Date created: Monday, July 1, 2013 4:57:54 PM. Last modified: Sunday, March 24, 2024 10:37:44 AM

IP addressing, routing, routing tables, and namespaces

Delete All IPs

$ sudo ip addr flush dev eth0

 

Set MAC Address

$ sudo ip link set dev eth0 address 00:00:00:00:00:01

 

ARP Entries

Set a static entry:

$ sudo arp -i eth0 -s 10.0.0.4 00:00:00:00:00:04

Clear a dynamic ARP Entry:

$ sudo ip neighbor del 10.0.0.4 dev eth0

 

Set Promiscuous Mode

$ sudo ip link set dev eth0 promisc on

 

Showing Routes

$ ip route
$ ip -6 route
$ ip route get 8.8.8.8

 

Monitor

# man ip-monitor
# -t - show timestamps
# -ts - show short timestamps
# monitor - monitor netlink messages
# monitor [ optional object type ] - link, address, route, mroute, prefix, neigh, netconf, rule, nsid and nexthop

$ ip -ts monitor
[2023-11-15T14:57:42.616056] fd:0:0:1::2 dev enx00e04c36114d lladdr 00:1e:06:42:03:e0 router PROBE
[2023-11-15T14:57:42.617337] fd:0:0:1::2 dev enx00e04c36114d lladdr 00:1e:06:42:03:e0 router REACHABLE
[2023-11-15T14:57:47.735765] fe80::21e:6ff:fe42:3e0 dev enx00e04c36114d lladdr 00:1e:06:42:03:e0 router PROBE
[2023-11-15T14:57:47.736710] fe80::21e:6ff:fe42:3e0 dev enx00e04c36114d lladdr 00:1e:06:42:03:e0 router REACHABLE
[2023-11-15T14:58:08.215771] fd:0:0:1::2 dev enx00e04c36114d lladdr 00:1e:06:42:03:e0 router STALE
[2023-11-15T14:58:12.311945] fe80::21e:6ff:fe42:3e0 dev enx00e04c36114d lladdr 00:1e:06:42:03:e0 router STALE
[2023-11-15T14:58:16.169458] 4: enx00e04c36114d inet 192.168.58.8/26 brd 192.168.58.63 scope global dynamic noprefixroute enx00e04c36114d
valid_lft 65757sec preferred_lft 65757sec
[2023-11-15T14:58:16.169532] 4: enx00e04c36114d inet6 fe80::e972:def3:6ea9:dbe8/64 scope link noprefixroute
valid_lft forever preferred_lft forever

 

Route Types

$ ip route add help 2>&1 | grep -A 1 unicast
TYPE := { unicast | local | broadcast | multicast | throw |
unreachable | prohibit | blackhole | nat }

Blackhole routes silently drop packets:

$ sudo ip -6 route add blackhole 2001:41c0::/32
$ sudo ip -6 route add blackhole 2001:41c1::/32

$ ip -6 r | grep black
blackhole 2001:41c0::/32 dev lo metric 1024 pref medium
blackhole 2001:41c1::/32 dev lo metric 1024 pref medium

Unreachable routes drop traffic and generate an ICMP unreachable message.

Prohibit routes drop traffic but send an ICMP communication administratively prohibited message.

 

Network Name Spaces

Two sub-interfaces in different Network Namespaces (on Linux each NetNS is a full IP stack so these are implicitly separate routing tables):

sudo ip netns list
sudo ip link add link ens2f0 name ens2f0.10 type vlan id 10
sudo ip link set up dev ens2f0.10
sudo ip a a 10.0.1.2/30 dev ens2f0.10
sudo ip r a 10.0.2.0/30 via 10.0.1.1
ip r

sudo ip netns add qos
sudo ip link add link ens2f0 name ens2f0.20 type vlan id 20
sudo ip link set ens2f0.20 netns qos
sudo ip netns exec qos ip link set up dev ens2f0.20
sudo ip netns exec qos ip link show
sudo ip netns exec qos ip a a 10.0.2.2/30 dev ens2f0.20
sudo ip netns exec qos ip r a 10.0.1.0/30 via 10.0.2.1
sudo ip netns exec qos ip r

# Move an interface back into the root namespace
# sudo ip netns exec qos ip link set ens2f0.20 netns 1

 

Adding  a custom routing table which also has a default route, to be used for example with an OOB connection;

Show currenet routing tables;

cat /etc/iproute2/rt_tables

Add new routing table, ID 20 called "OOB";

echo "20 OOB" >> /etc/iproute2/rt_tables

Add the rest to /etc/rc.local or similar start up script:

# Bring up our secondary interface which is connected to the OOB network
/sbin/ip link set dev eth1 up
# Add the IP address to this interface /sbin/ip addr add 192.0.2.10/24 dev eth1
# Add a default route on this interface in this custom IP routing table /sbin/ip route add 0/0 via 192.0.2.254 table OOB
ip route show table OOB
# Add a rule to route any traffic that comes from our OOB IP to be routed according # to the routes in the OOB routing table (which simply contains a default route, out via # the same OOB network) /sbin/ip rule add from 192.0.2.10 table OOB

Previous page: 'iptables' - Notes
Next page: IPv6 Addressing on Linux