1. Overview

IP is the abbreviation for Internet Protocol in networking. Like the ifconfig utility, the ip command is a network utility specifically designed for managing Linux system networks.

The main goal of the ip command is to configure different network interfaces. In this tutorial, we’ll use the ip command with various available options.

2. Syntax of ip Command

The ip command has a straightforward syntax. First, the ip command alone in the terminal can display its general syntax:

$ ip
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { address | addrlabel | amt | fou | help | ila | ioam | l2tp |
                   link | macsec | maddress | monitor | mptcp | mroute | mrule |
                   neighbor | neighbour | netconf | netns | nexthop | ntable |
                   ntbl | route | rule | sr | tap | tcpmetrics |
                   token | tunnel | tuntap | vrf | xfrm }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec | -j[son] | -p[retty] |
                    -f[amily] { inet | inet6 | mpls | bridge | link } |
                    -4 | -6 | -M | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } | -br[ief] |
                    -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
                    -rc[vbuf] [size] | -n[etns] name | -N[umeric] | -a[ll] |
                    -c[olor]}

Here’s what we can learn about the ip command from the above output:

  • The above syntax shows that the command starts with the ip keyword followed by available OPTIONS.
  • OPTIONS represent flags used to amend the behavior of the ip command.
  • The OBJECT can be a placeholder for network-related objects on which the ip command will operate, such as address, help, and others.

3. General Usage of ip Command

As discussed before, the Linux system provides different options to be used within the ip command to get various output information.

Thus, let’s look at a few of the other options and objects that are available one by one.

The ip command and the link object are used for displaying and managing all the available network interfaces on Linux systems.

Here, we’re executing ip link to display all network interfaces:

$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 08:00:27:f1:77:7e brd ff:ff:ff:ff:ff:ff

In this example, lo denotes the loopback interface specified for a local host. Meanwhile, enp0s3 is an ethernet network interface on slot 3.

The output of this command displays the two devices along with their network status, such as UNKNOWN and UP. However, qlen is the device’s default transmit queue length measured in packets. The above interfaces have a default 1000-packet queue, which means the 1001 packet would be dropped.

Meanwhile, if we need to get data about a specific device, such as enp0s3, we need to mention it after the keyword dev:

$ ip link show dev enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 08:00:27:f1:77:7e brd ff:ff:ff:ff:ff:ff

Here, the output displayed in return is specific for the ethernet device enp0s3.

3.2. Get Stats Using the -s OPTION

Sometimes, we want to get the stats about the transferred or dropped packets over the Linux network. For this, we specify the -s option of the ip command and the link object:

$ ip -s link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX:  bytes packets errors dropped  missed   mcast          
      24304641  142903      0       0       0       0
    TX:  bytes packets errors dropped carrier collsns          
      24304641  142903      0       0       0       0
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 08:00:27:f1:77:7e brd ff:ff:ff:ff:ff:ff
    RX:  bytes packets errors dropped  missed   mcast          
      41823785   63158      0       0       0       0
    TX:  bytes packets errors dropped carrier collsns          
      22490241   50198      0       0       0       0

In return, the stats regarding the two devices are displayed on the terminal. The RX stands for Received, while the TX stands for Transmitted network data. Also, we have information about the total bytes and packets received and transferred over the network. These stats do not include errors, dropped packets, or missed data packets.

Meanwhile, to get network data information about a single device, such as enp0s3, let’s use the ls command followed by the device name:

$ ip -s link ls enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 08:00:27:f1:77:7e brd ff:ff:ff:ff:ff:ff
    RX:  bytes packets errors dropped  missed   mcast          
      41828294   63182      0       0       0       0
    TX:  bytes packets errors dropped carrier collsns          
      22497277   50219      0       0       0       0

Now, we’re adding another -s option to the ip command, which can display even more details about the network traffic:

$ ip -s -s link ls lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX:  bytes packets errors dropped  missed   mcast           
       1093306   11532      0       0       0       0 
    RX errors:  length    crc   frame    fifo overrun
                     0      0       0       0       0 
    TX:  bytes packets errors dropped carrier collsns           
       1093306   11532      0       0       0       0 
    TX errors: aborted   fifo  window heartbt transns
                     0      0       0       0       0

Hence, the above output has a separate section of received and transferred network data about the errors.

3.3. Update Network Interface Status

A networking device’s status can be up, down, or unknown and can be updated when necessary. up means that the network interface is active and can transmit data, and down means that it’s currently disabled.

Let’s use the ip link command to set the status of the lo network interface to up first and then down:

$ sudo ip link set lo up
[sudo] password for aqsa: 
$ sudo ip link set lo down

If the command executes successfully, no output message will be displayed.

According to our system’s hardware capabilities, the network interface performance can be slowed down or sped up by updating the values of the transmit queue and mtu (maximum transmitting unit).

We’re using the ip link command to set the txqueuelen and mtu values to 5 for the network device lo:

$ sudo ip link set lo up
$ sudo ip link set txqueuelen 5 dev lo
$ sudo ip link set mtu 5 dev lo

Again, no output is displayed on the terminal.

3.4. Manage IP Addresses With the addr OBJECT

The ip command can be executed with the object addr to get information about the IP addresses associated with the network interfaces:

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 5 qdisc noqueue state UNKNOWN group default qlen 5
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:f1:77:7e brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 83953sec preferred_lft 83953sec

Above, the command outputs the IP address, subnet mask, and other information for the ethernet interface enp0s3. The output for the loopback interface is nothing more than its mtu value and state as UNKNOWN.

Similarly, we can use the show option in the command to get the information on IP addresses for the network interfaces separately, followed by the device name:

$ ip addr show dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 5 qdisc noqueue state UNKNOWN group default qlen 5
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
$ ip addr show dev enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:f1:77:7e brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 83930sec preferred_lft 83930sec

Additionally, we can list the network interfaces with IPv4 or IPv6 addresses by using the options -4 and -6, respectively, in the ip addr command:

$ ip -4 addr
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
       valid_lft 83923sec preferred_lft 83923sec
$ ip -6 addr

Thus, we can see the output separately for both available network interfaces.

3.5. Adding an IP Address

We can also use the ip command to assign IP addresses to network interfaces.

Here, we’re using the ip addr command and the add option to add IP address 192.168.10.10 to the loopback interface. If successful, this command doesn’t return anything:

$ sudo ip addr add 192.168.10.10 dev lo
[sudo] password for aqsa:

Additionally, to verify the success of the add option in the above command, let’s use the show option in the ip addr command:

$ ip addr show dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.10.10/32 scope global lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever

Finally, the terminal result shows that the inet address 192.168.10.10 was successfully added to the network interface.

3.6. Removing an IP Address

Just like we can assign an IP address to a network device, the ip addr command provides an option del to remove an IP address for a specific network device.

Let’s see how to remove an IP address from the loopback interface using ip addr del:

$ sudo ip addr del 192.168.10.10 dev lo
Warning: Executing wildcard deletion to stay compatible with old scripts.
         Explicitly specify the prefix length (192.168.10.10/32) to avoid this warning.
         This special behaviour is likely to disappear in further releases,
         fix your scripts!
$ ip addr show dev lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever

After that, the command displays a warning and successfully removes the IP address from the network device lo.

3.7. Managing the Routing Table

The routing table provides information regarding data routing towards the destination. The ip command displays the routing table by using its route object:

$ ip route
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100

Here, the first line of the output depicts the default route 10.0.2.2.

3.8. Adding a New Entry to the Routing Table

The ip route add command can add a new route to the routing table.

Here, we’re adding a new route to the network interface enp0s3 by executing the ip route command with the add option followed by a new IP address 192.169.10.10:

$ sudo ip route add 192.169.10.10 dev enp0s3

Let’s execute the ip route list command to confirm that the new route was successfully added:

$ ip route list
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
192.169.10.10 dev enp0s3 scope link

Thus, the routing table displays a new entry.

4. Conclusion

In this article, we discussed the ip command and its syntax in detail. The ip command can display network interface information and its stats. The network interface status can also be updated by using ip command.

Finally, we used ip to get information about the IP addresses associated with the network interfaces, assigned and removed IP addresses, displayed information about the routing table, and added a new entry.