Lines Matching defs:and
28 However, the document is self-contained and the reader, provided they have a
30 and examples to understand and configure Linux-2.2 IP and IPv6
34 and options, decrypting \verb|ip| output and containing a few examples.
35 More voluminous examples and some topics, which require more elaborate
39 bugs and design drawbacks. They may be skipped at the first reading.
49 begin with the character \verb|'-'| and may be used in either long or abbreviated
55 --- print the version of the \verb|ip| utility and exit.
128 As a rule, it is possible to \verb|add|, \verb|delete| and
132 out a list of available commands and argument syntax conventions.
139 The arguments depend on the command and object. There are two types of arguments:
140 {\em flags\/}, consisting of a single keyword, and {\em parameters\/},
165 and exits. As a rule, the error message will contain information
178 prefixed with a comment and a syscall identifier.
228 \paragraph{Object:} A \verb|link| is a network device and the corresponding
229 commands display and change the state of devices.
231 \paragraph{Commands:} \verb|set| and \verb|show| (or \verb|list|).
244 \item \verb|up| and \verb|down|
305 The \verb|PROMISC| and \verb|ALLMULTI| flags are considered
306 obsolete and should not be changed administratively, though
369 list (f.e.\ when the corresponding driver module is unloaded) and another
378 i.e.\ packets send through it are encapsulated and sent via the ``master''
386 does not queue anything and \verb|noop| means that the interface is in blackhole
395 packets for transmission and it may inject into the kernel packets received
400 and nothing but bounced packets can be received.
407 and all packets received by us came from this single peer.
411 This is the most generic type of device and the most complicated one, because
420 to use multicasting on this interface. Any \verb|POINTOPOINT| and
422 direct access to all the neighbours and, hence, to any part of them.
427 \item \verb|PROMISC| --- the device listens to and feeds to the kernel all
429 and not destined for a multicast group of which we are member. Usually
430 this mode exists only on broadcast links and is used by bridges and for network
437 no invariant value and its interpretation depends on the network protocols
439 resolution and that the software or hardware knows how to deliver packets
443 dynamically created and destroyed.
454 (\verb|MASTER|, \verb|AUTOMEDIA| and \verb|PORTSEL|). We do not discuss
461 defines the interface hardware type. This type determines the format and semantics
462 of the addresses and is logically part of the address.
463 The default format of the station address and the broadcast address
495 \verb|RX:| and \verb|TX:| lines summarize receiver and transmitter
525 and transmitter errors.
555 for them and we do not use it in this document.
557 The \verb|ip addr| command displays addresses and their properties,
558 adds new addresses and deletes old ones.
560 \paragraph{Commands:} \verb|add|, \verb|delete|, \verb|flush| and \verb|show|
579 on the protocol. It is a dotted quad for IP and a sequence of hexadecimal halfwords
581 a slash and a decimal number which encodes the network prefix length.
587 Again, the \verb|ADDRESS| may be followed by a slash and a decimal number,
597 It is possible to use the special symbols \verb|'+'| and \verb|'-'|
645 \verb|255.255.255.0|), standard broadcast and label \verb|eth0:Alias|
703 \item \verb|dynamic| and \verb|permanent|
718 \item \verb|primary| and \verb|secondary|
742 Then the list of IP and IPv6 addresses follows, accompanied by
744 p.\pageref{IP-ADDR-ADD} above), flags and the address label.
746 Address flags are set by the kernel and cannot be changed
762 This tweak is available in linux 2.6.15 and later.
797 \paragraph{Warning:} This command (and other \verb|flush| commands
802 becomes verbose. It prints out the number of deleted addresses and the number
823 And the last example shows how to flush all the IPv6 addresses
838 addresses and link layer addresses for hosts sharing the same link.
843 and their properties, add new neighbour entries and delete old ones.
846 \verb|delete|, \verb|flush| and \verb|show| (or \verb|list|).
885 \item \verb|permanent| --- the neighbour entry is valid forever and can be only be removed
893 it was valid and the address is not changed by this command.
917 except that \verb|lladdr| and \verb|nud| are ignored.
969 lists all entries except for \verb|none| and \verb|noarp|.
1001 \item\verb|reachable| --- the neighbour is valid and apparently reachable.
1004 \item\verb|delay| --- a packet has been sent to the stale neighbour and the kernel is waiting
1016 \verb|failed| and \verb|incomplete|.
1032 and \verb|used| is a triplet of time intervals in seconds
1050 and that the default neighbour states to be flushed do not include
1051 \verb|permanent| and \verb|noarp|.
1055 becomes verbose. It prints out the number of deleted neighbours and the number
1081 (i.e.\ a pair containing a network address and the length of its mask) and,
1084 up to the prefix length and if the TOS of the route is zero or equal to
1096 If no exact TOS match was found and routes with TOS=0 exist,
1110 word ``first'' depends on the order of route additions and it is practically
1115 is impossible and routes are uniquely identified by the triplet
1123 controlled by neighbour unreachability detection and by advice
1143 the data required to deliver IP packets (f.e.\ output device and
1144 next hop router) and some optional attributes (f.e. the path MTU or
1150 of required and optional attributes depend on the route {\em type\/}.
1160 are discarded and the ICMP message {\em host unreachable\/} is generated.
1165 are discarded and the ICMP message {\em communication administratively
1168 host. The packets are looped back and delivered locally.
1175 table. The packets are dropped and the ICMP message {\em net unreachable\/}
1193 routes are inserted into the \verb|main| table (ID 254) and the kernel only uses
1198 consists of routes for local and broadcast addresses. The kernel maintains
1199 this table automatically and the administrator usually need not modify it
1225 by a slash and the prefix length. If the length of the prefix is missing,
1232 --- the Type Of Service (TOS) key. This key has no associated mask and
1234 of the route and of the packet. If they are not equal, then the packet
1249 \verb|local|, \verb|broadcast| and \verb|nat| routes, which are
1364 routes, scope \verb|link| for direct \verb|unicast| and \verb|broadcast| routes
1365 and scope \verb|host| for \verb|local| routes.
1384 and, probably, even advertise them to its peers.
1387 The rest of the values are not reserved and the administrator is free
1427 and \verb|ppp1|
1452 Key values (\verb|to|, \verb|tos|, \verb|preference| and \verb|table|)
1455 If no route with the given key and attributes was found, \verb|ip route del|
1462 provides similar and even richer functionality.
1490 and a prefix. \verb|root PREFIX| selects routes with prefixes not shorter
1494 \verb|10/8| and \verb|0/0|, but it does not select \verb|10.1/16| and
1495 \verb|10.0.0/24|. And \verb|exact PREFIX| (or just \verb|PREFIX|)
1516 and \verb|cache| is emulated by the \verb|ip| utility.
1597 are evaluated during route calculation and updated during route
1621 and for multicast routes, if this host is a member of the corresponding
1722 \paragraph{Arguments:} the arguments have the same syntax and semantics
1730 becomes verbose. It prints out the number of deleted routes and the number
1796 and prints its contents exactly as the kernel sees it.
1829 \verb|show| shows existing routes. \verb|get| resolves them and
1837 that a packet arrived from this interface and searches for
1854 from 193.233.7.82 and destined for 193.233.7.82:
1870 from host 193.233.7.82 and destined for multicast group 224.2.127.254
1881 and a ``multicast'' part. The normal part is used to deliver (or not to
1884 of this group, so that route has no \verb|local| flag and only
1900 and probe it with ping:
1918 better path to the destination and sent us an ICMP redirect message.
1939 based only on the destination address of packets (and in theory,
1941 routing algorithms and their modifications can be found in~\cite{RFC1812}.
1960 natures and therefore they have no natural ordering, but one imposed
1972 Matching IP protocols and transport ports is also possible,
1977 Each policy routing rule consists of a {\em selector\/} and an {\em action\/}
1980 interface, tos, fwmark\} and, if the selector matches the packet,
1983 and the RPDB lookup is terminated. Otherwise, the RPDB program
1987 nexthop and the output device. This is what
1990 lookups in destination-based routing tables and selecting
2004 high priority control routes for local and broadcast addresses.
2012 routes. This rule may be deleted and/or overridden with other
2024 several rules may refer to one routing table and some routing tables
2027 and will disappear only after all the routes contained in it are deleted.
2032 table. NAT and masquerading rules have an attribute to select new IP
2055 \paragraph{Commands:} \verb|add|, \verb|delete| and \verb|show|
2085 may create separate routing tables for forwarded and local packets and,
2102 priority value and allows them to be non-unique.
2108 It is mistake in design, no more. And it will be fixed one day,
2119 --- Realms to select if the rule matched and the routing table lookup
2149 and route it according to table \#1 (actually, it is \verb|inr.ruhep|):
2197 192.203.80.0/24 and 193.233.7.0/24 form the internal network, but
2238 The first line of the output shows the interface index and its name.
2294 local link addresses and, if you loaded the address of another host
2296 It is not a bug, but rather a hole in the API and intra-kernel interfaces.
2299 a router and, especially, that it is not a transparent proxy or masquerading
2357 where S is the source address and G is the multicast group. \verb|Iif| is
2367 number of packets and bytes forwarded along this route and
2384 packets in IPv4 packets and then sending them over the IP infrastructure.
2390 over IP and the \verb|ip tunnel| command can be found in~\cite{IP-TUNNELS}.
2411 \verb|ipip|, \verb|sit| and \verb|gre|.
2439 tunneled packets will only be routed via this device and will
2453 The \verb|ikey| and \verb|okey| parameters set different keys for input and output.
2473 work. At least, I did not test it, did not debug it and
2536 \section{{\tt ip monitor} and {\tt rtmon} --- state monitoring}
2540 and routes continuously. This option has a slightly different format.
2542 the \verb|monitor| command is the first in the command line and then
2548 It may contain \verb|link|, \verb|address| and \verb|route|.
2550 listens on it and dumps state changes in the format described
2555 and dumps them. Such a history file can be generated with the
2572 \section{Route realms and policy propagation, {\tt rtacct}}
2579 also by their source, the task gets quadratic complexity and its solution
2588 and community strings.
2591 daemon) and the kernel based FIB (Forwarding Information Base),
2595 which allows even more flexible policy and richer semantics.
2602 classification both by source and destination becomes quite manageable.
2619 and destination realm, using the following algorithm:
2624 If the destination realm was not inherited from the route and the rule has a destination realm,
2630 routes and apply step 2 again.
2634 arrived from and the realm where it is going to propagate to.
2640 to account, police and schedule them according to this
2653 the realm \verb|russia| and forwarded 169176 packets to \verb|russia|.
2662 by any pair of source and destination realms.
2680 Command Reference, Part 1'' and
2729 of the address and never tries to ``improve'' an incorrect user choice,
2736 and especially on routers: it would break them.
2747 The search strategies are different for IP and IPv6. Namely:
2765 the algorithm fails and returns a zero source address.
2796 and in Linux-2.0, so we have to preserve it at least to the extent that
2809 adds a new proxy ARP/NDISC record and
2823 parameters other than these (IP/IPv6 address and optional device).
2856 through its data and mangling it. It mangles IP addresses,
2857 only IP addresses and nothing but IP addresses.
2886 For neighbouring hosts and routers it looks like the local address
2891 host and forwards the packet. If you need to remap
2900 sends something to the outer world and these packets are forwarded
2914 router (or 0.0.0.0) and masquerading is configured in the linux-2.2
2920 masquerading, so that this feature has lost meaning and disabled.
2924 useful and even necessary to add rules disabling translation
2934 and 192.203.80/24. Also, if the \verb|inr.ruhep| table does not
2941 and leave the rest intact, you may use \verb|ipchains|
2943 Suppose you did and all the packets from 193.233.7.83
2949 and translation will only be enabled for outgoing http requests.
2955 setup of IP (and IPv6, if it is compiled into the kernel)
2958 hosts and on routers, is described in the following
2974 at least on Ethernet and Token Ring.
3017 \# If user gave loopback as device, we add the address as alias and exit.
3039 \# and its configuration finishes here. However,\\
3052 \# Send two probes and wait for result for 3 seconds.\\
3104 \# It is not so cheap though and we still hope that this route\\
3116 \# {\bf Step 7} --- Restart router discovery and exit.
3131 the interface, adds some control routes and restarts Router Discovery
3135 on hosts and on routers.
3213 \# Parse command. If it is ``stop'', flush and exit.
3274 \# If deletion was requested, delete the address and restart RDISC
3297 \# Send two probes and wait for result for 3 seconds.\\
