ip

The ip command is used on Linux systems at the terminal. This information was obtained from a Kali Linux distribution using man ip.

This command must be run with elevated privileges. Prefix the command with sudo for it to work properly.

NAME

ip – show / manipulate routing, network devices, interfaces and tunnels

SYNOPSIS

       ip [ OPTIONS ] OBJECT { COMMAND | help }

       ip [ -force ] -batch filename

       OBJECT := { link | address | addrlabel | route | rule | neigh |
               ntable | tunnel | tuntap | maddress | mroute | mrule |
               monitor | xfrm | netns | l2tp | tcp_metrics | token |
               macsec | vrf | mptcp }

       OPTIONS := { -V[ersion] | -h[uman-readable] | -s[tatistics] |
               -d[etails] | -r[esolve] | -iec | -f[amily] { inet | inet6
               | link } | -4 | -6 | -I | -D | -B | -0 | -l[oops] {
               maximum-addr-flush-attempts } | -o[neline] | -rc[vbuf]
               [size] | -t[imestamp] | -ts[hort] | -n[etns] name |
               -N[umeric] | -a[ll] | -c[olor] | -br[ief] | -j[son] |
               -p[retty] }

OPTIONS

Options Purpose
-V, -VersionPrint the version of the ip utility and exit.
-h, -human, -human-readableoutput statistics with human readable values followed by suffix.
-b, -batch Read commands from provided file or standard input and invoke them. First failure will cause termination of ip.
-forceDon't terminate ip on errors in batch mode. If there were any errors during execution of the commands, the application return code will be non zero.
-s, -stats, -statisticsOutput more information. If the option appears twice or more, the amount of information increases. As a rule, the information is statistics or some time values.
-d, -detailsOutput more detailed information.
-l, -loops Specify maximum number of loops the 'ip address flush' logic will attempt before giving up. The default is 10. Zero (0) means loop until all addresses are removed.
-f, -family Specifies the protocol family to use. The protocol family identifier can be one of inet, inet6, bridge, mpls or link. If this option is not present, the protocol family is guessed from other arguments. If the rest of the command line does not give enough information to guess the family, ip falls back to the default one, usually inet or any. link is a special family identifier meaning that no networking protocol is involved.
-4shortcut for -family inet.
-6shortcut for -family inet6.
-Bshortcut for -family bridge.
-Mshortcut for -family mpls.
-Oshortcut for -family link.
-o, -onelineoutput each record on a single line, replacing line feeds with the '\' character. This is convenient when you want to count records with wc(1) or to grep(1) the output.
-r, -resolveuse the system's name resolver to print DNS names instead of host addresses.

-n, -netns switches ip to the specified network namespace NETNS. Actually it just simplifies executing of:
ip netns exec NETNS ip [ OPTIONS ] OBJECT { COMMAND | help }
to
ip -n[etns] NETNS [ OPTIONS ] OBJECT { COMMAND | help }
-N, -NumericPrint the number of protocol, scope, dsfield, etc directly instead of converting it to human readable name.
-a, -allexecutes specified command over all objects, it depends if command supports this option.
-c[color][={always|auto|never}Configure color output. If parameter is omitted or always, color output is enabled regardless of stdout state. If parameter is auto, stdout is checked to be a terminal before enabling color output. If parameter is never, color output is disabled. If specified multiple times, the last one takes precedence. This flag is ignored if -json is also given.
Used color palette can be influenced by COLORFGBG environment variable (see ENVIRONMENT).
-t, -timestampdisplay current time when using monitor option.
-ts, -tshortLike -timestamp, but use shorter format.
-rc, -rcvbufSet the netlink socket receive buffer size, defaults to 1MB.
-iecprint human readable rates in IEC units (e.g. 1Ki = 1024).
-br, -briefPrint only basic information in a tabular format for better readability. This option is currently only supported by ip addr show and ip link show commands.
-j, -jsonOutput results in JavaScript Object Notation (JSON).
-p, -prettyThe default JSON format is compact and more efficient to parse but hard for most users to read. This flag adds indentation for readabilty.

IP – COMMAND SYNTAX

Object 
address- protocol (IP or IPv6) address on a device.
addrlabel- label configuration for protocol address selection.
l2tp- tunnel ethernet over IP (L2TPv3).
link- network device.
maddress- multicast address.
monitor- watch for netlink messages.
mroute - multicast routing cache entry
mrule - rule in multicast routing policy database.
neighbour- manage ARP or NDISC cache entries.
netns - manage network namespaces.
ntable- manage the neighbor cache's operation.
route - routing table entry.
rule - rule in routing policy database.
tcp_metrics/tcpmetrics- manage TCP Metrics
token - manage tokenized interface identifiers.
tunnel - tunnel over IP.
tuntap - manage TUN/TAP devices.
xfrm - manage IPSec policies.

The names of all objects may be written in full or abbreviated form, for example address can be abbreviated as addr or just a.

COMMAND

Specifies the action to perform on the object. The set of possible actions depends on the object type. As a rule, it is possible to add, delete and show (or list ) objects, but some objects do not allow all of these operations or have some additional commands. The help command is available for all objects. It prints out a list of available commands and argument syntax conventions.

If no command is given, some default command is assumed. Usually it is list or, if the objects of this class cannot be listed, help.

ENVIRONMENT

COLORFGBG
If set, it’s value is used for detection whether background is dark or light and use contrast colors for it.

COLORFGBG environment variable usually contains either two or three values separated by semicolons; we want the last value in either case. If this value is 0-6 or 8, chose colors suitable for dark background:

COLORFGBG=”;0″ ip -c a

EXIT STATUS

Exit status is 0 if command was successful, and 1 if there is a syntax error. If an error was reported by the kernel exit status is 2.

EXAMPLES

  
ip addrShows addresses assigned to all network interfaces.
ip neighShows the current neighbour table in kernel.
ip link set x upBring up interface x.
ip link set x downBring down interface x.
ip routeShow table routes.

HISTORY

ip was written by Alexey N. Kuznetsov and added in Linux 2.2.

REPORTING BUGS

Report any bugs to the Network Developers mailing list netdev@vger.kernel.org where the development and maintenance is primarily done. You do not have to be subscribed to the list to send a message there.

AUTHOR

Original Manpage by Michail Litvak mci@owl.openwall.com

Back to Command Help page.