Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
Linux Magazine

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 83 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here




       ip [ OPTIONS ] OBJECT { COMMAND | help }

       OBJECT := { link | addr | route | rule | neigh | tunnel |
               maddr | mroute | monitor }

       OPTIONS := { -V[ersion] | -s[tatistics] | -r[esolve] |
               -f[amily] { inet | inet6 | ipx | dnet | link } |
               -o[neline] }

       ip link set DEVICE { up | down | arp { on | off } |
               promisc { on | off } |
               allmulti { on | off } |
               dynamic { on | off } |
               multicast { on | off } |
               txqueuelen PACKETS |
               name NEWNAME |
               address LLADDR | broadcast LLADDR |
               mtu MTU }

       ip link show [ DEVICE ]

       ip addr { add | del } IFADDR dev STRING

       ip addr { show | flush } [ dev STRING ] [ scope SCOPE-ID ]
               [ to PREFIX ] [ FLAG-LIST ] [ label PATTERN ]

               [ broadcast ADDR ] [ anycast ADDR ]
               [ label STRING ] [ scope SCOPE-ID ]

       SCOPE-ID := [ host | link | global | NUMBER ]


       FLAG := [ permanent | dynamic | secondary | primary |
               tentative | deprecated ]

       ip route { list | flush } SELECTOR

       ip route get ADDRESS [ from ADDRESS iif STRING ]
               [ oif STRING ] [ tos TOS ]

       ip route { add | del | change | append | replace | monitor
               } ROUTE

       SELECTOR := [ root PREFIX ] [ match PREFIX ]
               [ exact PREFIX ] [ table TABLE_ID ]
               [ proto RTPROTO ] [ type TYPE ] [ scope SCOPE ]
               [ window NUMBER ] [ cwnd NUMBER ]
               [ ssthresh REALM ] [ realms REALM ]

       TYPE := [ unicast | local | broadcast | multicast | throw
               | unreachable | prohibit | blackhole | nat ]

       TABLE_ID := [ local| main | default | all | NUMBER ]

       SCOPE := [ host | link | global | NUMBER ]

       FLAGS := [ equalize ]

       NHFLAGS := [ onlink | pervasive ]

       RTPROTO := [ kernel | boot | static | NUMBER ]

       ip rule [ list | add | del ] SELECTOR ACTION

       SELECTOR := [ from PREFIX ] [ to PREFIX ] [ tos TOS ]
               [ fwmark FWMARK ] [ dev STRING ] [ pref NUMBER ]

       ACTION := [ table TABLE_ID ] [ nat ADDRESS ]
               [ prohibit | reject | unreachable ]
               [ realms [SRCREALM/]DSTREALM ]

       TABLE_ID := [ local | main | default | NUMBER ]

       ip neigh { add | del | change | replace } { ADDR [ lladdr
               LLADDR ] [ nud { permanent | noarp | stale |
               reachable } ] | proxy ADDR } [ dev DEV ]

       ip neigh { show | flush } [ to PREFIX ] [ dev DEV ] [ nud
               STATE ]

       ip tunnel { add | change | del | show } [ NAME ]
               [ mode { ipip | gre | sit } ]
               [ remote ADDR ] [ local ADDR ]
               [ [i|o]seq ] [ [i|o]key KEY ] [ [i|o]csum ] ]
               [ ttl TTL ] [ tos TOS ] [ [no]pmtudisc ]
               [ dev PHYS_DEV ]

       ADDR := { IP_ADDRESS | any }

       TOS := { NUMBER | inherit }

       TTL := { 1..255 | inherit }

       KEY := { DOTTED_QUAD | NUMBER }

       ip maddr [ add | del ] MULTIADDR dev STRING

       ip maddr show [ dev STRING ]
              As  a  rule,  the information is statistics or some
              time values.

       -f, -family
              followed by protocol family identifier: inet, inet6
              or  link,  enforce  the protocol family to use.  If
              the option is not present, the protocol  family  is
              guessed  from  other arguments.  If the rest of the
              command line does not give  enough  information  to
              guess the family, ip falls back to the default one,
              usually inet or any.   link  is  a  special  family
              identifier  meaning  that no networking protocol is

       -4     shortcut for -family inet.

       -6     shortcut for -family inet6.

       -0     shortcut for -family link.

       -o, -oneline
              output each record on a single line, replacing line
              feeds  with  the  \  character.  This is convenient
              when you want to count records  with  wc(1)  or  to
              grep(1) the output.

       -r, -resolve
              use  the  system's name resolver to print DNS names
              instead of host addresses.


       link   - network device.

              - protocol (IP or IPv6) address on a device.

              - ARP or NDISC cache entry.

       route  - routing table entry.

       viated  form, f.e.  address is abbreviated as addr or just

       Specifies the action to perform on the object.  The set of
       possible  actions  depends on the object type.  As a rule,
       it is possible to add, delete and show (or list)  objects,
       but  some  objects do not allow all of these operations or
       have some additional commands.  The help command is avail­
       able  for  all objects.  It prints out a list of available
       commands and argument syntax conventions.

       If no command is given, some default command  is  assumed.
       Usually it is list or, if the objects of this class cannot
       be listed, help.

ip link - network device configuration

       link is a network device and  the  corresponding  commands
       display and change the state of devices.

   ip link set - change device attributes
       dev NAME (default)
              NAME specifies network device to operate on.

       up and down
              change the state of the device to UP or DOWN.

       arp on or arp off
              change the NOARP flag on the device.

       multicast on or multicast off
              change the MULTICAST flag on the device.

       dynamic on or dynamic off
              change the DYNAMIC flag on the device.

       name NAME
              change  the  name of the device.  This operation is
              not recommended if the device  is  running  or  has
              some addresses already configured.

       txqueuelen NUMBER

       brd LLADDRESS

       peer LLADDRESS
              change the link layer broadcast address or the peer
              address when the interface is POINTOPOINT.

       Warning: If multiple parameter changes are  requested,  ip
       aborts  immediately  after any of the changes have failed.
       This is the only case when ip can move the  system  to  an
       unpredictable  state.   The  solution is to avoid changing
       several parameters with one ip link set call.

   ip link show - display device attributes
       dev NAME (default)
              NAME specifies the network device to show.  If this
              argument is omitted all devices are listed.

       up     only display running interfaces.

ip address - protocol address management.

       The address is a protocol (IP or IPv6) address attached to
       a network device.  Each device must have at least one  ad­
       dress  to  use the corresponding protocol.  It is possible
       to have several different addresses attached  to  one  de­
       vice.   These addresses are not discriminated, so that the
       term alias is not quite appropriate for them and we do not
       use it in this document.

       The  ip  addr command displays addresses and their proper­
       ties, adds new addresses and deletes old ones.

   ip address add - add new protocol address.
       dev NAME
              the name of the device to add the address to.

       local ADDRESS (default)
              the address of the interface.  The  format  of  the
              address  depends  on  the protocol.  It is a dotted
              quad for IP and a sequence of hexadecimal halfwords
              separated  by  colons for IPv6.  The ADDRESS may be
              followed by a slash and a decimal number which  en­
              codes the network prefix length.

       peer ADDRESS
              the  address  of  the  remote endpoint for point to
              ting/resetting the host bits of the interface  pre­

       label NAME
              Each address may be tagged with a label string.  In
              order to preserve compatibility with Linux-2.0  net
              aliases, this string must coincide with the name of
              the device or must be prefixed with the device name
              followed by colon.

       scope SCOPE_VALUE
              the  scope of the area where this address is valid.
              The   available   scopes   are   listed   in   file
              /etc/iproute2/rt_scopes.   Predefined  scope values

                      global - the address is globally valid.

                      site - (IPv6 only) the address is site  lo­
                      cal, i.e. it is valid inside this site.

                      link  -  the address is link local, i.e. it
                      is valid only on this device.

                      host - the address  is  valid  only  inside
                      this host.

   ip address delete - delete protocol address
       Arguments:  coincide  with  the  arguments of ip addr add.
       The device name is a required argument.  The rest are  op­
       tional.   If  no arguments are given, the first address is

   ip address show - look at protocol addresses
       dev NAME (default)
              name of device.

       scope SCOPE_VAL
              only list addresses with this scope.

       to PREFIX
              only list addresses matching this prefix.

       label PATTERN
              only list addresses with labels matching  the  PAT­

              (IPv6 only) only list deprecated addresses.

       primary and secondary
              only list primary (or secondary) addresses.

   ip address flush - flush protocol addresses
       This command flushes the protocol  addresses  selected  by
       some criteria.

       This  command has the same arguments as show.  The differ­
       ence is that it does not run when no arguments are  given.

       Warning:  This command (and other flush commands described
       below) is pretty dangerous.  If you  make  a  mistake,  it
       will  not  forgive  it, but will cruelly purge all the ad­

       With the -statistics option, the command becomes  verbose.
       It prints out the number of deleted addresses and the num­
       ber of rounds made to flush the address list.  If this op­
       tion  is  given  twice,  ip  addr flush also dumps all the
       deleted addresses in the format described in the  previous

ip neighbor - neighbor/arp tables management.

       neighbor  objects  establish bindings between protocol ad­
       dresses and link layer addresses  for  hosts  sharing  the
       same  link.   Neighbor  entries are organized into tables.
       The IPv4 neighbor table is known by another name - the ARP

       The  corresponding  commands display neighbor bindings and
       their properties, add new neighbor entries and delete  old

   ip neighbor add - add a new neighbor entry
   ip neighbor change - change an existing entry
   ip  neighbor  replace  - add a new entry or change an existing
       These commands create new neighbor records or  update  ex­
       isting ones.

       nud NUD_STATE
              the  state of the neighbor entry.  nud is an abbre­
              viation for  'Neighbor  Unreachability  Detection'.
              The state can take one of the following values:

                      permanent  -  the  neighbor  entry is valid
                      forever and can be only be removed adminis­

                      noarp  -  the  neighbor entry is valid.  No
                      attempts to validate  this  entry  will  be
                      made  but  it can be removed when its life­
                      time expires.

                      reachable - the neighbor entry is valid un­
                      til the reachability timeout expires.

                      stale  -  the  neighbor  entry is valid but
                      suspicious.  This option to ip  neigh  does
                      not  change  the  neighbor  state if it was
                      valid and the address  is  not  changed  by
                      this command.

   ip neighbor delete - delete a neighbor entry
       This command invalidates a neighbor entry.

       The  arguments  are  the same as with ip neigh add, except
       that lladdr and nud are ignored.

       Warning: Attempts to delete or manually change a noarp en­
       try  created by the kernel may result in unpredictable be­
       havior.  Particularly, the kernel may try to resolve  this
       address  even  on  a  NOARP interface or if the address is
       multicast or broadcast.

   ip neighbor show - list neighbor entries
       This commands displays neighbor tables.

       to ADDRESS (default)
              the prefix selecting the neighbors to list.

       dev NAME
              only list the neighbors attached to this device.

       This command flushes neighbor tables, selecting entries to
       flush by some criteria.

       This command has the same arguments as show.  The  differ­
       ences  are that it does not run when no arguments are giv­
       en, and that the default neighbor states to be flushed  do
       not include permanent and noarp.

       With  the -statistics option, the command becomes verbose.
       It prints out the number of deleted neighbors and the num­
       ber  of  rounds  made to flush the neighbor table.  If the
       option is given twice, ip neigh flush also dumps  all  the
       deleted neighbors.

ip route - routing table management

       Manipulate route entries in the kernel routing tables keep
       information about paths to other networked nodes.

       Route types:

               unicast - the route entry describes real paths  to
               the destinations covered by the route prefix.

               unreachable  - these destinations are unreachable.
               Packets are discarded and the  ICMP  message  host
               unreachable  is  generated.  The local senders get
               an EHOSTUNREACH error.

               blackhole - these  destinations  are  unreachable.
               Packets are discarded silently.  The local senders
               get an EINVAL error.

               prohibit -  these  destinations  are  unreachable.
               Packets  are discarded and the ICMP message commu­
               nication administratively prohibited is generated.
               The local senders get an EACCES error.

               local  -  the  destinations  are  assigned to this
               host.  The packets are looped back  and  delivered

               broadcast  -  the  destinations  are broadcast ad­
               dresses.  The packets are sent as link broadcasts.

               al  (or internal) ones before forwarding.  The ad­
               dresses to translate to are selected with the  at­
               tribute via.

               anycast  -  not  implemented  the destinations are
               anycast addresses assigned to this host.  They are
               mainly  equivalent  to  local with one difference:
               such addresses are invalid when used as the source
               address of any packet.

               multicast  -  a  special  type  used for multicast
               routing.  It is not present in normal routing  ta­

       Route tables: Linux-2.x can pack routes into several rout­
       ing tables identified by a number in the range from  1  to
       255  or by name from the file /etc/iproute2/rt_tables.  By
       default all normal routes are inserted into the main table
       (ID  254)  and the kernel only uses this table when calcu­
       lating routes.

       Actually, one other table always exists, which is  invisi­
       ble  but  even  more important.  It is the local table (ID
       255).  This table consists of routes for local and  broad­
       cast addresses.  The kernel maintains this table automati­
       cally and the administrator usually need not modify it  or
       even look at it.

       The  multiple  routing  tables  enter the game when policy
       routing is used.

   ip route add - add new route
   ip route change - change route
   ip route replace - change or add new one
       to TYPE PREFIX (default)
              the destination prefix of the route.   If  TYPE  is
              omitted,  ip assumes type unicast.  Other values of
              TYPE are listed above.  PREFIX is an IP or IPv6 ad­
              dress optionally followed by a slash and the prefix
              length.  If the length of the prefix is missing, ip
              assumes  a full-length host route.  There is also a
              special PREFIX default - which is equivalent to  IP
              0/0 or to IPv6 ::/0.

       tos TOS

              arbitrary 32bit number.

       table TABLEID
              the table to add this route to.  TABLEID may  be  a
              number     or    a    string    from    the    file
              /etc/iproute2/rt_tables.   If  this  parameter   is
              omitted, ip assumes the main table, with the excep­
              tion of local, broadcast and nat routes, which  are
              put into the local table by default.

       dev NAME
              the output device name.

       via ADDRESS
              the  address  of the nexthop router.  Actually, the
              sense of this field depends on the route type.  For
              normal  unicast  routes  it is either the true next
              hop router or, if it is a direct route installed in
              BSD  compatibility  mode, it can be a local address
              of the interface.  For NAT routes it is  the  first
              address of the block of translated IP destinations.

       src ADDRESS
              the source address to prefer when  sending  to  the
              destinations covered by the route prefix.

       realm REALMID
              the realm to which this route is assigned.  REALMID
              may  be  a  number  or  a  string  from  the   file

       mtu MTU

       mtu lock MTU
              the  MTU along the path to the destination.  If the
              modifier lock is not used, the MTU may  be  updated
              by  the  kernel  due to Path MTU Discovery.  If the
              modifier lock is used, no path MTU  discovery  will
              be  tried,  all packets will be sent without the DF
              bit in IPv4 case or fragmented to MTU for IPv6.

       window NUMBER
              the maximal window for TCP to  advertise  to  these
              destinations, measured in bytes.  It limits maximal
              data bursts that our TCP peers are allowed to  send

       cwnd NUMBER (2.3.15+ only)
              the  clamp for congestion window.  It is ignored if
              the lock flag is not used.

       advmss NUMBER (2.3.15+ only)
              the MSS ('Maximal Segment Size')  to  advertise  to
              these  destinations  when  establishing TCP connec­
              tions.  If it is not given, Linux  uses  a  default
              value  calculated  from  the  first hop device MTU.
              (If the path to these  destination  is  asymmetric,
              this guess may be wrong.)

       reordering NUMBER (2.3.15+ only)
              Maximal reordering on the path to this destination.
              If it is not given, Linux uses the  value  selected
              with sysctl variable net/ipv4/tcp_reordering.

       fragtimeout NUMBER (SuSE extension currently)
              Fragment timeout in seconds for IP fragments arriv­
              ing from this distination.  If  it  is  not  given,
              Linux  uses the value selected with sysctl variable

       nexthop NEXTHOP
              the nexthop of a multipath  route.   NEXTHOP  is  a
              complex  value  with  its own syntax similar to the
              top level argument lists:

                      via ADDRESS - is the nexthop router.

                      dev NAME - is the output device.

                      weight NUMBER - is a weight for  this  ele­
                      ment  of  a  multipath route reflecting its
                      relative bandwidth or quality.

       scope SCOPE_VAL
              the scope of the destinations covered by the  route
              prefix.  SCOPE_VAL may be a number or a string from
              the file /etc/iproute2/rt_scopes.  If this  parame­
              ter  is  omitted,  ip  assumes scope global for all
              gatewayed unicast routes,  scope  link  for  direct
              unicast and broadcast routes and scope host for lo­
              cal routes.

                      kernel  -  the  route  was installed by the
                      kernel during autoconfiguration.

                      boot - the route was installed  during  the
                      bootup   sequence.   If  a  routing  daemon
                      starts, it will purge all of them.

                      static - the route was installed by the ad­
                      ministrator  to  override  dynamic routing.
                      Routing daemon will respect them and, prob­
                      ably, even advertise them to its peers.

                      ra - the route was installed by Router Dis­
                      covery protocol.

              The rest of the values are not reserved and the ad­
              ministrator  is  free  to assign (or not to assign)
              protocol tags.

       onlink pretend that the nexthop is  directly  attached  to
              this  link, even if it does not match any interface

              allow packet by packet randomization  on  multipath
              routes.   Without  this modifier, the route will be
              frozen to one selected nexthop, so that load split­
              ting  will  only  occur on per-flow base.  equalize
              only works if the kernel is patched.

   ip route delete - delete route
       ip route del has the same arguments as ip route  add,  but
       their semantics are a bit different.

       Key  values  (to,  tos,  preference  and table) select the
       route to delete.  If optional attributes are  present,  ip
       verifies  that  they  coincide  with the attributes of the
       route to delete.  If no route with the given key  and  at­
       tributes was found, ip route del fails.

   ip route show - list routes
       the command displays the contents of the routing tables or
       the route(s) selected by some criteria.
              root 0/0 i.e. it lists the entire table.

       tos TOS
              dsfield  TOS only select routes with the given TOS.

       table TABLEID
              show the routes from this  table(s).   The  default
              setting  is  to show tablemain.  TABLEID may either
              be the ID of a real table or  one  of  the  special

                      all - list all of the tables.

                      cache - dump the routing cache.


       cached list  cloned  routes i.e. routes which were dynami­
              cally forked from other routes because  some  route
              attribute  (f.e. MTU) was updated.  Actually, it is
              equivalent to table cache.

       from SELECTOR
              the same syntax as for to, but it binds the  source
              address  range rather than destinations.  Note that
              the from option only works with cloned routes.

       protocol RTPROTO
              only list routes of this protocol.

       scope SCOPE_VAL
              only list routes with this scope.

       type TYPE
              only list routes of this type.

       dev NAME
              only list routes going via this device.

       via PREFIX
              only list routes going via the nexthop routers  se­
              lected by PREFIX.

       The arguments have the same syntax and  semantics  as  the
       arguments  of  ip  route  show, but routing tables are not
       listed but purged.  The only difference is the default ac­
       tion:  show  dumps all the IP main routing table but flush
       prints the helper page.

       With the -statistics option, the command becomes  verbose.
       It  prints out the number of deleted routes and the number
       of rounds made to flush the routing table.  If the  option
       is  given twice, ip route flush also dumps all the deleted
       routes in the format described in the previous subsection.

   ip route get - get a single route
       this  command  gets  a  single  route to a destination and
       prints its contents exactly as the kernel sees it.

       to ADDRESS (default)
              the destination address.

       from ADDRESS
              the source address.

       tos TOS

       dsfield TOS
              the Type Of Service.

       iif NAME
              the device from which this packet  is  expected  to

       oif NAME
              force  the  output device on which this packet will
              be routed.

              if no source address (option from) was  given,  re-
              lookup  the  route  with the source set to the pre­
              ferred address received from the first lookup.   If
              policy  routing  is  used,  it  may  be a different

ip rule - routing policy database management

       Rules in the routing policy database control the route se­
       lection algorithm.

       Classic routing algorithms used in the Internet make rout­
       ing decisions based only on  the  destination  address  of
       packets  (and  in  theory, but not in practice, on the TOS

       In some circumstances we want to route packets differently
       depending  not  only on destination addresses, but also on
       other packet fields: source address, IP  protocol,  trans­
       port  protocol ports or even packet payload.  This task is
       called 'policy routing'.

       To solve this task,  the  conventional  destination  based
       routing  table,  ordered  according  to  the longest match
       rule, is replaced with a  'routing  policy  database'  (or
       RPDB),  which  selects  routes  by  executing  some set of

       Each policy routing rule consists of a selector and an ac­
       tion  predicate.   The RPDB is scanned in the order of in­
       creasing priority.  The selector of each rule  is  applied
       to  {source  address, destination address, incoming inter­
       face, tos, fwmark} and, if the selector matches the  pack­
       et, the action is performed.  The action predicate may re­
       turn with success.  In this case, it will  either  give  a
       route  or failure indication and the RPDB lookup is termi­
       nated.  Otherwise, the RPDB program continues on the  next

       Semantically,  natural action is to select the nexthop and
       the output device.

       At startup time the kernel  configures  the  default  RPDB
       consisting of three rules:

       1.     Priority:  0,  Selector:  match  anything,  Action:
              lookup routing table local  (ID  255).   The  local
              table  is  a  special routing table containing high
              priority control routes for local and broadcast ad­

              Rule  0  is special.  It cannot be deleted or over­
              packet.  This rule may also be deleted.

       Each RPDB entry has additional attributes.  F.e. each rule
       has a pointer to some routing table.  NAT and masquerading
       rules have an attribute to select new IP address to trans­
       late/masquerade.   Besides  that, rules have some optional
       attributes, which routes have, namely realms.  These  val­
       ues do not override those contained in the routing tables.
       They are only used if the route did  not  select  any  at­

       The RPDB may contain rules of the following types:

               unicast  - the rule prescribes to return the route
               found in the routing table referenced by the rule.

               blackhole  -  the rule prescribes to silently drop
               the packet.

               unreachable - the rule prescribes  to  generate  a
               'Network is unreachable' error.

               prohibit - the rule prescribes to generate 'Commu­
               nication is administratively prohibited' error.

               nat - the rule prescribes to translate the  source
               address of the IP packet into some other value.

   ip rule add - insert a new rule
   ip rule delete - delete a rule
       type TYPE (default)
              the type of this rule.  The list of valid types was
              given in the previous subsection.

       from PREFIX
              select the source prefix to match.

       to PREFIX
              select the destination prefix to match.

       iif NAME
              select the incoming device to match.  If the inter­
              face  is  loopback,  the  rule only matches packets
              originating from this host.  This  means  that  you
              may  create  separate  routing tables for forwarded
              and local packets and, hence, completely  segregate
              the  priority  of this rule.  Each rule should have
              an explicitly set unique priority value.

       table TABLEID
              the routing table identifier to lookup if the  rule
              selector matches.

       realms FROM/TO
              Realms  to select if the rule matched and the rout­
              ing table lookup succeeded.  Realm TO is only  used
              if the route did not select any realm.

       nat ADDRESS
              The  base of the IP address block to translate (for
              source addresses).  The ADDRESS may be  either  the
              start  of  the  block of NAT addresses (selected by
              NAT routes) or a local host address (or even zero).
              In  the last case the router does not translate the
              packets, but masquerades them to this address.

              Warning: Changes to the RPDB made with  these  com­
              mands  do not become active immediately.  It is as­
              sumed that after a script finishes a batch  of  up­
              dates,  it  flushes the routing cache with ip route
              flush cache.

   ip rule show - list rules
       This command has no arguments.

ip maddress - multicast addresses management

       maddress objects are multicast addresses.

   ip maddress show - list multicast addresses
       dev NAME (default)
              the device name.

   ip maddress add - add a multicast address
   ip maddress delete - delete a multicast address
       these commands attach/detach a static link layer multicast
       address  to  listen on the interface.  Note that it is im­
       possible to join  protocol  multicast  groups  statically.
       This command only manages link layer addresses.

       address LLADDRESS (default)
       them.  This limitation will be removed in the future.

   ip mroute show - list mroute cache entries
       to PREFIX (default)
              the  prefix selecting the destination multicast ad­
              dresses to list.

       iif NAME
              the interface on which multicast  packets  are  re­

       from PREFIX
              the prefix selecting the IP source addresses of the
              multicast route.

ip tunnel - tunnel configuration

       tunnel objects are tunnels, encapsulating packets in  IPv4
       packets  and then sending them over the IP infrastructure.

   ip tunnel add - add a new tunnel
   ip tunnel change - change an existing tunnel
   ip tunnel delete - destroy a tunnel
       name NAME (default)
              select the tunnel device name.

       mode MODE
              set the tunnel mode.   Three  modes  are  currently
              available: ipip, sit and gre.

       remote ADDRESS
              set the remote endpoint of the tunnel.

       local ADDRESS
              set  the  fixed local address for tunneled packets.
              It must be an address on another interface of  this

       ttl N  set a fixed TTL N on tunneled packets.  N is a num­
              ber in the range 1--255. 0 is a special value mean­
              ing  that  packets  inherit the TTL value.  The de­
              fault value is: inherit.

              disable Path MTU Discovery on this tunnel.   It  is
              enabled  by  default.  Note that a fixed TTL is in­
              compatible with  this  option:  tunnelling  with  a
              fixed TTL always makes PMTU discovery.

       key K

       ikey K

       okey K (only  GRE  tunnels) use keyed GRE with key K. K is
              either a number or an IP address-like dotted  quad.
              The  key  parameter sets the key to use in both di­
              rections.  The ikey and okey parameters set differ­
              ent keys for input and output.

       csum, icsum, ocsum
              (only  GRE  tunnels) generate/require checksums for
              tunneled packets.  The ocsum flag calculates check­
              sums for outgoing packets.  The icsum flag requires
              that all input packets have the  correct  checksum.
              The  csum flag is equivalent to the combination ic­
              sum ocsum.

       seq, iseq, oseq
              (only GRE tunnels)  serialize  packets.   The  oseq
              flag  enables  sequencing of outgoing packets.  The
              iseq flag requires that all input packets are seri­
              alized.  The seq flag is equivalent to the combina­
              tion iseq oseq.  This doesn't work.  Don't use  it.

   ip tunnel show - list tunnels
       This command has no arguments.

ip monitor and rtmon - state monitoring

       The ip utility can monitor the state of devices, addresses
       and routes continuously.  This option has a slightly  dif­
       ferent  format.   Namely, the monitor command is the first
       in the command line and then the object list follows:

       ip monitor [ all | LISTofOBJECTS ]

       OBJECT-LIST is the list of object types that  we  want  to
       monitor.   It  may contain link, address and route.  If no
       file argument is given, ip opens RTNETLINK, listens on  it
       and  dumps state changes in the format described in previ­
       ous sections.

       Certainly,  it is possible to start rtmon at any time.  It
       prepends the history with the state snapshot dumped at the
       moment of starting.


       ip  was  written by Alexey N. Kuznetsov and added in Linux


       IP Command reference ip-cref.ps
       IP tunnels ip-cref.ps


       This  manual  page  is  maintained   by   Michail   Litvak

iproute2                   1 April 2002                     IP(8)



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
The Linux Tutorial can use your help.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.09 Seconds