifies that the kernel is still waiting for validation from the stale entry
Modify IP Neighbor Entries.
Add a new table entry with the command:
ip neigh add [ip_address] dev [interface] Or, remove an existing ARP entry:
ip neigh del [ip_address] dev [interface]Read more about using IP address command.
HISTORY: ip was written by Alexey N. Kuznetsov and added in Linux 2.2.
SEE ALSO: ip-address(8), ip-addrlabel(8), ip-l2tp(8), ip-link(8), ip-maddress(8), ip-monitor(8), ip-
mroute(8), ip-neighbour(8), ip-netns(8), ip-ntable(8), ip-route(8), ip-rule(8), ip-tcp_metrics(8), ip-token(8), ip-tunnel(8), ip-xfrm(8) IP Command reference ip-cref.ps