iproute2 Cheat Sheet by TME520 (TME520) via cheatography.com/20978/cs/4067/ Address management In this section ${address} value should be a host address in dotted decimal format, and ${mask} can be either a dotted decimal subnet mask or a prefix length. That is, both 192.0.2.10/24 and 192.0.2.10​ /25​ 5.25​ 5.255.0 are equally accepta​ ble. Show all addres‐​ ip address show All "s​ how​ " commands can be used with "-​ 4" or "-​ 6" options to show only IPv4 or ses IPv6 addresses. Show addresses ip address show ${inter​ face name} ip address show eth0 for a single interf‐​ ace Show addresses ip address show up only for running interfa​ ces Show only ip address show [dev ${inter​ face}] permanent statically configured address​ es Show only ip address show [dev ${inter​ face}] dynamic addresses learnt via autocon​ fig​ ur‐​ ation Add an address to ip address add ${addre​ ss}​ /${​ mask} ip address add ip address add 2001:db​ 8:1​ ::/48 dev tun10 an interfa​ ce dev ${inter​ face name} 192.0.2.10/27 dev eth0 You can add as many addresses as you want. The first address will be primary and will be used as source address by default. Add an address ip address add ${addre​ ss}​ /${​ mask} ip address add Interface name with a colon before label is required, with human-r​ ea‐​ dev ${inter​ face name} label ${inte‐​ 192.0.2.1/24 dev eth0 some backwards compati​ bility issue. dable descrip​ tion rface name}:$​ {de​ scr​ ipt​ ion} label eth0:my​ _wa​ n_a​ dd‐​ ress Delete an address ip address delete ${addre​ ss}​ /${​ pre​ fix} ip address delete Interface name argument is required. Linux does dev ${inter​ face name} 192.0.2.1/24 dev eth0 allow to use the same address on multiple interfaces and it has valid use cases. Remove all ip address flush dev ${inter​ face ip address flush dev eth1 addresses from an name} interfa​ ce Metasyn​ tactic variables are written in shell-s​ tyle syntax, ${somet​ hing}. Optional command parts are in square brackets. Note that there is no way to rearrange addresses and replace the primary address. Make sure you set the primary address first. Route management View all routes ip route ip route show View IPv6 routes ip -6 route View routes to a network and all its subnets ip route show to root ${addre​ ss}​ /${​ mask} ip route show to root 192.168​ .0.0/24 View routes to a network and all superne​ ts ip route show to match ${addre​ ss}​ /${​ mask} ip route show to match 192.168​ .0.0/24 View routes to exact subnet ip route show to exact ${addre​ ss}​ /${​ mask} ip route show to exact 192.168​ .0.0/24 By TME520 (TME520) Published 10th May, 2015. Sponsored by Readable.com cheatography.com/tme520/ Last updated 7th May, 2016. Measure your website readability! tme520.com Page 1 of 11. https://readable.com iproute2 Cheat Sheet by TME520 (TME520) via cheatography.com/20978/cs/4067/ Route management (cont) View only the route ip route get ${addr‐​ ip route get Note that in complex routing scenarios like multipath routing, the result actually used by the ess}​ /${​ mask} 192.168​ .0.0/24 may be "c​ orrect but not complet​ e", as it always shows one route that kernel will be used first. View route cache ip route show cached Until the version 3.6, Linux used route caching. In older kernels, this command displays the (pre 3.6 kernels contents of the route cache. It can be used with modifiers described above. In newer kernels only) it does nothing. Add a route via ip route add ${addr‐​ ip route add ip route add 2001:db​ 8:1​ ::/48 via 2001:db​ 8:1​ ::1 gateway ess}​ /${​ mask} via ${next 192.0.2.12​ 8/25 hop} via 192.0.2.1 Add a route via ip route add ${addr‐​ ip route add Interface routes are commonly used with point-t​ o-p​ oint interfaces like interfa​ ce ess}​ /${​ mask} dev 192.0.2.0/25 dev PPP tunnels where next hop address is not required. ${inter​ face name} ppp0 Change or replace a ip route change ip route replace 192.0.2.1/27 dev tun0 route 192.168​ .2.0/24 via 10.0.0.1 Delete a route ip route delete ${rest of ip route delete ip route delete default dev ppp0 the route stateme​ nt} 10.0.1.0/25 via 10.0.0.1 Default route ip route add default via ip route add ip -6 route add default via 2001:db​ 8::1 ${addre​ ss}​ /${​ mask} default dev ${inter​ face name} Black​ hole routes ip route add blackhole ip route add Traffic to destina​ tions that match a blackhole route is silently discarded. ${addre​ ss}​ /${​ mask} blackhole 192.0.2.1/32 Other special routes ip route add unreac‐​ Sends ICMP "host unreach​ abl​ e". These routes make the system : unreach​ able hable ${addre​ ss}​ /$‐​ discard packets and reply with an ICMP error message to the sender. {mask} Other special routes ip route add prohibit Sends ICMP "a​ dmi​ nis​ tra​ tively prohibi​ ted​ ". : prohibit ${addre​ ss}​ /${​ mask} By TME520 (TME520) Published 10th May, 2015. Sponsored by Readable.com cheatography.com/tme520/ Last updated 7th May, 2016. Measure your website readability! tme520.com Page 2 of 11. https://readable.com iproute2 Cheat Sheet by TME520 (TME520) via cheatography.com/20978/cs/4067/ Route management (cont) Other special ip route add throw ${addre​ ss}​ /${​ mask} Sends "net unreach​ ab‐​ routes : throw le". Routes with ip route add ${addre​ ss}​ /${​ mask} via ${gateway} metric ${number} ip route add 192.16‐​ ip route add 192.16‐​ different 8.2.0/24 via 10.0.1.1 8.2.0 dev ppp0 metric metric metric 5 10 Multi​ path ip route add ${addre​ sss​ }/$​ {mask} nexthop via ${gateway 1} weight ip route add default nexthop via 192.168​ .1.1 weight 1 routing ${number} nexthop via ${gateway 2} weight ${number} nexthop dev ppp0 weight 10 As per the section below, if you set up a static route, and it becomes useless because the interface goes down, it will be removed and never get back on its own. You may not have noticed this behaviour because in many cases additional software (e.g. Network​ Man​ ager or rp-pppoe) takes care of restoring routes associated with interfa​ ces. Link management Show informa​ tion about all ip link show ip link list links Show informa​ tion about ip link show dev ${inter​ face name} ip link show ip link show dev tun10 specific link dev eth0 Bring a link up or down ip link set dev ${inter​ face name} [up | ip link set dev ip link set dev br0 up down] eth0 down Set human-r​ ead​ able link ip link set dev ${inter​ face name} ip link set dev eth0 alias "LAN interfa​ ce"​ descrip​ tion alias "$​ {de​ scr​ ipt​ ion​ }" Rename an interfa​ ce ip link set dev ${old interface name} ip link set dev Note that you can't rename an active interface. You name ${new interface name} eth0 name lan need to bring it down before doing it. Change link layer address ip link set dev ${inter​ face name} ip link set dev eth0 address 22:ce:e​ 0:9​ 9:6​ 3:6f (usually MAC address) address ${addre​ ss} Change link MTU ip link set dev ${inter​ face name} mtu ip link set dev tun0 mtu 1480 ${MTU value} Delete a link ip link delete dev ${inter​ face name} Enable or disable multicast ip link set ${inter​ face name} multicast ip link set ${inter​ face name} multicast off on an interfa​ ce on Enable or disable ARP on ip link set ${inter​ face name} arp on ip link set ${inter​ face name} arp off an interfa​ ce By TME520 (TME520) Published 10th May, 2015. Sponsored by Readable.com cheatography.com/tme520/ Last updated 7th May, 2016. Measure your website readability! tme520.com Page 3 of 11. https://readable.com iproute2 Cheat Sheet by TME520 (TME520) via cheatography.com/20978/cs/4067/ Link management (cont) Create a VLAN ip link add name ${VLAN interface ip link add name The only type of VLAN supported in Linux is IEEE 802.1q interfa​ ce name} link ${parent interface eth0.110 link eth0 VLAN, legacy impleme​ nta​ tions like ISL are not supported. name} type vlan id ${tag} type vlan id 110 Create a QinQ ip link add name ${service interface} link ${physical interface} type vlan proto 802.1ad id ${service tag} interface (VLAN stackin​ g) ip link add name ${client interface} link ${service interface} type vlan proto 802.1q id ${client tag} ip link add name eth0.100 link eth0 Create service tag interface type vlan proto 802.1ad id 100 ip link add name eth0.10​ 0.200 link Create client tag interface eth0.100 type vlan proto 802.1q id 200 Create pseudo-​ et‐​ ip link add name ${macvlan ip link add name peth0 link eth0 type macvlan hernet (aka interface name} link ${parent macvlan) interf‐​ interface} type macvlan ace Create a dummy ip link add name ${dummy ip link add name dummy0 type dummy interfa​ ce interface name} type dummy Create a bridge ip link add name ${bridge name} ip link add name br0 type bridge interfa​ ce type bridge Add an interface ip link set dev ${inter​ face name} ip link set dev eth0 master br0 to bridge master ${bridge name} Remove interface ip link set dev ${inter​ face name} ip link set dev eth0 nomaster from bridge nomaster Create a bonding ip link add name ${name} type ip link add name This is not enough to configure bonding (link aggrega​ tion) in interfa​ ce bond bond1 type bond any meaningful way.