Hi,
the old style ifconfig, route and netstat commands does not support all network, especially IPv6, features shipped with modern linux distributions.
Replacement are ip (ifconfig, route) and ss (netstat). Here are some examples.
Show all interface addresses
1 | root@devdeb ~ # ip address show |
To show an compact view, less verbose output use the -brief or -br switch
1 | root@devdeb ~ # ip -br address show |
Or for a better overview use a colored output
1 | root@devdeb ~ # ip -color -br address show |
Te output can formatted as JSON for further processings
1 | root@devdeb ~ # ip -j address show |
Show IPv4 interface addresses. -4 is a shortcut for -family inet
1 | root@devdeb ~ # ip -4 address show |
Show IPv6 interface addresses. -6 is a shortcut for -family inet6
1 | root@devdeb ~ # ip -6 address show |
Show MAC Addresses. -0 is a shortcut for -family link
1 | root@devdeb ~ # ip -0 address show |
Show statistic (Send/received bytes, errors, etc) of the interfaces
1 | root@devdeb ~ # ip -stats link show |
Parameters can be shortened if the shortcut is unique. For example address and show
1 | root@devdeb ~ # ip -0 a s |
Show addresses of an specific interface
1 | root@devdeb ~ # ip address show dev enp0s25 |
And without link local addresses
1 | root@devdeb ~ # ip address show dev enp0s25 scope global |
Set an IP (v4) Address
1 | root@devdeb ~ # ip addr add 10.254.10.10/24 dev enp0s25 |
ifup
1 | root@devdeb ~ # ip link set enp0s25 up |
ifdown
1 | root@devdeb ~ # ip link set enp0s25 down |
Delete an IP (v4) Address
1 | root@devdeb ~ # ip addr del 10.254.10.10/24 dev enp0s25 |
Show the IPv4 arp cache
1 | root@devdeb ~ # ip neighbor show |
Show the IPv6 neighbor cache
1 | root@devdeb ~ # ip -6 neighbor show |
Show IPv4 routing table
1 | root@devdeb ~ # ip route show |
Show IPv6 routing table
1 | root@devdeb ~ # ip -6 route show |
Add a IPv4 route
1 | root@devdeb ~ # ip route add 10.253.1.0/24 via 10.254.10.1 dev enp0s25 |
Delete a IPv4 route
1 | root@devdeb ~ # ip route del 10.253.1.0/24 |
Add a default route/default gateway
1 | root@devdeb ~ # ip route add default via 10.254.10.1 |
Show default route
1 | root@devdeb ~ # ip route show match default |
Add a additional routing table for policy based routing
1 2 | root@devdeb ~ # ip rule add fwmark 2 table 2root@devdeb ~ # ip route add 10.11.1.0/0 table 2 via 10.254.10.1 dev enp0s25 |
This table is used when iptables MARKs a connection with number of the fwmark property of the table
1 | root@devdeb ~ # iptables -A PREROUTING -t mangle -p tcp -s 10.254.1.25/32 --dport 443 -j MARK --set-mark 2 |
Show all routing tables
1 | root@devdeb ~ # ip route show table all |
And delete such a route
1 | root@devdeb ~ # ip route del 10.11.1.0/0 table 2 |
To monitor change events on the network interfaces use
1 | root@devdeb ~ # ip monitor |
With switches -ts and label a time stamp and the family of the message is shown as prefix
1 | root@devdeb ~ # ip -ts monitor label |
The replacement for netstat is ss
The following command shows all listing tcp and udp sockets and the program that listens to
1 | root@devdeb ~ # ss --tcp --udp --listening --processes --numeric |
Display all TCP connections
1 | root@devdeb ~ # ss -t -a |
Display UNIX domain sockets
1 | root@devdeb ~ # ss -x |
Show multicast addresses/group memberships
1 | root@devdeb ~ # ip maddress |
Michael
Thanks, this is helpful and relevant.