The unix ip command serves as the modern Swiss Army knife for network administration, replacing a collection of older utilities with a single, powerful tool. For anyone managing servers or troubleshooting connectivity, understanding its capabilities is not optional; it is fundamental. This guide moves beyond basic examples to explore the syntax, practical workflows, and advanced techniques that define expert usage.
Understanding the ip Command Architecture
At its core, the ip utility is a centralized binary located at /bin/ip or /usr/sbin/ip that acts as a central manager for network objects. Instead of scattering functionality across ifconfig, route, and arp, the tool consolidates logic into a single interface that follows a strict hierarchy. The standard structure relies on objects, which represent the various components of the network stack, combined with actions that manipulate those objects.
Object and Action Syntax
Address Management and Interface Control
One of the most frequent tasks for a system administrator is managing IP addresses, where the ip command proves significantly more flexible than legacy tools. You can view, add, or delete addresses without bouncing the entire interface, which minimizes service disruption. This granularity is essential in dense server environments where uptime is critical.
Viewing and Assigning Addresses
To display the current IP configuration for all interfaces, the address (`addr`) object is used in conjunction with the `show` command. For example, `ip addr show` provides a detailed list including the interface name, state, and associated CIDR blocks. To modify addresses, you use `ip addr add` or `ip addr del`, specifying the exact CIDR notation and the target interface with the `dev` parameter.
Routing Table Manipulation
While direct address management handles local configuration, routing dictates how traffic leaves the machine. The ip utility provides deep visibility and control over the kernel routing tables, allowing you to define custom paths and policy rules. This is particularly valuable in complex network topologies or when implementing advanced security models.
Viewing and Adding Routes
To inspect the current routing decisions, the command `ip route show` outputs the active table in a straightforward list. Adding a new route requires specifying a destination network, a gateway, and an output interface, structured as `ip route add default via 192.168.1.1 dev eth0`. This transparency allows administrators to quickly verify that packets will traverse the correct network hops.
Neighbor Discovery and ARP Management
Layer 2 resolution is handled through the neighbor (`neigh`) object, which manages the mapping between IP addresses and MAC addresses. This functionality replaces the old arp command, offering a consistent experience across different link types. Monitoring these entries helps diagnose connectivity issues caused by MAC address changes or failed ARP requests.
Monitoring and Fixing Resolution Issues
You can list all current neighbor entries with `ip neighbor show`, which reveals the state of each cached connection, whether it is reachable, stale, or failed. If a device is not responding, you can flush specific entries using `ip neighbor del` or force a new resolution by toggling the interface link. This direct control over the ARP cache is a powerful troubleshooting asset.
