You can configure IP addresses, network interfaces, and routing rules on the fly with the Linuxip command. We'll show you how you can use this modern replacement of the classic (and now deprecated)ifconfig .

How the ip Command Works

With theip command, you canadjust the way a Linux computer handles IP addresses,network interfaces controllers (NICs), androuting rules. The changes also take immediate effect — you don't have to reboot. Theip command can do a lot more than this, but we'll focus on the most common uses in this article.

Theip command has many subcommands, each of which works on a type of object, such as IP addresses and routes. There are, in turn, many options for each of these objects. It's this richness of functionality that gives theip command the granularity you need to perform what can be delicate tasks. This isn't ax work — it calls for a set of scalpels.

We'll look at the following objects:

• Address: IP addresses and ranges.
• Link: Network interfaces, such as wired connections and Wi-Fi adapters.
• Route: The rules that manage the routing of traffic sent toaddresses via interfaces (links ).

Using ip with Addresses

Obviously, you first have to know the settings you're dealing with. To discover which IP addresses your computer has, you use theip command with the objectaddress. The default action isshow, which lists the IP addresses. You can also omitshow and abbreviateaddress as "addr" or even "a."

The following commands are all equivalent:

ip address show

ip addr show

ip addr

ip a

We see two IP addresses, along with a lot of other information. IP addresses are associated with network interface controllers (NICs). Theip command tries to be helpful and provides a bunch of information about the interface, too.

The first IP address is the (internal) loopback address used to communicate within the computer. The second is the actual (external) IP address the computer has on the local area network (LAN).

Let's break down all the information we received:

• lo: The network interface name as a string.
• <LOOPBACK,UP,LOWER_UP>: This is a loopback interface. It'sUP, meaning it's operational. Thephysical networking layer (layer one) is also up.
• mtu 65536: The maximum transfer unit. This is the size of the largest chunk of data this interface can transmit.
• qdisc noqueue: Aqdisc is a queuing mechanism. It schedules the transmission of packets. There are different queuing techniques called disciplines. Thenoqueue discipline means "send instantly, don't queue." This is the defaultqdisc discipline for virtual devices, such as the loopback address.
• state UNKNOWN: This can beDOWN (the network interface is not operational),UNKNOWN (the network interface is operational but nothing is connected), orUP (the network is operational and there is a connection).
• group default: Interfaces can be grouped logically. The default is to place them all in a group called "default."
• qlen 1000: The maximum length of the transmission queue.
• link/loopback: Themedia access control (MAC) address of the interface.
• inet 127.0.0.1/8: The IP version 4 address. The part of the address after the forward-slash (/) isClassless Inter-Domain Routing notation (CIDR) representing the subnet mask. It indicates how many leading contiguous bits are set to one in the subnet mask. The value of eight means eight bits. Eight bits set to one represents 255 in binary, so the subnet mask is 255.0.0.0.
• scope host: The IP address scope. This IP address is only valid inside the computer (the "host").
• lo: The interface with which this IP address is associated.
• valid_lft: Valid lifetime. For an IP version 4 IP address allocated byDynamic Host Configuration Protocol (DHCP), this is the length of time the IP address is considered valid and able to make and accept connection requests.
• preferred_lft: Preferred lifetime. For an IP version 4 IP address allocated by DHCP, this is the amount of time the IP address can be used with no restrictions. This should never be larger than thevalid_lft value.
• inet6: The IP version 6 address,scope ,valid_lft, andpreferred_lft.

The physical interface is more interesting, as we'll show below:

• enp0s3: The network interface name as a string. The "en" stands for ethernet, "p0" is the bus number of the ethernet card, and "s3" is the slot number.
• <BROADCAST,MULTICAST,UP,LOWER_UP>: This interface supportsbroad- andmulticasting, and the interface isUP (operational and connected). The hardware layer of the network (layer one) is alsoUP.
• mtu 1500: The maximum transfer unit this interface supports.
• qdisc fq_codel: The scheduler is using a discipline called "Fair Queuing, Controlled Delay." It's designed to provide a fair share of the bandwidth to all the traffic flows that use the queue.
• state UP: The interface is operational and connected.
• group default: This interface is in the "default" interface group.
• qlen 1000: The maximum length of the transmission queue.
• link/ether: The MAC address of the interface.
• inet 192.168.4.26/24: The IP version 4 address. The "/24" tells us there are 24 contiguous leading bits set to one in the subnet mask. That's three groups of eight bits. An eight-bit binary number equates to 255; therefore, the subnet mask is 255.255.255.0.
• brd 192.168.4.255: Thebroadcast address for this subnet.
• scope global: The IP address is valid everywhere on this network.
• dynamic: The IP address is lost when the interface goes down.
• noprefixroute: Do not create a route in the route table when this IP address is added. Someone has to add a route manually if he wants to use one with this IP address. Likewise, if this IP address is deleted, don't look for a route to delete.
• enp0s3: The interface with which this IP address is associated.
• valid_lft: Valid lifetime. The time the IP address will be considered valid; 86,240 seconds is 23 hours and 57 minutes.
• preferred_lft: Preferred lifetime. The time the IP address will operate without any restrictions.
• inet6: The IP version 6 address,scope,valid_lft, andpreferred_lft.

Display Only IPv4 or IPv6 Addresses

If you want to limit the output to the IP version 4 addresses, you can use the-4 option, as follows:

ip -4 addr

If you want to limit the output to the IP version 6 addresses, you can use the-6 option, as follows:

ip -6 addr

Display Information for a Single Interface

If you want to see the IP address information for a single interface, you can use theshow anddev options, and name the interface, as shown below:

ip addr show dev lo

ip addr show dev enp0s3

You can also use the-4 or-6 flag to further refine the output so you only see that in which you're interested.

If you want to see the IP version 4 information related to the addresses on interfaceenp0s3, type the following command:

ip -4 addr show dev enp0s3

Adding an IP Address

You can use theadd anddev options to add an IP address to an interface. You just have to tell theip command which IP address to add, and to which interface to add it.

We're going to add the IP address 192.168.4.44 to theenp0s3 interface. We also have to provide the CIDR notation for the subnet mask.

We type the following:

sudo ip addr add 192.168.4.44/24 dev enp0s3

We type the following to take another look at the IP version 4 IP addresses on this interface:

ip -4 addr show dev enp0s3

The new IP address is present on this network interface. We jump on another computer and use the following command to see if we canping the new IP address:

ping 192.168.4.44

The IP address responds and sends back acknowledgments to the pings. Our new IP address is up and running after one simpleip command.

Deleting an IP Address

To delete an IP address, the command is almost the same as the one to add one, except you replaceadd withdel, as shown below:

sudo ip addr del 192.168.4.44/24 dev enp0s3

If we type the following to check, we see the new IP address has been deleted:

ip -4 addr show dev enp0s3

Using ip with Network Interfaces

You use thelink object to inspect and work with network interfaces. Type the following command to see the interfaces installed on your computer:

ip link show

To see a single network interface, just add its name to the command, as shown below:

ip link show enp0s3

Starting and Stopping Links

You can use theset option with eitherup ordown to stop or start a network interface option. You also have to usesudo, as shown below:

sudo ip link set enp0s3 down

We type the following to take a look at the network interface:

ip link show enp0s3

The state of the network interface isDOWN. We can use theup option to restart a network interface, as shown below:

sudo ip link set enp0s3 up

We type the following to do another quick check on the state of the network interface:

ip link show enp0s3

The network interface was restarted, and the state is shown asUP.

Using ip with Routes

With theroute object, you can inspect and manipulate routes. Routes define to where network traffic to different IP addresses is forwarded, and through which network interface.

If the destination computer or device shares a network with the sending computer, the sending computer can forward the packet directly to it.

However, if the destination device is not directly connected, the sending computer forwards the packet to the default router. The router then decides where to send the packet.

To see the routes defined on your computer, type the following command:

ip route

Let's take a look at the info we received:

• default: The default rule. This route is used if none of the other rules match what's being sent.
• via 192.168.4.1: Routes the packets via the device at 192.168.4.1. This is the IP address of the default router on this network.
• dev enp0s3: Use this network interface to send the packets to the router.
• protodhcp: The routing protocol identifier. DHCP means the routes will be determined dynamically.
• metric 100: An indication of the preference of the route compared to others. Routes with lower metrics are preferentially used over those with higher metrics. You can use this to give preference to a wired network interface over a Wi-Fi one.

The second route governs traffic to the IP range of 169.254.0.0/16. This is azero-configuration network, which means it tries to self-configure for intranet communication. However, you can't use it to send packets outside the immediate network.

The principle behind zero-configuration networks is they don't rely on DHCP and other services being present and active. They onlyneed to see TCP/IP in order to self-identify to each of the other devices on the network.

Let's take a look:

• 169.254.0.0/16: The range of IP addresses this routing rule governs. If the computer communicates on this IP range, this rule cuts in.
• dev enp0s3: The network interface the traffic governed by this route will use.
• scope link: The scope islink, which means the scope is limited to the network to which this computer is directly connected.
• metric 1000: This is a high metric and isn't a preferred route.

The third route governs traffic to the IP address range of 192.168.4.0/24. This is the IP address range of the local network to which this computer is connected. It's for communication across, but within, that network.

Let's break it down:

• 192.168.4.1/24: The range of IP addresses this routing rule governs. If the computer communicates within this IP range, this rule triggers and controls the packet routing.
• dev enp0s3: The interface through which this route will send packets.
• proto kernel: The route created by the kernel during auto-configuration.
• scope link: The scope islink, which means the scope is limited to the immediate network to which this computer is connected.
• src 192.168.4.26: The IP address from which packets sent by this route originate.
• metric 100: This low metric indicates a preferred route.

Display Information for a Single Route

If you want to focus on the details of a particular route, you can add thelist option and IP address range of the route to the command as follows:

ip route list 192.168.4.0/24

Adding a Route

We just added a new network interface card to this computer. We type the following and see it's showing up asenp0s8:

ip link show

We'll add a new route to the computer to use this new interface. First, we type the following to associate an IP address with the interface:

sudo ip addr add 192.168.121.1/24 dev enp0s8

A default route using the existing IP address is added to the new interface. We use thedelete option, as shown below, to delete the route and provide its details:

sudo ip route delete default via 192.168.4.1 dev enp0s8

We'll now use theadd option to add our new route. The new interface will handle network traffic in the 192.168.121.0/24 IP address range. We'll give it a metric of 100; because it will be the only route handling this traffic, the metric is pretty much academic.

We type the following:

sudo ip route add 192.168.121.0/24 dev enp0s8 metric 100

Now, we type the following to see what it gives us:

ip route

Our new route is now in place. However, we still have the 192.168.4.0/24 route that points to interfaceenp0s8— we type the following to remove it:

sudo ip route delete 192.168.4.0/24 dev enp0s8

We should now have a new route that points all traffic destined for IP range 192.168.121.0/24 through interfaceenp0s8. It should also be the only route that uses our new interface.

We type the following to confirm:

ip route

Taken Route, Not Taken Root

The great thing about these commands is they're not permanent. If you want to clear them, just reboot your system. This means you can experiment with them until they work the way you want. And it's a very good thing if you make a terrible mess of your system — a simple reboot will restore order.

On the other hand, if you want the changes to be permanent, you have to do some more work. Exactly what varies depending on the distribution family, but they all involve changing config files.

This way, though, you can test-drive commands before you make anything permanent.