Linux TCP/IP networking: net-tools vs. iproute2

Many sysadmins still manage and troubleshoot various network configurations by using a combination of ifconfig, route, arp and netstat command-line tools, collectively known as net-tools. Originally rooted in the BSD TCP/IP toolkit, the net-tools was developed to configure network functionality of older Linux kernels. Its development in the Linux community so far has ceased since 2001. Some Linux distros such as Arch Linux and CentOS/RHEL 7 have already deprecated net-tools, and others are planning to do so in favor of iproute2.

iproute2, which is another family of network configuration tools, emerged to replace the functionality of net-tools. While net-tools accesses and changes kernel network configurations via procfs (/proc) and ioctl system call, iproute2 communicates with the kernel via netlink socket interface. The /proc interface is known to be more heavyweight than netlink interface. Putting performance aside, the user interface of iproute2 is more intuitive than that of net-tools. For example, network resources (e.g., link, IP address, route, tunnel, etc.) are aptly defined with "object" abstraction, and you can manage different objects using consistant syntax. Most importantly, iproute2 has been under active development so far.

If you are still using net-tools, it is time to switch to iproute2, especially if you want to catch up with the latest and greatest networking features of the Linux kernel. Chances are that there are many things you can do with iproute2, but cannot with net-tools, be it source-based routing, QoS, VLAN, bonding, bridges, etc. It's also worth noting that higher-level network configuration tools such as network manager depend on iproute2.

For those who want to make the switch, here is a round-up of net-tools vs. iproute2 comparison.

Show All Connected Network Interfaces

The following commands show a list of all available network interfaces (whether or not they are active).

With net-tools:

$ ifconfig -a

With iproute2:

$ ip link show

Activate or Deactivate a Network Interface

To activate/deactivate a particular network interface, use these commands.

With net-tools:

$ sudo ifconfig eth1 up
$ sudo ifconfig eth1 down

With iproute2:

$ sudo ip link set down eth1
$ sudo ip link set up eth1

Assign IPv4 address(es) to a Network Interface

Use these commands to configure IPv4 addresses of a network interface.

With net-tools:

$ sudo ifconfig eth1 10.0.0.1/24

With iproute2:

$ sudo ip addr add 10.0.0.1/24 dev eth1

Note that with iproute2, you can assign multiple IP addresses to an interface, which you cannot do with ifconfig. A workaround for this with ifconfig is to use IP aliases.

$ sudo ip addr add 10.0.0.1/24 broadcast 10.0.0.255 dev eth1
$ sudo ip addr add 10.0.0.2/24 broadcast 10.0.0.255 dev eth1
$ sudo ip addr add 10.0.0.3/24 broadcast 10.0.0.255 dev eth1

Remove an IPv4 address from a Network Interface

As far as IP address removal is concerned, there is no proper way to remove an IPv4 address from a network interface with net-tools, other than assigning 0 to the interface. iproute2 can properly handle this.

With net-tools:

$ sudo ifconfig eth1 0

With iproute2:

$ sudo ip addr del 10.0.0.1/24 dev eth1

Show IPv4 Address(es) of a Network Interface

Checking IPv4 addresses of a particular network interface can be done as follows.

With net-tools:

$ ifconfig eth1

With iproute2:

$ ip addr show dev eth1

Again, if there are multiple IP addresses assigned to an interface, iproute2 shows all of them, while net-tools shows only one IP address.

Assign an IPv6 address to a Network Interface

Use these commands to add IPv6 address(es) to a network interface. Both net-tools and iproute2 allow you to add multiple IPv6 addresses to an interface.

With net-tools:

$ sudo ifconfig eth1 inet6 add 2002:0db5:0:f102::1/64
$ sudo ifconfig eth1 inet6 add 2003:0db5:0:f102::1/64

With iproute2:

$ sudo ip -6 addr add 2002:0db5:0:f102::1/64 dev eth1
$ sudo ip -6 addr add 2003:0db5:0:f102::1/64 dev eth1

Show IPv6 address(es) of a Network Interface

Displaying IPv6 addresses of a particular network interface can be done as follows. Both net-tools and iproute2 can show all assigned IPv6 addresses.

With net-tools:

$ ifconfig eth1

With iproute2:

$ ip -6 addr show dev eth1

Remove an IPv6 address from a Network Interface

Use these commands to remove any unnecessary IPv6 address from an interface.

With net-tools:

$ sudo ifconfig eth1 inet6 del 2002:0db5:0:f102::1/64

With iproute2:

$ sudo ip -6 addr del 2002:0db5:0:f102::1/64 dev eth1

Change the MAC Address of a Network Interface

To spoof the MAC address of a network interface, use the commands below. Note that before changing the MAC address, you need to deactivate the interface first.

With net-tools:

$ sudo ifconfig eth1 hw ether 08:00:27:75:2a:66

With iproute2:

$ sudo ip link set dev eth1 address 08:00:27:75:2a:67

View the IP Routing Table

net-tools has two options for showing the kernel's IP routing table: route or netstat. With iproute2, use ip route command.

With net-tools:

$ route -n
$ netstat -rn

With iproute2:

$ ip route show

Add or Modify a Default Route

Here are the commands to add or modify a default route in the kernel's IP routing table. Note that with net-tools, modifying a default route can be achieved by adding a new default route, and then removing an old default route. With iproute2, use ip route replace command.

With net-tools:

$ sudo route add default gw 192.168.1.2 eth0
$ sudo route del default gw 192.168.1.1 eth0

With iproute2:

$ sudo ip route add default via 192.168.1.2 dev eth0
$ sudo ip route replace default via 192.168.1.2 dev eth0

Add or Remove a Static Route

A static routing can be added or removed with the following commands.

With net-tools:

$ sudo route add -net 172.16.32.0/24 gw 192.168.1.1 dev eth0
$ sudo route del -net 172.16.32.0/24

With iproute2:

$ sudo ip route add 172.16.32.0/24 via 192.168.1.1 dev eth0
$ sudo ip route del 172.16.32.0/24

View Socket Statistics

Here are the commands to check socket statistics (e.g., active/listening TCP/UDP sockets).

With net-tools:

$ netstat
$ netstat -l

With iproute2:

$ ss
$ ss -l

View the ARP Table

You can display the kernel's ARP table with these commands.

With net-tools:

$ arp -an

With iproute2:

$ ip neigh

Add or Remove a Static ARP Entry

Adding or removing a static ARP entry in the local ARP table is done as follows.

With net-tools:

$ sudo arp -s 192.168.1.100 00:0c:29:c0:5a:ef
$ sudo arp -d 192.168.1.100

With iproute2:

$ sudo ip neigh add 192.168.1.100 lladdr 00:0c:29:c0:5a:ef dev eth0
$ sudo ip neigh del 192.168.1.100 dev eth0

Add, Remove or View Multicast Addresses

To configure or view multicast addresses on a network interface, use the commands below.

With net-tools:

$ sudo ipmaddr add 33:44:00:00:00:01 dev eth0
$ sudo ipmaddr del 33:44:00:00:00:01 dev eth0
$ ipmaddr show dev eth0
$ netstat -g

With iproute2:

$ sudo ip maddr add 33:44:00:00:00:01 dev eth0
$ sudo ip maddr del 33:44:00:00:00:01 dev eth0
$ ip maddr list dev eth0

Subscribe to Xmodulo

Do you want to receive Linux FAQs, detailed tutorials and tips published at Xmodulo? Enter your email address below, and we will deliver our Linux posts straight to your email box, for free. Delivery powered by Google Feedburner.


Support Xmodulo

Did you find this tutorial helpful? Then please be generous and support Xmodulo!

The following two tabs change content below.
Dan Nanni is the founder and also a regular contributor of Xmodulo.com. He is a Linux/FOSS enthusiast who loves to get his hands dirty with his Linux box. He likes to procrastinate when he is supposed to be busy and productive. When he is otherwise free, he likes to watch movies and shop for the coolest gadgets.

14 thoughts on “Linux TCP/IP networking: net-tools vs. iproute2

  1. ummmm....

    There seems to be some mistakes here:

    "As far as IP address removal is concerned, there is no proper way to remove an IPv4 address from a network interface with net-tools, other than assigning 0 to the interface. iproute2 can properly handle this"

    It's done under net-tools with:

    ifconfig down

    where interface can be either the interface itself or as it's more properly known, the sub-interface.

    sub-interfaces are what you use to assign additional IP addresses to an interface.

    • Thanks for your comment.

      'ifconfig eth0 down' is really not removing an IP address, but deactivating the interface altogether.

      As for the other comment: in my view, managing multiple IP addresses on a physical interface (which can be done with ip) is different from managing multiple addresses on virtual interfaces with IP aliases. I wanted to make that distinction.

  2. Specifying the broadcast address is not really required when setting IP addresses with iproute-2. The examples given make iproute-2 syntax seem cumbersome when compared to net-tools.
    It's worth mentioning that iproute-2 enables use of advanced Linux network features such as source-based routing, QoS, dummy (virtual) interfaces and bridges.
    It's also worth mentioning that modern distributions promote the use of higher-level network configuration tools such as network manager, which made the move from laptops to servers as far back as the release of RHEL6.

  3. I am pretty sure that current implementations of ifconfig are simply wrappers for netlink, so there should not be performance differences.

    Having said that, moving to iproute2 is the way to go since there is a lot of functionality that is not exposed by using ifconfig. Have a look at the advanced routing and traffic control guide to see just how awesome iproute2 really is: http://lartc.org/

  4. On thing I don't care for with iproute2 (which the routing table is a great example above) is the way the results spit back. I find the output from route (or netstat) much cleaner and quicker to skim since its a nicely formatted table vs the more "randomness" of iproute2.

    You can find this in other iproute2 commands as well and it drives me nuts compared to the old net-tools option

    • No, it doesn't, as already clarified in the article.
      It only shows physical layer information about network devices (interfaces).

      To see IP address info, run any of these:

      $ ip addr show
      $ ip addr
      $ ip a
  5. A few thoughts on this article.

    New doesn't always mean better.

    Not every Linux device requires the features of a Layer 7 router.

    Attrition from one methodology to another is seldom accounted for in the "new way" of doing things. Particularly when it comes to technology.

  6. Nice article, really interesting, one thing ... "ip link show ..." is not complete equivalence of "ifconfig -a ..." because it is missing important traffic information in it's output. I would also mention "ip -s link show (dev eth0/1/..)" to be closer to "ifconfig -a ..." ))

Leave a comment

Your email address will not be published. Required fields are marked *