Linux ip命令
Linux ip 命令与 ifconfig 命令类似,但比 ifconfig 命令更加强大,主要用于显示或设置网络设备。
已经在Linux 2.2 加入到了内核。所以ip是加强版的网络配置工具,用来替代ifconfig并强化其他功能。
官方定义为:
ip - show / manipulate routing, devices, policy routing and tunnels
对于这个命令,命令集是相当的多。先说一些基础的,其他就要自己摸索了。
使用方法为:
1 | $ ip [ OPTIONS ] OBJECT { COMMAND | help } |
COMMAND的值主要取决于OBJECT,可能有所不同,一般可以使用add,delete和show(或者list),均可以输入help来进行查询。
OBJECT中常用的为:
link网络设备address设备上的协议地址-s, -stats, -statistics统计化输出
显示网络设备
1 | # 显示网络设备 |
命令中的show为默认,也可以直接使用ip link或者ip address,结果一致。
设置IP地址
可以通过ip addr add/del xxx.xxx.xxx.xxx dev interface 来设置或者删除IP地址。
如下设置or删除eth0的IP地址。
1 | # 设置IP地址 |
启动关闭网卡
与ifconfig类似,也使用up与down来进行启动和关闭,具体如下:
1 | # 开启网卡 |
统计方便阅读
选项-s可以统计一些信息方便我们阅读,如下看看网络的情况:
1 | $ ip -s link |
可以看到对输出进行了一些格式化,看起来更直观。
#TODO
OBJECT 取值含义如下:
- addrlabel:协议地址选择的标签配置
- route:路由表条目
- rule:路由策略数据库中的规则
OPTIONS 为常用选项,值可以是以下几种:
实例
1 | ip link set eth0 promisc on # 开启网卡的混合模式 |
用 ip 命令显示网络设备的运行状态:
1 | [root@localhost ~]# ip link list |
显示核心路由表:
1 | [root@localhost ~]# ip route list |
显示邻居表:
1 | [root@localhost ~]# ip neigh list |
获取主机所有网络接口炫技:
1 | ip link | grep -E '^[0-9]' | awk -F: '{print $2}' |
-h, -human, -human-readable
output statistics with human readable values followed by suffix.
-b, -batch <FILENAME>
Read commands from provided file or standard input and invoke them. First failure will cause termination of ip.
-force Don't terminate ip on errors in batch mode. If there were any errors during execution of the commands, the application return code will be non zero.
-d, -details
Output more detailed information.
-l, -loops <COUNT>
Specify maximum number of loops the 'ip address flush' logic will attempt before giving up. The default is 10. Zero (0) means loop until all addresses are
removed.
-f, -family <FAMILY>
Specifies the protocol family to use. The protocol family identifier can be one of inet, inet6, bridge, ipx, dnet, mpls or link. If this option is not present,
the protocol family is guessed from other arguments. If the rest of the command line does not give enough information to guess the family, ip falls back to the
default one, usually inet or any. link is a special family identifier meaning that no networking protocol is involved.
-o, -oneline
output each record on a single line, replacing line feeds with the ‘' character. This is convenient when you want to count records with wc(1) or to grep(1) the
output.
-r, -resolve use the system’s name resolver to print DNS names instead of host addresses.
-n, -netns
switches ip to the specified network namespace NETNS. Actually it just simplifies executing of:
ip netns exec NETNS ip [ OPTIONS ] OBJECT { COMMAND | help }
to
ip -n[etns] NETNS [ OPTIONS ] OBJECT { COMMAND | help }
-a, -all
executes specified command over all objects, it depends if command supports this option.
-c, -color
Use color output.
-t, -timestamp
display current time when using monitor option.
-ts, -tshort
Like -timestamp, but use shorter format.
-rc, -rcvbuf<SIZE>
Set the netlink socket receive buffer size, defaults to 1MB.
-iec print human readable rates in IEC units (e.g. 1Ki = 1024).
IP - COMMAND SYNTAX
OBJECT
addrlabel
- label configuration for protocol address selection.
l2tp - tunnel ethernet over IP (L2TPv3).
maddress
- multicast address.
monitor
- watch for netlink messages.
mroute - multicast routing cache entry.
mrule - rule in multicast routing policy database.
neighbour
- manage ARP or NDISC cache entries.
netns - manage network namespaces.
ntable - manage the neighbor cache's operation.
route - routing table entry.
rule - rule in routing policy database.
tcp_metrics/tcpmetrics
- manage TCP Metrics
token - manage tokenized interface identifiers.
tunnel - tunnel over IP.
tuntap - manage TUN/TAP devices.
xfrm - manage IPSec policies.
The names of all objects may be written in full or abbreviated form, for example address can be abbreviated as addr or just a.
