Power of the Linux ip, netstat, and route Utilities
These tools form the heart of UNIX routing configuration and observation. However, they provide far more features than can be discussed in this text. For details and operating system variations beyond the most important facilities, consult the manual pages. We will heavily rely on these tools and introduce features as we proceed.
Linux provides a new approach to unified administration via the iproute2 facility (see Example 7-10). The command itself is called ip. You can get help for the ip tool by typing ip help. This also works at sublevels. Example 7-10 prints the interface statistics equivalent to ifconfig, the link status, the routing table, and its neighbors from a MAC point of view.
Example 7-10. Linux ip Facility
[root@callisto:~#] ip Usage: ip [ OPTIONS ] OBJECT { COMMAND | help } where OBJECT := { link | addr | route | rule | neigh | tunnel | maddr | mroute | monitor } OPTIONS := { -V[ersion] | -s[tatistics] | -r[esolve] | -f[amily] { inet | inet6 | ipx | dnet | link } | -o[neline] } [root@callisto:~#] ip -s addr 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:10:5a:d7:93:60 brd ff:ff:ff:ff:ff:ff inet 192.168.14.1/24 brd 192.168.14.255 scope global eth0 3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 52:54:05:e3:51:87 brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1 [root@callisto:~#] ip -s link 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 RX: bytes packets errors dropped overrun mcast 4834 66 0 0 0 0 TX: bytes packets errors dropped carrier collsns 4834 66 0 0 0 0 2: eth0: <BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:10:5a:d7:93:60 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 0 0 0 0 0 0 TX: bytes packets errors dropped carrier collsns 21850 265 0 0 0 0 3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 52:54:05:e3:51:87 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 3246131 5550 0 0 0 151 TX: bytes packets errors dropped carrier collsns 609700 5029 0 0 0 78 [root@callisto:~#] ip -s route 192.168.1.0/24 dev eth1 scope link 192.168.14.0/24 dev eth0 scope link 127.0.0.0/8 dev lo scope link default via 192.168.1.254 dev eth1 [root@callisto:~#] ip -s neigh 192.168.1.2 dev eth1 lladdr 08:00:46:64:74:1b ref 1 used 19/0/18 nud reachable 192.168.1.254 dev eth1 lladdr 48:54:e8:8c:0a:3f ref 13 used 193/220/325 nud stale
Example 7-11 demonstrates several different approaches to print the routing table. Examples 7-11 through 7-18 present various examples of the netstat and route utilities and explain the abbreviations used in the UNIX routing tables (collected from different man pages). As usual, consult the command's manual pages for further details.
Example 7-11. Linux netstat and route in Action
[root@callisto:~#] netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1 192.168.14.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo 0.0.0.0 192.168.1.254 0.0.0.0 UG 40 0 0 eth1 [root@callisto:~#] route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.14.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth1 [root@callisto:~#] route -een Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface MSS Window irtt 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 40 0 0 192.168.14.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 40 0 0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 40 0 0 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth1 40 0 0
Example 7-12. Possible Routing Table Flags (Linux)
U (route is up) H (target is a host) G (use gateway) R (reinstate route for dynamic routing) D (dynamically installed by daemon or redirect) M (modified from routing daemon or redirect) A (installed by addrconf) C (cache entry) ! (reject route)
Example 7-13. Possible Routing Table Flags (FreeBSD)
1 RTF_PROTO1 Protocol specific routing flag #1 2 RTF_PROTO2 Protocol specific routing flag #2 3 RTF_PROTO3 Protocol specific routing flag #3 B RTF_BLACKHOLE Just discard pkts (during updates) b RTF_BROADCAST The route represents a broadcast address C RTF_CLONING Generate new routes on use c RTF_PRCLONING Protocol-specified generate new routes on use D RTF_DYNAMIC Created dynamically (by redirect) G RTF_GATEWAY Destination requires forwarding by intermediary H RTF_HOST Host entry (net otherwise) L RTF_LLINFO Valid protocol to link address translation M RTF_MODIFIED Modified dynamically (by redirect) R RTF_REJECT Host or net unreachable S RTF_STATIC Manually added U RTF_UP Route usable W RTF_WASCLONED Route was generated as a result of cloning X RTF_XRESOLVE External daemon translates proto to link address
Example 7-14. Possible Routing Table Flags (OpenBSD)
1 RTF_PROTO1 Protocol specific routing flag #1. 2 RTF_PROTO2 Protocol specific routing flag #2. 3 RTF_PROTO3 Protocol specific routing flag #3. B RTF_BLACKHOLE Just discard pkts (during updates). C RTF_CLONING Generate new routes on use. D RTF_DYNAMIC Created dynamically (by redirect). G RTF_GATEWAY Destination requires forwarding by intermediary. H RTF_HOST Host entry (net otherwise). L RTF_LLINFO Valid protocol to link address translation. M RTF_MODIFIED Modified dynamically (by redirect). R RTF_REJECT Host or net unreachable. S RTF_STATIC Manually added. U RTF_UP Route usable. X RTF_XRESOLVE External daemon translates proto to link address.
Example 7-15. OpenBSD route in Action
[root@ganymed:~#] route -nv show
Routing tables
Internet:
Destination Gateway Flags
default 111.11.117.1 UG
127.0.0.0 127.0.0.1 UG
127.0.0.1 127.0.0.1 UH
192.168.1.0 link#1 U
192.168.1.1 52:54:5:e3:51:87 UH
192.168.1.2 8:0:46:64:74:1b UH
192.168.2.0 link#2 U
192.168.2.7 0:10:5a:c4:2c:4 UH
192.168.44.1 192.168.44.1 UH
192.168.45.0 link#1 U
111.11.117.0 link#3 U
111.11.117.1 0:5:9a:5b:23:fc UH
111.11.117.206 127.0.0.1 UGH
Example 7-16. OpenBSD netstat
[root@ganymed:~#] netstat -rn -f inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 111.11.117.1 UGS 3 7564 1500 ne5
127/8 127.0.0.1 UGRS 0 0 33224 lo0
127.0.0.1 127.0.0.1 UH 2 0 33224 lo0
192.168.1/24 link#1 UC 0 0 1500 ne3
192.168.1.1 52:54:5:e3:51:87 UHL 0 5450 1500 ne3
192.168.1.2 8:0:46:64:74:1b UHL 1 2840 1500 ne3
192.168.2/24 link#2 UC 0 0 1500 ne4
192.168.2.7 0:10:5a:c4:2c:4 UHL 0 652 1500 ne4
192.168.44.1 192.168.44.1 UH 0 0 33224 lo1
192.168.45/24 link#1 UC 0 0 1500 ne3
111.11.117/24 link#3 UC 0 0 1500 ne5
111.11.117.1 0:5:9a:5b:23:fc UHL 1 0 1500 ne5
111.11.117.206 127.0.0.1 UGHS 0 0 33224 lo0
Example 7-17. FreeBSD netstat
[root@castor:~#] netstat ?rn ?f inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.2.254 UGSc 4 1064 xl0
127.0.0.1 127.0.0.1 UH 0 0 lo0
192.168.2 link#1 UC 1 0 xl0
192.168.2.254 52:54:05:e3:e4:2f UHLW 5 27 xl0 603
192.168.7 link#2 UC 1 0 ed0
192.168.7.254 00:00:0c:1a:a9:a8 UHLW 1 28 ed0 396
Example 7-18. Effect of Interfaces/Line Protocols Going Down
[root@callisto:~#] ifconfig eth0 down [root@callisto:~#] route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth1
