IP - Base Documentation

Return to Wiki Index

To list all network interfaces on the system, including their status (up/down) and associated IP addresses:

ip addr show

This command provides detailed information about all network interfaces, including loopback, physical, and virtual interfaces, along with their IP addresses and MAC addresses.

To display detailed information for a specific interface (e.g., `eth0`):

ip addr show dev eth0

This command limits the output to the specified interface (`eth0`), showing its IP addresses, state, and other configuration details.

To enable (bring up) or disable (bring down) a network interface:

ip link set eth0 up


ip link set eth0 down

These commands are used to activate or deactivate the specified network interface (`eth0`), respectively.

To assign an IP address to a specific interface:

ip addr add 192.168.1.10/24 dev eth0

This command assigns the IP address `192.168.1.10` with a subnet mask of `/24` (255.255.255.0) to the interface `eth0`.

To remove a previously assigned IP address from a specific interface:

ip addr del 192.168.1.10/24 dev eth0

This command removes the IP address `192.168.1.10` from the interface `eth0`.

To display the system's routing table:

ip route show

This command shows the routing table, including the default route and specific routes for networks and subnets.

To add a static route to a specific network:

ip route add 192.168.2.0/24 via 192.168.1.1 dev eth0

This command adds a route to the network `192.168.2.0/24` via the gateway `192.168.1.1` on interface `eth0`.

To remove a static route from the routing table:

ip route del 192.168.2.0/24

This command deletes the route for the network `192.168.2.0/24`.

To view detailed statistics for all network interfaces:

ip -s link show

This command shows various statistics like packet counts, errors, and collisions for all network interfaces.

To display the ARP table, which maps IP addresses to MAC addresses:

ip neigh show

This command lists all entries in the ARP cache, showing the association between IP addresses and MAC addresses.

To display the routing table with more details:

ip route show table all

This will show all routing tables, not just the default routing table, and can be useful when managing multiple routing tables.

To change the default route:

ip route replace default via 192.168.1.254

This command replaces the current default route with a new gateway (`192.168.1.254`).

To add a rule to a specific routing table:

ip rule add from 192.168.1.0/24 table 100

This adds a routing rule that uses table `100` for traffic originating from `192.168.1.0/24`.

To show IP addresses along with their network masks in CIDR notation:

ip addr show | grep inet

This command filters the `ip addr show` output to display only lines containing the `inet` keyword, which shows IP addresses with their network masks in CIDR format.

To change the Maximum Transmission Unit (MTU) size for a network interface:

ip link set eth0 mtu 1400

This command sets the MTU for interface `eth0` to `1400`.

To enable or disable IP forwarding on a Linux system:

echo 1 > /proc/sys/net/ipv4/ip_forward


echo 0 > /proc/sys/net/ipv4/ip_forward

These commands toggle IP forwarding on or off, respectively. Enabling IP forwarding allows the system to route packets between interfaces.

To display the IP address along with the link layer (MAC) address:

ip addr show dev eth0 | grep "inet"

This command shows the IP address of `eth0` along with its MAC address.

To prevent unauthorized devices from assigning IP addresses on the network, use a combination of IP address management and static IP assignments. Unauthorized IP assignment can lead to network conflicts and unauthorized access.

Example:

ip addr add 192.168.1.10/24 dev eth0

Ensure only authorized devices have the correct IP addresses assigned.

IP spoofing occurs when an attacker sends packets with a false source IP address, making it appear as though they come from a trusted host. Using the `ip` command, administrators can verify ARP tables and neighbor discovery tables to detect IP spoofing attempts.

Example to view neighbor table:

ip neigh show

Check for unusual or untrusted MAC-to-IP address mappings in the ARP cache, which may indicate IP spoofing.

The `ip` command allows administrators to manage complex routing configurations, helping to create secure network segments and control traffic flow. Using multiple routing tables and IP rules, you can segregate traffic and apply security policies.

Example of adding a rule for network segmentation:

ip rule add from 192.168.1.0/24 table 100

This command ensures that traffic from the `192.168.1.0/24` network is routed via a specific routing table, providing additional security controls.

If a network interface is not responding, verify the interface status and bring it up if necessary:

ip link show dev eth0


ip link set eth0 up

This checks if the interface is down and brings it up if required.

If traffic is not being routed properly, inspect the routing table to check for errors:

ip route show

Verify that the correct routes are present, and use `ip route add` to add or correct routes if necessary.

If you are unable to assign an IP address to an interface, check for conflicts or restrictions in the network configuration:

ip addr show dev eth0

Ensure the IP address is not already assigned to another interface, and verify that the network mask is correctly configured.

If there is an IP address conflict on the network, check the ARP table for duplicate entries:

ip neigh show

Look for duplicate IP addresses or mismatched MAC addresses that may indicate a conflict.

If IP forwarding is not functioning, ensure it is enabled:

echo 1 > /proc/sys/net/ipv4/ip_forward

If forwarding is enabled but not working as expected, check the routing rules and network interfaces for errors.

• https://man7.org/linux/man-pages/man8/ip.8.html
• https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
• https://www.freebsd.org/cgi/man.cgi?query=ip
• https://linux.die.net/man/8/ip
• https://www.redhat.com/sysadmin/ip-command-linux