ip Command (iproute2)

ip command cheatsheet — manage interfaces, routes, addresses, namespaces. ip addr show, ip route add, ip link set up, ip neigh. The modern ifconfig replacement.

10 min read

What it is

The ip command is a powerful utility for configuring and inspecting network interfaces, routing tables, ARP tables, and other network-related information on Linux systems. It’s the modern replacement for older tools like ifconfig and route.

Installation

ip is part of the iproute2 package, which is typically installed by default on most Linux distributions.

Debian/Ubuntu:

sudo apt update
sudo apt install iproute2

Fedora/CentOS/RHEL:

sudo dnf install iproute2
# or
sudo yum install iproute2

Arch Linux:

sudo pacman -S iproute2

macOS: ip is a Linux-specific command. For similar functionality on macOS, you would use ifconfig, route, and arp.

Windows: ip is a Linux-specific command. For similar functionality on Windows, you would use ipconfig, route, and arp.

Core Concepts

Objects: ip operates on various network "objects" which are specified as the first argument after ip. Common objects include:
- link: Network interfaces (e.g., eth0, wlan0).
- address (or addr): IP addresses assigned to interfaces.
- route: Routing table entries.
- neighbour (or neigh): ARP cache entries (IP to MAC address mappings).
- rule: IP routing policy database rules.
- xfrm: IPsec security policies.
Actions: For each object, you can perform actions like add, del, show, flush, monitor.

Commands / Usage

Managing Network Interfaces (`link`)

Show all network interfaces:
```
ip link show
```
Displays a list of all network interfaces, their state (UP/DOWN), MAC address, and MTU.
Show a specific network interface:
```
ip link show eth0
```
Displays detailed information about the eth0 interface.
Bring an interface UP:
```
sudo ip link set eth0 up
```
Activates the eth0 network interface.
Bring an interface DOWN:
```
sudo ip link set eth0 down
```
Deactivates the eth0 network interface.
Change the MTU of an interface:
```
sudo ip link set eth0 mtu 1500
```
Sets the Maximum Transmission Unit (MTU) for eth0 to 1500 bytes.

Set the MAC address of an interface (requires interface to be DOWN):

sudo ip link set eth0 down
sudo ip link set eth0 address 00:11:22:33:44:55
sudo ip link set eth0 up

Changes the MAC address of eth0.

Add a virtual network interface (VLAN):
```
sudo ip link add link eth0 name eth0.100 type vlan id 100
sudo ip link set eth0.100 up
```
Creates a VLAN sub-interface named eth0.100 on top of eth0 for VLAN ID 100 and brings it up.
Delete a virtual network interface:
```
sudo ip link del eth0.100
```
Removes the eth0.100 virtual interface.
Monitor link state changes:
```
ip link monitor eth0
```
Watches for changes in the state of the eth0 interface (e.g., cable plugged/unplugged).

Managing IP Addresses (`address` / `addr`)

Show all IP addresses:
```
ip address show
# or shorter
ip a
```
Lists all IP addresses configured on all network interfaces, including IPv4 and IPv6.
Show IP addresses for a specific interface:
```
ip address show eth0
# or shorter
ip a show eth0
```
Displays IP addresses assigned to the eth0 interface.
Add an IPv4 address:
```
sudo ip address add 192.168.1.100/24 dev eth0
```
Assigns the IP address 192.168.1.100 with a subnet mask of 255.255.255.0 to the eth0 interface.
Add an IPv6 address:
```
sudo ip address add 2001:db8::1/64 dev eth0
```
Assigns the IPv6 address 2001:db8::1 with a prefix length of 64 to the eth0 interface.
Delete an IP address:
```
sudo ip address del 192.168.1.100/24 dev eth0
```
Removes the specified IP address from the eth0 interface.
Flush all IP addresses from an interface:
```
sudo ip address flush dev eth0
```
Removes all IP addresses from the eth0 interface.
Flush all IP addresses from all interfaces:
```
sudo ip address flush all
```
Removes all IP addresses from all network interfaces.
Change the primary IP address (makes it the first one listed, used for some applications):
```
sudo ip address change 192.168.1.100/24 dev eth0 to 192.168.1.101/24
```
Changes the IP address from 192.168.1.100 to 192.168.1.101 on eth0.

Managing Routing Tables (`route`)

Show the main routing table:
```
ip route show
# or shorter
ip r
```
Displays the kernel’s main routing table, showing how packets are directed to different networks.
Show the routing table for a specific network namespace (advanced):
```
ip route show netns mynetns
```
Shows routes within the mynetns network namespace.
Add a default route:
```
sudo ip route add default via 192.168.1.1 dev eth0
```
Sets the default gateway to 192.168.1.1 via the eth0 interface.
Add a route to a specific network:
```
sudo ip route add 10.0.0.0/8 via 192.168.1.254 dev eth0
```
Adds a route for the 10.0.0.0/8 network, directing traffic through 192.168.1.254 via eth0.
Add a route with a specific device:
```
sudo ip route add 172.16.0.0/16 dev tun0
```
Adds a route to 172.16.0.0/16 using the tun0 interface directly (no gateway specified, implies interface handles routing).
Delete a default route:
```
sudo ip route del default via 192.168.1.1 dev eth0
```
Removes the default route pointing to 192.168.1.1.
Delete a route to a specific network:
```
sudo ip route del 10.0.0.0/8 via 192.168.1.254 dev eth0
```
Removes the route for the 10.0.0.0/8 network.
Flush the entire routing table:
```
sudo ip route flush all
```
Clears all entries from the main routing table.
Flush routes for a specific network:
```
sudo ip route flush 192.168.1.0/24
```
Removes all routes related to the 192.168.1.0/24 network.
Add a blackhole route (discard packets):
```
sudo ip route add blackhole 1.2.3.4/32
```
Discards all traffic destined for 1.2.3.4.
Add a route for a specific table (advanced, for policy routing):
```
sudo ip route add 10.10.10.0/24 via 192.168.1.2 dev eth0 table 100
```
Adds a route to table 100.

Managing ARP Cache (`neighbour` / `neigh`)

Show the ARP cache (neighbour table):
```
ip neighbour show
# or shorter
ip n
```
Displays the ARP cache, showing mappings between IP addresses and MAC addresses for directly connected devices.
Show ARP entries for a specific interface:
```
ip neighbour show dev eth0
```
Lists ARP entries associated with the eth0 interface.
Add an ARP entry:
```
sudo ip neighbour add 192.168.1.50 lladdr 00:AA:BB:CC:DD:EE dev eth0 nud permanent
```
Manually adds a permanent ARP entry mapping 192.168.1.50 to MAC address 00:AA:BB:CC:DD:EE on eth0. nud permanent means it won’t time out.
Delete an ARP entry:
```
sudo ip neighbour del 192.168.1.50 dev eth0
```
Removes the ARP entry for 192.168.1.50 from eth0.
Flush the entire ARP cache:
```
sudo ip neighbour flush all
```
Clears all entries from the ARP cache.
Flush ARP entries for a specific interface:
```
sudo ip neighbour flush dev eth0
```
Removes all ARP entries associated with the eth0 interface.

Managing Policy Routing Rules (`rule`)

Show routing policy rules:
```
ip rule show
# or shorter
ip rule
```
Displays the rules used by the IP routing policy database. These rules determine which routing table to consult based on criteria like source IP, destination IP, or interface.
Add a routing rule:
```
sudo ip rule add from 192.168.2.0/24 table 100 priority 1000
```
Adds a rule: if the source IP is 192.168.2.0/24, use routing table 100. priority determines the order of rule evaluation (lower numbers are evaluated first).
Delete a routing rule:
```
sudo ip rule del from 192.168.2.0/24 table 100
```
Removes the rule that directs traffic from 192.168.2.0/24 to table 100.
Flush all routing rules:
```
sudo ip rule flush all
```
Removes all rules from the policy routing database.

Monitoring Network Events (`monitor`)

Monitor all network events:
```
sudo ip monitor all
```
Continuously displays all network-related events, such as interface state changes, address additions/deletions, and route changes.
Monitor specific object types:
```
sudo ip monitor link address route
```
Monitors only link, address, and route events.

Network Namespaces (Advanced)

List available network namespaces:
```
ip netns list
```
Shows all currently active network namespaces on the system.
Create a new network namespace:
```
sudo ip netns add mynetns
```
Creates a new, isolated network namespace named mynetns.
Delete a network namespace:
```
sudo ip netns del mynetns
```
Removes the network namespace mynetns.
Execute a command within a network namespace:
```
sudo ip netns exec mynetns ip addr show
```
Runs the ip addr show command within the mynetns network namespace.
Enter a network namespace’s shell:
```
sudo ip netns exec mynetns bash
```
Opens a new bash shell inside the mynetns network namespace.

Common Patterns

Assigning an IP and setting default route (typical DHCP-like setup):
```
sudo ip address add 192.168.1.50/24 dev eth0
sudo ip route add default via 192.168.1.1 dev eth0
```
Configures a static IP and default gateway for a network interface.

Setting up a point-to-point link (e.g., VPN tunnel):

# Assuming tun0 is already up and has an IP
sudo ip address add 10.0.0.1/24 dev tun0
sudo ip route add 10.0.0.2/32 via 10.0.0.1 dev tun0

Configures an IP and a route for a point-to-point interface.

Checking connectivity to a specific IP:
```
ip neigh show 8.8.8.8
```
Checks if the system has an ARP entry for 8.8.8.8, indicating it’s on the local network. If not, it will likely try to resolve it.
Creating a bridge interface and adding a port:
```
sudo ip link add br0 type bridge
sudo ip link set br0 up
sudo ip link set eth0 master br0
sudo ip link set eth0 up
```
Creates a network bridge br0, brings it up, and assigns eth0 as a port to it.
Adding an IP address to a bridge:
```
sudo ip address add 192.168.1.1/24 dev br0
```
Assigns an IP address to the bridge interface itself.

Using multiple interfaces for different networks (policy routing):

# Assuming eth0 (192.168.1.0/24) and eth1 (10.0.0.0/24) are configured
# Add a rule to use table 100 for traffic originating from 10.0.0.0/24
sudo ip rule add from 10.0.0.0/24 table 100 priority 1000
# Add a default route for table 100 via eth1's gateway
sudo ip route add default via 10.0.0.254 dev eth1 table 100
# Ensure eth1 is up and has an IP
sudo ip link set eth1 up
sudo ip address add 10.0.0.1/24 dev eth1

This setup allows traffic from the 10.0.0.0/24 network to be routed independently.

Gotchas

Permissions: Most ip commands that modify network configuration require root privileges (sudo).
ifconfig vs ip: While ip is the modern standard, many older scripts and tutorials still use ifconfig. Be aware of the differences in syntax and capabilities. For example, ifconfig eth0 up is equivalent to ip link set eth0 up.
Subnet Masks: ip uses CIDR notation (e.g., /24) for subnet masks, which is more concise than the dotted-decimal notation (255.255.255.0).
Interface Names: Interface names (eth0, wlan0, enp3s0) can vary depending on the Linux distribution and hardware. Use ip link show to find the correct names.
ARP (nud state): The nud (Neighbor Unreachability Detection) state in ip neighbour show indicates the status of the ARP entry. Common states include REACHABLE, STALE, DELAY, PROBE, PERMANENT. A FAILED state means resolution failed.
Routing Tables: Linux supports multiple routing tables. The default table is main (table ID 254). Policy routing (ip rule) allows you to select different tables based on packet criteria.
Network Namespaces: Commands executed within a network namespace are isolated to that namespace. This is crucial for containerization and advanced network setups. If you run ip a inside a namespace, you’ll only see interfaces and IPs within that namespace.
Temporary Changes: Changes made with ip commands are generally not persistent across reboots unless managed by network configuration services (like NetworkManager or systemd-networkd).

What it is

Installation

Core Concepts

Commands / Usage

Managing Network Interfaces (link)

Managing IP Addresses (address / addr)

Managing Routing Tables (route)

Managing ARP Cache (neighbour / neigh)

Managing Policy Routing Rules (rule)

Monitoring Network Events (monitor)