If you’re like most people, you probably use the command line on a daily basis. But did you know that you can also use the command line to manage your Linux system? In this article, we’ll show you how to use the ip command to manage your network settings. First, let’s take a look at what the ip command can do. The ip command is used to manage your network settings on a Linux system. It can be used to view your current network configuration, change your network configuration, and even add new devices to your network. To use the ip command, first open a terminal window by clicking on the “Terminal” icon in your desktop environment or by pressing “Ctrl+Alt+T” on Windows. Once you have opened a terminal window, type the following commands: ip addr show This will display all of your current network addresses and their corresponding IP addresses. You can also use this command to view information about specific networks or devices. For example, if you wanted to view information about your computer’s local area connection (LAN), you would type: ip addr show lan This will display all of the information about that particular network interface. You can also use this command to view information about specific devices on your system. For example, if you wanted to view information about your computer’s hard drive, you would type: ip addr show dev hd ..
How the ip Command Works
With the ip command, you can adjust the way a Linux computer handles IP addresses, network interfaces controllers (NICs), and routing rules. The changes also take immediate effect—you don’t have to reboot. The ip command can do a lot more than this, but we’ll focus on the most common uses in this article.
The ip command has many subcommands, each of which works on a type of object, such as IP addresses and routes. There are, in turn, many options for each of these objects. It’s this richness of functionality that gives the ip command the granularity you need to perform what can be delicate tasks. This isn’t ax work—it calls for a set of scalpels.
We’ll look at the following objects:
Address: IP addresses and ranges. Link: Network interfaces, such as wired connections and Wi-Fi adapters. Route: The rules that manage the routing of traffic sent to addresses via interfaces (links).
Using ip with Addresses
Obviously, you first have to know the settings you’re dealing with. To discover which IP addresses your computer has, you use the ip command with the object address. The default action is show, which lists the IP addresses. You can also omit show and abbreviate address as “addr” or even “a.”
The following commands are all equivalent:
We see two IP addresses, along with a lot of other information. IP addresses are associated with network interface controllers (NICs). The ip command tries to be helpful and provides a bunch of information about the interface, too.
The first IP address is the (internal) loopback address used to communicate within the computer. The second is the actual (external) IP address the computer has on the local area network (LAN).
Let’s break down all the information we received:
lo: The network interface name as a string. <LOOPBACK,UP,LOWER_UP>: This is a loopback interface. It’s UP, meaning it’s operational. The physical networking layer (layer one) is also up. mtu 65536: The maximum transfer unit. This is the size of the largest chunk of data this interface can transmit. qdisc noqueue: A qdisc is a queuing mechanism. It schedules the transmission of packets. There are different queuing techniques called disciplines. The noqueue discipline means “send instantly, don’t queue. ” This is the default qdisc discipline for virtual devices, such as the loopback address. state UNKNOWN: This can be DOWN (the network interface is not operational), UNKNOWN (the network interface is operational but nothing is connected), or UP (the network is operational and there is a connection). group default: Interfaces can be grouped logically. The default is to place them all in a group called “default. ” qlen 1000: The maximum length of the transmission queue. link/loopback: The media access control (MAC) address of the interface. inet 127. 0. 0. 1/8: The IP version 4 address. The part of the address after the forward-slash (/) is Classless Inter-Domain Routing notation (CIDR) representing the subnet mask. It indicates how many leading contiguous bits are set to one in the subnet mask. The value of eight means eight bits. Eight bits set to one represents 255 in binary, so the subnet mask is 255. 0. 0. 0. scope host: The IP address scope. This IP address is only valid inside the computer (the “host”). lo: The interface with which this IP address is associated. valid_lft: Valid lifetime. For an IP version 4 IP address allocated by Dynamic Host Configuration Protocol (DHCP), this is the length of time the IP address is considered valid and able to make and accept connection requests. preferred_lft: Preferred lifetime. For an IP version 4 IP address allocated by DHCP, this is the amount of time the IP address can be used with no restrictions. This should never be larger than the valid_lft value. inet6: The IP version 6 address, scope , valid_lft, and preferred_lft.
The physical interface is more interesting, as we’ll show below:
enp0s3: The network interface name as a string. The “en” stands for ethernet, “p0” is the bus number of the ethernet card, and “s3” is the slot number. <BROADCAST,MULTICAST,UP,LOWER_UP>: This interface supports broad- and multicasting, and the interface is UP (operational and connected). The hardware layer of the network (layer one) is also UP. mtu 1500: The maximum transfer unit this interface supports. qdisc fq_codel: The scheduler is using a discipline called “Fair Queuing, Controlled Delay. ” It’s designed to provide a fair share of the bandwidth to all the traffic flows that use the queue. state UP: The interface is operational and connected. group default: This interface is in the “default” interface group. qlen 1000: The maximum length of the transmission queue. link/ether: The MAC address of the interface. inet 192. 168. 4. 26/24: The IP version 4 address. The “/24” tells us there are 24 contiguous leading bits set to one in the subnet mask. That’s three groups of eight bits. An eight-bit binary number equates to 255; therefore, the subnet mask is 255. 255. 255. 0. brd 192. 168. 4. 255: The broadcast address for this subnet. scope global: The IP address is valid everywhere on this network. dynamic: The IP address is lost when the interface goes down. noprefixroute: Do not create a route in the route table when this IP address is added. Someone has to add a route manually if he wants to use one with this IP address. Likewise, if this IP address is deleted, don’t look for a route to delete. enp0s3: The interface with which this IP address is associated. valid_lft: Valid lifetime. The time the IP address will be considered valid; 86,240 seconds is 23 hours and 57 minutes. preferred_lft: Preferred lifetime. The time the IP address will operate without any restrictions. inet6: The IP version 6 address, scope, valid_lft, and preferred_lft.
Display Only IPv4 or IPv6 Addresses
If you want to limit the output to the IP version 4 addresses, you can use the -4 option, as follows:
If you want to limit the output to the IP version 6 addresses, you can use the -6 option, as follows:
Display Information for a Single Interface
If you want to see the IP address information for a single interface, you can use the show and dev options, and name the interface, as shown below:
You can also use the -4 or -6 flag to further refine the output so you only see that in which you’re interested.
If you want to see the IP version 4 information related to the addresses on interface enp0s3, type the following command:
Adding an IP Address
You can use the add and dev options to add an IP address to an interface. You just have to tell the ip command which IP address to add, and to which interface to add it.
We’re going to add the IP address 192.168.4.44 to the enp0s3 interface. We also have to provide the CIDR notation for the subnet mask.
We type the following:
We type the following to take another look at the IP version 4 IP addresses on this interface:
The new IP address is present on this network interface. We jump on another computer and use the following command to see if we can ping the new IP address:
The IP address responds and sends back acknowledgments to the pings. Our new IP address is up and running after one simple ip command.
Deleting an IP Address
To delete an IP address, the command is almost the same as the one to add one, except you replace add with del, as shown below:
If we type the following to check, we see the new IP address has been deleted:
Using ip with Network Interfaces
You use the link object to inspect and work with network interfaces. Type the following command to see the interfaces installed on your computer:
To see a single network interface, just add its name to the command, as shown below:
Starting and Stopping Links
You can use the set option with either up or down to stop or start a network interface option. You also have to use sudo, as shown below:
We type the following to take a look at the network interface:
The state of the network interface is DOWN. We can use the up option to restart a network interface, as shown below:
We type the following to do another quick check on the state of the network interface:
The network interface was restarted, and the state is shown as UP.
Using ip with Routes
With the route object, you can inspect and manipulate routes. Routes define to where network traffic to different IP addresses is forwarded, and through which network interface.
If the destination computer or device shares a network with the sending computer, the sending computer can forward the packet directly to it.
However, if the destination device is not directly connected, the sending computer forwards the packet to the default router. The router then decides where to send the packet.
To see the routes defined on your computer, type the following command:
Let’s take a look at the info we received:
default: The default rule. This route is used if none of the other rules match what’s being sent. via 192. 168. 4. 1: Routes the packets via the device at 192. 168. 4. 1. This is the IP address of the default router on this network. dev enp0s3: Use this network interface to send the packets to the router. proto dhcp: The routing protocol identifier. DHCP means the routes will be determined dynamically. metric 100: An indication of the preference of the route compared to others. Routes with lower metrics are preferentially used over those with higher metrics. You can use this to give preference to a wired network interface over a Wi-Fi one.
The second route governs traffic to the IP range of 169.254.0.0/16. This is a zero-configuration network, which means it tries to self-configure for intranet communication. However, you can’t use it to send packets outside the immediate network.
The principle behind zero-configuration networks is they don’t rely on DHCP and other services being present and active. They only need to see TCP/IP in order to self-identify to each of the other devices on the network.
Let’s take a look:
169. 254. 0. 0/16: The range of IP addresses this routing rule governs. If the computer communicates on this IP range, this rule cuts in. dev enp0s3: The network interface the traffic governed by this route will use. scope link: The scope is link, which means the scope is limited to the network to which this computer is directly connected. metric 1000: This is a high metric and isn’t a preferred route.
The third route governs traffic to the IP address range of 192.168.4.0/24. This is the IP address range of the local network to which this computer is connected. It’s for communication across, but within, that network.
Let’s break it down:
192. 168. 4. 1/24: The range of IP addresses this routing rule governs. If the computer communicates within this IP range, this rule triggers and controls the packet routing. dev enp0s3: The interface through which this route will send packets. proto kernel: The route created by the kernel during auto-configuration. scope link: The scope is link, which means the scope is limited to the immediate network to which this computer is connected. src 192. 168. 4. 26: The IP address from which packets sent by this route originate. metric 100: This low metric indicates a preferred route.
Display Information for a Single Route
If you want to focus on the details of a particular route, you can add the list option and IP address range of the route to the command as follows:
Adding a Route
We just added a new network interface card to this computer. We type the following and see it’s showing up as enp0s8:
We’ll add a new route to the computer to use this new interface. First, we type the following to associate an IP address with the interface:
A default route using the existing IP address is added to the new interface. We use the delete option, as shown below, to delete the route and provide its details:
We’ll now use the add option to add our new route. The new interface will handle network traffic in the 192.168.121.0/24 IP address range. We’ll give it a metric of 100; because it will be the only route handling this traffic, the metric is pretty much academic.
We type the following:
Now, we type the following to see what it gives us:
Our new route is now in place. However, we still have the 192.168.4.0/24 route that points to interface enp0s8—we type the following to remove it:
We should now have a new route that points all traffic destined for IP range 192.168.121.0/24 through interface enp0s8. It should also be the only route that uses our new interface.
We type the following to confirm:
Taken Route, Not Taken Root
The great thing about these commands is they’re not permanent. If you want to clear them, just reboot your system. This means you can experiment with them until they work the way you want. And it’s a very good thing if you make a terrible mess of your system—a simple reboot will restore order.
On the other hand, if you want the changes to be permanent, you have to do some more work. Exactly what varies depending on the distribution family, but they all involve changing config files.
This way, though, you can test-drive commands before you make anything permanent.