ip

show / manipulate routing, network devices, interfaces and tunnels

TLDR

List interfaces with detailed info

$ ip address
copy

List interfaces with brief network layer info

$ ip -brief address
copy

List interfaces with brief link layer info

$ ip -brief link
copy

Display the routing table

$ ip route
copy

Show neighbors (ARP table)

$ ip neighbour
copy

Make an interface up/down

$ ip link set [interface] up/down
copy

Add/Delete an IP address to an interface

$ ip addr add/del [ip]/[mask] dev [interface]
copy

Add a default route

$ ip route add default via [ip] dev [interface]
copy

SYNOPSIS

ip [ OPTIONS ] OBJECT { COMMAND | help }

ip [ -force ] -batch filename

OBJECT := { link | address | addrlabel | route | rule | neigh | ntable | tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm | netns | l2tp | tcp_metrics | token | macsec | vrf | mptcp }

OPTIONS := { -V[ersion] | -h[uman-readable] | -s[tatistics] | -d[etails] | -r[esolve] | -iec | -f[amily] { inet | inet6 | link } | -4 | -6 | -I | -D | -B | -0 | -l[oops] { maximum-addr-flush-attempts } | -o[neline] | -rc[vbuf] [size] | -t[imestamp] | -ts[hort] | -n[etns] name | -N[umeric] | -a[ll] | -c[olor] | -br[ief] | -j[son] | -p[retty] }

OPTIONS

-V, -Version

Print the version of the ip utility and exit.

-h, -human, -human-readable

output statistics with human readable values followed by suffix.

-b, -batch <FILENAME>

Read commands from provided file or standard input and invoke them. First failure will cause termination of ip.

-force

Don't terminate ip on errors in batch mode. If there were any errors during execution of the commands, the application return code will be non zero.

-s, -stats, -statistics

Output more information. If the option appears twice or more, the amount of information increases. As a rule, the information is statistics or some time values.

-d, -details

Output more detailed information.

-l, -loops <COUNT>

Specify maximum number of loops the 'ip address flush' logic will attempt before giving up. The default is 10. Zero (0) means loop until all addresses are removed.

-f, -family <FAMILY>

Specifies the protocol family to use. The protocol family identifier can be one of inet, inet6, bridge, mpls or link. If this option is not present, the protocol family is guessed from other arguments. If the rest of the command line does not give enough information to guess the family, ip falls back to the default one, usually inet or any. link is a special family identifier meaning that no networking protocol is involved.

-4

shortcut for -family inet.

-6

shortcut for -family inet6.

-B

shortcut for -family bridge.

-M

shortcut for -family mpls.

-0

shortcut for -family link.

-o, -oneline

output each record on a single line, replacing line feeds with the '\' character. This is convenient when you want to count records with wc(1) or to grep(1) the output.

-r, -resolve

use the system's name resolver to print DNS names instead of host addresses.

-n, -netns <NETNS>

switches ip to the specified network namespace NETNS. Actually it just simplifies executing of:

ip netns exec NETNS ip [ OPTIONS ] OBJECT { COMMAND | help }

to

ip -n[etns] NETNS [ OPTIONS ] OBJECT { COMMAND | help }

-N, -Numeric

Print the number of protocol, scope, dsfield, etc directly instead of converting it to human readable name.

-a, -all

executes specified command over all objects, it depends if command supports this option.

-c[color][={always|auto|never}

Configure color output. If parameter is omitted or always, color output is enabled regardless of stdout state. If parameter is auto, stdout is checked to be a terminal before enabling color output. If parameter is never, color output is disabled. If specified multiple times, the last one takes precedence. This flag is ignored if -json is also given.

Used color palette can be influenced by COLORFGBG environment variable (see ENVIRONMENT).

-t, -timestamp

display current time when using monitor option.

-ts, -tshort

Like -timestamp, but use shorter format.

-rc, -rcvbuf<SIZE>

Set the netlink socket receive buffer size, defaults to 1MB.

-iec

print human readable rates in IEC units (e.g. 1Ki = 1024).

-br, -brief

Print only basic information in a tabular format for better readability. This option is currently only supported by ip addr show and ip link show commands.

-j, -json

Output results in JavaScript Object Notation (JSON).

-p, -pretty

The default JSON format is compact and more efficient to parse but hard for most users to read. This flag adds indentation for readability.

IP - COMMAND SYNTAX

OBJECT

address

- protocol (IP or IPv6) address on a device.

addrlabel

- label configuration for protocol address selection.

l2tp

- tunnel ethernet over IP (L2TPv3).

link

- network device.

maddress

- multicast address.

monitor

- watch for netlink messages.

mptcp

- manage MPTCP path manager.

mroute

- multicast routing cache entry.

mrule

- rule in multicast routing policy database.

neighbour

- manage ARP or NDISC cache entries.

netns

- manage network namespaces.

ntable

- manage the neighbor cache's operation.

route

- routing table entry.

rule

- rule in routing policy database.

tcp_metrics/tcpmetrics

- manage TCP Metrics

token

- manage tokenized interface identifiers.

tunnel

- tunnel over IP.

tuntap

- manage TUN/TAP devices.

vrf

- manage virtual routing and forwarding devices.

xfrm

- manage IPSec policies.

The names of all objects may be written in full or abbreviated form, for example address can be abbreviated as addr or just a.

COMMAND

Specifies the action to perform on the object. The set of possible actions depends on the object type. As a rule, it is possible to add, delete and show (or list ) objects, but some objects do not allow all of these operations or have some additional commands. The help command is available for all objects. It prints out a list of available commands and argument syntax conventions.

If no command is given, some default command is assumed. Usually it is list or, if the objects of this class cannot be listed, help.

ENVIRONMENT

COLORFGBG

If set, it's value is used for detection whether background is dark or light and use contrast colors for it.

COLORFGBG environment variable usually contains either two or three values separated by semicolons; we want the last value in either case. If this value is 0-6 or 8, chose colors suitable for dark background:

COLORFGBG=";0" ip -c a

EXIT STATUS

Exit status is 0 if command was successful, and 1 if there is a syntax error. If an error was reported by the kernel exit status is 2.

EXAMPLES

ip addr

Shows addresses assigned to all network interfaces.

ip neigh

Shows the current neighbour table in kernel.

ip link set x up

Bring up interface x.

ip link set x down

Bring down interface x.

ip route

Show table routes.

HISTORY

ip was written by Alexey N. Kuznetsov and added in Linux 2.2.

REPORTING BUGS

Report any bugs to the Network Developers mailing list <netdev@vger.kernel.org> where the development and maintenance is primarily done. You do not have to be subscribed to the list to send a message there.

SEE ALSO

ip-address(8), ip-addrlabel(8), ip-l2tp(8), ip-link(8), ip-maddress(8), ip-monitor(8), ip-mptcp(8), ip-mroute(8), ip-neighbour(8), ip-netns(8), ip-ntable(8), ip-route(8), ip-rule(8), ip-tcp_metrics(8), ip-token(8), ip-tunnel(8), ip-vrf(8), ip-xfrm(8) IP Command reference ip-cref.ps

AUTHOR

Original Manpage by Michail Litvak <mci@owl.openwall.com>

Copied to clipboard
Cake Defi