In my last post on RHEL 7 new features we looked at the network interfaces in RHEL 7. The next question we will look at is how do you examine and reconfigure the IP address, netmask, routing table, and other networking settings on Linux? The answer may surprise you. This post will provide an overview of the RHEL 7 commands to examine and set networking parameters.
Many distributions still explain how to set up networking with the net-tools package which includes the long-familiar commands ifconfig, route, netstat, arp, and others. However, net-tools is obsolete, it’s long past time to move to the Iproute2 package and its Swiss Army knife command ip.
Red Hat’s RHEL 7 Networking Guide mentions something about this, although its wording implies that the only issue is with support of InfiniBand interfaces.
No, it’s much worse. The old commands simply do not work the way they’re supposed to. The underlying Linux kernel data structures have changed. Alexey Kuznetsov was the original Iproute2 developer, that work was connected to his development of QoS routing and other excellent features in the Linux kernel.
Some things still work with the net-tools commands, at least in certain situations, but the best practice is to learn the new Iproute2 commands. The new commands are featured in the new revision of Learning Tree’s Linux server administration course which will start running in a few weeks.
Let’s take a quick overview of the commands to examine and set networking parameters. I will show you example syntax and leave it up to you to try these out on your systems. Refer to their manual pages for details on the full range of options, I’m just showing the most common uses. Some of them need an interface name. As I explained last week, the interface names have changed. Only ethtool has to run as root for these read-only examples.
netstat -i)The ifstat command gives you recent rates, and command-line options let you control the time window and period for recurring measurement.
The ip -s link command gives you cumulative statistics (counters) in addition to the MAC address and interface settings reported when you don’t include the -s option.
While we’re down at the hardware level, ethtool reports and can set some physical layer parameters: speed, duplex mode, and more.
$ ifstat $ ip link $ ip -s link # ethtool enp0s3
arp -a)Use ip neigh to see the mappings between MAC and both IPv4 and IPv6. Or you can ask for just one IP version.
$ ip neigh $ ip -4 neigh $ ip -6 neigh
ifconfig)The old ifconfig reported a mix of hardware, link-layer, and IP layer information. Its indentation style gave the illusion of being easy to read until you really sat down to read it.
Use ip addr now. You can ask for just one interface or just one IP version.
$ ip addr $ ip -4 addr $ ip -6 addr show enp0s3
route and netstat -r)Use ip route to get just the IPv4 routing table by default. Add -6 to get IPv6. Yes, the old route and netstat -r commands did line the columns up nicely. But the cost of that was ridiculously long lines with IPv6, something like 130 columns. And besides, the net-tools commands simply aren’t reliable now.
$ ip route $ ip -6 route
No, the columns don’t line up. It reminds me of what you see on a Cisco router.
netstat -a)This is the only one that doesn’t use ip, it uses ss -a instead. UDP first, then TCP, in much the same format as the old netstat except by default it does not resolve IP addresses to hostnames. You can ask for just UDP (-u), for just TCP (-t), for IP addresses to be resolved to hostnames if possible (-r), for just the listening services (-l), or combinations.
# ss -a # ss -6tar # ss -6 -u -a # ss -4trl
As I mentioned, Learning Tree’s Linux server administration course uses Iproute2 commands exclusively.
To go much deeper, see the Linux Foundation networking group pages, especially the Iproute2 pages. And, as always, the command manual pages!