IP命令

从centos7以前我们一直使用ifconfig命令来执行网络相关的任务,比如检查和配置网卡信息，但是ifconfig已经不再被维护，并且在最近版本的Linux中被废除了！ifconfig命令已经被ip命令所代替了。

ip 命令跟 ifconfig 命令有些类似，但是强力的多，他有许多新功能。ip 命令完成很多ifconfig命令无法完成的任务。

1、检查网卡信息

检查网卡的诸如IP地址，子网等网络信息，使用ip addr show
或者 #ip a 或者 #ip a s

ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

2: teql0: <NOARP> mtu 1500 qdisc noop state DOWN group default qlen 100

link/void

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

4: vlan80@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.8.4/24 scope global vlan80

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

..............................《省略》

9: vlan600@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.60.4/24 scope global vlan600

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

10: vlan240@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.24.4/24 scope global vlan240

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

想查看某块网卡的信息，则命令为 # ip a s eth0

ip a s eth0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

ip a s vlan600

9: vlan600@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.60.4/24 scope global vlan600

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

2、启动/禁用网卡

ip link set eth0 up

ip link set eth0 down

3、为网卡分配IP地址以及其他网络信息

为网卡分配IP地址，使用下面命令：

ip addr add 192.168.20.250/255.255.255.0 dev eth0

删除的时候add 换成delete（或者del）

ip addr add 192.168.20.250/255.255.255.0 dev eth0

ifconfig

......

eth0 Link encap:Ethernet HWaddr aa:bb:cc:dd:00:04

inet addr:192.168.20.250 Bcast:0.0.0.0 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:4158 errors:0 dropped:0 overruns:0 frame:0

TX packets:17296 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:297557 TX bytes:1769714

Interrupt:196 Base address:0x3000

ip addr delete 192.168.13.4/255.255.255.0 dev vlan130

ip addr add 192.168.13.5/255.255.255.0 dev vlan130

ip a s vlan130

6: vlan130@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.13.5/24 scope global vlan130

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

//使用ip命令来设置广播地址。默认是没有设置广播地址的，设置广播地址的命令为

// ip addr add broadcast 192.168.1.255 dev eth0 // 暂时不好用

根据IP地址设置标准的广播地址 #ip addr add 192.168.1.10/24 brd + dev eth0

ip a s eth0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

ip addr add 192.168.1.10/24 brd + dev eth0

ip a s eth0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0

valid_lft forever preferred_lft forever

4、为网卡添加别名（添加多个IP）

ip addr add 192.168.1.20/24 dev eth0 label eth0:1

ip addr add 192.168.1.20/24 dev eth0 label eth0:1

ip a s eth0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.1.20/24 scope global eth0:1

valid_lft forever preferred_lft forever

ip addr add 192.168.2.20/24 dev eth0 label eth0:2

ip a s eth0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.1.20/24 scope global eth0:1

valid_lft forever preferred_lft forever

inet 192.168.2.20/24 scope global eth0:2

valid_lft forever preferred_lft forever

ip addr add 192.168.3.20/24 dev eth0 label eth0:45

ip a s eth0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.1.20/24 scope global eth0:1

valid_lft forever preferred_lft forever

inet 192.168.2.20/24 scope global eth0:2

valid_lft forever preferred_lft forever

inet 192.168.3.20/24 scope global eth0:45

valid_lft forever preferred_lft forever

5、查看路由信息

ip route （show）

ip route get 192.168.60.1

ip route

192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20

192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.20

192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.20

192.168.8.0/24 dev vlan80 proto kernel scope link src 192.168.8.4

192.168.60.0/24 dev vlan600 proto kernel scope link src 192.168.60.4

ip route get 192.168.60.1

192.168.60.1 dev vlan600 src 192.168.60.4

cache

ip route get 192.168.60.4

local 192.168.60.4 dev lo src 192.168.60.4

cache <local>

6、添加静态路由

{指令添加是临时有效；永久修改可以修改路由文件；ubuntu： /etc/network/interfaces}

添加默认路由

ip route add default via 192.168.1.150

ip addr add 192.168.70.1/24 dev eth0 label eth0:70

ip route add default via 192.168.70.1

RTNETLINK answers: File exists

ip route del default via 192.168.1.1

ip route add default via 192.168.70.1

ip route

default via 192.168.70.1 dev eth0

192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20

192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.20

192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.20

192.168.8.0/24 dev vlan80 proto kernel scope link src 192.168.8.4

192.168.70.0/24 dev eth0 proto kernel scope link src 192.168.70.1

修改某个网卡上的ip的路由？？

ip route add 192.168.2.1 via 192.168.70.1 dev eth0

ip route add 192.168.2.1 via 192.168.70.1 dev eth0

ip route

default via 192.168.70.1 dev eth0

192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20

192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.20

192.168.2.1 via 192.168.70.1 dev eth0

192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.20

192.168.8.0/24 dev vlan80 proto kernel scope link src 192.168.8.4

192.168.70.0/24 dev eth0 proto kernel scope link src 192.168.70.1

删除路由

ip route del via 192.168.70.1

ip route del 192.168.2.1 via 192.168.70.1

ip route

default via 192.168.70.1 dev eth0

192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20

192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.20

192.168.2.1 via 192.168.70.1 dev eth0

192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.20

192.168.8.0/24 dev vlan80 proto kernel scope link src 192.168.8.4

192.168.70.0/24 dev eth0 proto kernel scope link src 192.168.70.1

ip route del via 192.168.70.1

ip route

192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20

192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.20

192.168.2.1 via 192.168.70.1 dev eth0

192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.20

192.168.8.0/24 dev vlan80 proto kernel scope link src 192.168.8.4

192.168.70.0/24 dev eth0 proto kernel scope link src 192.168.70.1

ip route del 192.168.2.1 via 192.168.70.1

ip route

192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20

192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.20

192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.20

192.168.8.0/24 dev vlan80 proto kernel scope link src 192.168.8.4

192.168.70.0/24 dev eth0 proto kernel scope link src 192.168.70.1

7、查看ARP表

ip neigh

ip neigh

192.168.60.1 dev vlan600 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.20.3 dev vlan200 lladdr aa:bb:cc:dd:00:03 PERMANENT

192.168.15.1 dev vlan150 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.24.1 dev vlan240 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.8.1 dev vlan80 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.9.199 dev vlan90 lladdr 02:aa:bb:cc:dd:00 STALE

192.168.9.102 dev vlan90 lladdr aa:bb:cc:dd:00:99 DELAY

8、修改ARP

添加 arp

ip neigh add 192.168.60.1 lladdr aa:bb:cc:dd:00:99 dev vlan90 nud perm

ip neigh add 192.168.60.1 lladdr aa:bb:cc:dd:00:99 dev vlan90 nud perm

ip neigh

192.168.60.1 dev vlan600 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.20.3 dev vlan200 lladdr aa:bb:cc:dd:00:03 PERMANENT

192.168.15.1 dev vlan150 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.24.1 dev vlan240 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.8.1 dev vlan80 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.60.1 dev vlan90 lladdr aa:bb:cc:dd:00:99 PERMANENT

192.168.9.199 dev vlan90 lladdr 02:aa:bb:cc:dd:00 STALE

192.168.9.102 dev vlan90 lladdr aa:bb:cc:dd:00:99 REACHABLE

nud的意思是"neghbour state"（网络邻居状态），他的值可以是：

perm - 永久有效并且只能被管理员删除
noarp - 记录有效，但在生命周期过期后就允许被删除了
stale - 记录有效，但可能已经过期
reachable - 记录有效，但超时后就失效了

删除arp

ip neigh del 192.168.8.1 dev vlan80

ip neigh del 192.168.8.1 dev vlan80

ip neigh

192.168.60.1 dev vlan600 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.20.3 dev vlan200 lladdr aa:bb:cc:dd:00:03 PERMANENT

192.168.15.1 dev vlan150 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.24.1 dev vlan240 lladdr aa:bb:cc:dd:00:01 PERMANENT

192.168.60.1 dev vlan90 lladdr aa:bb:cc:dd:00:99 PERMANENT

192.168.9.199 dev vlan90 lladdr 02:aa:bb:cc:dd:00 STALE

192.168.9.102 dev vlan90 lladdr aa:bb:cc:dd:00:99 REACHABLE

9、查看网络统计信息

#ip -s link

查看网络统计信息，比如所有网卡上传输的字节数和报文数，错误或者丢弃的报文数等

ip -s link

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

RX: bytes packets errors dropped overrun mcast

32770129 394476 0 0 0 0

TX: bytes packets errors dropped carrier collsns

32770129 394476 0 0 0 0

2: teql0: <NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 100

link/void

RX: bytes packets errors dropped overrun mcast

0 0 0 0 0 0

TX: bytes packets errors dropped carrier collsns

0 0 0 0 0 0

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

RX: bytes packets errors dropped overrun mcast

2544171 36344 0 0 0 0

TX: bytes packets errors dropped carrier collsns

23763484 231025 0 0 0 0

4: vlan80@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

RX: bytes packets errors dropped overrun mcast

0 0 0 0 0 0

TX: bytes packets errors dropped carrier collsns

0 0 0 0 0 0

..............................

10、设置VLAN

ip link add link eth0 name vlan500 type vlan id 500

ip link add link eth0 name vlan500 type vlan id 500

ifconfig

（这个是时候并未启动网卡）

ip a

..................

10: vlan240@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.24.4/24 scope global vlan240

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

11: vlan500@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

ip link set vlan500 up

..................

vlan200 Link encap:Ethernet HWaddr aa:bb:cc:dd:00:04

inet addr:192.168.20.4 Bcast:0.0.0.0 Mask:255.255.255.0

inet6 addr: fe80::a8bb:ccff:fedd:4/64 Scope: Link

UP BROADCAST RUNNING NOARP MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:15743 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 TX bytes:1393636

vlan500 Link encap:Ethernet HWaddr aa:bb:cc:dd:00:04

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 TX bytes:0

11、修改MAC

ip link set vlan500 address aa:bb:cc:dd:00:05

ip link set vlan500 address aa:bb:cc:dd:00:05

ip addr add 192.168.50.4/255.255.255.0 dev vlan500

#ip a

............

10: vlan240@eth0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:04 brd ff:ff:ff:ff:ff:ff

inet 192.168.24.4/24 scope global vlan240

valid_lft forever preferred_lft forever

inet6 fe80::a8bb:ccff:fedd:4/64 scope link

valid_lft forever preferred_lft forever

11: vlan500@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

link/ether aa:bb:cc:dd:00:05 brd ff:ff:ff:ff:ff:ff

inet 192.168.50.4/24 scope global vlan500

valid_lft forever preferred_lft forever

Linux ip命令

IP命令

1、检查网卡信息

ip addr show

ip a s eth0

ip a s vlan600

2、启动/禁用网卡

ip link set eth0 up

ip link set eth0 down

3、为网卡分配IP地址以及其他网络信息

ip addr add 192.168.20.250/255.255.255.0 dev eth0

ifconfig

ip addr delete 192.168.13.4/255.255.255.0 dev vlan130

ip addr add 192.168.13.5/255.255.255.0 dev vlan130

ip a s vlan130

ip a s eth0

ip addr add 192.168.1.10/24 brd + dev eth0

ip a s eth0

4、为网卡添加别名（添加多个IP）

ip addr add 192.168.1.20/24 dev eth0 label eth0:1

ip a s eth0

ip addr add 192.168.2.20/24 dev eth0 label eth0:2

ip a s eth0

ip addr add 192.168.3.20/24 dev eth0 label eth0:45

ip a s eth0

5、查看路由信息

ip route

ip route get 192.168.60.1

ip route get 192.168.60.4

6、添加静态路由

ip addr add 192.168.70.1/24 dev eth0 label eth0:70

ip route add default via 192.168.70.1

ip route del default via 192.168.1.1

ip route add default via 192.168.70.1

ip route

ip route add 192.168.2.1 via 192.168.70.1 dev eth0

ip route

ip route

ip route del via 192.168.70.1

ip route

ip route del 192.168.2.1 via 192.168.70.1

ip route

7、查看ARP表

ip neigh

8、修改ARP

ip neigh add 192.168.60.1 lladdr aa:bb:cc:dd:00:99 dev vlan90 nud perm

ip neigh

ip neigh del 192.168.8.1 dev vlan80

ip neigh del 192.168.8.1 dev vlan80

ip neigh

9、查看网络统计信息

ip -s link

10、设置VLAN

ip link add link eth0 name vlan500 type vlan id 500

ifconfig

ip a

ip link set vlan500 up

11、修改MAC

ip link set vlan500 address aa:bb:cc:dd:00:05

ip addr add 192.168.50.4/255.255.255.0 dev vlan500