Posted inlinux

Complete Cheat Sheet for IP Command in Linux

No Comments

Complete Cheat Sheet for IP Command in Linux

TL;DR: The ip command is the modern, versatile tool for managing Linux networking. It replaces older utilities like ifconfig and route, providing a unified interface for viewing and configuring network interfaces, IP addresses, routes, and more. This complete cheat sheet for IP Command in Linux covers essential and advanced usage, including interface management, IP assignment, routing, and troubleshooting. Mastery of ip is critical for any Linux sysadmin working in production environments.

Prerequisites

  • Familiarity with Linux command line and basic networking concepts.
  • Root or sudo privileges for most ip command modifications.
  • The ip command (from the iproute2 package) installed on your system.
  • Comfort with your Linux distribution’s network configuration backends (e.g., Netplan, NetworkManager, systemd-networkd) for persistent changes.
  • Access to a test environment or console access for remote systems, especially when making disruptive changes.

TL;DR Summary

The ip command is the Swiss Army knife for Linux networking. It provides a single, unified interface for viewing and configuring all aspects of network interfaces, IP addresses, routing tables, and more. With the ip command, you can:

  • List, enable, or disable network interfaces.
  • Assign, remove, or view IPv4/IPv6 addresses.
  • Manipulate the routing table for advanced traffic control.
  • View real-time interface statistics and troubleshoot connectivity issues.
  • Output data in brief, detailed, JSON, or oneline formats for scripting.
  • Safely automate and document configuration changes for consistency across environments.

This article delivers a complete cheat sheet for IP Command in Linux, walking through both essential daily tasks and advanced scenarios. Whether you’re managing a handful of VMs or an entire data center, the ip command is a fundamental skill — and this guide will raise your expertise to a production-grade level.

TIP: If you’re transitioning from ifconfig or route, keep a quick reference handy for mapping old commands to their ip equivalents. This will speed up your workflow and help prevent mistakes. ()

Introduction to the IP Command

The ip command is the principal tool in the iproute2 suite for network management in modern Linux distributions. Designed as a replacement for legacy tools like ifconfig, route, and netstat, it provides a consistent interface for working with both IPv4 and IPv6, advanced routing techniques, network namespaces, and more. Almost every distribution (RHEL, CentOS, Debian, Ubuntu, Arch, and others) now ships with iproute2 by default, and the ip command is considered best practice for all network configuration tasks.

Why is ip preferred?

  • Comprehensive: One tool for interfaces, addresses, routes, neighbors.
  • Scripting-friendly: Supports JSON, oneline, and brief output for automation.
  • Future-proof: Tracks kernel networking features closely (e.g., VRFs, advanced routing).
  • Consistent: Syntax and flags are uniform across subsystems.

NOTE: While older tools like ifconfig still exist on some systems, they’re deprecated. The ip command not only replaces them but also extends their functionality significantly.

Additionally, the ip command is essential for troubleshooting IP issues and managing Linux network configuration in both simple and complex environments. (Linux Iptables Firewall Rules Tutorial for Sysadmins)

Basic Syntax and Common Options

The general structure of the ip command is:

ip [OPTIONS] OBJECT COMMAND [ARGS]

Where:

  • OBJECT: What you’re managing (link for interfaces, addr for addresses, route for routing tables, etc.)
  • COMMAND: The action (show, add, del, flush, set, etc.)
  • OPTIONS: Control output (-s for statistics, -d for details, -br for brief, -4/-6 for IP family, -j for JSON, -o for oneline).

Let’s break down some of the most useful options and their practical usage.

Viewing Network Interfaces

Managing network interfaces is a daily task for sysadmins. Whether you need to check interface status, bring an interface up after maintenance, or quickly audit all hardware, the ip link family of commands is your friend.

Common commands:

  • ip link show — Lists all interfaces and their status.
  • ip link show dev — Details for a specific interface.
  • ip -br link — Brief, tabular output (great for scripts).
  • ip -d link show — Includes detailed driver and hardware info.
  • ip link set dev up|down — Bring an interface up or down.

Examples

# Example 1: List all interfaces with detailed info
$ ip -d link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff

Shows all interfaces with driver and hardware details.

# Example 2: Show only interface names and status (brief)
$ ip -br link
lo               UNKNOWN        00:00:00:00:00:00
eth0             UP             52:54:00:12:34:56

Gives a concise, script-friendly overview.

# Example 3: Show a specific interface (eth1) on a web server
$ ip link show dev eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 52:54:00:ab:cd:ef brd ff:ff:ff:ff:ff:ff

Examines the state and MAC address of a specific interface.

# Example 4: Bring up a network interface (e.g., after maintenance)
$ ip link set dev eth1 up
# No output on success

Activates eth1, making it available for traffic.

# Example 5: Bring down an interface (for troubleshooting)
$ ip link set dev eth1 down
# No output on success

Disables eth1, often used to isolate issues or prep for hardware changes.

WARNING: Bringing interfaces up or down can disrupt network connectivity, especially on remote systems. Always ensure you have alternate access (e.g., console, iLO/iDRAC) before disabling interfaces.

Distro Notes:

  • RHEL/CentOS: ip is installed by default; ifconfig is deprecated.
  • Debian/Ubuntu: Provided by the iproute2 package.
  • Arch: Standard with iproute2.

(Linux Iptables Firewall Rules Tutorial for Sysadmins)

Configuring IP Addresses

Assigning or removing IP addresses—whether for static configuration, virtual hosting, or service migration—is a fundamental sysadmin task. The ip addr commands make this easy and scriptable.

Common commands:

  • ip addr show — Show all assigned addresses.
  • ip addr add dev — Assign an IP.
  • ip addr del dev — Remove an IP.
  • ip -br addr — Concise display of all addresses.
  • ip addr flush dev — Remove all addresses from an interface.

Examples

# Example 1: Show all IP addresses on the system
$ ip addr show
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 ...
    inet 10.0.1.45/24 brd 10.0.1.255 scope global eth0
    inet6 fe80::5054:ff:fe12:3456/64 scope link

Lists IPv4 and IPv6 addresses for all interfaces.

# Example 2: Assign a new IP address to eth0 on web01.prod.example.com
$ ip addr add 10.0.1.46/24 dev eth0
# No output on success

Adds a secondary address for web server aliasing or failover.

# Example 3: Remove an IP address from eth0
$ ip addr del 10.0.1.46/24 dev eth0
# No output on success

Dynamically removes an unused or reassigned address.

# Example 4: Remove all IP addresses from eth1 (dangerous!)
$ ip addr flush dev eth1
# No output on success

Clears eth1 of all IPv4/IPv6 addresses—useful before interface repurpose, but risky for remote access.

# Example 5: Show addresses in brief format
$ ip -br addr
lo               UNKNOWN        127.0.0.1/8 ::1/128
eth0             UP             10.0.1.45/24 fe80::5054:ff:fe12:3456/64

Quickly shows all interface addresses and their state.

WARNING: Flushing or removing IP addresses can sever remote access. Always verify you are not removing the address used for your current SSH session.

Distro Notes:

  • RHEL/CentOS: NetworkManager may overwrite manual changes unless configuration is updated via nmcli or config files.
  • Debian/Ubuntu: Manual changes are ephemeral unless updated in /etc/network/interfaces or Netplan YAML.
  • Arch: Use netctl or systemd-networkd for persistence.

(Linux Iptables Firewall Rules Tutorial for Sysadmins)

Advanced IP Command Usage

As your infrastructure grows more complex, so do your networking requirements. The ip command supports advanced features for managing routes, multiple addresses, and policy-based routing, making it a powerful tool for both day-to-day and specialized tasks.

Managing Routes

Routing is the backbone of advanced network configuration. Whether you’re setting up static routes, policy-based routing, or prepping for network segmentation, the ip route family provides full control.

Key commands:

  • ip route show — View all routes in the main table.
  • ip route add via dev — Add a new route.
  • ip route del — Remove a specific route.
  • ip route change via — Change the next-hop for a route.
  • ip route flush table main — Remove all routes from the main table.

Examples

# Example 1: Show the current routing table
$ ip route show
default via 10.0.1.1 dev eth0
10.0.1.0/24 dev eth0 proto kernel scope link src 10.0.1.45

Lists all routes, including default and local subnets.

# Example 2: Add a static route to a backup network
$ ip route add 10.0.2.0/24 via 10.0.1.1 dev eth0
# No output on success

Directs traffic for 10.0.2.0/24 through a designated gateway.

# Example 3: Delete a route (e.g., after network reconfiguration)
$ ip route del 10.0.2.0/24
# No output on success

Removes a no-longer-needed static route.

# Example 4: Change the next-hop for an existing route
$ ip route change 10.0.2.0/24 via 10.0.1.2
# No output on success

Updates the gateway for a given subnet without deleting/re-adding.

# Example 5: Flush all routes from the main table (dangerous!)
$ ip route flush table main
# No output on success

Removes all routes—useful for network reboots or lab environments, but can isolate the host!

WARNING: Flushing or misconfiguring routes can isolate a server from the network. Always have console or out-of-band access before making major routing changes.

Distro Notes:

  • RHEL/CentOS: Use /etc/sysconfig/network-scripts/route- for persistence.
  • Debian/Ubuntu: Configure static routes in /etc/network/interfaces or Netplan.
  • Arch: Use /etc/systemd/network/ with systemd-networkd.

()

IP Address Management

Managing multiple addresses on a single interface (for virtual hosting, high availability, or service migration) is common in production. The ip addr commands make it easy to handle multiple addresses, view statistics, and work with IPv6.

Examples

# Example 1: Add a secondary IP to eth0 for virtual hosting
$ ip addr add 10.0.1.47/24 dev eth0 label eth0:1
# No output on success

Adds a second address with a label (legacy style; label is optional for most modern setups).

# Example 2: Remove a secondary IP from eth0
$ ip addr del 10.0.1.47/24 dev eth0
# No output on success

Removes an alias or additional IP.

# Example 3: Show all addresses with statistics
$ ip -s addr show
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 ...
    inet 10.0.1.45/24 brd 10.0.1.255 scope global eth0
    RX: bytes  packets  errors  dropped overrun mcast   
    12345678   12345    0       0       0       0

Displays addresses and RX/TX statistics for troubleshooting.

# Example 4: Flush all addresses from eth2 (e.g., before reconfiguration)
$ ip addr flush dev eth2
# No output on success

Clears all IP associations from eth2, prepping for a new config.

# Example 5: Show IPv6 addresses only
$ ip -6 addr show
2: eth0    inet6 fe80::5054:ff:fe12:3456/64 scope link

Filters output to only display IPv6 assignments.

WARNING: Assigning overlapping or incorrect IP addresses can cause network conflicts and application outages.

Distro Notes:

  • RHEL/CentOS: For persistence, use nmcli or edit /etc/sysconfig/network-scripts/ifcfg-*.
  • Debian/Ubuntu: Update Netplan YAML or /etc/network/interfaces.
  • Arch: Use systemd-networkd or netctl.

(Advanced Bash Scripting Techniques Tutorial)

Common Mistakes & Gotchas

Even experienced sysadmins can stumble with the ip command. Here are some common pitfalls to watch for:

  1. Non-persistent changes:

Modifications made with ip are not persistent across reboots unless also configured in your distro’s network config files or tools (e.g., Netplan, NetworkManager, systemd-networkd).

  1. Losing remote access:

Flushing or removing addresses/routes on an interface used by your current SSH session will disconnect you immediately—always check your connection path.

  1. Forgetting subnet masks or devices:

Omitting /24 or similar subnet notation when adding addresses, or failing to specify dev <iface>, leads to errors or unexpected behavior.

  1. Insufficient privileges:

Most ip commands that change system state require root—forgetting sudo results in “Operation not permitted.”

  1. Overwriting existing configs:

Manual changes can be reverted by network daemons or wiped at reboot unless made persistent.

TIP: Always stage changes on a test VM or use tmux/screen with an alternate session as a backup when working on remote production systems.

(Linux Iptables Firewall Rules Tutorial for Sysadmins)

Security & Production Considerations

When using the ip command in production, security and stability should always be top of mind.

  • Plan and document all changes:

Use runbooks and change management, especially for route or address modifications in production.

  • Test in a non-production environment:

Use VMs or containers to simulate effects before rolling out to critical systems.

  • Enforce configuration with automation:

Tools like Ansible, Puppet, or Chef help maintain consistent, persistent network state.

  • Restrict access:

Limit ip command usage to trusted administrators, and use sudo policies to log changes.

  • Monitor logs and network state:

After making changes, review /var/log/messages, journalctl, and use ip monitor for real-time tracking.

  • Persistence matters:

Always update persistent network configuration files to match changes made with ip, or changes will be lost on reboot or interface reset.

WARNING: The ip command is powerful and fast—mistakes can instantly isolate servers, break clusters, or expose services inadvertently. Have a rollback plan and out-of-band access!

()

Further Reading

TIP: Bookmark the man page and your distribution’s network configuration documentation. These resources are invaluable when troubleshooting complex issues or learning new features.

()

Conclusion

Mastering the ip command is essential for modern Linux network administration. Its flexibility, scripting capabilities, and support for advanced networking make it indispensable in production. This complete cheat sheet for IP Command in Linux equips you with the knowledge to audit, configure, and troubleshoot network interfaces, addresses, and routes on any major Linux distribution. Practice with real-world scenarios, understand the implications of each command, and always ensure changes are persistent and documented. Continue exploring advanced features and stay updated with best practices for robust, secure network management.

(Linux System Monitoring Tools Tutorial with Examples)

Tags:

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *