-.TH IP 8 "17 January 2002" "iproute2" "Linux"
+.TH IP 8 "20 Dec 2011" "iproute2" "Linux"
.SH NAME
ip \- show / manipulate routing, devices, policy routing and tunnels
.SH SYNOPSIS
.ti -8
.IR OBJECT " := { "
.BR link " | " addr " | " addrlabel " | " route " | " rule " | " neigh " | "\
- tunnel " | " maddr " | " mroute " }"
+ ntable " | " tunnel " | " tuntap " | " maddr " | " mroute " | " mrule " | "\
+ monitor " | " xfrm " | " netns " | " l2tp " }"
.sp
.ti -8
.BR inet " | " inet6 " | " ipx " | " dnet " | " link " } | "
\fB\-o\fR[\fIneline\fR] }
-.ti -8
-.BI "ip link add link " DEVICE
-.RB "[ " name " ]"
-.I NAME
-.br
-.RB "[ " txqueuelen
-.IR PACKETS " ]"
-.br
-.RB "[ " address
-.IR LLADDR " ]"
-.RB "[ " broadcast
-.IR LLADDR " ]"
-.br
-.RB "[ " mtu
-.IR MTU " ]"
-.br
-.BR type " TYPE"
-.RI "[ " ARGS " ]"
-
-.ti -8
-.IR TYPE " := [ "
-.BR vlan " | " maclan " | " can " ]"
-
-.ti -8
-.BI "ip link delete " DEVICE
-.BI type " TYPE"
-.RI "[ " ARGS " ]"
-
-.ti -8
-.BR "ip link set " {
-.IR DEVICE " | "
-.BI "group " GROUP
-.RB "} { " up " | " down " | " arp " { " on " | " off " } |"
-.br
-.BR promisc " { " on " | " off " } |"
-.br
-.BR allmulticast " { " on " | " off " } |"
-.br
-.BR dynamic " { " on " | " off " } |"
-.br
-.BR multicast " { " on " | " off " } |"
-.br
-.B txqueuelen
-.IR PACKETS " |"
-.br
-.B name
-.IR NEWNAME " |"
-.br
-.B address
-.IR LLADDR " |"
-.B broadcast
-.IR LLADDR " |"
-.br
-.B mtu
-.IR MTU " |"
-.br
-.B netns
-.IR PID " |"
-.br
-.B netns
-.IR NETNSNAME " |"
-.br
-.B alias
-.IR NAME " |"
-.br
-.B vf
-.IR NUM " ["
-.B mac
-.IR LLADDR " ] ["
-.B vlan
-.IR VLANID " [ "
-.B qos
-.IR VLAN-QOS " ] ] ["
-.B rate
-.IR TXRATE " ] |"
-.br
-.B master
-.IR DEVICE
-.br
-.B nomaster
-.BR " }"
-
-
-.ti -8
-.B ip link show
-.RI "[ " DEVICE " | "
-.B group
-.IR GROUP " ]"
-
-.ti -8
-.BR "ip addr" " { " add " | " del " } "
-.IB IFADDR " dev " STRING
-
-.ti -8
-.BR "ip addr" " { " show " | " flush " } [ " dev
-.IR STRING " ] [ "
-.B scope
-.IR SCOPE-ID " ] [ "
-.B to
-.IR PREFIX " ] [ " FLAG-LIST " ] [ "
-.B label
-.IR PATTERN " ]"
-
-.ti -8
-.IR IFADDR " := " PREFIX " | " ADDR
-.B peer
-.IR PREFIX " [ "
-.B broadcast
-.IR ADDR " ] [ "
-.B anycast
-.IR ADDR " ] [ "
-.B label
-.IR STRING " ] [ "
-.B scope
-.IR SCOPE-ID " ]"
-
-.ti -8
-.IR SCOPE-ID " := "
-.RB "[ " host " | " link " | " global " | "
-.IR NUMBER " ]"
-
-.ti -8
-.IR FLAG-LIST " := [ " FLAG-LIST " ] " FLAG
-
-.ti -8
-.IR FLAG " := "
-.RB "[ " permanent " | " dynamic " | " secondary " | " primary " | "\
-tentative " | " deprecated " | " dadfailed " | " temporary " ]"
-
-.ti -8
-.BR "ip addrlabel" " { " add " | " del " } " prefix
-.BR PREFIX " [ "
-.B dev
-.IR DEV " ] [ "
-.B label
-.IR NUMBER " ]"
-
-.ti -8
-.BR "ip addrlabel" " { " list " | " flush " }"
-
-.ti -8
-.BR "ip netns" " { " list " } "
-
-.ti -8
-.BR "ip netns" " { " add " | " delete " } "
-.I NETNSNAME
-
-.ti -8
-.BR "ip netns exec "
-.I NETNSNAME command ...
-
-.ti -8
-.BR "ip route" " { "
-.BR list " | " flush " } "
-.I SELECTOR
-
-.ti -8
-.BR "ip route save"
-.I SELECTOR
-
-.ti -8
-.BR "ip route restore"
-
-.ti -8
-.B ip route get
-.IR ADDRESS " [ "
-.BI from " ADDRESS " iif " STRING"
-.RB " ] [ " oif
-.IR STRING " ] [ "
-.B tos
-.IR TOS " ]"
-
-.ti -8
-.BR "ip route" " { " add " | " del " | " change " | " append " | "\
-replace " } "
-.I ROUTE
-
-.ti -8
-.IR SELECTOR " := "
-.RB "[ " root
-.IR PREFIX " ] [ "
-.B match
-.IR PREFIX " ] [ "
-.B exact
-.IR PREFIX " ] [ "
-.B table
-.IR TABLE_ID " ] [ "
-.B proto
-.IR RTPROTO " ] [ "
-.B type
-.IR TYPE " ] [ "
-.B scope
-.IR SCOPE " ]"
-
-.ti -8
-.IR ROUTE " := " NODE_SPEC " [ " INFO_SPEC " ]"
-
-.ti -8
-.IR NODE_SPEC " := [ " TYPE " ] " PREFIX " ["
-.B tos
-.IR TOS " ] [ "
-.B table
-.IR TABLE_ID " ] [ "
-.B proto
-.IR RTPROTO " ] [ "
-.B scope
-.IR SCOPE " ] [ "
-.B metric
-.IR METRIC " ]"
-
-.ti -8
-.IR INFO_SPEC " := " "NH OPTIONS FLAGS" " ["
-.B nexthop
-.IR NH " ] ..."
-
-.ti -8
-.IR NH " := [ "
-.B via
-.IR ADDRESS " ] [ "
-.B dev
-.IR STRING " ] [ "
-.B weight
-.IR NUMBER " ] " NHFLAGS
-
-.ti -8
-.IR OPTIONS " := " FLAGS " [ "
-.B mtu
-.IR NUMBER " ] [ "
-.B advmss
-.IR NUMBER " ] [ "
-.B rtt
-.IR TIME " ] [ "
-.B rttvar
-.IR TIME " ] [ "
-.B window
-.IR NUMBER " ] [ "
-.B cwnd
-.IR NUMBER " ] [ "
-.B ssthresh
-.IR REALM " ] [ "
-.B realms
-.IR REALM " ] [ "
-.B rto_min
-.IR TIME " ] [ "
-.B initcwnd
-.IR NUMBER " ] [ "
-.B initrwnd
-.IR NUMBER " ]"
-
-.ti -8
-.IR TYPE " := [ "
-.BR unicast " | " local " | " broadcast " | " multicast " | "\
-throw " | " unreachable " | " prohibit " | " blackhole " | " nat " ]"
-
-.ti -8
-.IR TABLE_ID " := [ "
-.BR local "| " main " | " default " | " all " |"
-.IR NUMBER " ]"
-
-.ti -8
-.IR SCOPE " := [ "
-.BR host " | " link " | " global " |"
-.IR NUMBER " ]"
-
-.ti -8
-.IR NHFLAGS " := [ "
-.BR onlink " | " pervasive " ]"
-
-.ti -8
-.IR RTPROTO " := [ "
-.BR kernel " | " boot " | " static " |"
-.IR NUMBER " ]"
-
-.ti -8
-.B ip rule
-.RB " [ " list " | " add " | " del " | " flush " ]"
-.I SELECTOR ACTION
-
-.ti -8
-.IR SELECTOR " := [ "
-.B from
-.IR PREFIX " ] [ "
-.B to
-.IR PREFIX " ] [ "
-.B tos
-.IR TOS " ] [ "
-.B fwmark
-.IR FWMARK[/MASK] " ] [ "
-.B iif
-.IR STRING " ] [ "
-.B oif
-.IR STRING " ] [ "
-.B pref
-.IR NUMBER " ]"
-
-.ti -8
-.IR ACTION " := [ "
-.B table
-.IR TABLE_ID " ] [ "
-.B nat
-.IR ADDRESS " ] [ "
-.BR prohibit " | " reject " | " unreachable " ] [ " realms
-.RI "[" SRCREALM "/]" DSTREALM " ]"
-
-.ti -8
-.IR TABLE_ID " := [ "
-.BR local " | " main " | " default " |"
-.IR NUMBER " ]"
-
-.ti -8
-.BR "ip neigh" " { " add " | " del " | " change " | " replace " } { "
-.IR ADDR " [ "
-.B lladdr
-.IR LLADDR " ] [ "
-.BR nud " { " permanent " | " noarp " | " stale " | " reachable " } ] | " proxy
-.IR ADDR " } [ "
-.B dev
-.IR DEV " ]"
-
-.ti -8
-.BR "ip neigh" " { " show " | " flush " } [ " to
-.IR PREFIX " ] [ "
-.B dev
-.IR DEV " ] [ "
-.B nud
-.IR STATE " ]"
-
-.ti -8
-.BR "ip ntable change name"
-.IR NAME " [ "
-.B dev
-.IR DEV " ] " PARMS
-
-.ti -8
-.IR PARMS " := { "
-.B thresh1
-.IR VAL " | "
-.B thresh2
-.IR VAL " | "
-.B thresh3
-.IR VAL " | "
-.B gc_int
-.IR MSEC " | "
-.B base_reachable
-.IR MSEC " | "
-.B retrans
-.IR MSEC " | " "gc_stale MSEC " " | "
-.B delay_probe
-.IR MSEC " | " "queue LEN " " | "
-.B app_probs
-.IR VAL " | "
-.B ucast_probes
-.IR VAL " | " "mcast_probes VAL " " | "
-.B anycast_delay
-.IR MSEC " | "
-.B proxy_delay
-.IR MSEC " | " "proxy_queue LEN " " | "
-.B locktime
-.IR MSEC " }"
-
-.ti -8
-.BR "ip ntable show" " [ "
-.B dev
-.IR DEV " ] [ "
-.B name
-.IR NAME " ]"
-
-.ti -8
-.BR "ip tunnel" " { " add " | " change " | " del " | " show " | " prl " }"
-.RI "[ " NAME " ]"
-.br
-.RB "[ " mode
-.IR MODE " ] [ "
-.B remote
-.IR ADDR " ] [ "
-.B local
-.IR ADDR " ]"
-.br
-.RB "[ [" i "|" o "]" seq " ] [ [" i "|" o "]" key
-.IR KEY " ] [ "
-.RB "[" i "|" o "]" csum " ] ]"
-.br
-.RB "[ " encaplimit
-.IR ELIM " ]"
-.RB "[ " ttl
-.IR TTL " ]"
-.br
-.RB "[ " tos
-.IR TOS " ] [ "
-.B flowlabel
-.IR FLOWLABEL " ]"
-.br
-.RB "[ " prl-default
-.IR ADDR " ] [ "
-.B prl-nodefault
-.IR ADDR " ] [ "
-.B prl-delete
-.IR ADDR " ]"
-.br
-.RB "[ [" no "]" pmtudisc " ]"
-.RB "[ " dev
-.IR PHYS_DEV " ]"
-.RB "[ " "dscp inherit" " ]"
-
-.ti -8
-.IR MODE " := "
-.RB " { " ipip " | " gre " | " sit " | " isatap " | " ip6ip6 " | " ipip6 " | " any " }"
-
-.ti -8
-.IR ADDR " := { " IP_ADDRESS " |"
-.BR any " }"
-
-.ti -8
-.IR TOS " := { " NUMBER " |"
-.BR inherit " }"
-
-.ti -8
-.IR ELIM " := {
-.BR none " | "
-.IR 0 ".." 255 " }"
-
-.ti -8
-.ti -8
-.IR TTL " := { " 1 ".." 255 " | "
-.BR inherit " }"
-
-.ti -8
-.IR KEY " := { " DOTTED_QUAD " | " NUMBER " }"
-
-.ti -8
-.IR TIME " := " NUMBER "[s|ms]"
-
-.ti -8
-.BR "ip maddr" " [ " add " | " del " ]"
-.IB MULTIADDR " dev " STRING
-
-.ti -8
-.BR "ip maddr show" " [ " dev
-.IR STRING " ]"
-
-.ti -8
-.BR "ip mroute show" " ["
-.IR PREFIX " ] [ "
-.B from
-.IR PREFIX " ] [ "
-.B iif
-.IR DEVICE " ]"
-
-.ti -8
-.BR "ip monitor" " [ " all " |"
-.IR LISTofOBJECTS " ]"
-.sp
-
-.ti -8
-.B "ip xfrm"
-.IR XFRM-OBJECT " { " COMMAND " | "
-.BR help " }"
-.sp
-
-.ti -8
-.IR XFRM-OBJECT " :="
-.BR state " | " policy " | " monitor
-.sp
-
-.ti -8
-.BR "ip xfrm state " { " add " | " update " } "
-.IR ID " [ " ALGO-LIST " ]"
-.RB "[ " mode
-.IR MODE " ]"
-.RB "[ " mark
-.I MARK
-.RB "[ " mask
-.IR MASK " ] ]"
-.RB "[ " reqid
-.IR REQID " ]"
-.RB "[ " seq
-.IR SEQ " ]"
-.RB "[ " replay-window
-.IR SIZE " ]"
-.RB "[ " replay-seq
-.IR SEQ " ]"
-.RB "[ " replay-oseq
-.IR SEQ " ]"
-.RB "[ " flag
-.IR FLAG-LIST " ]"
-.RB "[ " sel
-.IR SELECTOR " ] [ " LIMIT-LIST " ]"
-.RB "[ " encap
-.IR ENCAP " ]"
-.RB "[ " coa
-.IR ADDR "[/" PLEN "] ]"
-.RB "[ " ctx
-.IR CTX " ]"
-
-.ti -8
-.B "ip xfrm state allocspi"
-.I ID
-.RB "[ " mode
-.IR MODE " ]"
-.RB "[ " mark
-.I MARK
-.RB "[ " mask
-.IR MASK " ] ]"
-.RB "[ " reqid
-.IR REQID " ]"
-.RB "[ " seq
-.IR SEQ " ]"
-.RB "[ " min
-.I SPI
-.B max
-.IR SPI " ]"
-
-.ti -8
-.BR "ip xfrm state" " { " delete " | " get " } "
-.I ID
-.RB "[ " mark
-.I MARK
-.RB "[ " mask
-.IR MASK " ] ]"
-
-.ti -8
-.BR "ip xfrm state" " { " deleteall " | " list " } ["
-.IR ID " ]"
-.RB "[ " mode
-.IR MODE " ]"
-.RB "[ " reqid
-.IR REQID " ]"
-.RB "[ " flag
-.IR FLAG-LIST " ]"
-
-.ti -8
-.BR "ip xfrm state flush" " [ " proto
-.IR XFRM-PROTO " ]"
-
-.ti -8
-.BR "ip xfrm state count"
-
-.ti -8
-.IR ID " :="
-.RB "[ " src
-.IR ADDR " ]"
-.RB "[ " dst
-.IR ADDR " ]"
-.RB "[ " proto
-.IR XFRM-PROTO " ]"
-.RB "[ " spi
-.IR SPI " ]"
-
-.ti -8
-.IR XFRM-PROTO " :="
-.BR esp " | " ah " | " comp " | " route2 " | " hao
-
-.ti -8
-.IR ALGO-LIST " := [ " ALGO-LIST " ] " ALGO
-
-.ti -8
-.IR ALGO " :="
-.RB "{ " enc " | " auth " | " comp " } "
-.IR ALGO-NAME " " ALGO-KEY
-.R "|"
-.br
-.B aead
-.IR ALGO-NAME " " ALGO-KEY " " ALGO-ICV-LEN
-.R "|"
-.br
-.B auth-trunc
-.IR ALGO-NAME " " ALGO-KEY " " ALGO-TRUNC-LEN
-
-.ti -8
-.IR MODE " := "
-.BR transport " | " tunnel " | " ro " | " in_trigger " | " beet
-
-.ti -8
-.IR FLAG-LIST " := [ " FLAG-LIST " ] " FLAG
-
-.ti -8
-.IR FLAG " :="
-.BR noecn " | " decap-dscp " | " nopmtudisc " | " wildrecv " | " icmp " | " af-unspec " | " align4
-
-.ti -8
-.IR SELECTOR " :="
-.RB "[ " src
-.IR ADDR "[/" PLEN "] ]"
-.RB "[ " dst
-.IR ADDR "[/" PLEN "] ]"
-.RB "[ " dev
-.IR DEV " ]"
-.br
-.RI "[ " UPSPEC " ]"
-
-.ti -8
-.IR UPSPEC " := "
-.BR proto " {"
-.IR PROTO " |"
-.br
-.RB "{ " tcp " | " udp " | " sctp " | " dccp " } [ " sport
-.IR PORT " ]"
-.RB "[ " dport
-.IR PORT " ] |"
-.br
-.RB "{ " icmp " | " ipv6-icmp " | " mobility-header " } [ " type
-.IR NUMBER " ]"
-.RB "[ " code
-.IR NUMBER " ] |"
-.br
-.BR gre " [ " key
-.RI "{ " DOTTED-QUAD " | " NUMBER " } ] }"
-
-.ti -8
-.IR LIMIT-LIST " := [ " LIMIT-LIST " ]"
-.B limit
-.I LIMIT
-
-.ti -8
-.IR LIMIT " :="
-.RB "{ " time-soft " | " time-hard " | " time-use-soft " | " time-use-hard " }"
-.IR "SECONDS" " |"
-.br
-.RB "{ " byte-soft " | " byte-hard " }"
-.IR SIZE " |"
-.br
-.RB "{ " packet-soft " | " packet-hard " }"
-.I COUNT
-
-.ti -8
-.IR ENCAP " :="
-.RB "{ " espinudp " | " espinudp-nonike " }"
-.IR SPORT " " DPORT " " OADDR
-
-.ti -8
-.BR "ip xfrm policy" " { " add " | " update " }"
-.I SELECTOR
-.B dir
-.I DIR
-.RB "[ " ctx
-.IR CTX " ]"
-.RB "[ " mark
-.I MARK
-.RB "[ " mask
-.IR MASK " ] ]"
-.RB "[ " index
-.IR INDEX " ]"
-.RB "[ " ptype
-.IR PTYPE " ]"
-.RB "[ " action
-.IR ACTION " ]"
-.RB "[ " priority
-.IR PRIORITY " ]"
-.RB "[ " flag
-.IR FLAG-LIST " ]"
-.RI "[ " LIMIT-LIST " ] [ " TMPL-LIST " ]"
-
-.ti -8
-.BR "ip xfrm policy" " { " delete " | " get " }"
-.RI "{ " SELECTOR " | "
-.B index
-.IR INDEX " }"
-.B dir
-.I DIR
-.RB "[ " ctx
-.IR CTX " ]"
-.RB "[ " mark
-.I MARK
-.RB "[ " mask
-.IR MASK " ] ]"
-.RB "[ " ptype
-.IR PTYPE " ]"
-
-.ti -8
-.BR "ip xfrm policy" " { " deleteall " | " list " }"
-.RI "[ " SELECTOR " ]"
-.RB "[ " dir
-.IR DIR " ]"
-.RB "[ " index
-.IR INDEX " ]"
-.RB "[ " ptype
-.IR PTYPE " ]"
-.RB "[ " action
-.IR ACTION " ]"
-.RB "[ " priority
-.IR PRIORITY " ]"
-
-.ti -8
-.B "ip xfrm policy flush"
-.RB "[ " ptype
-.IR PTYPE " ]"
-
-.ti -8
-.B "ip xfrm policy count"
-
-.ti -8
-.IR SELECTOR " :="
-.RB "[ " src
-.IR ADDR "[/" PLEN "] ]"
-.RB "[ " dst
-.IR ADDR "[/" PLEN "] ]"
-.RB "[ " dev
-.IR DEV " ]"
-.RI "[ " UPSPEC " ]"
-
-.ti -8
-.IR UPSPEC " := "
-.BR proto " {"
-.IR PROTO " |"
-.br
-.RB "{ " tcp " | " udp " | " sctp " | " dccp " } [ " sport
-.IR PORT " ]"
-.RB "[ " dport
-.IR PORT " ] |"
-.br
-.RB "{ " icmp " | " ipv6-icmp " | " mobility-header " } [ " type
-.IR NUMBER " ]"
-.RB "[ " code
-.IR NUMBER " ] |"
-.br
-.BR gre " [ " key
-.RI "{ " DOTTED-QUAD " | " NUMBER " } ] }"
-
-.ti -8
-.IR DIR " := "
-.BR in " | " out " | " fwd
-
-.ti -8
-.IR PTYPE " := "
-.BR main " | " sub
-
-.ti -8
-.IR ACTION " := "
-.BR allow " | " block
-
-.ti -8
-.IR FLAG-LIST " := [ " FLAG-LIST " ] " FLAG
-
-.ti -8
-.IR FLAG " :="
-.BR localok " | " icmp
-
-.ti -8
-.IR LIMIT-LIST " := [ " LIMIT-LIST " ]"
-.B limit
-.I LIMIT
-
-.ti -8
-.IR LIMIT " :="
-.RB "{ " time-soft " | " time-hard " | " time-use-soft " | " time-use-hard " }"
-.IR "SECONDS" " |"
-.br
-.RB "{ " byte-soft " | " byte-hard " }"
-.IR SIZE " |"
-.br
-.RB "{ " packet-soft " | " packet-hard " }"
-.I COUNT
-
-.ti -8
-.IR TMPL-LIST " := [ " TMPL-LIST " ]"
-.B tmpl
-.I TMPL
-
-.ti -8
-.IR TMPL " := " ID
-.RB "[ " mode
-.IR MODE " ]"
-.RB "[ " reqid
-.IR REQID " ]"
-.RB "[ " level
-.IR LEVEL " ]"
-
-.ti -8
-.IR ID " :="
-.RB "[ " src
-.IR ADDR " ]"
-.RB "[ " dst
-.IR ADDR " ]"
-.RB "[ " proto
-.IR XFRM-PROTO " ]"
-.RB "[ " spi
-.IR SPI " ]"
-
-.ti -8
-.IR XFRM-PROTO " :="
-.BR esp " | " ah " | " comp " | " route2 " | " hao
-
-.ti -8
-.IR MODE " := "
-.BR transport " | " tunnel " | " ro " | " in_trigger " | " beet
-
-.ti -8
-.IR LEVEL " :="
-.BR required " | " use
-
-.ti -8
-.BR "ip xfrm monitor" " [ " all " |"
-.IR LISTofXFRM-OBJECTS " ]"
-
-.in -8
-.ad b
-
.SH OPTIONS
.TP
.SS
.I OBJECT
-.TP
-.B link
-- network device.
-
.TP
.B address
- protocol (IP or IPv6) address on a device.
- label configuration for protocol address selection.
.TP
-.B neighbour
-- ARP or NDISC cache entry.
-
-.TP
-.B route
-- routing table entry.
+.B l2tp
+- tunnel ethernet over IP (L2TPv3).
.TP
-.B rule
-- rule in routing policy database.
+.B link
+- network device.
.TP
.B maddress
- multicast address.
+.TP
+.B monitor
+- watch for netlink messages.
+
.TP
.B mroute
- multicast routing cache entry.
.TP
-.B tunnel
-- tunnel over IP.
-
-.PP
-The names of all objects may be written in full or
-abbreviated form, f.e.
-.B address
-is abbreviated as
-.B addr
-or just
-.B a.
-
-.SS
-.I COMMAND
-
-Specifies the action to perform on the object.
-The set of possible actions depends on the object type.
-As a rule, it is possible to
-.BR "add" , " delete"
-and
-.B show
-(or
-.B list
-) objects, but some objects do not allow all of these operations
-or have some additional commands. The
-.B help
-command is available for all objects. It prints
-out a list of available commands and argument syntax conventions.
-.sp
-If no command is given, some default command is assumed.
-Usually it is
-.B list
-or, if the objects of this class cannot be listed,
-.BR "help" .
-
-.SH ip link - network device configuration
-
-.B link
-is a network device and the corresponding commands
-display and change the state of devices.
-
-.SS ip link add - add virtual link
-
-.TP
-.BI link " DEVICE "
-specifies the physical device to act operate on.
-
-.I NAME
-specifies the name of the new virtual device.
-
-.I TYPE
-specifies the type of the new device.
-.sp
-Link types:
-
-.in +8
-.B vlan
-- 802.1q tagged virrtual LAN interface
-.sp
-.B macvlan
-- virtual interface base on link layer address (MAC)
-.sp
-.B can
-- Controller Area Network interface
-.in -8
-
-.SS ip link delete - delete virtual link
-.I DEVICE
-specifies the virtual device to act operate on.
-.I TYPE
-specifies the type of the device.
-
-
-.TP
-.BI dev " DEVICE "
-specifies the physical device to act operate on.
-
-.SS ip link set - change device attributes
-
-.TP
-.BI dev " DEVICE "
-.I DEVICE
-specifies network device to operate on. When configuring SR-IOV Virtual Fuction
-(VF) devices, this keyword should specify the associated Physical Function (PF)
-device.
-
-.TP
-.BI group " GROUP "
-.I GROUP
-has a dual role: If both group and dev are present, then move the device to the
-specified group. If only a group is specified, then the command operates on
-all devices in that group.
-
-.TP
-.BR up " and " down
-change the state of the device to
-.B UP
-or
-.BR "DOWN" .
-
-.TP
-.BR "arp on " or " arp off"
-change the
-.B NOARP
-flag on the device.
-
-.TP
-.BR "multicast on " or " multicast off"
-change the
-.B MULTICAST
-flag on the device.
-
-.TP
-.BR "dynamic on " or " dynamic off"
-change the
-.B DYNAMIC
-flag on the device.
-
-.TP
-.BI name " NAME"
-change the name of the device. This operation is not
-recommended if the device is running or has some addresses
-already configured.
-
-.TP
-.BI txqueuelen " NUMBER"
-.TP
-.BI txqlen " NUMBER"
-change the transmit queue length of the device.
-
-.TP
-.BI mtu " NUMBER"
-change the
-.I MTU
-of the device.
-
-.TP
-.BI address " LLADDRESS"
-change the station address of the interface.
-
-.TP
-.BI broadcast " LLADDRESS"
-.TP
-.BI brd " LLADDRESS"
-.TP
-.BI peer " LLADDRESS"
-change the link layer broadcast address or the peer address when
-the interface is
-.IR "POINTOPOINT" .
-
-.TP
-.BI netns " PID"
-move the device to the network namespace associated with the process
-.IR "PID".
-
-.TP
-.BI netns " NETNSNAME"
-move the device to the network namespace associated with name
-.IR "NETNSNAME".
-
-.TP
-.BI alias " NAME"
-give the device a symbolic name for easy reference.
-
-.TP
-.BI group " GROUP"
-specify the group the device belongs to.
-The available groups are listed in file
-.BR "/etc/iproute2/group" .
-
-.TP
-.BI vf " NUM"
-specify a Virtual Function device to be configured. The associated PF device
-must be specified using the
-.B dev
-parameter.
-
-.in +8
-.BI mac " LLADDRESS"
-- change the station address for the specified VF. The
-.B vf
-parameter must be specified.
-
-.sp
-.BI vlan " VLANID"
-- change the assigned VLAN for the specified VF. When specified, all traffic
-sent from the VF will be tagged with the specified VLAN ID. Incoming traffic
-will be filtered for the specified VLAN ID, and will have all VLAN tags
-stripped before being passed to the VF. Setting this parameter to 0 disables
-VLAN tagging and filtering. The
-.B vf
-parameter must be specified.
-
-.sp
-.BI qos " VLAN-QOS"
-- assign VLAN QOS (priority) bits for the VLAN tag. When specified, all VLAN
-tags transmitted by the VF will include the specified priority bits in the
-VLAN tag. If not specified, the value is assumed to be 0. Both the
-.B vf
-and
-.B vlan
-parameters must be specified. Setting both
-.B vlan
-and
-.B qos
-as 0 disables VLAN tagging and filtering for the VF.
-
-.sp
-.BI rate " TXRATE"
-- change the allowed transmit bandwidth, in Mbps, for the specified VF.
-Setting this parameter to 0 disables rate limiting. The
-.B vf
-parameter must be specified.
-.in -8
-
-.TP
-.BI master " DEVICE"
-set master device of the device (enslave device).
-
-.TP
-.BI nomaster
-unset master device of the device (release device).
-
-.PP
-.B Warning:
-If multiple parameter changes are requested,
-.B ip
-aborts immediately after any of the changes have failed.
-This is the only case when
-.B ip
-can move the system to an unpredictable state. The solution
-is to avoid changing several parameters with one
-.B ip link set
-call.
-
-.SS ip link show - display device attributes
-
-.TP
-.BI dev " NAME " (default)
-.I NAME
-specifies the network device to show.
-If this argument is omitted all devices in the default group are listed.
-
-.TP
-.BI group " GROUP "
-.I GROUP
-specifies what group of devices to show.
-
-.TP
-.B up
-only display running interfaces.
-
-.SH ip address - protocol address management.
-
-The
-.B address
-is a protocol (IP or IPv6) address attached
-to a network device. Each device must have at least one address
-to use the corresponding protocol. It is possible to have several
-different addresses attached to one device. These addresses are not
-discriminated, so that the term
-.B alias
-is not quite appropriate for them and we do not use it in this document.
-.sp
-The
-.B ip addr
-command displays addresses and their properties, adds new addresses
-and deletes old ones.
-
-.SS ip address add - add new protocol address.
-
-.TP
-.BI dev " NAME"
-the name of the device to add the address to.
-
-.TP
-.BI local " ADDRESS " (default)
-the address of the interface. The format of the address depends
-on the protocol. It is a dotted quad for IP and a sequence of
-hexadecimal halfwords separated by colons for IPv6. The
-.I ADDRESS
-may be followed by a slash and a decimal number which encodes
-the network prefix length.
-
-.TP
-.BI peer " ADDRESS"
-the address of the remote endpoint for pointopoint interfaces.
-Again, the
-.I ADDRESS
-may be followed by a slash and a decimal number, encoding the network
-prefix length. If a peer address is specified, the local address
-cannot have a prefix length. The network prefix is associated
-with the peer rather than with the local address.
-
-.TP
-.BI broadcast " ADDRESS"
-the broadcast address on the interface.
-.sp
-It is possible to use the special symbols
-.B '+'
-and
-.B '-'
-instead of the broadcast address. In this case, the broadcast address
-is derived by setting/resetting the host bits of the interface prefix.
-
-.TP
-.BI label " NAME"
-Each address may be tagged with a label string.
-In order to preserve compatibility with Linux-2.0 net aliases,
-this string must coincide with the name of the device or must be prefixed
-with the device name followed by colon.
-
-.TP
-.BI scope " SCOPE_VALUE"
-the scope of the area where this address is valid.
-The available scopes are listed in file
-.BR "/etc/iproute2/rt_scopes" .
-Predefined scope values are:
-
-.in +8
-.B global
-- the address is globally valid.
-.sp
-.B site
-- (IPv6 only) the address is site local, i.e. it is
-valid inside this site.
-.sp
-.B link
-- the address is link local, i.e. it is valid only on this device.
-.sp
-.B host
-- the address is valid only inside this host.
-.in -8
-
-.SS ip address delete - delete protocol address
-.B Arguments:
-coincide with the arguments of
-.B ip addr add.
-The device name is a required argument. The rest are optional.
-If no arguments are given, the first address is deleted.
-
-.SS ip address show - look at protocol addresses
-
-.TP
-.BI dev " NAME " (default)
-name of device.
-
-.TP
-.BI scope " SCOPE_VAL"
-only list addresses with this scope.
-
-.TP
-.BI to " PREFIX"
-only list addresses matching this prefix.
-
-.TP
-.BI label " PATTERN"
-only list addresses with labels matching the
-.IR "PATTERN" .
-.I PATTERN
-is a usual shell style pattern.
-
-.TP
-.BR dynamic " and " permanent
-(IPv6 only) only list addresses installed due to stateless
-address configuration or only list permanent (not dynamic)
-addresses.
-
-.TP
-.B tentative
-(IPv6 only) only list addresses which have not yet passed duplicate
-address detection.
-
-.TP
-.B deprecated
-(IPv6 only) only list deprecated addresses.
-
-.TP
-.B dadfailed
-(IPv6 only) only list addresses which have failed duplicate
-address detection.
-
-.TP
-.B temporary
-(IPv6 only) only list temporary addresses.
-
-.TP
-.BR primary " and " secondary
-only list primary (or secondary) addresses.
-
-.SS ip address flush - flush protocol addresses
-This command flushes the protocol addresses selected by some criteria.
-
-.PP
-This command has the same arguments as
-.B show.
-The difference is that it does not run when no arguments are given.
-
-.PP
-.B Warning:
-This command (and other
-.B flush
-commands described below) is pretty dangerous. If you make a mistake,
-it will not forgive it, but will cruelly purge all the addresses.
-
-.PP
-With the
-.B -statistics
-option, the command becomes verbose. It prints out the number of deleted
-addresses and the number of rounds made to flush the address list. If
-this option is given twice,
-.B ip addr flush
-also dumps all the deleted addresses in the format described in the
-previous subsection.
-
-.SH ip addrlabel - protocol address label management.
-
-IPv6 address label is used for address selection
-described in RFC 3484. Precedence is managed by userspace,
-and only label is stored in kernel.
-
-.SS ip addrlabel add - add an address label
-the command adds an address label entry to the kernel.
-.TP
-.BI prefix " PREFIX"
-.TP
-.BI dev " DEV"
-the outgoing interface.
-.TP
-.BI label " NUMBER"
-the label for the prefix.
-0xffffffff is reserved.
-.SS ip addrlabel del - delete an address label
-the command deletes an address label entry in the kernel.
-.B Arguments:
-coincide with the arguments of
-.B ip addrlabel add
-but label is not required.
-.SS ip addrlabel list - list address labels
-the command show contents of address labels.
-.SS ip addrlabel flush - flush address labels
-the command flushes the contents of address labels and it does not restore default settings.
-.SH ip neighbour - neighbour/arp tables management.
-
-.B neighbour
-objects establish bindings between protocol addresses and
-link layer addresses for hosts sharing the same link.
-Neighbour entries are organized into tables. The IPv4 neighbour table
-is known by another name - the ARP table.
-
-.P
-The corresponding commands display neighbour bindings
-and their properties, add new neighbour entries and delete old ones.
-
-.SS ip neighbour add - add a new neighbour entry
-.SS ip neighbour change - change an existing entry
-.SS ip neighbour replace - add a new entry or change an existing one
-
-These commands create new neighbour records or update existing ones.
-
-.TP
-.BI to " ADDRESS " (default)
-the protocol address of the neighbour. It is either an IPv4 or IPv6 address.
-
-.TP
-.BI dev " NAME"
-the interface to which this neighbour is attached.
-
-.TP
-.BI lladdr " LLADDRESS"
-the link layer address of the neighbour.
-.I LLADDRESS
-can also be
-.BR "null" .
-
-.TP
-.BI nud " NUD_STATE"
-the state of the neighbour entry.
-.B nud
-is an abbreviation for 'Neighbour Unreachability Detection'.
-The state can take one of the following values:
-
-.in +8
-.B permanent
-- the neighbour entry is valid forever and can be only
-be removed administratively.
-.sp
-
-.B noarp
-- the neighbour entry is valid. No attempts to validate
-this entry will be made but it can be removed when its lifetime expires.
-.sp
-
-.B reachable
-- the neighbour entry is valid until the reachability
-timeout expires.
-.sp
-
-.B stale
-- the neighbour entry is valid but suspicious.
-This option to
-.B ip neigh
-does not change the neighbour state if it was valid and the address
-is not changed by this command.
-.in -8
-
-.SS ip neighbour delete - delete a neighbour entry
-This command invalidates a neighbour entry.
-
-.PP
-The arguments are the same as with
-.BR "ip neigh add" ,
-except that
-.B lladdr
-and
-.B nud
-are ignored.
-
-.PP
-.B Warning:
-Attempts to delete or manually change a
-.B noarp
-entry created by the kernel may result in unpredictable behaviour.
-Particularly, the kernel may try to resolve this address even
-on a
-.B NOARP
-interface or if the address is multicast or broadcast.
-
-.SS ip neighbour show - list neighbour entries
-
-This commands displays neighbour tables.
-
-.TP
-.BI to " ADDRESS " (default)
-the prefix selecting the neighbours to list.
-
-.TP
-.BI dev " NAME"
-only list the neighbours attached to this device.
-
-.TP
-.B unused
-only list neighbours which are not currently in use.
-
-.TP
-.BI nud " NUD_STATE"
-only list neighbour entries in this state.
-.I NUD_STATE
-takes values listed below or the special value
-.B all
-which means all states. This option may occur more than once.
-If this option is absent,
-.B ip
-lists all entries except for
-.B none
-and
-.BR "noarp" .
-
-.SS ip neighbour flush - flush neighbour entries
-This command flushes neighbour tables, selecting
-entries to flush by some criteria.
-
-.PP
-This command has the same arguments as
-.B show.
-The differences are that it does not run when no arguments are given,
-and that the default neighbour states to be flushed do not include
-.B permanent
-and
-.BR "noarp" .
-
-.PP
-With the
-.B -statistics
-option, the command becomes verbose. It prints out the number of
-deleted neighbours and the number of rounds made to flush the
-neighbour table. If the option is given
-twice,
-.B ip neigh flush
-also dumps all the deleted neighbours.
-
-.SH ip ntable - neighbour table configuration
-Display and change the parameters for the neighbour tables.
-
-.SS ip ntable show - list the ip neighbour tables
-
-This commands displays neighbour table parameters and statistics.
-
-.TP
-.BI dev " DEV"
-only list the table attached to this device.
-
-.TP
-.BI name " NAME"
-only lists the table with the given name.
-
-.SS ip ntable change - modify table parameter
-
-This command allows modifying table parameters such as timers and queue lengths.
-.TP
-.BI name " NAME"
-the name of the table to modify.
-
-.TP
-.BI dev " DEV"
-the name of the device to modify the table values.
-
-.SH ip route - routing table management
-Manipulate route entries in the kernel routing tables keep
-information about paths to other networked nodes.
-.sp
-.B Route types:
-
-.in +8
-.B unicast
-- the route entry describes real paths to the destinations covered
-by the route prefix.
-
-.sp
-.B unreachable
-- these destinations are unreachable. Packets are discarded and the
-ICMP message
-.I host unreachable
-is generated.
-The local senders get an
-.I EHOSTUNREACH
-error.
-
-.sp
-.B blackhole
-- these destinations are unreachable. Packets are discarded silently.
-The local senders get an
-.I EINVAL
-error.
-
-.sp
-.B prohibit
-- these destinations are unreachable. Packets are discarded and the
-ICMP message
-.I communication administratively prohibited
-is generated. The local senders get an
-.I EACCES
-error.
-
-.sp
-.B local
-- the destinations are assigned to this host. The packets are looped
-back and delivered locally.
-
-.sp
-.B broadcast
-- the destinations are broadcast addresses. The packets are sent as
-link broadcasts.
-
-.sp
-.B throw
-- a special control route used together with policy rules. If such a
-route is selected, lookup in this table is terminated pretending that
-no route was found. Without policy routing it is equivalent to the
-absence of the route in the routing table. The packets are dropped
-and the ICMP message
-.I net unreachable
-is generated. The local senders get an
-.I ENETUNREACH
-error.
-
-.sp
-.B nat
-- a special NAT route. Destinations covered by the prefix
-are considered to be dummy (or external) addresses which require translation
-to real (or internal) ones before forwarding. The addresses to translate to
-are selected with the attribute
-.B Warning:
-Route NAT is no longer supported in Linux 2.6.
-
-
-.BR "via" .
-.sp
-.B anycast
-.RI "- " "not implemented"
-the destinations are
-.I anycast
-addresses assigned to this host. They are mainly equivalent
-to
-.B local
-with one difference: such addresses are invalid when used
-as the source address of any packet.
-
-.sp
-.B multicast
-- a special type used for multicast routing. It is not present in
-normal routing tables.
-.in -8
-
-.P
-.B Route tables:
-Linux-2.x can pack routes into several routing tables identified
-by a number in the range from 1 to 2^31 or by name from the file
-.B /etc/iproute2/rt_tables
-By default all normal routes are inserted into the
-.B main
-table (ID 254) and the kernel only uses this table when calculating routes.
-Values (0, 253, 254, and 255) are reserved for built-in use.
-
-.sp
-Actually, one other table always exists, which is invisible but
-even more important. It is the
-.B local
-table (ID 255). This table
-consists of routes for local and broadcast addresses. The kernel maintains
-this table automatically and the administrator usually need not modify it
-or even look at it.
-
-The multiple routing tables enter the game when
-.I policy routing
-is used.
-
-.SS ip route add - add new route
-.SS ip route change - change route
-.SS ip route replace - change or add new one
-
-.TP
-.BI to " TYPE PREFIX " (default)
-the destination prefix of the route. If
-.I TYPE
-is omitted,
-.B ip
-assumes type
-.BR "unicast" .
-Other values of
-.I TYPE
-are listed above.
-.I PREFIX
-is an IP or IPv6 address optionally followed by a slash and the
-prefix length. If the length of the prefix is missing,
-.B ip
-assumes a full-length host route. There is also a special
-.I PREFIX
-.B default
-- which is equivalent to IP
-.B 0/0
-or to IPv6
-.BR "::/0" .
-
-.TP
-.BI tos " TOS"
-.TP
-.BI dsfield " TOS"
-the Type Of Service (TOS) key. This key has no associated mask and
-the longest match is understood as: First, compare the TOS
-of the route and of the packet. If they are not equal, then the packet
-may still match a route with a zero TOS.
-.I TOS
-is either an 8 bit hexadecimal number or an identifier
-from
-.BR "/etc/iproute2/rt_dsfield" .
-
-.TP
-.BI metric " NUMBER"
-.TP
-.BI preference " NUMBER"
-the preference value of the route.
-.I NUMBER
-is an arbitrary 32bit number.
-
-.TP
-.BI table " TABLEID"
-the table to add this route to.
-.I TABLEID
-may be a number or a string from the file
-.BR "/etc/iproute2/rt_tables" .
-If this parameter is omitted,
-.B ip
-assumes the
-.B main
-table, with the exception of
-.BR local " , " broadcast " and " nat
-routes, which are put into the
-.B local
-table by default.
-
-.TP
-.BI dev " NAME"
-the output device name.
-
-.TP
-.BI via " ADDRESS"
-the address of the nexthop router. Actually, the sense of this field
-depends on the route type. For normal
-.B unicast
-routes it is either the true next hop router or, if it is a direct
-route installed in BSD compatibility mode, it can be a local address
-of the interface. For NAT routes it is the first address of the block
-of translated IP destinations.
-
-.TP
-.BI src " ADDRESS"
-the source address to prefer when sending to the destinations
-covered by the route prefix.
-
-.TP
-.BI realm " REALMID"
-the realm to which this route is assigned.
-.I REALMID
-may be a number or a string from the file
-.BR "/etc/iproute2/rt_realms" .
-
-.TP
-.BI mtu " MTU"
-.TP
-.BI "mtu lock" " MTU"
-the MTU along the path to the destination. If the modifier
-.B lock
-is not used, the MTU may be updated by the kernel due to
-Path MTU Discovery. If the modifier
-.B lock
-is used, no path MTU discovery will be tried, all packets
-will be sent without the DF bit in IPv4 case or fragmented
-to MTU for IPv6.
-
-.TP
-.BI window " NUMBER"
-the maximal window for TCP to advertise to these destinations,
-measured in bytes. It limits maximal data bursts that our TCP
-peers are allowed to send to us.
-
-.TP
-.BI rtt " TIME"
-the initial RTT ('Round Trip Time') estimate. If no suffix is
-specified the units are raw values passed directly to the
-routing code to maintain compatibility with previous releases.
-Otherwise if a suffix of s, sec or secs is used to specify
-seconds and ms, msec or msecs to specify milliseconds.
-
-
-.TP
-.BI rttvar " TIME " "(2.3.15+ only)"
-the initial RTT variance estimate. Values are specified as with
-.BI rtt
-above.
-
-.TP
-.BI rto_min " TIME " "(2.6.23+ only)"
-the minimum TCP Retransmission TimeOut to use when communicating with this
-destination. Values are specified as with
-.BI rtt
-above.
-
-.TP
-.BI ssthresh " NUMBER " "(2.3.15+ only)"
-an estimate for the initial slow start threshold.
-
-.TP
-.BI cwnd " NUMBER " "(2.3.15+ only)"
-the clamp for congestion window. It is ignored if the
-.B lock
-flag is not used.
-
-.TP
-.BI initcwnd " NUMBER " "(2.5.70+ only)"
-the initial congestion window size for connections to this destination.
-Actual window size is this value multiplied by the MSS
-(``Maximal Segment Size'') for same connection. The default is
-zero, meaning to use the values specified in RFC2414.
-
-.TP
-.BI initrwnd " NUMBER " "(2.6.33+ only)"
-the initial receive window size for connections to this destination.
-Actual window size is this value multiplied by the MSS of the connection.
-The default value is zero, meaning to use Slow Start value.
-
-.TP
-.BI advmss " NUMBER " "(2.3.15+ only)"
-the MSS ('Maximal Segment Size') to advertise to these
-destinations when establishing TCP connections. If it is not given,
-Linux uses a default value calculated from the first hop device MTU.
-(If the path to these destination is asymmetric, this guess may be wrong.)
-
-.TP
-.BI reordering " NUMBER " "(2.3.15+ only)"
-Maximal reordering on the path to this destination.
-If it is not given, Linux uses the value selected with
-.B sysctl
-variable
-.BR "net/ipv4/tcp_reordering" .
-
-.TP
-.BI nexthop " NEXTHOP"
-the nexthop of a multipath route.
-.I NEXTHOP
-is a complex value with its own syntax similar to the top level
-argument lists:
-
-.in +8
-.BI via " ADDRESS"
-- is the nexthop router.
-.sp
-
-.BI dev " NAME"
-- is the output device.
-.sp
-
-.BI weight " NUMBER"
-- is a weight for this element of a multipath
-route reflecting its relative bandwidth or quality.
-.in -8
-
-.TP
-.BI scope " SCOPE_VAL"
-the scope of the destinations covered by the route prefix.
-.I SCOPE_VAL
-may be a number or a string from the file
-.BR "/etc/iproute2/rt_scopes" .
-If this parameter is omitted,
-.B ip
-assumes scope
-.B global
-for all gatewayed
-.B unicast
-routes, scope
-.B link
-for direct
-.BR unicast " and " broadcast
-routes and scope
-.BR host " for " local
-routes.
-
-.TP
-.BI protocol " RTPROTO"
-the routing protocol identifier of this route.
-.I RTPROTO
-may be a number or a string from the file
-.BR "/etc/iproute2/rt_protos" .
-If the routing protocol ID is not given,
-.B ip assumes protocol
-.B boot
-(i.e. it assumes the route was added by someone who doesn't
-understand what they are doing). Several protocol values have
-a fixed interpretation.
-Namely:
-
-.in +8
-.B redirect
-- the route was installed due to an ICMP redirect.
-.sp
-
-.B kernel
-- the route was installed by the kernel during autoconfiguration.
-.sp
-
-.B boot
-- the route was installed during the bootup sequence.
-If a routing daemon starts, it will purge all of them.
-.sp
-
-.B static
-- the route was installed by the administrator
-to override dynamic routing. Routing daemon will respect them
-and, probably, even advertise them to its peers.
-.sp
-
-.B ra
-- the route was installed by Router Discovery protocol.
-.in -8
-
-.sp
-The rest of the values are not reserved and the administrator is free
-to assign (or not to assign) protocol tags.
-
-.TP
-.B onlink
-pretend that the nexthop is directly attached to this link,
-even if it does not match any interface prefix.
-
-.SS ip route delete - delete route
-
-.B ip route del
-has the same arguments as
-.BR "ip route add" ,
-but their semantics are a bit different.
-
-Key values
-.RB "(" to ", " tos ", " preference " and " table ")"
-select the route to delete. If optional attributes are present,
-.B ip
-verifies that they coincide with the attributes of the route to delete.
-If no route with the given key and attributes was found,
-.B ip route del
-fails.
-
-.SS ip route show - list routes
-the command displays the contents of the routing tables or the route(s)
-selected by some criteria.
-
-.TP
-.BI to " SELECTOR " (default)
-only select routes from the given range of destinations.
-.I SELECTOR
-consists of an optional modifier
-.RB "(" root ", " match " or " exact ")"
-and a prefix.
-.BI root " PREFIX"
-selects routes with prefixes not shorter than
-.IR PREFIX "."
-F.e.
-.BI root " 0/0"
-selects the entire routing table.
-.BI match " PREFIX"
-selects routes with prefixes not longer than
-.IR PREFIX "."
-F.e.
-.BI match " 10.0/16"
-selects
-.IR 10.0/16 ","
-.IR 10/8 " and " 0/0 ,
-but it does not select
-.IR 10.1/16 " and " 10.0.0/24 .
-And
-.BI exact " PREFIX"
-(or just
-.IR PREFIX ")"
-selects routes with this exact prefix. If neither of these options
-are present,
-.B ip
-assumes
-.BI root " 0/0"
-i.e. it lists the entire table.
-
-.TP
-.BI tos " TOS"
-.BI dsfield " TOS"
-only select routes with the given TOS.
-
-.TP
-.BI table " TABLEID"
-show the routes from this table(s). The default setting is to show
-.BR table main "."
-.I TABLEID
-may either be the ID of a real table or one of the special values:
-.sp
-.in +8
-.B all
-- list all of the tables.
-.sp
-.B cache
-- dump the routing cache.
-.in -8
-
-.TP
-.B cloned
-.TP
-.B cached
-list cloned routes i.e. routes which were dynamically forked from
-other routes because some route attribute (f.e. MTU) was updated.
-Actually, it is equivalent to
-.BR "table cache" "."
-
-.TP
-.BI from " SELECTOR"
-the same syntax as for
-.BR to ","
-but it binds the source address range rather than destinations.
-Note that the
-.B from
-option only works with cloned routes.
-
-.TP
-.BI protocol " RTPROTO"
-only list routes of this protocol.
-
-.TP
-.BI scope " SCOPE_VAL"
-only list routes with this scope.
-
-.TP
-.BI type " TYPE"
-only list routes of this type.
-
-.TP
-.BI dev " NAME"
-only list routes going via this device.
-
-.TP
-.BI via " PREFIX"
-only list routes going via the nexthop routers selected by
-.IR PREFIX "."
-
-.TP
-.BI src " PREFIX"
-only list routes with preferred source addresses selected
-by
-.IR PREFIX "."
-
-.TP
-.BI realm " REALMID"
-.TP
-.BI realms " FROMREALM/TOREALM"
-only list routes with these realms.
-
-.SS ip route flush - flush routing tables
-this command flushes routes selected by some criteria.
-
-.sp
-The arguments have the same syntax and semantics as the arguments of
-.BR "ip route show" ,
-but routing tables are not listed but purged. The only difference is
-the default action:
-.B show
-dumps all the IP main routing table but
-.B flush
-prints the helper page.
-
-.sp
-With the
-.B -statistics
-option, the command becomes verbose. It prints out the number of
-deleted routes and the number of rounds made to flush the routing
-table. If the option is given
-twice,
-.B ip route flush
-also dumps all the deleted routes in the format described in the
-previous subsection.
-
-.SS ip route get - get a single route
-this command gets a single route to a destination and prints its
-contents exactly as the kernel sees it.
-
-.TP
-.BI to " ADDRESS " (default)
-the destination address.
-
-.TP
-.BI from " ADDRESS"
-the source address.
-
-.TP
-.BI tos " TOS"
-.TP
-.BI dsfield " TOS"
-the Type Of Service.
-
-.TP
-.BI iif " NAME"
-the device from which this packet is expected to arrive.
-
-.TP
-.BI oif " NAME"
-force the output device on which this packet will be routed.
-
-.TP
-.B connected
-if no source address
-.RB "(option " from ")"
-was given, relookup the route with the source set to the preferred
-address received from the first lookup.
-If policy routing is used, it may be a different route.
-
-.P
-Note that this operation is not equivalent to
-.BR "ip route show" .
-.B show
-shows existing routes.
-.B get
-resolves them and creates new clones if necessary. Essentially,
-.B get
-is equivalent to sending a packet along this path.
-If the
-.B iif
-argument is not given, the kernel creates a route
-to output packets towards the requested destination.
-This is equivalent to pinging the destination
-with a subsequent
-.BR "ip route ls cache" ,
-however, no packets are actually sent. With the
-.B iif
-argument, the kernel pretends that a packet arrived from this interface
-and searches for a path to forward the packet.
-
-.SS ip route save - save routing table information to stdout
-this command behaves like
-.BR "ip route show"
-except that the output is raw data suitable for passing to
-.BR "ip route restore" .
-
-.SS ip route restore - restore routing table information from stdin
-this command expects to read a data stream as returned from
-.BR "ip route save" .
-It will attempt to restore the routing table information exactly as
-it was at the time of the save, so any translation of information
-in the stream (such as device indexes) must be done first. Any existing
-routes are left unchanged. Any routes specified in the data stream that
-already exist in the table will be ignored.
-
-.SH ip rule - routing policy database management
-
-.BR "Rule" s
-in the routing policy database control the route selection algorithm.
-
-.P
-Classic routing algorithms used in the Internet make routing decisions
-based only on the destination address of packets (and in theory,
-but not in practice, on the TOS field).
-
-.P
-In some circumstances we want to route packets differently depending not only
-on destination addresses, but also on other packet fields: source address,
-IP protocol, transport protocol ports or even packet payload.
-This task is called 'policy routing'.
-
-.P
-To solve this task, the conventional destination based routing table, ordered
-according to the longest match rule, is replaced with a 'routing policy
-database' (or RPDB), which selects routes by executing some set of rules.
-
-.P
-Each policy routing rule consists of a
-.B selector
-and an
-.B action predicate.
-The RPDB is scanned in the order of increasing priority. The selector
-of each rule is applied to {source address, destination address, incoming
-interface, tos, fwmark} and, if the selector matches the packet,
-the action is performed. The action predicate may return with success.
-In this case, it will either give a route or failure indication
-and the RPDB lookup is terminated. Otherwise, the RPDB program
-continues on the next rule.
-
-.P
-Semantically, natural action is to select the nexthop and the output device.
-
-.P
-At startup time the kernel configures the default RPDB consisting of three
-rules:
-
-.TP
-1.
-Priority: 0, Selector: match anything, Action: lookup routing
-table
-.B local
-(ID 255).
-The
-.B local
-table is a special routing table containing
-high priority control routes for local and broadcast addresses.
-.sp
-Rule 0 is special. It cannot be deleted or overridden.
-
-.TP
-2.
-Priority: 32766, Selector: match anything, Action: lookup routing
-table
-.B main
-(ID 254).
-The
-.B main
-table is the normal routing table containing all non-policy
-routes. This rule may be deleted and/or overridden with other
-ones by the administrator.
-
-.TP
-3.
-Priority: 32767, Selector: match anything, Action: lookup routing
-table
-.B default
-(ID 253).
-The
-.B default
-table is empty. It is reserved for some post-processing if no previous
-default rules selected the packet.
-This rule may also be deleted.
-
-.P
-Each RPDB entry has additional
-attributes. F.e. each rule has a pointer to some routing
-table. NAT and masquerading rules have an attribute to select new IP
-address to translate/masquerade. Besides that, rules have some
-optional attributes, which routes have, namely
-.BR "realms" .
-These values do not override those contained in the routing tables. They
-are only used if the route did not select any attributes.
-
-.sp
-The RPDB may contain rules of the following types:
-
-.in +8
-.B unicast
-- the rule prescribes to return the route found
-in the routing table referenced by the rule.
-
-.B blackhole
-- the rule prescribes to silently drop the packet.
-
-.B unreachable
-- the rule prescribes to generate a 'Network is unreachable' error.
-
-.B prohibit
-- the rule prescribes to generate 'Communication is administratively
-prohibited' error.
-
-.B nat
-- the rule prescribes to translate the source address
-of the IP packet into some other value.
-.in -8
-
-.SS ip rule add - insert a new rule
-.SS ip rule delete - delete a rule
-
-.TP
-.BI type " TYPE " (default)
-the type of this rule. The list of valid types was given in the previous
-subsection.
-
-.TP
-.BI from " PREFIX"
-select the source prefix to match.
-
-.TP
-.BI to " PREFIX"
-select the destination prefix to match.
-
-.TP
-.BI iif " NAME"
-select the incoming device to match. If the interface is loopback,
-the rule only matches packets originating from this host. This means
-that you may create separate routing tables for forwarded and local
-packets and, hence, completely segregate them.
-
-.TP
-.BI oif " NAME"
-select the outgoing device to match. The outgoing interface is only
-available for packets originating from local sockets that are bound to
-a device.
-
-.TP
-.BI tos " TOS"
-.TP
-.BI dsfield " TOS"
-select the TOS value to match.
-
-.TP
-.BI fwmark " MARK"
-select the
-.B fwmark
-value to match.
-
-.TP
-.BI priority " PREFERENCE"
-the priority of this rule. Each rule should have an explicitly
-set
-.I unique
-priority value.
-The options preference and order are synonyms with priority.
+.B mrule
+- rule in multicast routing policy database.
.TP
-.BI table " TABLEID"
-the routing table identifier to lookup if the rule selector matches.
-It is also possible to use lookup instead of table.
-
-.TP
-.BI realms " FROM/TO"
-Realms to select if the rule matched and the routing table lookup
-succeeded. Realm
-.I TO
-is only used if the route did not select any realm.
-
-.TP
-.BI nat " ADDRESS"
-The base of the IP address block to translate (for source addresses).
-The
-.I ADDRESS
-may be either the start of the block of NAT addresses (selected by NAT
-routes) or a local host address (or even zero).
-In the last case the router does not translate the packets, but
-masquerades them to this address.
-Using map-to instead of nat means the same thing.
-
-.B Warning:
-Changes to the RPDB made with these commands do not become active
-immediately. It is assumed that after a script finishes a batch of
-updates, it flushes the routing cache with
-.BR "ip route flush cache" .
-
-.SS ip rule flush - also dumps all the deleted rules.
-This command has no arguments.
-
-.SS ip rule show - list rules
-This command has no arguments.
-The options list or lst are synonyms with show.
-
-.SH ip maddress - multicast addresses management
-
-.B maddress
-objects are multicast addresses.
-
-.SS ip maddress show - list multicast addresses
-
-.TP
-.BI dev " NAME " (default)
-the device name.
-
-.SS ip maddress add - add a multicast address
-.SS ip maddress delete - delete a multicast address
-these commands attach/detach a static link layer multicast address
-to listen on the interface.
-Note that it is impossible to join protocol multicast groups
-statically. This command only manages link layer addresses.
+.B neighbour
+- manage ARP or NDISC cache entries.
.TP
-.BI address " LLADDRESS " (default)
-the link layer multicast address.
+.B netns
+- manage network namespaces.
.TP
-.BI dev " NAME"
-the device to join/leave this multicast address.
-
-.SH ip mroute - multicast routing cache management
-.B mroute
-objects are multicast routing cache entries created by a user level
-mrouting daemon (f.e.
-.B pimd
-or
-.B mrouted
-).
-
-Due to the limitations of the current interface to the multicast routing
-engine, it is impossible to change
-.B mroute
-objects administratively, so we may only display them. This limitation
-will be removed in the future.
-
-.SS ip mroute show - list mroute cache entries
+.B ntable
+- manage the neighbor cache's operation.
.TP
-.BI to " PREFIX " (default)
-the prefix selecting the destination multicast addresses to list.
+.B route
+- routing table entry.
.TP
-.BI iif " NAME"
-the interface on which multicast packets are received.
+.B rule
+- rule in routing policy database.
.TP
-.BI from " PREFIX"
-the prefix selecting the IP source addresses of the multicast route.
-
-.SH ip tunnel - tunnel configuration
.B tunnel
-objects are tunnels, encapsulating packets in IP packets and then
-sending them over the IP infrastructure.
-The encapulating (or outer) address family is specified by the
-.B -f
-option. The default is IPv4.
-
-.SS ip tunnel add - add a new tunnel
-.SS ip tunnel change - change an existing tunnel
-.SS ip tunnel delete - destroy a tunnel
-
-.TP
-.BI name " NAME " (default)
-select the tunnel device name.
-
-.TP
-.BI mode " MODE"
-set the tunnel mode. Available modes depend on the encapsulating address family.
-.br
-Modes for IPv4 encapsulation available:
-.BR ipip ", " sit ", " isatap " and " gre "."
-.br
-Modes for IPv6 encapsulation available:
-.BR ip6ip6 ", " ipip6 " and " any "."
-
-.TP
-.BI remote " ADDRESS"
-set the remote endpoint of the tunnel.
-
-.TP
-.BI local " ADDRESS"
-set the fixed local address for tunneled packets.
-It must be an address on another interface of this host.
-
-.TP
-.BI ttl " N"
-set a fixed TTL
-.I N
-on tunneled packets.
-.I N
-is a number in the range 1--255. 0 is a special value
-meaning that packets inherit the TTL value.
-The default value for IPv4 tunnels is:
-.BR "inherit" .
-The default value for IPv6 tunnels is:
-.BR "64" .
-
-
-.TP
-.BI tos " T"
-.TP
-.BI dsfield " T"
-.TP
-.BI tclass " T"
-set a fixed TOS (or traffic class in IPv6)
-.I T
-on tunneled packets.
-The default value is:
-.BR "inherit" .
-
-.TP
-.BI dev " NAME"
-bind the tunnel to the device
-.I NAME
-so that tunneled packets will only be routed via this device and will
-not be able to escape to another device when the route to endpoint
-changes.
-
-.TP
-.B nopmtudisc
-disable Path MTU Discovery on this tunnel.
-It is enabled by default. Note that a fixed ttl is incompatible
-with this option: tunnelling with a fixed ttl always makes pmtu
-discovery.
-
-.TP
-.BI key " K"
-.TP
-.BI ikey " K"
-.TP
-.BI okey " K"
-.RB ( " only GRE tunnels " )
-use keyed GRE with key
-.IR K ". " K
-is either a number or an IP address-like dotted quad.
-The
-.B key
-parameter sets the key to use in both directions.
-The
-.BR ikey " and " okey
-parameters set different keys for input and output.
-
-.TP
-.BR csum ", " icsum ", " ocsum
-.RB ( " only GRE tunnels " )
-generate/require checksums for tunneled packets.
-The
-.B ocsum
-flag calculates checksums for outgoing packets.
-The
-.B icsum
-flag requires that all input packets have the correct
-checksum. The
-.B csum
-flag is equivalent to the combination
-.BR "icsum ocsum" .
-
-.TP
-.BR seq ", " iseq ", " oseq
-.RB ( " only GRE tunnels " )
-serialize packets.
-The
-.B oseq
-flag enables sequencing of outgoing packets.
-The
-.B iseq
-flag requires that all input packets are serialized.
-The
-.B seq
-flag is equivalent to the combination
-.BR "iseq oseq" .
-.B It isn't work. Don't use it.
-
-.TP
-.BR "dscp inherit"
-.RB ( " only IPv6 tunnels " )
-Inherit DS field between inner and outer header.
-
-.TP
-.BI encaplim " ELIM"
-.RB ( " only IPv6 tunnels " )
-set a fixed encapsulation limit. Default is 4.
-
-.TP
-.BI flowlabel " FLOWLABEL"
-.RB ( " only IPv6 tunnels " )
-set a fixed flowlabel.
-
-.SS ip tunnel prl - potential router list (ISATAP only)
+- tunnel over IP.
.TP
-.BI dev " NAME"
-mandatory device name.
+.B tuntap
+- manage TUN/TAP devices.
.TP
-.BI prl-default " ADDR"
-.TP
-.BI prl-nodefault " ADDR"
-.TP
-.BI prl-delete " ADDR"
-.RB "Add or delete " ADDR
-as a potential router or default router.
-
-.SS ip tunnel show - list tunnels
-This command has no arguments.
-
-.SH ip monitor and rtmon - state monitoring
+.B xfrm
+- manage IPSec policies.
-The
-.B ip
-utility can monitor the state of devices, addresses
-and routes continuously. This option has a slightly different format.
-Namely, the
-.B monitor
-command is the first in the command line and then the object list follows:
-
-.BR "ip monitor" " [ " all " |"
-.IR LISTofOBJECTS " ]"
+.PP
+The names of all objects may be written in full or
+abbreviated form, f.e.
+.B address
+is abbreviated as
+.B addr
+or just
+.B a.
-.I OBJECT-LIST
-is the list of object types that we want to monitor.
-It may contain
-.BR link ", " address " and " route "."
-If no
-.B file
-argument is given,
-.B ip
-opens RTNETLINK, listens on it and dumps state changes in the format
-described in previous sections.
+.SS
+.I COMMAND
-.P
-If a file name is given, it does not listen on RTNETLINK,
-but opens the file containing RTNETLINK messages saved in binary format
-and dumps them. Such a history file can be generated with the
-.B rtmon
-utility. This utility has a command line syntax similar to
-.BR "ip monitor" .
-Ideally,
-.B rtmon
-should be started before the first network configuration command
-is issued. F.e. if you insert:
-.sp
-.in +8
-rtmon file /var/log/rtmon.log
-.in -8
+Specifies the action to perform on the object.
+The set of possible actions depends on the object type.
+As a rule, it is possible to
+.BR "add" , " delete"
+and
+.B show
+(or
+.B list
+) objects, but some objects do not allow all of these operations
+or have some additional commands. The
+.B help
+command is available for all objects. It prints
+out a list of available commands and argument syntax conventions.
.sp
-in a startup script, you will be able to view the full history
-later.
-
-.P
-Certainly, it is possible to start
-.B rtmon
-at any time.
-It prepends the history with the state snapshot dumped at the moment
-of starting.
-
-.SH ip netns - process network namespace management
-
-A network namespace is logically another copy of the network stack,
-with it's own routes, firewall rules, and network devices.
-
-By convention a named network namespace is an object at
-.BR "/var/run/netns/" NAME
-that can be opened. The file descriptor resulting from opening
-.BR "/var/run/netns/" NAME
-refers to the specified network namespace. Holding that file
-descriptor open keeps the network namespace alive. The file
-descriptor can be used with the
-.B setns(2)
-system call to change the network namespace associated with a task.
-
-The convention for network namespace aware applications is to look
-for global network configuration files first in
-.BR "/etc/netns/" NAME "/"
-then in
-.BR "/etc/".
-For example, if you want a different version of
-.BR /etc/resolv.conf
-for a network namespace used to isolate your vpn you would name it
-.BR /etc/netns/myvpn/resolv.conf.
-
-.B ip netns exec
-automates handling of this configuration, file convention for network
-namespace unaware applications, by creating a mount namespace and
-bind mounting all of the per network namespace configure files into
-their traditional location in /etc.
-
-.SS ip netns list - show all of the named network namespaces
-.SS ip netns add NAME - create a new named network namespace
-.SS ip netns delete NAME - delete the name of a network namespace
-.SS ip netns exec NAME cmd ... - Run cmd in the named network namespace
-
-.SH ip xfrm - transform configuration
-xfrm is an IP framework for transforming packets (such as encrypting
-their payloads). This framework is used to implement the IPsec protocol
-suite (with the
-.B state
-object operating on the Security Association Database, and the
-.B policy
-object operating on the Security Policy Database). It is also used for
-the IP Payload Compression Protocol and features of Mobile IPv6.
-
-.SS ip xfrm state add - add new state into xfrm
-
-.SS ip xfrm state update - update existing state in xfrm
-
-.SS ip xfrm state allocspi - allocate an SPI value
-
-.SS ip xfrm state delete - delete existing state in xfrm
-
-.SS ip xfrm state get - get existing state in xfrm
-
-.SS ip xfrm state deleteall - delete all existing state in xfrm
-
-.SS ip xfrm state list - print out the list of existing state in xfrm
-
-.SS ip xfrm state flush - flush all state in xfrm
-
-.SS ip xfrm state count - count all existing state in xfrm
-
-.TP
-.IR ID
-is specified by a source address, destination address,
-.RI "transform protocol " XFRM-PROTO ","
-and/or Security Parameter Index
-.IR SPI "."
-
-.TP
-.I XFRM-PROTO
-specifies a transform protocol:
-.RB "IPsec Encapsulating Security Payload (" esp "),"
-.RB "IPsec Authentication Header (" ah "),"
-.RB "IP Payload Compression (" comp "),"
-.RB "Mobile IPv6 Type 2 Routing Header (" route2 "), or"
-.RB "Mobile IPv6 Home Address Option (" hao ")."
-
-.TP
-.I ALGO-LIST
-specifies one or more algorithms
-.IR ALGO
-to use. Algorithm types include
-.RB "encryption (" enc "),"
-.RB "authentication (" auth "),"
-.RB "authentication with a specified truncation length (" auth-trunc "),"
-.RB "authenticated encryption with associated data (" aead "), and"
-.RB "compression (" comp ")."
-For each algorithm used, the algorithm type, the algorithm name
-.IR ALGO-NAME ","
-and the key
-.I ALGO-KEY
-must be specified. For
-.BR aead ","
-the Integrity Check Value length
-.I ALGO-ICV-LEN
-must additionally be specified.
-For
-.BR auth-trunc ","
-the signature truncation length
-.I ALGO-TRUNC-LEN
-must additionally be specified.
-
-.TP
-.I MODE
-specifies a mode of operation:
-.RB "IPsec transport mode (" transport "), "
-.RB "IPsec tunnel mode (" tunnel "), "
-.RB "Mobile IPv6 route optimization mode (" ro "), "
-.RB "Mobile IPv6 inbound trigger mode (" in_trigger "), or "
-.RB "IPsec ESP Bound End-to-End Tunnel Mode (" beet ")."
-
-.TP
-.I FLAG-LIST
-contains one or more of the following optional flags:
-.BR noecn ", " decap-dscp ", " nopmtudisc ", " wildrecv ", " icmp ", "
-.BR af-unspec ", or " align4 "."
-
-.TP
-.IR SELECTOR
-selects the traffic that will be controlled by the policy, based on the source
-address, the destination address, the network device, and/or
-.IR UPSPEC "."
-
-.TP
-.IR UPSPEC
-selects traffic by protocol. For the
-.BR tcp ", " udp ", " sctp ", or " dccp
-protocols, the source and destination port can optionally be specified.
-For the
-.BR icmp ", " ipv6-icmp ", or " mobility-header
-protocols, the type and code numbers can optionally be specified.
-For the
-.B gre
-protocol, the key can optionally be specified as a dotted-quad or number.
-Other protocols can be selected by name or number
-.IR PROTO "."
-
-.TP
-.I LIMIT-LIST
-sets limits in seconds, bytes, or numbers of packets.
-
-.TP
-.I ENCAP
-encapsulates packets with protocol
-.BR espinudp " or " espinudp-nonike ","
-.RI "using source port " SPORT ", destination port " DPORT
-.RI ", and original address " OADDR "."
-
-.SS ip xfrm policy add - add a new policy
-
-.SS ip xfrm policy update - update an existing policy
-
-.SS ip xfrm policy delete - delete an existing policy
-
-.SS ip xfrm policy get - get an existing policy
-
-.SS ip xfrm policy deleteall - delete all existing xfrm policies
-
-.SS ip xfrm policy list - print out the list of xfrm policies
-
-.SS ip xfrm policy flush - flush policies
-
-.SS ip xfrm policy count - count existing policies
-
-.TP
-.IR SELECTOR
-selects the traffic that will be controlled by the policy, based on the source
-address, the destination address, the network device, and/or
-.IR UPSPEC "."
-
-.TP
-.IR UPSPEC
-selects traffic by protocol. For the
-.BR tcp ", " udp ", " sctp ", or " dccp
-protocols, the source and destination port can optionally be specified.
-For the
-.BR icmp ", " ipv6-icmp ", or " mobility-header
-protocols, the type and code numbers can optionally be specified.
-For the
-.B gre
-protocol, the key can optionally be specified as a dotted-quad or number.
-Other protocols can be selected by name or number
-.IR PROTO "."
-
-.TP
-.I DIR
-selects the policy direction as
-.BR in ", " out ", or " fwd "."
-
-.TP
-.I CTX
-sets the security context.
-
-.TP
-.I PTYPE
-can be
-.BR main " (default) or " sub "."
-
-.TP
-.I ACTION
-can be
-.BR allow " (default) or " block "."
-
-.TP
-.I PRIORITY
-is a number that defaults to zero.
-
-.TP
-.I FLAG-LIST
-contains one or both of the following optional flags:
-.BR local " or " icmp "."
-
-.TP
-.I LIMIT-LIST
-sets limits in seconds, bytes, or numbers of packets.
-
-.TP
-.I TMPL-LIST
-is a template list specified using
-.IR ID ", " MODE ", " REQID ", and/or " LEVEL ". "
-
-.TP
-.IR ID
-is specified by a source address, destination address,
-.RI "transform protocol " XFRM-PROTO ","
-and/or Security Parameter Index
-.IR SPI "."
-
-.TP
-.I XFRM-PROTO
-specifies a transform protocol:
-.RB "IPsec Encapsulating Security Payload (" esp "),"
-.RB "IPsec Authentication Header (" ah "),"
-.RB "IP Payload Compression (" comp "),"
-.RB "Mobile IPv6 Type 2 Routing Header (" route2 "), or"
-.RB "Mobile IPv6 Home Address Option (" hao ")."
-
-.TP
-.I MODE
-specifies a mode of operation:
-.RB "IPsec transport mode (" transport "), "
-.RB "IPsec tunnel mode (" tunnel "), "
-.RB "Mobile IPv6 route optimization mode (" ro "), "
-.RB "Mobile IPv6 inbound trigger mode (" in_trigger "), or "
-.RB "IPsec ESP Bound End-to-End Tunnel Mode (" beet ")."
-
-.TP
-.I LEVEL
-can be
-.BR required " (default) or " use "."
-
-.SS ip xfrm monitor - state monitoring for xfrm objects
-The xfrm objects to monitor can be optionally specified.
+If no command is given, some default command is assumed.
+Usually it is
+.B list
+or, if the objects of this class cannot be listed,
+.BR "help" .
.SH HISTORY
.B ip
was written by Alexey N. Kuznetsov and added in Linux 2.2.
.SH SEE ALSO
-.BR tc (8)
+.BR ip-address (8),
+.BR ip-addrlabel (8),
+.BR ip-l2tp (8),
+.BR ip-link (8),
+.BR ip-maddress (8),
+.BR ip-monitor (8),
+.BR ip-mroute (8),
+.BR ip-neighbour (8),
+.BR ip-netns (8),
+.BR ip-ntable (8),
+.BR ip-route (8),
+.BR ip-rule (8),
+.BR ip-tunnel (8),
+.BR ip-xfrm (8)
.br
.RB "IP Command reference " ip-cref.ps
-.br
-.RB "IP tunnels " ip-cref.ps
-.br
-.RB "User documentation at " http://lartc.org/ ", but please direct bugreports and patches to: " <netdev@vger.kernel.org>
+.SH REPORTING BUGS
+Report bug to the Network Developers mailing list
+.B <netdev@vger.kernel.org>
+where the development and maintenance is primarily done.
+You do not have to be subscribed to the list to send a message there.
.SH AUTHOR
-Original Manpage by Michail Litvak <mci@owl.openwall.com>
+Original Manpage by Michail Litvak <mci@owl.openwall.com>
projects / lisovros / iproute2_canprio.git / blobdiff