作者:Sophisticated✨
IP Command Set
ip [ OPTIONS ] OBJECT [ COMMAND [ ARGUMENTS ]]
OPTIONS
OPTIONS is a multivalued set of modifiers that affect the general behaviour and output of the ip utility
-
-V
,-Version
— print the version of the ip utility and exit. -
-s
,-stats
,-statistics
— output more information. -
-f
,-family {inet, inet6, link}
— enforce which protocol family to use. -
-4
— shortcut for -family inet. -
-6
— shortcut for -family inet6. -
-0
— shortcut for -family link. -
-o
, -oneline — format the output records as single lines by replacing any line feeds with the “” character.
OBJECT
-
link
— physical or logical network device. -
address
— protocol (IPv4 or IPv6) address on a device. -
neighbour
— ARP or NDISC cache entry. -
route
— routing table entry. -
rule
— rule in routing policy database. -
maddress
— multicast address. -
mroute
— multicast routing cache entry. -
tunnel
— tunnel over IP.
COMMAND
COMMAND specifies the action to perform on the object. Typically it is possible to add
, delete
, and show
(list) the object(s)
ip link
ip link set — change device attributes.
-
dev
NAME (default) — NAME specifies the network device to operate on -
up / down
— change the state of the device to UP or to DOWN -
arp on / arp off
— change NOARP flag status on the device -
multicast on / multicast off
— change MULTICAST flag on the device. -
dynamic on / dynamic off
— change DYNAMIC flag on the device. -
name
NAME — change name of the device. -
txqueuelen
NUMBER /txqlen
NUMBER — change transmit queue length of the device -
mtu
NUMBER — change MTU of the device. -
address
LLADDRESS — change station address of the interface.
ip link show — look at device attributes.
dev
NAME (default) — NAME specifies network device to show.up
— display only running interfaces.
ip address
ip address add — add new protocol address.
-
dev
NAME — name of the device to which we add the address -
local
ADDRESS(default)
— address of the interface. -
peer
ADDRESS— address of remote endpoint for pointopoint interfaces. -
broadcast
ADDRESS — broadcast address on the interface. -
label
NAME — Each address may be tagged with a label string. -
scope
SCOPE_VALUE — scope of the area within which this address is valid.-
global
— the address is globally valid. -
site
— (IPv6 only) address is site local, valid only inside this site. -
link
— the address is link local, valid only on this device. -
host
— the address is valid only inside this host.
-
ip address delete — delete protocol address.
The arguments coincide with arguments of ip addr add. The device name
is a required argument, the rest are optional. If no arguments are given, the first address
listed is deleted.
ip address show — look at protocol addresses.
-
dev
NAME(default)
— name of the device. -
scope
SCOPE_VAL — list only addresses with this scope. -
to
PREFIX — list only addresses matching this prefix. -
label
PATTERN — list only addresses with labels matching the PATTERN. -
dynamic / permanent
— (IPv6 only) list only addresses installed due to stateless address configuration or list only the permanent (not dynamic) addresses. -
tentative
— (IPv6 only) list only addresses, which did not pass duplicate address detection. -
deprecated
— (IPv6 only) list only deprecated addresses. -
primary / secondary
— list only primary (or secondary) addresses.
ip address flush — flush protocol addresses.
This commands flushes protocol addresses selected by some criteria.
ip neighbour
ip neighbour add — add new neighbour entry
ip neighbour change — change existing entry
ip neighbour replace — add new or change existing entry
-
to
ADDRESS(default)
— protocol address of the neighbour. It is either an IPv4 or IPv6 address. -
dev
NAME — the interface to which this neighbour is attached -
lladdr
LLADDRESS — link layer address of the neighbour. LLADDRESS can be null. -
nud
NUD_STATE — state of the neighbour entry. nud is an abbreviation for “Neighbour Unreachability Detection”. This state can take one of the following values:-
permanent
— the neighbour entry is valid forever and can be removed only administratively. -
noarp
— the neighbour entry is valid, no attempts to validate this entry will be made but it can be removed when its lifetime expires. -
reachable
— the neighbour entry is valid until reachability timeout expires. -
stale
— the neighbour entry is valid, but suspicious. This option to ip neighbour does not change the neighbour state if the entry was valid and the address has not been changed by this command.
-
ip neighbour delete — delete neighbour entry.
The arguments are the same as with ip neigh add, only lladdr and nud are ignored.
ip neighbour show — list neighbour entries.
-
to
ADDRESS(default)
— prefix selecting neighbours to list. -
dev
NAME — list only neighbours attached to this device. -
unused
— list only neighbours, which are not in use now. -
nud
NUD_STATE — list only neighbour entries in this state. NUD_STATE takes values listed below after the example or the special value all, which means all the states.
ip neighbour flush — flush neighbour entries.
This commands flushes the neighbour tables
ip route
ip route add — add new route
ip route change — change route
ip route replace — change route or add new one.
-
to
PREFIX or to TYPE PREFIX(default)
— destination prefix of the route. If TYPE is omitted, ip assumes type unicast. -
tos
TOS or dsfield TOS — Type Of Service (TOS) key. -
metric
NUMBER or preference NUMBER — preference value of the route. NUMBER is an arbitrary 32bit number. -
table
TABLEID — table to add this route. TABLEID may be a number or a string from the file /etc/iproute2/rt_tables. If this parameter is omitted, ip assumes table main, with exception of local, broadcast and nat routes, which are put to table local by default. -
dev
NAME — the output device name. -
via
ADDRESS — the address of nexthop router. -
src
ADDRESS — the source address to prefer using when sending to the destinations covered by route prefix. -
realm
REALMID — the realm which this route is assigned to. -
mtu
MTU or mtu lock MTU — the MTU along the path to destination. -
window
NUMBER — the maximal advertised window for TCP to these destinations measured in bytes. -
rtt
NUMBER — the initial RTT (``Round Trip Time) estimate. -
nexthop
NEXTHOP — nexthop of multipath route. -
scope
SCOPE_VAL — scope of the destinations covered by the route prefix. -
protocol
RTPROTO — routing protocol identifier of this route. RTPROTO may be a number or a string from the file /etc/iproute2/rt_protos.ation.-
redirect
— route was installed due to ICMP redirect. -
kernel
— route was installed by the kernel during autoconfiguration. -
boot
— route was installed during bootup sequence. If a routing daemon will start, it will purge all of them. This is the value assigned to manually inserted routes that do not have a protocol specified. -
static
— route was installed by administrator to override dynamic routing. Routing daemon(s) will respect them and advertise them if it is so configured. -
ra
— route was installed by Router Discovery protocol.
-
-
onlink
— pretend that the nexthop is directly attached to this link, even if it does match any interface prefix. -
equalize
— allow packet by packet randomization on multipath routes.
ip route delete
ip route del has the same arguments as ip route add but their semantics are a bit different.
ip route flush - allows group deletion of routes
This command allows flushing routes as selected by some criteria.
ip rule
ip rule add — insert new rule
-
type
TYPE(default)
— type of this rule. The list of valid types was given in the previous subsection. -
from
PREFIX — select source prefix to match. -
to
PREFIX — select destination prefix to match. -
iif
NAME — select incoming device to match. -
tos
TOS or dsfield TOS — select TOS value to match. -
fwmark
MARK — select value of fwmark to match. -
priority
PREFERENCE — priority of this rule. Each rule should have an explicitly set unique priority value. Priority is an unsigned 32 bit number thus we have 4294967296 possible rules. -
table
TABLEID — routing table identifier to lookup if the rule selector matches. -
nat
ADDRESS — The base of IP address block to translate source address.
ip rule show - list policy rules
this is the only command which has no arguments.
ip tunnel
ip tunnel add - creating tunnels
name
NAME(default)
— select tunnel device name.mode
MODE — set tunnel mode. Three modes are available: ipip, sit, greremote
ADDRESS — set remote endpoint of the tunnel.local
ADDRESS — set fixed local address for tunneled packets. It must be an address on another interface of this host.dev
NAME — bind tunnel to device NAME, so that tunneled packets will be routed only via this device and will not able to escape to another device, when route to endpoint changes.
ip tunnel show - list tunnel attributes
The line starts with the tunnel device name terminated by a colon then the tunnel mode follows. The parameters of the tunnel are listed with the same keywords which were used at tunnel creation.
【完】?