HomeCloud ComputingExploring the Linux 'ip' Command

Exploring the Linux ‘ip’ Command


I’ve been speaking for a number of years now about how community engineers must develop into snug with Linux. I typically place it that we don’t all must develop into “huge bushy beard-bearing sysadmins.” Moderately, community engineers should be capable to navigate and work with a Linux-based system confidently. I’m not going to enter all the explanations I imagine that on this publish (in case you’d like a deeper exploration of that matter, please let me know). Nope… I wish to dive into a selected talent that each community engineer ought to have: exploring the community configuration of a Linux system with the “ip” command.

A winding introduction with some psychology and an embarrassing truth (or two)

If you’re like me and began your computing world on a Home windows machine, perhaps you might be acquainted with “ipconfig” on Home windows. The “ipconfig” command offers particulars in regards to the community configuration from the command line.

A very long time in the past, earlier than Hank targeted on community engineering and earned his CCNA for the primary time, he used the “ipconfig” command fairly frequently whereas supporting Home windows desktop methods.

What was the IP assigned to the system? Was DHCP working appropriately? What DNS servers are configured? What’s the default gateway? What number of interfaces are configured on the system? So many questions he’d use this command to reply. (He additionally sometimes began speaking within the third individual.)

It was an ideal a part of my toolkit. I’m truly smiling in nostalgia as I kind this paragraph. 🙂

For previous instances’ sake, I requested John Capobianco, one in all my latest co-workers right here at Cisco Studying & Certifications, to ship me the output from “ipconfig /all” for the weblog. John is a diehard Home windows consumer nonetheless, whereas I transformed to Mac a few years in the past. And right here is the output of one in all my favourite Home windows instructions (edited for some privateness data).

Home windows IP Configuration

   Host Title . . . . . . . . . . . . : WINROCKS
   Main Dns Suffix  . . . . . . . :
   Node Sort . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search Listing. . . . . . : instance.com

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : residence
   Description . . . . . . . . . . . : Intel(R) Ethernet Connection (12) I219-V
   Bodily Tackle. . . . . . . . . : 24-4Q-FE-88-HH-XY
   DHCP Enabled. . . . . . . . . . . : Sure
   Autoconfiguration Enabled . . . . : Sure
   Hyperlink-local IPv6 Tackle . . . . . : fe80::31fa:60u2:bc09:qq45percent13(Most popular)
   IPv4 Tackle. . . . . . . . . . . : 192.168.122.36(Most popular)
   Subnet Masks . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : July 22, 2022 8:30:42 AM
   Lease Expires . . . . . . . . . . : July 25, 2022 8:30:41 AM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 203705342
   DHCPv6 Consumer DUID. . . . . . . . : 00-01-00-01-27-7B-B2-1D-24-4Q-FE-88-HH-XY
   DNS Servers . . . . . . . . . . . : 192.168.122.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wi-fi LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : residence
   Description . . . . . . . . . . . : Intel(R) Wi-Fi 6 AX200 160MHz
   Bodily Tackle. . . . . . . . . : C8-E2-65-8U-ER-BZ
   DHCP Enabled. . . . . . . . . . . : Sure
   Autoconfiguration Enabled . . . . : Sure

Ethernet adapter Bluetooth Community Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth System (Private Space Community)
   Bodily Tackle. . . . . . . . . : C8-E2-65-A7-ER-Z8
   DHCP Enabled. . . . . . . . . . . : Sure
   Autoconfiguration Enabled . . . . : Sure

It’s nonetheless such an ideal and helpful command. A number of new issues in there from after I was utilizing it day by day (IPv6, WiFi, Bluetooth), but it surely nonetheless appears like I bear in mind.

The primary time I needed to contact and work on a Linux machine, I felt like I used to be on a brand new planet. The whole lot was completely different, and it was ALL command line. I’m not ashamed to confess that I used to be slightly intimidated. However then I discovered the command “ifconfig,” and I started to breathe slightly simpler. The output didn’t look the identical, however the command itself was shut. The knowledge it confirmed was straightforward sufficient to learn. So, I gained a little bit of confidence and knew, “I can do that.”

Once I jumped onto the DevNet Professional CWS VM that I’m utilizing for this weblog to seize the output of the “ifconfig” command for example, I used to be offered with this output.

(essential) professional@expert-cws:~$ ifconfig

Command 'ifconfig' not discovered, however might be put in with:

apt set up net-tools
Please ask your administrator.

This brings me to the purpose of this weblog publish. The “ifconfig” command is now not the most effective command for viewing the community interface configuration in Linux. The truth is, it hasn’t been the “greatest command” for a very long time. Immediately the “ip” command is what we ought to be utilizing.  I’ve identified this for some time, however giving up one thing that made you’re feeling snug and secure is tough. Simply ask my 13-year-old son, who nonetheless sleeps with “Brown Canine,” the small stuffed pet I gave him the day he was born. As for me, I resisted studying and transferring to the “ip” command for a lot longer than I ought to have.

Ultimately, I noticed that I wanted to get with the instances. I began utilizing the “ip” command on Linux. You already know what, it’s a very nice command. The “ip” command is way extra highly effective than “ifconfig.”

When I discovered myself interested by a subject for a weblog publish, I figured there could be one other engineer or two on the market who may recognize a private introduction to the “ip” command from Hank.

However earlier than we dive in, I can’t go away a cliffhanger like that on the “ifconfig” command.

root@expert-cws:~# apt-get set up net-tools

(essential) professional@expert-cws:~$ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:9a:0c:8a:ee  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  body 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  provider 0  collisions 0

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.211.128  netmask 255.255.255.0  broadcast 172.16.211.255
        inet6 fe80::20c:29ff:fe75:9927  prefixlen 64  scopeid 0x20
        ether 00:0c:29:75:99:27  txqueuelen 1000  (Ethernet)
        RX packets 85468  bytes 123667981 (123.6 MB)
        RX errors 0  dropped 0  overruns 0  body 0
        TX packets 27819  bytes 3082651 (3.0 MB)
        TX errors 0  dropped 0 overruns 0  provider 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1000  (Native Loopback)
        RX packets 4440  bytes 2104825 (2.1 MB)
        RX errors 0  dropped 0  overruns 0  body 0
        TX packets 4440  bytes 2104825 (2.1 MB)
        TX errors 0  dropped 0 overruns 0  provider 0  collisions 0

There it’s, the command that made me really feel slightly higher after I began working with Linux.

Exploring the IP configuration of your Linux host with the “ip” command!

So there you might be, a community engineer sitting on the console of a Linux workstation, and it’s worthwhile to discover or change the community configuration. Let’s stroll by a little bit of “networking 101” with the “ip” command.

First up, let’s see what occurs after we simply run “ip.”

 
(essential) professional@expert-cws:~$ ip
Utilization: ip [ OPTIONS ] OBJECT  assist 
       ip [ -force ] -batch filename
the place  OBJECT :=  route 
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec | -j[son] | -p[retty] |
                    -f[amily]  mpls  |
                    -4 | -6 | -I | -D | -M | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } | -br[ief] |
                    -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
                    -rc[vbuf] [size] | -n[etns] title | -N[umeric] | -a[ll] |
                    -c[olor]}

There’s some attention-grabbing data simply on this assist/utilization message. It appears like “ip” requires an OBJECT on which a COMMAND is executed. And the doable objects embody a number of that soar out on the community engineer within me.

  • hyperlink – I’m curious what “hyperlink” means on this context, but it surely catches my eye for certain
  • handle – That is actually promising. The ip “addresses” assigned to a bunch is excessive on the record of issues I do know I’ll wish to perceive.
  • route – I wasn’t absolutely anticipating “route” to be listed right here if I’m pondering when it comes to the “ipconfig” or “ifconfig” command. However the routes configured on a bunch is one thing I’ll be focused on.
  • neigh – Neighbors? What sort of neighbors?
  • tunnel – Oooo… tunnel interfaces are undoubtedly attention-grabbing to see right here.
  • maddress, mroute, mrule – My preliminary thought after I noticed “maddress” was “MAC handle,” however then I appeared on the subsequent two objects and thought perhaps it’s “multicast handle.” We’ll go away “multicast” for an additional weblog publish. 🙂

The opposite objects within the record are attention-grabbing to see. Having “netconf” within the record was a cheerful shock for me. However for this weblog publish, we’ll persist with the fundamental objects of hyperlink, handle, route, and neigh.

The place within the community are we? Exploring “ip handle”

First up in our exploration would be the “ip handle” object. Moderately than simply undergo the complete command assist or man web page line (making certain nobody ever reads one other publish of mine), I’m going to take a look at some widespread issues I would wish to know in regards to the community configuration on a bunch. As you might be exploring by yourself, I might extremely advocate exploring “ip handle assist” in addition to “man ip handle” for extra particulars.  These instructions are very highly effective and versatile.

What’s my IP handle?

(essential) professional@expert-cws:~$ ip handle present
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    hyperlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft perpetually preferred_lft perpetually
    inet6 ::1/128 scope host 
       valid_lft perpetually preferred_lft perpetually
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    hyperlink/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff
    inet 172.16.211.128/24 brd 172.16.211.255 scope world dynamic ens160
       valid_lft 1344sec preferred_lft 1344sec
    inet6 fe80::20c:29ff:fe75:9927/64 scope hyperlink 
       valid_lft perpetually preferred_lft perpetually
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    hyperlink/ether 02:42:9a:0c:8a:ee brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope world docker0
       valid_lft perpetually preferred_lft perpetually

Working “ip handle present” will show the handle configuration for all interfaces on the Linux workstation. My workstation has 3 interfaces configured, a loopback handle, the ethernet interface, and docker interface. A few of the Linux hosts I work on have dozens of interfaces, significantly if the host occurs to be working plenty of Docker containers as every container generates community interfaces. I plan to dive into Docker networking in future weblog posts, so we’ll go away the “docker0” interface alone for now.

We are able to focus our exploration by offering a selected community machine title as a part of our command.

 
(essential) professional@expert-cws:~$ ip add present dev ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    hyperlink/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff
    inet 172.16.211.128/24 brd 172.16.211.255 scope world dynamic ens160
       valid_lft 1740sec preferred_lft 1740sec
    inet6 fe80::20c:29ff:fe75:9927/64 scope hyperlink 
       valid_lft perpetually preferred_lft perpetually

Okay, that’s actually what I used to be focused on after I wished to know what my IP handle was. However there may be much more data in that output than simply the IP handle. For a very long time, I simply skimmed over the output. I might ignore most output and easily have a look at the handle and for state data like “UP” or “DOWN.” Ultimately, I wished to know what all that output meant, so in case you’re focused on how one can decode the output above…

  • Bodily interface particulars
    • “ens160” – The title of the interface from the working system’s perspective.  This relies lots on the particular distribution of Linux you might be working, whether or not it’s a digital or bodily machine, and the kind of interface.  For those who’re extra used to seeing “eth0” interface names (like I used to be) it’s time to develop into snug with the new interface naming scheme.
    • “<BROADCAST,MULTICAST,UP,LOWER_UP>” – Between the angle brackets are a sequence of flags that present particulars in regards to the interface state.  This reveals that my interface is each broadcast and multicast succesful and that the interface is enabled (UP) and that the bodily layer is linked (LOWER_UP)
    • “mtu 1500” – The utmost transmission unit (MTU) for the interface.  This interface is configured for the default 1500 bytes
    • “qdisc mq” – This means the queueing strategy being utilized by the interface.  Issues to search for listed below are values of “noqueue” (ship instantly) or “noop” (drop all). There are a number of different choices for queuing a system could be working.
    • “state UP”- One other indication of the operational state of an interface.  “UP” and “DOWN” are fairly clear, however you may additionally see “UNKNOWN” like within the loopback interface above.  “UNKNOWN” signifies that the interface is up and operational, however nothing is linked.  Which is fairly legitimate for a loopback handle.
    • “group default” – Interfaces might be grouped collectively on Linux to permit widespread attributes or instructions.  Having all interfaces linked to “group default” is the most typical setup, however there are some helpful issues you are able to do in case you group interfaces collectively.  For instance, think about a VM host system with 2 interfaces for administration and eight for knowledge visitors.  You may group them into “mgmt” and “knowledge” teams after which management all interfaces of a sort collectively.
    • “qlen 1000” – The interface has a 1000 packet queue.  The 1001st packet could be dropped.
  • “hyperlink/ether” – The layer 2 handle (MAC handle) of the interface
  • “inet” – The IPv4 interface configuration
    • “scope world” – This handle is globally reachable. Different choices embody hyperlink and host
    • “dynamic” – This IP handle was assigned by DHCP.  The lease size is listed within the subsequent line below “valid_lft”
    • “ens160” – A reference again to the interface this IP handle is related to
  • “inet6” – The IPv6 interface configuration.  Solely the hyperlink native handle is configured on the host.  This reveals that whereas IPv6 is enabled, the community doesn’t look to have it configured extra broadly

Community engineers hyperlink the world collectively one machine at a time. Exploring the “ip hyperlink” command.

Now that we’ve gotten our ft moist, let’s circle again to the “hyperlink” object. The output of “ip handle present” command gave a little bit of a touch at what “hyperlink” is referring to. “Hyperlinks” are the community units configured on a bunch, and the “ip hyperlink” command offers engineers choices for exploring and managing these units.

What networking interfaces are configured on my host?

(essential) professional@expert-cws:~$ ip hyperlink present
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    hyperlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    hyperlink/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    hyperlink/ether 02:42:9a:0c:8a:ee brd ff:ff:ff:ff:ff:ff

After exploring the output of “ip handle present,” it shouldn’t come as a shock that there are 3 community interfaces/units configured on my host.  And a fast look will present the output from this command is all included within the output for “ip handle present.”  For that reason, I virtually all the time simply use “ip handle present” when seeking to discover the community state of a bunch.

Nonetheless, the “ip hyperlink” object is kind of helpful once you need to configure new interfaces on a bunch or change the configuration on an current interface. For instance, “ip hyperlink set” can change the MTU on an interface.

root@expert-cws:~# ip hyperlink set ens160 mtu 9000

root@expert-cws:~# ip hyperlink present dev ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP mode DEFAULT group default qlen 1000
    hyperlink/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff

Be aware 1: Altering community configuration settings requires administrative or “root” privileges.

Be aware 2: The modifications made utilizing the “set” command on an object are usually NOT maintained throughout system or service restarts. That is the equal of fixing the “running-configuration” of a community machine. To be able to change the “startup-configuration” it’s worthwhile to edit the community configuration information for the Linux host.  Test the main points for community configuration to your distribution of Linux (ie Ubuntu, RedHat, Debian, Raspbian, and so on.)

Is anybody else on the market? Exploring the “ip neigh” command

Networks are most helpful when different units are linked and reachable by the community. The “ip neigh” command offers engineers a view on the different hosts linked to the identical community. Particularly, it gives a have a look at, and management of, the ARP desk for the host.

Do I’ve an ARP entry for the host that I’m having hassle connecting to?

A typical downside community engineers are known as on to help is when one host can’t speak to a different host.  If I had a nickel for each assist desk ticket I’ve labored on like this one, I’d have an terrible lot of nickels. Suppose my makes an attempt to ping a bunch on my identical native community with IP handle 172.16.211.30 are failing. Step one I would take could be to see if I’ve been capable of be taught an ARP entry for this host.

(essential) professional@expert-cws:~$ ping 172.16.211.30
PING 172.16.211.30 (172.16.211.30) 56(84) bytes of information.
^C
--- 172.16.211.30 ping statistics ---
3 packets transmitted, 0 acquired, 100% packet loss, time 2039ms

(essential) professional@expert-cws:~$ ip neigh present
172.16.211.30 dev ens160  FAILED
172.16.211.254 dev ens160 lladdr 00:50:56:f0:11:04 STALE
172.16.211.2 dev ens160 lladdr 00:50:56:e1:f7:8a STALE
172.16.211.1 dev ens160 lladdr 8a:66:5a:b5:3f:65 REACHABLE

And the reply is not any. The try and ARP for 172.16.211.30 “FAILED.”  Nonetheless, I can see that ARP on the whole is engaged on my community, as I’ve different “REACHABLE” addresses within the desk.

One other widespread use of the “ip neigh” command entails clearing out an ARP entry after altering the IP handle configuration of one other host (or hosts). For instance, in case you change the router on a community, a bunch received’t be capable to talk with it till the previous ARP entry ages out and the system tries ARPing once more for a brand new handle. Relying on the working system, this may take minutes — which may really feel like years when ready for a system to begin responding once more. The “ip neigh flush” command can clear an entry from the desk instantly.

How do I get from right here to there? Exploring the “ip route” command

Many of the visitors from a bunch is destined someplace on one other layer 3 community, and the host must know how one can “route” that visitors appropriately. After wanting on the IP handle(es) configured on a bunch, I’ll usually check out the routing desk to see if it appears like I’d count on. For that, the “ip route” command is the primary place I look.

What routes does this host have configured?

(essential) professional@expert-cws:~$ ip route present
default through 172.16.211.2 dev ens160 proto dhcp src 172.16.211.128 metric 100 
10.233.44.0/23 through 172.16.211.130 dev ens160 
172.16.211.0/24 dev ens160 proto kernel scope hyperlink src 172.16.211.128 
172.17.0.0/16 dev docker0 proto kernel scope hyperlink src 172.17.0.1 linkdown 

It might not look precisely just like the output of “present ip route” on a router, however this command offers very usable output.

  • My default gateway is 172.16.211.2 by the “ens160” machine.  This route was realized from DHCP and can use the IP handle configured on my “ens160” interface.
  • There’s a static route configured to community 10.233.44.0/23 by handle 172.16.211.130
  • And there are 2 routes that had been added by the kernel for the native community of the 2 configured IP addresses on the interfaces.  However the “docker0” route reveals “linkdown” — matching the state of the “docker0” interface we noticed earlier.

The “ip route” command may also be used so as to add or delete routes from the desk, however with the identical notes as after we used “ip hyperlink” to vary the MTU of an interface. You’ll want admin rights to run the command, and any modifications made is not going to be maintained after a restart. However this may nonetheless be very helpful when troubleshooting or working within the lab.

And executed… or am I?

In order that’s is my “temporary” have a look at the “ip” command for Linux. Oh wait, that unhealthy pun try jogged my memory of another tip I meant to incorporate. There’s a “–temporary” choice you possibly can add to any of the instructions that reformats the information in a pleasant desk that’s usually fairly helpful. Listed below are a number of examples.

(essential) professional@expert-cws:~$ ip --brief handle present
lo               UNKNOWN        127.0.0.1/8 ::1/128 
ens160           UP             172.16.211.128/24 fe80::20c:29ff:fe75:9927/64 
docker0          DOWN           172.17.0.1/16 

(essential) professional@expert-cws:~$ ip --brief hyperlink present
lo               UNKNOWN        00:00:00:00:00:00 <LOOPBACK,UP,LOWER_UP> 
ens160           UP             00:0c:29:75:99:27 <BROADCAST,MULTICAST,UP,LOWER_UP> 
docker0          DOWN           02:42:9a:0c:8a:ee <NO-CARRIER,BROADCAST,MULTICAST,UP> 

Not all instructions have a “temporary” output model, however a number of do, and they’re value trying out.

There may be fairly a bit extra I may go into on how you need to use the “ip” command as a part of your Linux community administration skillset. (Checkout the “–json” flag for an additional nice choice). However at 3,000+ phrases on this publish, I’m going to name it executed for at the moment. For those who’re focused on a deeper have a look at Linux networking abilities like this, let me know, and I’ll come again for some follow-ups.

Listed below are some useful hyperlinks associated to what we mentioned at the moment.

  • For those who’re on the lookout for a Linux VM to begin along with your exploration of any Linux matter, try the Candidate Workstation printed for the DevNet Professional lab examination. It’s an Ubuntu primarily based VM that has been setup to be able to go for community programmability subjects.  Even in case you aren’t finding out for the Professional examination, it’s an ideal ready-to-use Linux VM.
  • Listed below are man web page hyperlinks for the instructions we checked out at the moment:
  • RedHat has a extremely helpful “ip Command Cheatsheet

Let me know what you concentrate on this publish and what you may like me to sort out in future posts. Depart a remark under or discover me over on Twitter @hfpreston. Till subsequent time!


 

Observe Cisco Studying & Certifications

TwitterFbLinkedIn | Instagram

Share:



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments