IPROUTE2 Tools – Part 1
Posted: July 14th, 2009 | Author: jnials | Filed under: Systems Administration | Tags: Centos, IP networking, iproute2, Linux, systems administration, Ubuntu, unix | No Comments »Linux has a set of IP protocol management tools that are not used very much, but are much more powerful than the tools that are commonly used such as /sbin/ifconfig. These tools are known as the iproute2 utility suite, and are documented here.
This suite was designed to give you a more powerful and fine grained interface into managing the details of the IP stack on the linux kernel. It replaces the ifconfig and route tools and extends the ability of the IP statck to support IP-IP tunnels, GRE Tunnels, policy based routing and can interface directly with iptables based firewalls.
The command suite resembles Cisco configuration commands or other tool suites that take a subject-verb form. A typical command to see the configuration of an ethernet card might look like this:
$ ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:1a:6b:d0:d5:e9 brd ff:ff:ff:ff:ff:ff
$
It helps to know either the 4-layer TCP/IP network model, or the 7-layer ISO network model. The commands for these configurations are broken down to fit these models, so for example the command ip link show shows you the commands on the link layer, which is the bottom layer on the TCP/IP model or Layer-2 on the OSI model.
The format of the command is:
ip [options] object [command [arguments]]
where objects inside square brackets are optional.
If there is no command, then the show command is implied. Other possible commands in are link, address, neighbor, route, rule, maddress, mroute, tunnel. I’ll cover additional commands over the next few posts. For today, I want to stick with the ones that enable the same functionality as ifconfig, which means we’ll talk about link and address.
As I indicated earlier, ip link deals with showing and setting the link layer characteristics. These include the such things as the MAC address of the card, MTU, queue sizes and so on. The ip address command basically sets/configures/deletes the IP address for the card (IPv4 or IPv6). While the ifconfig command can do much of these things all on one line, there are many things here it cannot do at all as we will see later on.
Let’s run through a sample session configuring a card. We’ll use the dummy0 device so we don’t hurt anything on the machine we are trying this on. We’ll do the link layer first and then the IP layer (IP addresses).
#ip link show dummy0
6: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noqueue state DOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
We probably want ARP (Address Resolution Protocol) on:
#ip link set arp on dummy0
#ip link show dummy0
6: dummy0: <BROADCAST> mtu 1500 qdisc noqueue state DOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
And multicast as well:
#ip link set multicast on dummy0
#ip link show dummy0
6: dummy0: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
We’ll be going through a router with a smaller MTU so let’s change shrink it down:
#ip link set mtu 1400 dummy0
#ip link show dummy0
6: dummy0: <BROADCAST,MULTICAST> mtu 1400 qdisc noqueue state DOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
And finally lets turn it on:
#ip link set dummy0 up
#ip link show dummy0
6: dummy0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
All that could be replaced by a one liner, but if any command fails, the device could be in an inconsistent state:
#ip link set dummy0 arp on multicast on mtu 1400 up
#ip link show dummy0
6: dummy0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
Now lets add the TCP/IP layer stuff:
#ip addr show dev dummy0
6: dummy0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 scope global dummy0
inet6 fe80::608e:3dff:fee7:5a54/64 scope link
valid_lft forever preferred_lft forever
#ip addr add 10.0.0.1/24 brd + dev dummy0
#ip addr show dummy0
6: dummy0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 brd 10.0.0.255 scope global dummy0
inet6 fe80::608e:3dff:fee7:5a54/64 scope link
valid_lft forever preferred_lft forever
Now we can delete it:
#ip addr del 10.0.0.1/24 brd + dev dummy0
#ip addr show dummy0
6: dummy0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
inet6 fe80::608e:3dff:fee7:5a54/64 scope link
valid_lft forever preferred_lft forever
And finally, lets turn it back off so it.
#ip link set dummy0 down
#ip link show dummy0
6: dummy0: <BROADCAST,MULTICAST> mtu 1400 qdisc noqueue state DOWN
link/ether 62:8e:3d:e7:5a:54 brd ff:ff:ff:ff:ff:ff
I’ll have more iproute2 goodness in the next post.
Related Websites - Game Preview: Florida Gators vs. Mississippi State Bulldogs Turnovers are Sticking in the Mind of Urban Meyer! With a game against Mississippi State pending, Urban Meyer is looking at the team's current capabilities to determine whether or not the Florida Gators are going to continue their winning streak for another round. In terms of the offense, the gators......
- Yet another WordPress Comment Spam Method Over the last few weeks I've had another type of comment spam - not a lot, just enough to be seen as different. It arrives as a pingback from various IP addresses and sites. Here's an example straight from the comment admin area: * Only 29% of UK people are......
- Leno And Conan: The Tonight Show Fiasco Are you with Leno or Conan? The Chin or Conando? Cars or Coco? If you’re like me, you like both of these guys for various reasons. You think they’re both talented and funny in their own ways, and would like to see both of them on TV. For me, I......