The ip command is a Linux networking tool for configuring network interfaces. It was designed to extend the functionality and simplify the syntax of the older ifconfig command, which is still present on some systems as part of the net-tools package.
This tutorial introduces the ip command, lists examples of its usage, and provides a downloadable PDF cheat sheet for quick reference.
Prerequisites
- Command-line access.
- Administrative privileges.
- The iproute2 package installed.
Linux ip Command Syntax
The ip command accepts objects (subcommands), options, and additional arguments, allowing users to configure and manage network interfaces, routes, tunneling, etc. Below is the basic command syntax:
ip [option] [subcommand] [arguments]The following list introduces the most frequently used ip command objects:
link(l) configures network interfaces.address(addr/a) modifies protocol addresses (IP, IPv6).route(r) alters routing tables.neigh(n) manipulates neighbor objects.
The commands can be executed using either full or abbreviated object forms. For example, ip link and ip l will give the same results.
To see a complete list of ip objects, type in the following command:
ip help
Note: The system does not permanently retain the modifications made with the ip command. Once the user restarts a Linux Server, the configuration reverts to the defaults.
To make adjustments permanent, add the commands to a startup script or edit the distro-specific configuration files.
ip vs. ifconfig
The ip and ifconfig commands are used for network interface configuration in Linux. However, ip provides additional functionalities and a more consistent syntax. The list below contains the main points of comparison between ip and ifconfig:
ifconfigis part of the older net-tools package that is not actively maintained.ipbelongs to the newer iproute2 package.ifconfiguses ioctl system calls to communicate with the kernel whileipuses more efficient Netlink sockets.ifconfigsyntax is simple but lacks consistency.ipfeatures more consistent hierarchical syntax.- While
ifconfigfocuses on network interface configuration,ipadds the possibility of route, address, and tunnel management. ifconfighas limited support for the IPv6 protocol, whileipsupports it fully.ifconfigdisplays enabled interfaces only.ipcan show both enabled and disabled interfaces.
Linux ip Command Options
The ip command options change the command's behavior, control the information the command provides, and format the output to make it more readable. The table below lists all the available options:
| Option | Description |
|---|---|
-a, -all | Executes the command on all objects (supported commands only). |
-b, -batch | Allows the user to provide a batch file with multiple commands and executes them all. |
-br, -brief | Prints essential information only. |
-c | Shows color output. |
-d, -details | Prints detailed information. |
-echo | Requests the kernel to echo back the applied configuration. |
-f, -family | Allows the user to specify the protocol family. Available options are inet, inet6, bridge, mpls, and link. Each family has a shortcut: -4 is short for -family inet, -6 is -family inet6, -B stands for -family bridge, -M for -family mpls, and -0 for -family link. |
-force | In batch mode, continues executing ip even if there are errors in the command execution. |
-h, -human, -human-readable | Prints stats with suffixed human-readable values. |
-iec | Shows human-readable rates using IEC units. |
-j, -json | Prints output using JSON format. |
-l, -loops | Allows the user to set the maximum number of tries ip address flush should attempt before stopping. |
-n, -netns | Switches the ip command to the NETNS network namespace. |
-N, -Numeric | Prints numerical values for protocol, dsfield, scope, etc. |
-o, -oneline | Uses one line per record. |
-p, -pretty | Adds indentation in JSON documents. |
-r, -resolve | Outputs DNS names instead of host addresses. |
-rc, -rcvbuf | Sets the receive buffer size for the netlink socket. |
-s, -stats, -statistics | Shows more information in the command output. Can be used multiple times within a single command to increase the amount of the information provided. |
-t, -timestamp | Shows current time. |
-ts, -tshort | Sets the receive buffer size for the Netlink socket. |
-V, -Version | Prints the version of the ip utility. |
ip Command Cheat Sheet
We compiled a list of the most frequently used commands and created a one-page downloadable PDF cheat sheet. Click the button below to download the cheat sheet and use it as a reference when working with the ip command.
ip Command Examples
The following sections provide an overview of the common ip command operations. The accompanying examples illustrate the use of the command and clarify the syntax.
Get Network Interface Information
Type the following command to see link-layer information for all devices that have a driver loaded:
ip link showThe output shows a numbered list of devices with their configuration parameters.
To see a list of running interfaces only, use the syntax below:
ip link ls upTo see information for one specific device:
ip link show dev [device]For example, to view the device named enp0s3, enter:
ip link show dev enp0s3The output shows enp0s3 information:
View Interface Statistics
To see statistics for all network interfaces, use the -s option:
ip -s linkThe device list now displays details such as transferred packets, dropped packets, and errors.
To see this information for an individual network interface, enter the following:
ip -s link ls [interface]For example, use the command below to view the statistics for the enp0s3 device:
ip -s link ls enp0s3
To print more detailed stats, add another -s to the syntax:
ip -s -s link ls enp0s3The output now features dedicated lines for RX and TX errors.
Disable Interface (Offline)
Use the link object to enable or disable network interfaces. For example, to disable the previously mentioned enp0s3 interface, enter:
sudo ip link set enp0s3 downIf successful, the command produces no output. To see the results of the operation, list the available interfaces:
ip link showThe enp0s3 interface no longer shows the UP status, meaning it is disabled.
Enable Interface (Online)
The following command brings the disabled enp0s3 interface online:
ip link set enp0s3 upThe command produces no output unless an error occurs.
Modify Transmit Queue
Speeding up or slowing down a network interface is performed by modifying the transmit queue length (txqueuelen) number. By default, the txqueuelen number is 1000, corresponding to the number of frames that can be on the transmission queue. Change the txqueuelen number by using the following syntax:
sudo ip link set txqueuelen [number] dev [interface]For example, type the following to increase the number of queued frames to 10000 on the enp0s3 device:
sudo ip link set txqueuelen 10000 dev enp0s3The successful operation produces no output. Use ip link show to see the device's parameters:
ip link show dev enp0s3The command output lists txqueuelen number as qlen.
Set Maximum Transmission Unit (MTU)
Another way to improve network performance is to adjust the Maximum Transmission Unit (MTU) number. It defines the number of bytes for the largest data packet, i.e., the network device rejects packets exceeding the MTU value.
The default MTU value is 1000. Type the command below to change the MTU number:
sudo ip link set mtu [number] dev [interface]For example, enter the following to increase the MTU to 10000 on the enp0s3 device.
sudo ip link set mtu 10000 dev enp0s3The command produces no output, but the change is visible in the output of the ip link show command:
ip link show dev enp0s3
Note: Check out our comprehensive Linux network commands list with a downloadable PDF.
Change MAC Address
The ip command provides a way to change the MAC address of an interface:
1. Disable the interface:
ip link set dev [interface] down2. Change the MAC address:
ip link set dev [interface] address [mac_address]3. Re-enable the interface:
ip link set dev [interface] upMonitor IP Addresses
Use the address object to list all network interfaces and the associated IP addresses:
ip addr
Alternatively, achieve the same result by adding the show subcommand:
ip addr showProvide an interface name to view information about the specific network. For example, type the following to see info about the enp0s3 interface:
ip addr show dev enp0s3
Use the -4 option to list the IPv4 addresses only:
ip -4 addr
List only IPv6 addresses with the -6 option:
ip -6 addr
Add IP Address to Interface
Add an IP address to an existing interface by using the following syntax:
sudo ip addr add [ip_address] dev [interface]The example below adds a 10.0.2.12 IP address to the enp0s3 interface:
sudo ip addr add 10.0.2.12 dev enp0s3The added address is visible in the network interface list:
ip a
To add a broadcast address to an interface, use the command below:
sudo ip addr add brd [ip_address] dev [interface]Remove IP Address from Interface
Remove an IP address from an interface by typing:
ip addr del [ip_address] dev [interface]When typing the address, specify the prefix length (e.g., 10.0.2.12/32) to avoid a warning message. For example, to delete the IP address added in the previous section, enter:
ip addr del 10.0.2.12/32 dev enp0s3Display IP Routing Table
The route object manages route entries on the system. View all the route entries using the following command:
ip route
Alternatively, use the list subcommand:
ip route listNarrow down the search by adding the SELECTOR object:
ip route list [selector]The following is a list of available selectors:
root [prefix]match [prefix]exact [prefix]table [table_id]proto [rt_proto]type [type]scope [scope]
For example, the following command displays the local routing table, i.e., routes for addresses connected directly to the local machine:
ip route list table local
To view routing for a specific network, provide the network IP address as the argument to the ip route list command:
ip route list [ip_address]Add New Entry to Routing Table
To add a static routing table entry to a specific device, enter the command below:
ip route add [ip_address] dev [interface]To add a new route using a gateway address, type:
ip route add [ip_address] via [gateway_IP] dev [interface]The command below sends all traffic for the 192.168.0.0/24 IP address on enp0s3 through the 192.168.0.254 gateway:
sudo ip route add 192.168.0.0/24 via 192.168.0.254 dev enp0s3To make the rule default, add the default argument:
sudo ip route add default 192.168.0.0/24 via 192.168.0.254 dev enp0s3Delete Existing Routing Table Entry
Delete an existing entry in a routing table by using the ip route del subcommand:
ip route del [ip_address]To delete the default route, type:
ip route del defaultDisplay IP Neighbor Entries
The ip neigh object manages neighbor tables. Display the available neighbor tables by entering:
ip neigh show
The output shows the MAC addresses and the state of devices in the system. A device entry can be in one of the following states:
- REACHABLE. A valid, reachable entry until the timeout expires.
- PERMANENT. An entry that remains in the cache indefinitely unless removed by an administrator.
- STALE. A valid but unreachable entry. Before sending packets to a stale neighbor, the system verifies the reachability.
- DELAY signifies that the kernel is still waiting for the stale entry validation.
Add or Remove ARP Table Entries
The neigh object allows the user to manually add an entry to the Address Resolution Protocol (ARP) table. Use the following syntax for this operation:
ip neigh add [ip_address] dev [interface]To manually delete an ARP table entry, type:
ip neigh del [ip_address] dev [interface]Print Colored Output
Use the -c option to color the output of any ip command. The following example shows how to color the output of the ip link command:
ip -c link
Conclusion
After reading this article, you know how to use the ip command to administer a network on a Linux system. The article also provided a downloadable PDF cheat sheet that helps you recall the essential ip commands.
Next, discover more Linux Commands in our Cheat Sheet and Tutorial With Examples.
