Linux TCP/IP networking: net-tools vs. iproute2
2017-04-21 10:40
1591 查看
origin: http://xmodulo.com/linux-tcpip-networking-net-tools-iproute2.html Many
sysadmins still manage and troubleshoot various network configurations by using a combination of
ifconfig, route, arp and netstat command-line tools, collectively known as
net-tools. Originally rooted in the BSD TCP/IP toolkit, the net-tools was developed to configure network functionality of older Linux kernels. Its development in the Linux community so far has ceased since 2001. Some Linux distros such as
Arch Linux and CentOS/RHEL 7 have already deprecated net-tools, and others are
planning to do so in favor of iproute2.
iproute2, which is another family of network configuration tools, emerged to replace the functionality of
net-tools. While net-tools accesses and changes kernel network configurations via
procfs (/proc) and ioctl system call, iproute2 communicates with the kernel via
netlink socket interface. The /proc interface is known to be more heavyweight than
netlink interface. Putting performance aside, the user interface of
iproute2 is more intuitive than that of net-tools. For example, network resources (e.g., link, IP address, route, tunnel, etc.) are aptly defined with "object" abstraction, and you can manage different objects using consistant syntax. Most importantly,
iproute2 has been under
active development so far.
If you are still using net-tools, it is time to switch to iproute2, especially if you want to catch up with the latest and greatest networking features of the Linux kernel. Chances are that there are many things you can do with
iproute2, but cannot with net-tools, be it source-based routing, QoS, VLAN, bonding, bridges, etc. It's also worth noting that higher-level network configuration tools such as
network manager depend on iproute2.
For those who want to make the switch, here is a round-up of net-tools vs.
iproute2 comparison.
With net-tools:
$ ifconfig -a
With iproute2:
$ ip link show
With net-tools:
$ sudo ifconfig eth1 up
$ sudo ifconfig eth1 down
With iproute2:
$ sudo ip link set down eth1
$ sudo ip link set up eth1
With net-tools:
$ sudo ifconfig eth1 10.0.0.1/24
With iproute2:
$ sudo ip addr add 10.0.0.1/24 dev eth1
Note that with iproute2, you can assign multiple IP addresses to an interface, which you cannot do with
ifconfig. A workaround for this with ifconfig is to use
IP aliases.
$ sudo ip addr add 10.0.0.1/24 broadcast 10.0.0.255 dev eth1
$ sudo ip addr add 10.0.0.2/24 broadcast 10.0.0.255 dev eth1
$ sudo ip addr add 10.0.0.3/24 broadcast 10.0.0.255 dev eth1
net-tools, other than assigning 0 to the interface. iproute2 can properly handle this.
With net-tools:
$ sudo ifconfig eth1 0
With iproute2:
$ sudo ip addr del 10.0.0.1/24 dev eth1
With net-tools:
$ ifconfig eth1
With iproute2:
$ ip addr show dev eth1
Again, if there are multiple IP addresses assigned to an interface, iproute2 shows all of them, while
net-tools shows only one IP address.
iproute2 allow you to add multiple IPv6 addresses to an interface.
With net-tools:
$ sudo ifconfig eth1 inet6 add 2002:0db5:0:f102::1/64
$ sudo ifconfig eth1 inet6 add 2003:0db5:0:f102::1/64
With iproute2:
$ sudo ip -6 addr add 2002:0db5:0:f102::1/64 dev eth1
$ sudo ip -6 addr add 2003:0db5:0:f102::1/64 dev eth1
net-tools and iproute2 can show all assigned IPv6 addresses.
With net-tools:
$ ifconfig eth1
With iproute2:
$ ip -6 addr show dev eth1
With net-tools:
$ sudo ifconfig eth1 inet6 del 2002:0db5:0:f102::1/64
With iproute2:
$ sudo ip -6 addr del 2002:0db5:0:f102::1/64 dev eth1
spoof the MAC address of a network interface, use the commands below. Note that before changing the MAC address, you need to deactivate the interface first.
With net-tools:
$ sudo ifconfig eth1 hw ether 08:00:27:75:2a:66
With iproute2:
$ sudo ip link set dev eth1 address 08:00:27:75:2a:67
route or netstat. With iproute2, use ip route command.
With net-tools:
$ route -n
$ netstat -rn
With iproute2:
$ ip route show
net-tools, modifying a default route can be achieved by adding a new default route, and then removing an old default route. With
iproute2, use ip route replace command.
With net-tools:
$ sudo route add default gw 192.168.1.2 eth0
$ sudo route del default gw 192.168.1.1 eth0
With iproute2:
$ sudo ip route add default via 192.168.1.2 dev eth0
$ sudo ip route replace default via 192.168.1.2 dev eth0
With net-tools:
$ sudo route add -net 172.16.32.0/24 gw 192.168.1.1 dev eth0
$ sudo route del -net 172.16.32.0/24
With iproute2:
$ sudo ip route add 172.16.32.0/24 via 192.168.1.1 dev eth0
$ sudo ip route del 172.16.32.0/24
With net-tools:
$ netstat
$ netstat -l
With iproute2:
$ ss
$ ss -l
With net-tools:
$ arp -an
With iproute2:
$ ip neigh
static ARP entry in the local ARP table is done as follows.
With net-tools:
$ sudo arp -s 192.168.1.100 00:0c:29:c0:5a:ef
$ sudo arp -d 192.168.1.100
With iproute2:
$ sudo ip neigh add 192.168.1.100 lladdr 00:0c:29:c0:5a:ef dev eth0
$ sudo ip neigh del 192.168.1.100 dev eth0
With net-tools:
$ sudo ipmaddr add 33:44:00:00:00:01 dev eth0
$ sudo ipmaddr del 33:44:00:00:00:01 dev eth0
$ ipmaddr show dev eth0
$ netstat -g
With iproute2:
$ sudo ip maddr add 33:44:00:00:00:01 dev eth0
$ sudo ip maddr del 33:44:00:00:00:01 dev eth0
$ ip maddr list dev eth0
sysadmins still manage and troubleshoot various network configurations by using a combination of
ifconfig, route, arp and netstat command-line tools, collectively known as
net-tools. Originally rooted in the BSD TCP/IP toolkit, the net-tools was developed to configure network functionality of older Linux kernels. Its development in the Linux community so far has ceased since 2001. Some Linux distros such as
Arch Linux and CentOS/RHEL 7 have already deprecated net-tools, and others are
planning to do so in favor of iproute2.
iproute2, which is another family of network configuration tools, emerged to replace the functionality of
net-tools. While net-tools accesses and changes kernel network configurations via
procfs (/proc) and ioctl system call, iproute2 communicates with the kernel via
netlink socket interface. The /proc interface is known to be more heavyweight than
netlink interface. Putting performance aside, the user interface of
iproute2 is more intuitive than that of net-tools. For example, network resources (e.g., link, IP address, route, tunnel, etc.) are aptly defined with "object" abstraction, and you can manage different objects using consistant syntax. Most importantly,
iproute2 has been under
active development so far.
If you are still using net-tools, it is time to switch to iproute2, especially if you want to catch up with the latest and greatest networking features of the Linux kernel. Chances are that there are many things you can do with
iproute2, but cannot with net-tools, be it source-based routing, QoS, VLAN, bonding, bridges, etc. It's also worth noting that higher-level network configuration tools such as
network manager depend on iproute2.
For those who want to make the switch, here is a round-up of net-tools vs.
iproute2 comparison.
Show All Connected Network Interfaces
The following commands show a list of all available network interfaces (whether or not they are active).With net-tools:
$ ifconfig -a
With iproute2:
$ ip link show
Activate or Deactivate a Network Interface
To activate/deactivate a particular network interface, use these commands.With net-tools:
$ sudo ifconfig eth1 up
$ sudo ifconfig eth1 down
With iproute2:
$ sudo ip link set down eth1
$ sudo ip link set up eth1
Assign IPv4 address(es) to a Network Interface
Use these commands to configure IPv4 addresses of a network interface.With net-tools:
$ sudo ifconfig eth1 10.0.0.1/24
With iproute2:
$ sudo ip addr add 10.0.0.1/24 dev eth1
Note that with iproute2, you can assign multiple IP addresses to an interface, which you cannot do with
ifconfig. A workaround for this with ifconfig is to use
IP aliases.
$ sudo ip addr add 10.0.0.1/24 broadcast 10.0.0.255 dev eth1
$ sudo ip addr add 10.0.0.2/24 broadcast 10.0.0.255 dev eth1
$ sudo ip addr add 10.0.0.3/24 broadcast 10.0.0.255 dev eth1
Remove an IPv4 address from a Network Interface
As far as IP address removal is concerned, there is no proper way to remove an IPv4 address from a network interface withnet-tools, other than assigning 0 to the interface. iproute2 can properly handle this.
With net-tools:
$ sudo ifconfig eth1 0
With iproute2:
$ sudo ip addr del 10.0.0.1/24 dev eth1
Show IPv4 Address(es) of a Network Interface
Checking IPv4 addresses of a particular network interface can be done as follows.With net-tools:
$ ifconfig eth1
With iproute2:
$ ip addr show dev eth1
Again, if there are multiple IP addresses assigned to an interface, iproute2 shows all of them, while
net-tools shows only one IP address.
Assign an IPv6 address to a Network Interface
Use these commands to add IPv6 address(es) to a network interface. Both net-tools andiproute2 allow you to add multiple IPv6 addresses to an interface.
With net-tools:
$ sudo ifconfig eth1 inet6 add 2002:0db5:0:f102::1/64
$ sudo ifconfig eth1 inet6 add 2003:0db5:0:f102::1/64
With iproute2:
$ sudo ip -6 addr add 2002:0db5:0:f102::1/64 dev eth1
$ sudo ip -6 addr add 2003:0db5:0:f102::1/64 dev eth1
Show IPv6 address(es) of a Network Interface
Displaying IPv6 addresses of a particular network interface can be done as follows. Bothnet-tools and iproute2 can show all assigned IPv6 addresses.
With net-tools:
$ ifconfig eth1
With iproute2:
$ ip -6 addr show dev eth1
Remove an IPv6 address from a Network Interface
Use these commands to remove any unnecessary IPv6 address from an interface.With net-tools:
$ sudo ifconfig eth1 inet6 del 2002:0db5:0:f102::1/64
With iproute2:
$ sudo ip -6 addr del 2002:0db5:0:f102::1/64 dev eth1
Change the MAC Address of a Network Interface
Tospoof the MAC address of a network interface, use the commands below. Note that before changing the MAC address, you need to deactivate the interface first.
With net-tools:
$ sudo ifconfig eth1 hw ether 08:00:27:75:2a:66
With iproute2:
$ sudo ip link set dev eth1 address 08:00:27:75:2a:67
View the IP Routing Table
net-tools has two options for showing the kernel's IP routing table:route or netstat. With iproute2, use ip route command.
With net-tools:
$ route -n
$ netstat -rn
With iproute2:
$ ip route show
Add or Modify a Default Route
Here are the commands to add or modify a default route in the kernel's IP routing table. Note that withnet-tools, modifying a default route can be achieved by adding a new default route, and then removing an old default route. With
iproute2, use ip route replace command.
With net-tools:
$ sudo route add default gw 192.168.1.2 eth0
$ sudo route del default gw 192.168.1.1 eth0
With iproute2:
$ sudo ip route add default via 192.168.1.2 dev eth0
$ sudo ip route replace default via 192.168.1.2 dev eth0
Add or Remove a Static Route
A static routing can be added or removed with the following commands.With net-tools:
$ sudo route add -net 172.16.32.0/24 gw 192.168.1.1 dev eth0
$ sudo route del -net 172.16.32.0/24
With iproute2:
$ sudo ip route add 172.16.32.0/24 via 192.168.1.1 dev eth0
$ sudo ip route del 172.16.32.0/24
View Socket Statistics
Here are the commands to check socket statistics (e.g., active/listening TCP/UDP sockets).With net-tools:
$ netstat
$ netstat -l
With iproute2:
$ ss
$ ss -l
View the ARP Table
You can display the kernel's ARP table with these commands.With net-tools:
$ arp -an
With iproute2:
$ ip neigh
Add or Remove a Static ARP Entry
Adding or removing astatic ARP entry in the local ARP table is done as follows.
With net-tools:
$ sudo arp -s 192.168.1.100 00:0c:29:c0:5a:ef
$ sudo arp -d 192.168.1.100
With iproute2:
$ sudo ip neigh add 192.168.1.100 lladdr 00:0c:29:c0:5a:ef dev eth0
$ sudo ip neigh del 192.168.1.100 dev eth0
Add, Remove or View Multicast Addresses
To configure or view multicast addresses on a network interface, use the commands below.With net-tools:
$ sudo ipmaddr add 33:44:00:00:00:01 dev eth0
$ sudo ipmaddr del 33:44:00:00:00:01 dev eth0
$ ipmaddr show dev eth0
$ netstat -g
With iproute2:
$ sudo ip maddr add 33:44:00:00:00:01 dev eth0
$ sudo ip maddr del 33:44:00:00:00:01 dev eth0
$ ip maddr list dev eth0
相关文章推荐
- Linux TCP/IP网络小课堂:net-tools与iproute2大比较
- Linux TCP/IP 网络工具对比:net-tools 和 iproute2
- Linux TCP/IP网络小课堂:net-tools与iproute2大比较
- Linux TCP/IP网络小课堂:net-tools与iproute2大比较
- Linux网络管理常用命令:net-tools VS iproute2
- TCP/IP capture/analysis tools in Unix/Linux
- Extended TCP/IP Stack In Linux: Netfilter Hooks and IP Table
- Linux TCP/IP 协议栈学习(2)—— 数据帧收发主要函数及net_device 结构
- CentOS 不能联网以及TCP/IP网络管理工具:net-tools VS iproute2问题
- Linux TCP/IP 协议栈学习(2)—— 数据帧收发主要函数及net_device 结构
- VS.NET Development Environment and Tools 链接集
- Linux TCP/IP 协议栈的关键数据结构Socket Buffer
- com.microsoft.sqlserver.jdbc.SQLServerException: 到主机 的 TCP/IP 连接失败。 java.net.ConnectException: Connection timed out: connect数据库
- VBdotnet2005 TCP IP System.Net.Sockets应用实例
- .Net Micro Framework研究—TCP/IP通信
- TCP/IP原理、基础以及在Linux上的实现
- 百度笔试题2005题目大致是这样的: 第一部分选择题: 有几道网络相关的题目,巨简单,比如第一题是TCP、RIP、IP、FTP中哪个协议是传输层的......。有一道linux的 chown使用题目。其他的全是数据结构的题目!什么链,表
- TCP/IP原理、基础以及在Linux上的实现
- 在Linux下配置TCP/IP(二)
- Socket tcp/ip 例子 C语言 LINUX