Linux ip命令

IP命令

从centos7以前我们一直使用ifconfig命令来执行网络相关的任务,比如检查和配置网卡信息，但是ifconfig已经不再被维护，并且在最近版本的Linux中被废除了！ifconfig命令已经被ip命令所代替了。
ip 命令跟 ifconfig 命令有些类似，但是强力的多，他有许多新功能。ip 命令完成很多ifconfig命令无法完成的任务。
 

 1、检查网卡信息 

• 检查网卡的诸如IP地址，子网等网络信息，使用ip addr show
• 或者 #ip a    或者 #ip a s

 # ip addr show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: teql0: mtu 1500 qdisc noop state DOWN group default qlen 100
    link/void
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
4: vlan80@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.4/24 scope global vlan80
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever
…………………………《省略》
9: vlan600@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.4/24 scope global vlan600
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever
10: vlan240@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.24.4/24 scope global vlan240
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever

想查看某块网卡的信息，则命令为    # ip a s eth0

# ip a s eth0
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
# ip a s vlan600
9: vlan600@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.4/24 scope global vlan600
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever
#

 2、启动/禁用网卡

 # ip link set eth0 up

 # ip link set eth0 down

3、为网卡分配IP地址以及其他网络信息

为网卡分配IP地址，使用下面命令：

 ip addr add 192.168.20.250/255.255.255.0 dev eth0

删除的时候add 换成delete（或者del）

 # ip addr add 192.168.20.250/255.255.255.0 dev eth0
# ifconfig

……

eth0      Link encap:Ethernet  HWaddr aa:bb:cc:dd:00:04
          inet addr:192.168.20.250  Bcast:0.0.0.0  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4158 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17296 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:297557 TX bytes:1769714
          Interrupt:196 Base address:0x3000

 # ip addr delete 192.168.13.4/255.255.255.0 dev vlan130
# ip addr add 192.168.13.5/255.255.255.0 dev vlan130
# ip a s vlan130
6: vlan130@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.13.5/24 scope global vlan130
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever
#

 //使用ip命令来设置广播地址。默认是没有设置广播地址的，设置广播地址的命令为

// ip addr add broadcast 192.168.1.255 dev eth0     // 暂时不好用

根据IP地址设置标准的广播地址   #ip addr add 192.168.1.10/24 brd + dev eth0

# ip a s eth0
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
# ip addr add 192.168.1.10/24 brd + dev eth0
# ip a s eth0
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
#

4、为网卡添加别名（添加多个IP）

 ip addr add 192.168.1.20/24 dev eth0 label eth0:1

# ip addr add 192.168.1.20/24 dev eth0 label eth0:1
# ip a s eth0
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.20/24 scope global eth0:1
       valid_lft forever preferred_lft forever
# ip addr add 192.168.2.20/24 dev eth0 label eth0:2
# ip a s eth0
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.20/24 scope global eth0:1
       valid_lft forever preferred_lft forever
    inet 192.168.2.20/24 scope global eth0:2
       valid_lft forever preferred_lft forever
# ip addr add 192.168.3.20/24 dev eth0 label eth0:45
# ip a s eth0
3: eth0: mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.20/24 scope global eth0:1
       valid_lft forever preferred_lft forever
    inet 192.168.2.20/24 scope global eth0:2
       valid_lft forever preferred_lft forever
    inet 192.168.3.20/24 scope global eth0:45
       valid_lft forever preferred_lft forever
#

 5、查看路由信息

ip route （show）

ip route get 192.168.60.1

 # ip route
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.20
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.20
192.168.3.0/24 dev eth0  proto kernel  scope link  src 192.168.3.20
192.168.8.0/24 dev vlan80  proto kernel  scope link  src 192.168.8.4
192.168.60.0/24 dev vlan600  proto kernel  scope link  src 192.168.60.4
# ip route get 192.168.60.1
192.168.60.1 dev vlan600  src 192.168.60.4
    cache
# ip route get 192.168.60.4
local 192.168.60.4 dev lo  src 192.168.60.4
    cache
#

 6、添加静态路由

{指令添加是临时有效；永久修改可以修改路由文件；ubuntu： /etc/network/interfaces}

添加默认路由 

ip route add default via 192.168.1.150

# ip addr add 192.168.70.1/24 dev eth0 label eth0:70
# ip route add default via 192.168.70.1
RTNETLINK answers: File exists
# ip route del default via 192.168.1.1
# ip route add default via 192.168.70.1
# ip route
default via 192.168.70.1 dev eth0
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.20
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.20
192.168.3.0/24 dev eth0  proto kernel  scope link  src 192.168.3.20
192.168.8.0/24 dev vlan80  proto kernel  scope link  src 192.168.8.4
192.168.70.0/24 dev eth0  proto kernel  scope link  src 192.168.70.1
#

修改某个网卡上的ip的路由？？ 

ip route add 192.168.2.1 via 192.168.70.1 dev eth0

# ip route add 192.168.2.1 via 192.168.70.1 dev eth0
# ip route
default via 192.168.70.1 dev eth0
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.20
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.20
192.168.2.1 via 192.168.70.1 dev eth0
192.168.3.0/24 dev eth0  proto kernel  scope link  src 192.168.3.20
192.168.8.0/24 dev vlan80  proto kernel  scope link  src 192.168.8.4
192.168.70.0/24 dev eth0  proto kernel  scope link  src 192.168.70.1
#

删除路由

ip route del  via 192.168.70.1

ip route del  192.168.2.1 via 192.168.70.1

# ip route
default via 192.168.70.1 dev eth0
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.20
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.20
192.168.2.1 via 192.168.70.1 dev eth0
192.168.3.0/24 dev eth0  proto kernel  scope link  src 192.168.3.20
192.168.8.0/24 dev vlan80  proto kernel  scope link  src 192.168.8.4
192.168.70.0/24 dev eth0  proto kernel  scope link  src 192.168.70.1

# ip route del  via 192.168.70.1
# ip route
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.20
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.20
192.168.2.1 via 192.168.70.1 dev eth0
192.168.3.0/24 dev eth0  proto kernel  scope link  src 192.168.3.20
192.168.8.0/24 dev vlan80  proto kernel  scope link  src 192.168.8.4
192.168.70.0/24 dev eth0  proto kernel  scope link  src 192.168.70.1
# ip route del  192.168.2.1 via 192.168.70.1
# ip route
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.20
192.168.2.0/24 dev eth0  proto kernel  scope link  src 192.168.2.20
192.168.3.0/24 dev eth0  proto kernel  scope link  src 192.168.3.20
192.168.8.0/24 dev vlan80  proto kernel  scope link  src 192.168.8.4
192.168.70.0/24 dev eth0  proto kernel  scope link  src 192.168.70.1
#

 7、查看ARP表

ip neigh

 # ip neigh
192.168.60.1 dev vlan600 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.20.3 dev vlan200 lladdr aa:bb:cc:dd:00:03 PERMANENT
192.168.15.1 dev vlan150 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.24.1 dev vlan240 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.8.1 dev vlan80 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.9.199 dev vlan90 lladdr 02:aa:bb:cc:dd:00 STALE
192.168.9.102 dev vlan90 lladdr aa:bb:cc:dd:00:99 DELAY
#

 8、修改ARP

添加 arp

ip neigh add 192.168.60.1 lladdr aa:bb:cc:dd:00:99 dev vlan90 nud perm

# ip neigh add 192.168.60.1 lladdr aa:bb:cc:dd:00:99 dev vlan90 nud perm
# ip neigh
192.168.60.1 dev vlan600 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.20.3 dev vlan200 lladdr aa:bb:cc:dd:00:03 PERMANENT
192.168.15.1 dev vlan150 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.24.1 dev vlan240 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.8.1 dev vlan80 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.60.1 dev vlan90 lladdr aa:bb:cc:dd:00:99 PERMANENT
192.168.9.199 dev vlan90 lladdr 02:aa:bb:cc:dd:00 STALE
192.168.9.102 dev vlan90 lladdr aa:bb:cc:dd:00:99 REACHABLE
#

 

nud的意思是“neghbour state”（网络邻居状态），他的值可以是：

1. perm - 永久有效并且只能被管理员删除
2. noarp - 记录有效，但在生命周期过期后就允许被删除了
3. stale - 记录有效，但可能已经过期
4. reachable - 记录有效，但超时后就失效了

 删除arp

 # ip neigh del 192.168.8.1 dev vlan80

 # ip neigh del 192.168.8.1 dev vlan80
# ip neigh
192.168.60.1 dev vlan600 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.20.3 dev vlan200 lladdr aa:bb:cc:dd:00:03 PERMANENT
192.168.15.1 dev vlan150 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.24.1 dev vlan240 lladdr aa:bb:cc:dd:00:01 PERMANENT
192.168.60.1 dev vlan90 lladdr aa:bb:cc:dd:00:99 PERMANENT
192.168.9.199 dev vlan90 lladdr 02:aa:bb:cc:dd:00 STALE
192.168.9.102 dev vlan90 lladdr aa:bb:cc:dd:00:99 REACHABLE
#

 9、查看网络统计信息

#ip -s link

查看网络统计信息，比如所有网卡上传输的字节数和报文数，错误或者丢弃的报文数等

 # ip -s link
1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    RX: bytes  packets  errors  dropped overrun mcast
    32770129   394476   0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    32770129   394476   0       0       0       0
2: teql0: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 100
    link/void
    RX: bytes  packets  errors  dropped overrun mcast
    0          0        0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    0          0        0       0       0       0
3: eth0: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast
    2544171    36344    0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    23763484   231025   0       0       0       0
4: vlan80@eth0: mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    RX: bytes  packets  errors  dropped overrun mcast
    0          0        0       0       0       0
    TX: bytes  packets  errors  dropped carrier collsns
    0          0        0       0       0       0

…………………………

10、设置VLAN

 ip link add link eth0 name vlan500 type vlan id 500

 # ip link add link eth0 name vlan500 type vlan id 500
# ifconfig

（这个是时候并未启动网卡）

# ip a

………………

10: vlan240@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.24.4/24 scope global vlan240
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever
11: vlan500@eth0: mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

# ip link set vlan500 up

………………

vlan200   Link encap:Ethernet  HWaddr aa:bb:cc:dd:00:04
          inet addr:192.168.20.4  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::a8bb:ccff:fedd:4/64 Scope: Link
          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15743 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 TX bytes:1393636

vlan500   Link encap:Ethernet  HWaddr aa:bb:cc:dd:00:04
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 TX bytes:0

 11、修改MAC

ip link set vlan500 address aa:bb:cc:dd:00:05

# ip link set vlan500 address aa:bb:cc:dd:00:05

# ip addr add 192.168.50.4/255.255.255.0 dev vlan500

#ip a

…………

10: vlan240@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff
    inet 192.168.24.4/24 scope global vlan240
       valid_lft forever preferred_lft forever
    inet6 fe80::a8bb:ccff:fedd:4/64 scope link
       valid_lft forever preferred_lft forever
11: vlan500@eth0: mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether aa:bb:cc:dd:00:05 brd ff:ff:ff:ff:ff:ff
    inet 192.168.50.4/24 scope global vlan500
       valid_lft forever preferred_lft forever