Ip linux command

From Teknologisk videncenter
Revision as of 09:22, 16 May 2017 by Heth (talk | contribs) (References)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Introduction to the linux ip[1].

Function: show / manipulate routing, devices, policy routing and tunnels

Basic IPv4

Show route table

heth@mars:~$ <input>ip route</input>
172.16.4.0/24 dev eth0  proto kernel  scope link  src 172.16.4.17
192.168.139.0/24 via 172.16.4.19 dev eth0
192.168.0.0/16 via 172.16.4.21 dev eth0
172.16.0.0/12 via 172.16.4.21 dev eth0
10.0.0.0/8 via 172.16.4.21 dev eth0
default via 172.16.4.16 dev eth0  metric 100

Show interface device

heth@mars:~$ <input>ip addr show eth0</input>
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:14:5e:67:61:4a brd ff:ff:ff:ff:ff:ff
    inet 172.16.4.17/24 brd 172.16.4.255 scope global eth0

Adding IP addresses

root@mars:~# <input>ip addr add 17.30.5.65/24 dev eth1</input>
root@mars:~# <input>ip addr add 17.30.6.65/24 dev eth1</input>
root@mars:~# <input>ip addr show eth1</input>
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 00:14:5e:67:61:4b brd ff:ff:ff:ff:ff:ff
    inet 17.30.5.65/24 scope global eth1
    inet 17.30.6.65/24 scope global eth1

Deleting IP addresses

root@mars:~# <input>ip addr del 17.30.6.65/24 dev eth1</input>

Adding a route

root@mars:~# <input>ip route add 172.31.9.0/24 via 172.16.4.16 dev eth0</input>
root@mars:~# <input>ip route add 172.31.10.0/24 via 172.16.4.16</input>

Deleting a route

root@mars:~# <input>ip route del 172.31.9.0/24 via 172.16.4.16 dev eth0</input>
root@mars:~# <input>ip route del 172.31.10.0/24 via 172.16.4.16</input>

Adding a virtual router

Adding a virtual router between eth1 and eth2 and using NAT.

  • Outside: eth1 ip addr 204.0.0.34/28
  • Inside: eth2 ip addr 172.21.0.201/16

The script could be added to /etc/rc.local

echo "1" >  /proc/sys/net/ipv4/ip_forward
ip route flush table 4
ip rule del fwmark 4 table 4
iptables -F -t nat
iptables -F -t mangle

ip route add table 4 204.0.0.32/28 dev eth1  scope link
ip route add table 4 172.21.0.0/16 dev eth2  scope link
ip route add table 4 172.22.0.0/16  dev eth2 via 172.21.0.2
ip route add table 4 default via 204.0.0.33

iptables -t mangle -A PREROUTING  -s 172.21.0.0/16 -d 0/0 -j MARK --set-mark 4
iptables -t mangle -A PREROUTING  -s 172.22.0.0/16 -d 0/0 -j MARK --set-mark 4
ip rule add fwmark 4 table 4

iptables -t nat -A POSTROUTING -s 172.21.0.0/16 --mark 4 -d 0/0 -j SNAT --to 204.0.0.34
iptables -t nat -A POSTROUTING -s 172.22.0.0/16 --mark 4 -d 0/0 -j SNAT --to 204.0.0.34
Note
the --mark i iptables POSTROUTING needs verification

Links

References