【Linux 网络】网络工具ifconfig和iproute/iproute2工具详解

Vicssic

已于 2025-05-01 22:52:17 修改

阅读量841

点赞数 4

分类专栏：工作经验文章标签： linux 网络运维

于 2025-04-30 23:48:50 首次发布

本文链接：https://blog.csdn.net/BadBoyHolly/article/details/147641310

版权

工作经验专栏收录该内容

1 篇文章

订阅专栏

【Linux 网络】网络工具ifconfig和iproute/iproute2工具详解

前言
1、安装
2、常用命令
3、命令使用详解
4、命令帮助

前言

本篇文章主要介绍Linux下网络工具ifconfig/iproute(iproute2)的安装、使用示例和场景。操作系统Ubuntu 18.04。

1、安装

使用apt-get install 命令安装ifconfig和iproute工具，我这里显示已安装，sudo提升管理员权限必不可少。

# 安装net-tools才能使用ifconfig命令
root@root:~$ sudo apt-get install net-tools 
[sudo] password for root: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
net-tools is already the newest version (1.60+git20161116.90da8a0-1ubuntu1).
0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded.
root@root:~$ 

# 安装iproute工具才能使用ip命令
root@root:~$ sudo apt-get install iproute2
Reading package lists... Done
Building dependency tree       
Reading state information... Done
iproute2 is already the newest version (4.15.0-2ubuntu1.3).
0 upgraded, 0 newly installed, 0 to remove and 7 not upgraded.
root@root:~$

2、常用命令

这里添加一个功能命令对照表，便于读者按图索骥。并在下一章节的小节中查看详细使用说明。

功能	nettools	iproute
@3.1 查看指定/所有网络接口	ifconfig /ifconfig eth0/ifconfig -a	ip link show/ip link show eth0
@3.2 启用/禁用网络接口	ifconfig eth0 up/ifconfig eth0 down	ip link set eth0 up/down
@3.3 设置/取消ip地址和掩码	ifconfig eth0 192.168.1.1 netmask 255.255.255.0/无取消命令	ip addr add 192.168.1.1/24 dev eth0/ip addr delete 192.168.4.1/24 dev eth0
@3.4 设置mac地址	ifconfig eth0 hw ether 00:11:22:33:44:55	ip link set eth0 address 00:11:22:33:44:55
@3.5 设置最大传输单元MTU	ifconfig eth0 mtu 1500	ip link set eth0 mtu 1500
@3.6 设置/网卡混杂模式	ifconfig eth0 promisc/ifconfig eth0 -promisc	ip link set eth0 promisc on/off

3、命令使用详解

@3.1 查看指定/所有网络接口

1.ifconfig显示信息如下，这里只解释常用信息，其他信息读者可以在AI进行单词搜索

enp5s0: 接口名，常见的是eth0之类的

flags: 当前接口状态<UP,BROADCAST,RUNNING,MULTICAST>

mtu: 最大传输单元1500

inet: IPV4地址

netmask: 子网掩码

broadcast: 广播地址

inet6: ipv6地址

RX packets/TX packets 当前接口收包/发包数量

root@root:~$ ifconfig 
enp5s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.3.14  netmask 255.255.255.0  broadcast 192.168.3.255
        inet6 fe80::3b0c:a5:6de6:9170  prefixlen 64  scopeid 0x20<lin
        ether 1c:1b:0d:e4:2c:7d  txqueuelen 1000  (Ethernet)
        RX packets 135  bytes 25030 (25.0 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 159  bytes 33975 (33.9 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens1f0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 00:1b:21:36:b7:6a  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff  

ens1f1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 00:1b:21:36:b7:6b  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7400000-f741ffff  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 326  bytes 28286 (28.2 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 326  bytes 28286 (28.2 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

当前命令显示UP（可以工作）的，显示所有端口，需要使用-a参数：

root@root:~$ ifconfig -a

只显示某个端口，使用ifconfig加端口名

root@root:~$ ifconfig enp5s0

2、ip link show显示的信息基本是上缩略的信息，如下：

root@root:~$ ip link show 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 1c:1b:0d:e4:2c:7d brd ff:ff:ff:ff:ff:ff
3: ens1f0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:1b:21:36:b7:6a brd ff:ff:ff:ff:ff:ff
4: ens1f1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:1b:21:36:b7:6b brd ff:ff:ff:ff:ff:ff
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 52:54:00:48:5b:00 brd ff:ff:ff:ff:ff:ff
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 52:54:00:48:5b:00 brd ff:ff:ff:ff:ff:ff
root@root:~$

和ifconfig命令一样，可以只显示UP的端口，也可以显示特定端口，示例如下：

root@root:~$ ip link show up
root@root:~$ ip link show enp5s0

对于IP显示，ip有单独的命令，和上面的命令一样，可以支持显示特定端口IP：

root@root:~$ ip address show

root@root:~$ ip address show enp5s0
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 1c:1b:0d:e4:2c:7d brd ff:ff:ff:ff:ff:ff
    inet 192.168.3.14/24 brd 192.168.3.255 scope global dynamic noprefixroute enp5s0
       valid_lft 603244sec preferred_lft 603244sec
    inet6 fe80::3b0c:a5:6de6:9170/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

@3.2 启用/禁用网络接口

1、ifconfig后面接上端口名，然后再跟up/down就是打开/禁用某个端口，效果和windows上右键禁用网卡类似，请注意不要把自己当前访问网络所在端口down掉，不然就不能访问互联网了，不是管理员的，需要使用sudo提升权限。

root@root:~$ sudo ifconfig ens1f0 up
root@root:~$ sudo ifconfig ens1f0 down

2、ip link set的用法类似，需要加端口名，后面接状态，不是管理员，同样需要sudo提升权限。

root@root:~$ sudo ip link set ens1f0 up
root@root:~$ sudo ip link set ens1f0 down

@3.3 设置/取消ip地址和掩码

1、使用ifconfig设置ip地址和子网掩码

root@root:~$ sudo ifconfig ens1f0 192.168.100.1 netmask 255.255.255.0
[sudo] password for root: 
root@root:~$ ifconfig ens1f0
ens1f0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:1b:21:36:b7:6a  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff

该命令不支持取消设置，重启后该命令会失效，如果需要，再用上面的命令修改回来即可，或者使用下面的ip命令。

2、使用ip命令给接口添加IP地址，示例如下，需要注意，ip命令会一直添加ip地址在端口上，一个端口是允许设置不同网段的ip地址的，因此，最好修改成新IP地址前，先删除之前的IP地址

root@root:~$ ip addr show ens1f0
3: ens1f0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 00:1b:21:36:b7:6a brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.1/24 brd 192.168.100.255 scope global ens1f0
       valid_lft forever preferred_lft forever
    inet 192.168.101.1/24 scope global ens1f0
       valid_lft forever preferred_lft forever
root@root:~$

ip命令删除地址如，可以看到之前的192.168.101.1/24地址已经不存在了：

root@root:~$ sudo ip addr del 192.168.101.1/24 dev ens1f0
root@root:~$ ip addr show ens1f0
3: ens1f0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 00:1b:21:36:b7:6a brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.1/24 brd 192.168.100.255 scope global ens1f0
       valid_lft forever preferred_lft forever
root@root:~$

@3.4 设置mac地址

1、ifconfig设置mac地址：ifconfig 接口名 hw ether mac地址，mac地址格式：xx:xx:xx:xx:xx:xx,使用“:”分隔

root@root:~$ sudo ifconfig ens1f0 hw ether 00:11:22:33:44:55
root@root:~$ ifconfig ens1f0
ens1f0: flags=4098<BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:11:22:33:44:55  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 3  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff  

root@root:~$

2、使用ip link set 端口名 address mac地址,mac地址格式：xx:xx:xx:xx:xx:xx，使用“:”分隔

root@root:~$ sudo ip link set ens1f0 address 00:11:22:33:44:66
root@root:~$ ip link show ens1f0
3: ens1f0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:66 brd ff:ff:ff:ff:ff:ff

@3.5 设置最大传输单元MTU

1、MTU是以太网最大传输单元的单词缩写，该值表示以太口一次传输的最大数据长度，具体含义可以自行使用搜索引擎。一般情况下，该值为1500，无特殊需求不需要去修改他。支持巨型帧等情况下才需要修改。

使用ifconfig修改mtu值配置如下：

root@root:~$ sudo ifconfig ens1f0 mtu 9000
root@root:~$ ifconfig ens1f0
ens1f0: flags=4098<BROADCAST,MULTICAST>  mtu 9000
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:11:22:33:44:66  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 3  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff

2、使用ip link set 命令修改接口mtu值

root@root:~$ sudo ip link set ens1f0 mtu 7000
root:~$ ip link show ens1f0
3: ens1f0: <BROADCAST,MULTICAST> mtu 7000 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:66 brd ff:ff:ff:ff:ff:ff

@3.6 设置/网卡混杂模式

1、一般情况下，网卡只会接收单播mac地址发送的报文，对于特殊地址报文会直接丢弃，打开混杂模式后，网卡会接收所有mac地址发送过来的报文。

使用ifconfig开启网卡混杂模式：

root@root:~$ sudo ifconfig ens1f0 promisc
root@root:~$ ifconfig ens1f0
ens1f0: flags=4354<BROADCAST,PROMISC,MULTICAST>  mtu 7000
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:11:22:33:44:66  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 3  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff

关闭混杂模式只需要在promisc前面加上"-",注意对比上面和这里flags后面的变化，PROMISC这个参数消失了

root@root:~$ sudo ifconfig ens1f0 -promisc
root@root:~$ ifconfig ens1f0
ens1f0: flags=4098<BROADCAST,MULTICAST>  mtu 7000
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:11:22:33:44:66  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 3  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff

其他标志也是一样的，不妨试一试：

root@root:~$ sudo ifconfig ens1f0 -multicast
root@root:~$ ifconfig ens1f0
ens1f0: flags=2<BROADCAST>  mtu 7000
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        ether 00:11:22:33:44:66  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 3  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device memory 0xf7420000-f743ffff

2、使用ip link set同样可以设置/禁止网卡的混杂模式，同样关注PROMISC这个参数：

开启混杂模式：

root@root:~$ sudo ip link set ens1f0 promisc on
root@root:~$ ip link show ens1f0 promisc

root@root:~$ ip link show ens1f0
3: ens1f0: <BROADCAST,PROMISC> mtu 7000 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:66 brd ff:ff:ff:ff:ff:ff

关闭混杂模式：

root@root:~$ sudo ip link set ens1f0 promisc off 
root@root:~$ ip link show ens1f0
3: ens1f0: <BROADCAST> mtu 7000 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:11:22:33:44:66 brd ff:ff:ff:ff:ff:ff
root@root:~$

4、命令帮助

1、对于ifconfig命令，我们可以使用如下命令快速查看使用方法：
简单归纳一下使用方法：
ifconfig -a/-v/-s
ifconfig <接口名> <配置项> <参数>

root@root:~$ ifconfig -h
Usage:
  ifconfig [-a] [-v] [-s] <interface> [[<AF>] <address>]
  [add <address>[/<prefixlen>]]
  [del <address>[/<prefixlen>]]
  [[-]broadcast [<address>]]  [[-]pointopoint [<address>]]
  [netmask <address>]  [dstaddr <address>]  [tunnel <address>]
  [outfill <NN>] [keepalive <NN>]
  [hw <HW> <address>]  [mtu <NN>]
  [[-]trailers]  [[-]arp]  [[-]allmulti]
  [multicast]  [[-]promisc]
  [mem_start <NN>]  [io_addr <NN>]  [irq <NN>]  [media <type>]
  [txqueuelen <NN>]
  [[-]dynamic]
  [up|down] ...

  <HW>=Hardware Type.
  List of possible hardware types:
    loop (Local Loopback) slip (Serial Line IP) cslip (VJ Serial Line IP) 
    slip6 (6-bit Serial Line IP) cslip6 (VJ 6-bit Serial Line IP) adaptive (Adaptive Serial Line IP) 
    ash (Ash) ether (Ethernet) ax25 (AMPR AX.25) 
    netrom (AMPR NET/ROM) rose (AMPR ROSE) tunnel (IPIP Tunnel) 
    ppp (Point-to-Point Protocol) hdlc ((Cisco)-HDLC) lapb (LAPB) 
    arcnet (ARCnet) dlci (Frame Relay DLCI) frad (Frame Relay Access Device) 
    sit (IPv6-in-IPv4) fddi (Fiber Distributed Data Interface) hippi (HIPPI) 
    irda (IrLAP) ec (Econet) x25 (generic X.25) 
    eui64 (Generic EUI-64) 
  <AF>=Address family. Default: inet
  List of possible address families:
    unix (UNIX Domain) inet (DARPA Internet) inet6 (IPv6) 
    ax25 (AMPR AX.25) netrom (AMPR NET/ROM) rose (AMPR ROSE) 
    ipx (Novell IPX) ddp (Appletalk DDP) ec (Econet) 
    ash (Ash) x25 (CCITT X.25)

对于详细使用方法，我们需要请出那个男人，使用man命令查看详细使用方法，一直回车翻页，按下q键退出。

root@root:~$ man ifconfig 
IFCONFIG(8)                                                                                     Linux System Administrator's Manual                                                                                     IFCONFIG(8)

NAME
       ifconfig - configure a network interface

SYNOPSIS
       ifconfig [-v] [-a] [-s] [interface]
       ifconfig [-v] interface [aftype] options | address ...

DESCRIPTION
       Ifconfig is used to configure the kernel-resident network interfaces.  It is used at boot time to set up interfaces as necessary.  After that, it is usually only needed when debugging or when system tuning is needed.

       If  no arguments are given, ifconfig displays the status of the currently active interfaces.  If a single interface argument is given, it displays the status of the given interface only; if a single -a argument is given,
       it displays the status of all interfaces, even those that are down.  Otherwise, it configures an interface.

Address Families

2、对于ip命令，可以使用-h，也可使用help进行帮助：

root@root:~$ ip help
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
                   netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
                   vrf | sr }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec |
                    -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |
                    -4 | -6 | -I | -D | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } | -br[ief] |
                    -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
                    -rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}
root@root:~$ ip -h
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
                   netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
                   vrf | sr }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec |
                    -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |
                    -4 | -6 | -I | -D | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } | -br[ief] |
                    -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
                    -rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}
root@root:~$

对于更具体的命令，也可以使用help进行帮助，使用tab键盘会出现候选，ip命令比ifconig的交互体验要好得多：

root@root:~$ ip link help
Usage: ip link add [link DEV] [ name ] NAME
                   [ txqueuelen PACKETS ]
                   [ address LLADDR ]
                   [ broadcast LLADDR ]
                   [ mtu MTU ] [index IDX ]
                   [ numtxqueues QUEUE_COUNT ]
                   [ numrxqueues QUEUE_COUNT ]
                   type TYPE [ ARGS ]

       ip link delete { DEVICE | dev DEVICE | group DEVGROUP } type TYPE [ ARGS ]

       ip link set { DEVICE | dev DEVICE | group DEVGROUP }
                          [ { up | down } ]
                          [ type TYPE ARGS ]
                          [ arp { on | off } ]
                          [ dynamic { on | off } ]
                          [ multicast { on | off } ]
                          [ allmulticast { on | off } ]

当然，那个男人也可以：

root@root:~$ man ip
IP(8)                                                                                                          Linux                                                                                                          IP(8)

NAME
       ip - show / manipulate routing, network devices, interfaces and tunnels

SYNOPSIS
       ip [ OPTIONS ] OBJECT { COMMAND | help }

       ip [ -force ] -batch filename

       OBJECT := { link | address | addrlabel | route | rule | neigh | ntable | tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm | netns | l2tp | tcp_metrics | token | macsec }

       OPTIONS := { -V[ersion] | -h[uman-readable] | -s[tatistics] | -d[etails] | -r[esolve] | -iec | -f[amily] { inet | inet6 | ipx | dnet | link } | -4 | -6 | -I | -D | -B | -0 | -l[oops] { maximum-addr-flush-attempts } |
               -o[neline] | -rc[vbuf] [size] | -t[imestamp] | -ts[hort] | -n[etns] name | -a[ll] | -c[olor] -br[ief] }

OPTIONS
       -V, -Version
              Print the version of the ip utility and exit.

       -h, -human, -human-readable
              output statistics with human readable values followed by suffix.

       -b, -batch <FILENAME>