For years, even in 2015, web tutorials, college textbooks and lab simulators have all been teaching the traditional networking utilities, such as arp, ifconfig, netstat and route. Whether you know it or not, most of these commands were deprecated years ago. They were replaced with commands from the iproute2 suite of utilities. Most Linux distros have continued to install the traditional tools, but CentOS, Arch and now openSUSE (among others), are moving to put them into deprecated status. That means we’ll need to start getting used to the new tools.
For those not familiar, the 2.2 Linux kernel revision (way back in the olden days) brought about some changes to the way the kernel handled networking. New features were introduced back then that had not been implemented anywhere else. The old tools use the /proc interface, while the newer tools use the newer kernels’ netlink interface. At least some of the older tools are no longer in active development. The bottom line is that the iproute2 suite offers some definite advantages over the old tools.
While we won’t be able to resolve the world’s networking problems all in one go here, we can at least take a look at the more common commands. Before we go too far, be sure to pay attention to the double dashes “--
“. Anything after “--
” is a comment. As with many programming languages, I include them after commands as explanatory notes. Note also that I’ll be running as root for my own convenience, but I normally either use sudo
or su - -c "command"
.
Wikipedia provides the nice table below, showing which commands are replaced by the newer utilities.
Purpose | Legacy utility | iproute2 equivalent |
---|---|---|
Address and link configuration | ifconfig | ip addr, ip link |
Routing tables | route | ip route |
Neighbors | arp | ip neigh |
VLAN | vconfig | ip link |
Tunnels | iptunnel | ip tunnel |
Bridges | brctl | ip link, bridge |
Multicast | ipmaddr | ip maddr |
Statistics | netstat | ip -s, ss |
You’ll notice that we can get most of the information we want simply by using the ip
command, along with the relevant object and options. For example, ip
takes one of the following objects listed below, which can be shortened as shown:
- address (or addr or a)
- link (or lin or l)
- neighbor (or neigh or n)
- route (or r)
- tunnel (or tunn)
There are other objects, of course, but these will give you a general idea. To see the full list, simply type:
ip --help
orman ip
For a quick overview of the commands for any of ip’s objects, we can run:
ip [object] help --
shows command syntax for a given object’s commands
For example:
ip link help
ip link (replaces ifconfig)
Now, let’s start with our devices, shall we? Network connections are considered to be links, so we use ip link
to show, add or delete our current network devices:
ip link show (or list) --
enp3s0 (eth0) is down, wlp4s0 (wlan0) is up
ip -s link show --
shows the current statistics for each link
Bear in mind that we do not need the “show” or “list” keywords. If we just run ip [object]
, you will get a listing of whatever object you wanted (links, addresses, etc.). We can also modify a network device’s attributes. For example, we can manually change the address, or change its state to “up” or “down”:
ip link set [device] [action]
In truth, ip link
has a great many actions, and we can really get down to the dirty details of our devices, including adding and deleting bridges (for you more advanced users who need this).
ip address (replaces ifconfig)
Sometimes we need to manage our network (IP) addresses. ip address
allows us to set the address for a given device, and using the appropriate protocol. To see our current address(es), we can simply do:
ip addr
orip a
orip address list
ip -6 address list --
show IPv6 addresses
ip -6 address show dev enp3s0 --
show IPv6 address for specific device (your device name may be a bit different)
Here’s an example of adding an IP address. Note that we use the “/24” at the end of the address, in addition to the “brd +” to assign a standard 24-bit broadcast address to the device “enp3s0”:
ip addr add 192.168.1.15/24 brd + dev enp3s0
ip neighbor (replaces arp)
The old net-tools “arp” command lets us see and manipulate the Address Resolution Protocol information (stored in a cache). Using the new iproute2 format, we can see the list of neighboring computers (assuming they are in our arp cache), add, delete, change and replace neighbors and even flush the neighbors table. Let’s take a quick look at an example. Mind you, I pinged a few systems on my local LAN, and so have a few entries in my ARP cache.
ip neighbor show
We can manage this cache using other ip neighbor commands. Thus, if we need to add a static ARP entry, we could easily just associate the IP address with a particular MAC address, like so:
ip neigh add 192.168.1.25 [mac address here]
Hopefully, you are starting to see the consistency in using certain commands (show, add, delete, set) with various objects (link, address, neighbor, etc.). The iproute2 suite mostly avoids arcane option flags, preferring to use something closer to “plain English” for accomplishing tasks. Let’s take a look at the routing commands.
ip route (replaces route)
You can probably guess what command we need to run if we want to see the routing table. That’s right! As I mentioned above, the show/list keywords are optional. We can really just run:
ip route --
you can add show (sh) or list (ls) for clarity
What are we going to do if we need to add a static route? Right again!
ip route add default via 192.168.1.254 --
adds a new default route (assuming we don’t already have one)
Suppose our router (or some switches) is connected to another network, and we want to add a route to it. Simply use the network address:
ip route add 192.168.2.0 via 192.168.1.254
To delete a route, substitute delete
or del
, or even just “d”, for “add”. Naturally, there are a lot more things we can do with route objects. The “get” command effectively finds routes by acting as if it is sending/receiving packets. We can also add routing rules (a routing plan, if you will), based on the various fields in a routing packet. Since we don’t have time to dive deeper, I’ll leave you to explore this area on your own.
ss (replaces netstat)
In order to get the same information as the old netstat command (on a basic level), we’ll want to run the ss
utility. The output will scroll right off the screen, so we’ll use a pager here to make it easier to scroll through the information at our own pace:
ss -l | less --
that’s a lower-case “L”, and gives us only the sockets listening for traffic
If we need more details, we can use the “extended” option:
ss -e --
add another “e” for even more details
If you need to work with networking — or even security — these tools are good to know. There is, of course, much more you can do, including managing bridges. In fact, one of my buddies really likes the bridge capabilities of the iproute2 suite. In general, I like the relative simplicity and consistency in using the commands across the suite.
Here are a few resources you can check out for more details:
Help keep FOSS Force strong. If you like this article, become a subscriber.
Don Parris wears a Facility Services cape by day, and transforms into LibreMan at night. He has written numerous articles about free tech, and hangs out with the Cha-Ha crowd, learning about computer security. He also enjoys making ceviche with his wife, and writing about his travels in PerĂº.
Thank you for the article. I would like to see more practical Linux help like this.
Very useful.
One question: How would I use the iproute2 tools to bring up a bridge automatically at boot in the following scenario?
I have a bridge on a Debian 7 box and I must install the package bridge-utils which contains brctl in order for the bridge entries in /etc/networking/interfaces to function automatically at boot. I would like to use the newer tools which are already installed instead of brctl. How would this be done?
The syntax of /etc/networking/interfaces and how it calls the appropriate tools has always been a bit of black magic to me.
Mike, The IPROUTE2 Utility Suite Howto resource I listed at the bottom of the article offers sample shell scripts that might be somewhat helpful in this regard.
Thanks, but I read those already and didn’t find anything useful regarding bridging.
I’ll keep digging elsewhere and post if I find anything.