iproute2 tutorial for ifconfig, arp, route users

A lot of Linux distributions are shifting to iproute2 instead of net-tools (aka ifconfig, arp, route). The main reason being net-tools package hasn’t been updated in a decade. However having used the trusted ifconfig, route and arp for so many years, I have never bothered to use ip and hence I now need to Google every time I want to see what my IP address is!

So here’s a short iproute2 primer for net-tools users (like myself).

Find IP addresses of all active interfaces, equivalent of ifconfig

ip addr show up

Alternatively, if you want to see all the interfaces irrespective of their status, equivalent of ifconfig -a

ip addr

Assign an IP address to an interface, equivalient of ifconfig eth0 192.168.137.5 netmask 255.255.255.0

sudo ip addr add 192.168.137.5/24 dev eth0

Assigned multiple ip addresses to a single interface, equivalent of pseudo interfaces => ifconfig eth0:1 192.168.10.1 netmask 255.255.255.0

sudo ip addr add 192.168.10.1/25 dev eth0
Yes, thats the same command as assigning an ip address. Using iproute2 you can add multiple ip addresses to the same interface without the use of interface tags like eth0:1

Mark an interface active or bring up an interface, equivalent of ifconfig eth0 up

sudo ip addr link set eth0 up

Mark an interface inactive or bring down an interface, equivalent of ifconfig eth0 down

sudo ip addr link set eth0 down

Enable promisc flag on interfaces, equivalent of ifconfig eth0 promisc

sudo ip link set dev eth0 promisc on

Disable promisc flag on interfaces, equivalent of ifconfig eth0 -promisc

sudo ip link set dev eth0 promisc off

Mac Address spoofing, equivalent of ifconfig eth0 hw ether aa:bb:cc:dd:ee:ff


ip link set dev eth0 down
ip link set dev eth0 address aa:bb:cc:dd:ee:ff
ip link set dev eth0 up

Display the arp cache, equivalent of arp -an

ip neigh show

To see arp cache for a specific interface

ip neigh show dev eth0

To see the arp entry for a specific ip address

ip neigh show 192.168.1.4

Add a permanent arp entry for a specific ip address to the arp cache, equivalent of arp -i eth0 -s 192.168.1.4 aa:bb:cc:dd:ee:ff

sudo ip neigh add 192.168.1.4 lladdr aa:bb:cc:dd:ee:ff dev eth0 nud permanent

Additionally, if the entry for a specific ip address already exists in the arp cache, you’ll have to use the ‘change’ command instead of the ‘add’ command.

sudo ip neigh change 192.168.1.4 lladdr aa:bb:cc:dd:ee:ff dev eth0

Delete a permanent arp entry for a specific ip address from the arp cache, equivalent of arp -d 192.168.1.4

sudo ip neigh del 192.168.1.4 lladdr aa:bb:cc:dd:ee:ff dev eth0 nud permanent

Flush the arp cache for a specific interface

sudo ip neigh flush dev eth0

Flush arp caches of all interfaces

sudo ip neigh flush all

Display the routing table, equivalent of route -n

ip route

There’s also a helper script thats shipped with most distributions which has a user friendly output for listing the routing table.

routel

Add default route, equivalent of route add default gw 192.168.1.1

sudo ip route add default via 192.168.1.1

Delete default route, equivalent of route del default gw

sudo ip route del default

Add static route to your routing table, equivalent of route add -net 192.168.1.1 netmask 255.255.255.0 gw 192.168.0.5

ip route add 192.168.1.1/24 via 192.168.0.5

Delete static route from your routing table, equivalent of route del -net 192.168.1.1 netmask 255.255.255.0 gw 192.168.0.5

ip route del 192.168.1.1/24 via 192.168.0.5

These is a list of commonly used commands. For more information refer to the man pages.

man ip
man ip-route
man ip-neighbour
man ip-link

All ip commands have short forms. ip n is equivalent of ip neighbour, ip r equivalent of ip route and so on. Even the sub-commands have short forms. So you could write something like:

ip r s dev eth0

instead of

ip route show dev eth0

3 comments

  1. Спасибо за Ваш ответ, он очень важен для нас.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.