We’ve been talking for several years now about how network engineers need to become comfortable with Linux. Linux is everywhere these days (it always has been, actually), and network engineers must be able to navigate and work with a Linux-based system confidently. In this tutorial, we will dive into a specific skill that every network engineer should have—exploring the network configuration of a Linux system with the ip command.

What You’ll Learn

What You’ll Need

The ip command is the currently recommended CLI tool for investigating and manipulating the network configuration on Linux systems. I say “currently recommended” because like so many things in the world, there have been other tools used in the past—many of which still exist on Linux systems.

For example, the ifconfig command was the command to view the network configuration on a Linux server for many years. But today, it isn’t even installed by default on most Ubuntu systems.

(main) expert@expert-cws:~$ ifconfig

Command 'ifconfig' not found, but can be installed with:

apt install net-tools
Please ask your administrator.

The ip command is available.

(main) expert@expert-cws:~$ ip

Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
                   netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
                   vrf | sr | nexthop }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -h[uman-readable] | -iec | -j[son] | -p[retty] |
                    -f[amily] { inet | inet6 | mpls | bridge | link } |
                    -4 | -6 | -I | -D | -M | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } | -br[ief] |
                    -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
                    -rc[vbuf] [size] | -n[etns] name | -N[umeric] | -a[ll] |
                    -c[olor]}

Yikes—that looks kind of intimidating. Fear not, my friend; by the end of this tutorial, you’ll be confidently wielding this command with the power you deserve.

For our first lesson, look at the Usage: line.

ip [ OPTIONS ] OBJECT { COMMAND | help }

ip on its own isn’t enough, which is why the help message was displayed when we ran it on its own. At a minimum, an OBJECT also must be provided. The help message lists the available objects.

where  OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
                   netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
                   vrf | sr | nexthop }

That’s a long list, but if you look through it, several of them should look familiar and easily recognizable. Here are the objects we’ll be exploring in this tutorial:

An example of a basic use of the ip command would be:

ip address

This works because the default command for each object is show. So the above is equivalent to:

ip address show

Each object has other commands available, and they can be seen by checking the help. For example:

ip address help

OK, with that introduction out of the way, let’s start our exploration with a look at addresses.

First up in our exploration will be the ip address object. Rather than just go through the full command help or man page line (ensuring that no one ever reads another tutorial), we are going to look at some common things you might want to know about the network configuration on a host.

You are exploring on your own, so I would highly recommend trying ip address help as well as man ip address for more details. These commands are very powerful and flexible.

We’ll start by answering the question, “What is my IP address?” Run the command ip address show (or just ip address) from your terminal:

```
(main) expert@expert-cws:~$ ip address show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff
    inet 172.16.211.128/24 brd 172.16.211.255 scope global dynamic ens160
      valid_lft 1034sec preferred_lft 1034sec
    inet6 fe80::20c:29ff:fe75:9927/64 scope link
      valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:70:bb:15:d4 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
      valid_lft forever preferred_lft forever
    inet6 fe80::42:70ff:febb:15d4/64 scope link
      valid_lft forever preferred_lft forever
```

This command displays the address configuration for all interfaces on the Linux workstation. My workstation has three interfaces configured—a loopback address, the Ethernet interface, and the Docker interface.

We can focus our exploration by providing a specific network device name as part of our command. Pick one of the devices and use it in the ip address show dev {DEVICE} command:

```
(main) expert@expert-cws:~$ ip address show dev ens160

2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff
    inet 172.16.211.128/24 brd 172.16.211.255 scope global dynamic ens160
      valid_lft 1239sec preferred_lft 1239sec
    inet6 fe80::20c:29ff:fe75:9927/64 scope link
      valid_lft forever preferred_lft forever
```

If you want to limit the details to just IPv4, you can add the -f inet to the command. But note that all options go between the ip and address in the command (address is the object in this command).

```
(main) expert@expert-cws:~$ ip -f inet address show dev ens160

2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    inet 172.16.211.128/24 brd 172.16.211.255 scope global dynamic ens160
      valid_lft 1138sec preferred_lft 1138sec
```

Pretty handy, right? If you check out ip address help, you’ll find examples of how you can use the command to add, change, or remove IP addresses from interfaces as well. But we’ll leave that for another tutorial. Moving on to looking at link state!

Now that we’ve gotten our feet wet, let’s circle back to the link object. Links are the network devices configured on a host, and the ip link command provides engineers options for exploring and managing these devices.

Let us answer the question, “Which networking interfaces are configured on my host?” Run the ip link show command:

```
(main) expert@expert-cws:~$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 00:0c:29:75:99:27 brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
    link/ether 02:42:70:bb:15:d4 brd ff:ff:ff:ff:ff:ff
```

After exploring the output of ip address show, it shouldn’t come as a surprise that there are three network interfaces/devices configured on my host. A quick look will show the output from this command is all included in the output for ip address show. For this reason, I almost always just use ip address show when looking to explore the network state of a host.

Look at the output. What is the MAC address for your primary network adapter? In my example output, it is 00:0c:29:75:99:27.

There is a lot of other information available in this output as well as the output from the address command. Here’s a bit of a secret decoder ring for the physical interface details, using my ens160 interface as an example.

Like the ip address object, the ip link object can also be manipulated with other commands. For example, if you needed to change the MTU on a link to support jumbo frames, the command would be ip link set ens160 mtu 9000. That would require admin or root privileges on the host, however. But enough of that; let’s check out the routing table!

Most of the traffic from a host is destined somewhere on another Layer 3 network, and the host needs to know how to “route” that traffic correctly. After looking at the IP address(es) configured on a host, I will often take a look at the routing table to see if it looks like I’d expect. For that, the ip route command is the first place I look.

Run ip route on your host. The full command ip route show would also work, of course, but let’s be efficient.

```
(main) expert@expert-cws:~$ ip route

default via 172.16.211.2 dev ens160 proto dhcp src 172.16.211.128 metric 100
172.16.211.0/24 dev ens160 proto kernel scope link src 172.16.211.128
172.16.211.2 dev ens160 proto dhcp scope link src 172.16.211.128 metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
```

If you are more familiar with show ip route output on a router, this might look a little different. But this command output is still very readable, and there is a lot of good info to be found.

Review your output and find your default gateway. In the example output, the default gateway is 172.16.211.2 through the “ens160” device. This route was learned from DHCP and will use the IP address configured on my “ens160” interface as the source address.

The ip route command can also be used to add or delete routes from the table, but with the same requirement for root privileges as when we used ip link to change the MTU of an interface. Also, any changes made with the ip command aren’t maintained after a reboot of the system. In order to make changes persistent, look at the details for network configuration for your Linux distribution.

Great work! You have reached the end of this tutorial. With your newfound knowledge of the ip command, you are better prepared to explore and understand the networking state of a Linux system. If you’d like to learn a bit more about Linux networking, see the handy references below.

Learn More