Linux ip Command Explained [With Examples]

Last updated: July 8, 2023 | Linuxopsys

The ip command is a versatile tool in Linux for managing network configuration. It comes preinstalled in all modern Linux Distributions - part of the iproute2 package. This package replaces old tools such ifconfig, route etc. The ip command is commonly used to manage IP addresses, network interfaces, routes, ARP cache, and tunnels.

Syntax

The following shows the basic syntax of ip command:

ip [OPTIONS] OBJECT {COMMAND | help}
  • OPTIONS - This is optional to define global parameters or specific to a particular object (-s, -d, -r,-f -4, -6, up)
  • OBJECT - For manipulation or viewing (like addr, link, route, neigh, maddr, tunnel)
  • COMMAND - Action on the object ( like add, del, show, set, etc)

ip command has a bit of complex syntax. It has many different objects and on top each object has its own options.

The ip command requires sudo privilege when requires to change system network configurations such as adding or deleting IP addresses, routes, etc. However, elevated privileges are not required for basic operations such as listing IP addresses or network interfaces.

Using ip Command

1. Displaying IP Addresses

You can use ip command to display IP address associated with all network interfaces or on a specific interface.

To display IP addresses for all interfaces:

The following commands are used for the same purpose and give the same results.

ip addr show

The output provides you a list of all the network interfaces (including the loopback interface) their associated IPv4 and IPv6 addresses alongside other information such as the maximum transmission unit (mtu) and transmit queue length (txqueuelen). The output includes other details like the broadcast address, subnet mask, and the current state of the interface (UP or DOWN).

The commands ip address, ip addr and ip a will also show the same results.

display IP addresses for all interfaces using ip command

To display IP address for a specific interface:

If you want to display IP address for a specific interface for example ens3, type:

ip address show ens3 
display IP address of a specific interface using ip command

You can replace ens3 with your available interface name.

2. Add/Delete IP Addresses

Add IP Address to an interface

sudo ip addr 192.168.92.150/255.255.255.0 dev ens33
or using CIDR notation
sudo ip addr 192.168.92.150/24 dev ens33
add IP address using ip command

This add/assign the IP address 192.168.92.150 with a netmask of 255.255.255.0 to the network interface ens33. You can confirm by ip addr show ens33 command. The change is made immediately and no need to restart network service.

Remember, adding IP this way is only temporary, ie on reboot it will be lost. To make permanent changes you need to edit the network configuration file, which depends on the specific Linux distribution and network manager you are using.

If you use ip addr add to assign an IP address that the interface already has, the command will not produce an error, but it will not assign the IP address either because it's already there. If it's a new IP address it simply adds an additional IP address to the network interface. On that note to replace the current IP address, you should first delete the old one using ip addr del before adding the new one.

Delete IP address from an interface

sudo ip addr del 192.168.92.150/24 dev ens33
delete ip address using ip command

This command delete the IP address 192.168.92.150 from the ens33 network interface.

Remember, If you are connected to the device over a network and you remove the IP address, your connection to the device will be lost. During server migration with a new subnet of IPs, we used to delete the existing IP address and add a new IP address in network config files. So when servers boot up in the new location it's accessible using the new IP address (unless there are no network issues).

3. Managing Network Interfaces

Display the state of all network interfaces:

ip link show
display all network interfaces using ip command

This command display interface status (UP or DOWN), interface name, MTU size and MAC addresses. The ip link is more focused on the physical or lower-level state of network interfaces.

To narrow down and display information about a specific network interface name - the interface named "ens33":

ip link show dev ens33
display interface information of specific device using ip command

Display detailed network interface statistics

ip -s link
display network interface statistics using ip command

The -s option is used to display detailed statistics. Usually useful to diagnose network problems. It can report errors or dropped packets.

Change the state of a network device/interface

To disable or bring down the interface ens33

sudo ip link set ens33 down
set network interface down using ip command

After running this command you can confirm the status of the interface using ip link show.

To enable or bring up the interface ens33:

sudo ip link set ens33 up
set network interface up using ip command

Change the txqueuelen

The txqueuelen (transmit queue length) is the length of the transmit queue of the device, which is used to store packets that are ready to be sent over the network. The default value for Ethernet is 1000. The value may vary depending on the network device type.

To check the current txqueuelen value, run ip a command. This will be denoted by the network property named qlen.

check the current txqueuelen value  using the ip a command

You can adjust qlen value to tune your network performance. For example to change txqueuelen value to 5000, type:

sudo ip link set txqueuelen 5000 dev ens33
change txqueuelen value using ip command

Change the MTU

MTU, short for Maximum Transmission Unit, is the size of the largest protocol data unit  ( PDU ) that can be transmitted in a network. The size is measured in bytes. Ethernet support value from 1500 to 9000 bytes. The most common value is 1500 bytes. Generally, you do not need to change it, commonly MTU values are optimized on servers that are connected to storage devices via switches.

To check MTU value run ip a command:

ip a show ens33
display MTU value using ip command

In this example, mtu 1500 indicates that the Maximum Transmission Unit for ens33 is set to 1500 bytes.

To change MTU value, type:

sudo ip link set mtu 2000 dev ens33
change mtu value using ip command

In the example, the MTU value of the interface ens33 is changed to 2000.

4. Working with Routes

Display IP Routing Table

ip route list
display current routing table

This command displays the current routing table in Linux. The ip route show or ip route without any additional arguments shows the same results.

To display the specific routing rule for the 192.168.92.0/24 subnet in the system's routing table:

ip route list 192.168.92.0/24
show specific network routing rule

Add a new route to the routing table

sudo ip route add 192.168.92.0/24 via 192.168.92.1

This command add a new route to the system's routing table. This command tells the system that in order to reach the 192.168.92.0/24 network, it needs to route traffic through the gateway at 192.168.92.1.

After adding you can confirm it got added using the ip route command.

add a new route

Suppose you want to add a default route, via a local gateway such as 192.168.92.1 to be accessed on eth0, type:

ip route add default via 192.168.92.1 dev eth0

Delete a Route

ip route del 192.168.92.0/24 via 192.168.92.1
deleting a route using ip command

This would remove the rule that directs traffic for the 192.168.92.0/24 network through the gateway at 192.168.92.1. The syntax is nearly identical to the ip route add command, but it uses del instead of add to indicate that a rule should be deleted rather than added.

To delete a default route from the routing table, type:

ip route del default

The default route is often set to the IP address of a router, which then sends the traffic on to its destination.

5. Manipulating ARP or Neighbor Entries

Display IP Neighbor Table ( or ARP table)

ip neigh show
show the current arp table using ip command

This table maintains a mapping between IP addresses and MAC addresses for all devices on the local network segment. It also shows the neighbor state - ie how recently the neighbor was confirmed to be reachable or not reachable.

Manually Add an entry to ARP table

ip neigh add 192.168.0.2 lladdr A4:C3:F0:9F:56:B9 dev ens33
add a new entry into ARP table using ip command

This command adds an ARP entry of the device with IP 192.168.0.2 and MAC address A4:C3:F0:9F:56:B9. and to delete the ARP entry:

ip neigh del 192.168.0.2 dev ens33
delete a ARP table entry using ip command
SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment