spacer

Sysresccd-Networking-EN-Basic-IP-configuration-tools-on-linux

History


Contents

Old generation network configuration tools on linux

interface configuration tool

All unix flavours come with ifconfig tool to configure the network interfaces. On Linux the network interfaces are called eth0, eth1, eth2, .... ifconfig allows you to configure the basic TCP/IP settings on the network interfaces, such as one or more static IP addresses, the netmask, ... You don't have to use ifconfig when you use dynamic IP addresses. In that case, you just have to run a DHCP client (such as dhdpcd or dhclient) that will try to connect to a DHCP server on your LAN in order to get a dynamic address. Here is how to configure an IP address on the first ethernet interface of your computer:

ifconfig eth0 192.168.1.1 netmask 255.255.255.0

This IP address belongs to the private class-C IP address, it means that your network interface can speak to all the computers having an address starting with 192.168.1 that are connected on that LAN. If you configure static IP addresses, make sure that the same address is never used twice on the same LAN.

You can also configure more that one IP address on an interface. This is called "IP Aliasing". It means that the interface will receive all the network packets sent to one of these addresses. These addresses can either be part of the same subnet (eg: 192.168.1.1/24 and 192.168.1.2/24) or they can be on different subnets (eg: 192.168.1.1/24 and 172.16.1.1/16). Here is an example of IP aliasing:

ifconfig eth0 192.168.1.1 netmask 255.255.255.0
ifconfig eth0:1 192.168.1.2 netmask 255.255.255.0
ifconfig eth0:2 172.16.1.1 netmask 255.255.0.0

routing configuration tool

You may need to configure the routes on your machines as soon as you don't have a very simple network configuration on your machine, I mean a computer with one interface. Basically, routing allows you to say which network device, or which router of the network must be used to send network packets to a remote machine or to a remote subnet.

All the recent operating systems have a route command to configure routing, but the syntax may change. Here are several examples of how to configure routing with the old generation command on linux:

  • configure the default route to use 192.168.1.254 as the gateway:

route add default gw 192.168.1.254

  • send the packets to 192.168.157.3 through the second network interface (eth1 is the second interface):

route add -host 192.168.157.3 dev eth1

  • send the packets of the subnet 192.168.200.0/24 through a gateway:

route add -net 192.168.200.0/24 gw 192.168.1.1

  • delete the previous route:

route del -net 192.168.200.0/24 gw 192.168.1.1

  • display the current routing table:

route -n (option -n disables the name resolution)

The routing table is used to route the packets sent by your own computer. It's also used if your computer acts as a router. In that case, you must enable the "IP forwarding" with the following command:

echo 1 > /proc/sys/net/ipv4/ip_forward

New generation network configuration tools on linux

iproute2 is a collection of utilities to replace the legacy Unix networking tools that were previously used for the tasks of configuring network interfaces, routing tables, and managing the ARP table. The most important command is ip. It comes with several subcommands which replace the old generation unix networking tools. iproute2 uses the netlink socket to speak to the kernel. This is less limited than the ioctl interface that is used with ifconfig.

  • ip address <parameters>: configures the network interfaces with IPv4 or IPv6 (it replaces ifconfig)
  • ip route <parameters>: configures the routing (it replaces route)
  • ip rule <parameters>: configures the policy routing (advanced routing on linux)
  • ip neigh <parameters>: manages the ARP table (it replaces the arp command)

interface configuration tool

Since ip is a recent command, it has been designed to be able to manage complex cases. This is why you don't have to use IP aliasing to configure several IP addresses on an interface. Here is how to configure two IP addresses on eth0:

ip address add 192.168.1.1/24 dev eth0
ip address add 192.168.1.2/24 dev eth0

Anyway you can specify an alias even if it's not required, in order to preserve the compatibility with old tools:

ip address add 192.168.1.1/24 dev eth0
ip address add 192.168.1.2/24 dev eth0 label eth0:1

Here is an example of what you can get when you want to list the IP addresses configured on your computer with ip address show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0c:29:02:8c:8d brd ff:ff:ff:ff:ff:ff
    inet 192.168.157.3/24 brd 192.168.157.255 scope global eth0
    inet 172.16.10.1/16 scope global eth0

Here is how to get rid of addresses:

ip address del 192.168.1.1/24 dev eth0
ip address del 192.168.1.2/24 dev eth0

The errors displayed by this tool may be misleading. For instance RTNETLINK answers: File exists means that you added an address or a route that was already configured. There is no file involved in this action:

# ip address add 192.168.1.2/24 dev eth0 label eth0:1
RTNETLINK answers: File exists

basic routing with ip route

The ip command allows you to perform both basic routing and advanced routing such as policy routing. This is why the old route command is deprecated. Anyway this section focuses on basic routing only.

Here are several examples of how to configure routing with ip route:

  • configure the default route to use 192.168.1.254 as the gateway:

ip route add default via 192.168.1.254

  • send the packets to 192.168.157.3 through the second network interface (eth1 is the second interface):

ip route add 192.168.157.3/32 dev eth1

  • send the packets of the subnet 192.168.200.0/24 through a gateway:

ip route add 192.168.200.0/24 via 192.168.1.1

  • remove the previous route entry from the routing table:

ip route del 192.168.200.0/24

  • display the current routing table:

ip route show

  • show the routing cache:

ip route show cache

  • flush the routing cache:

ip route flush cache

As mentioned previously, you will have to enable IP forwarding if you want your machine to act as a router: echo 1 > /proc/sys/net/ipv4/ip_forward

spacer