A Well-Stocked Toolbox

IPRoute2 is the successor to the net-tools networking utilities, including ifconfig and route. Instead of having to use a separate tool for every aspect of network management, with IPRoute2, administrators now have a unified interface. Although IPRoute2 has been available for some time, the toolbox has struggled to replace the legacy tools.

Feature Scope

IPRoute2 [1] lets the admin manage most aspects of the network, including:

• IP configuration of interfaces
• Adding and deleting entries in the routing table
• Adjusting the ARP cache settings or NDISC (Neighbor Discovery)
• Managing network tunnels
• Displaying the link-layer information (MAC addresses, etc.)
• Configuring Quality of Service (QoS)

Management features cover both IPv4 and IPv6, and new features are implemented in a timely manner. For example, 6rd tunnel management [2] has already been added. IPRoute2 is now part of the basic install set for all major Linux distributions and is fundamental to many of the advanced network features. For example, IPRoute2 is required for some routing and gateway functions. Even the Gnome desktop cannot communicate on the network without IPRoute2.

IPRoute2 Programs and Files

Usually the configuration files for the individual tools are located in /etc/iproute2 and contain some values that are required only in advanced scenarios. Most of the programs provided by IPRoute2 have a special task, and all of them play a specific role in managing network functions:

• /sbin/ip – The main program, with which most network aspects of the Linux kernel can be controlled.
• /sbin/cbq – Serves as a sample script for the class-based QoS (class-based queuing, CBQ).
• /sbin/ifcfg – Replaces the IP address management option in ifconfig.
• /sbin/rtmon – Enables monitoring of the routing table.
• /sbin/tc – Used to configure advanced traffic control features.
• /sbin/arpd – Collects gratuitous ARP information. These ARP messages announce a change in the IP-to-MAC address mapping.
• /sbin/lnstat – Shows kernel statistics on various aspects of network communication and replaces rtstat.
• Additional tools – /sbin/nstat and /sbin/rtacct are simple tools for displaying SNMP counters and network statistics.

The most important tool in IPRoute2 is ip. It handles most of the common tasks associated with network management by specifying particular objects and providing them with the desired parameters and options that serve as the context. Important contexts include, for example:

• Link – Displays or manipulates information at the link-layer level.
• Address – Displays or manipulates IP information.
• Route – Displays or manipulates routing information.
• Tunnel – Displays or manipulates tunnel configurations.
• Xfrm – Displays or manipulates IPsec policies.

The commands do not typically need to be fully entered as rules; they can be completed just to the extent at which they become unambiguous. Thus, ip address, ip addr, and ip a all output the IP configuration of the interface. The complete command is actually ip address show, and appropriate show commands are available for almost all contexts. These may also be the default values (Figure 1).

Figure 1: The most important tool in IPRoute2 is ip.

In many cases, additional options can be set for the show commands. For example, if you only want to output the IP configuration for eth0, the short command is

ip address show eth0 or ip a s eth0

for short.

As with ifconfig, information for both IPv4 and IPv6 is output. If you prefer to restrict the output to one of the two protocol versions, you can enable the option ip -4 or ip -6 as a filter.

Self-Help

Help is available from the man pages for each tool in IPRoute2 and via the help option, which can be specified after the respective context. For example,

ip addr help

shows context-sensitive help for the ip addr options. Detailed information is provided by the man pages for the individual contexts. In the case of ip addr, for example, you can call:

man ip-address

The specific call required for the context in question is shown in the SEE ALSO section of the man page for ip itself, that is, man ip 8.