How to use the command 'ip rule' (with examples)

How to use the command 'ip rule' (with examples)

The ‘ip rule’ command is used to manage the routing policy database in Linux. It allows users to define rules that specify how packets should be routed based on various criteria such as source or destination addresses. This command is particularly useful for network administrators who need to control and customize the routing behavior of their Linux systems.

Use case 1: Display the routing policy

Code:

ip rule show

Motivation: By using the ‘ip rule show’ command, users can view the current routing policy configured on their Linux system. This can be helpful for troubleshooting network connectivity issues, understanding how packets are being routed, or verifying the effectiveness of any applied routing rules.

Explanation:

  • ‘ip’ is the main command that refers to the IP tool.
  • ‘rule’ is the subcommand that specifically deals with IP routing policy.
  • ‘show’ is an option that directs the command to display the existing routing rules.

Example output:

0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

Use case 2: Add a new rule based on packet source addresses

Code:

sudo ip rule add from 192.168.178.2/32

Motivation: This example is useful when you want to add a new routing rule based on the source address of incoming packets. By defining specific source addresses, you can route packets differently depending on their origin, allowing for customized routing policies.

Explanation:

  • ‘sudo’ is used to run the command with administrative privileges.
  • ‘ip rule add’ is the command structure that adds a new rule to the routing policy.
  • ‘from 192.168.178.2/32’ is an argument that specifies the source address range for the packets to be matched against. In this case, only packets originating from the IP address 192.168.178.2 will be affected by this rule.

Use case 3: Add a new rule based on packet destination addresses

Code:

sudo ip rule add to 192.168.178.2/32

Motivation: In certain situations, it may be necessary to route packets differently based on their destination addresses. This example demonstrates how to add a rule that matches packets with a specific destination address range, allowing for more granular control over the routing behavior.

Explanation:

  • ‘sudo’ is used to run the command with administrative privileges.
  • ‘ip rule add’ is the command structure that adds a new rule to the routing policy.
  • ’to 192.168.178.2/32’ is an argument that specifies the destination address range for the packets to be matched against. In this case, only packets destined for the IP address 192.168.178.2 will be affected by this rule.

Use case 4: Delete a rule based on packet source addresses

Code:

sudo ip rule delete from 192.168.178.2/32

Motivation: When a previously defined rule is no longer needed or if it needs to be modified, users can delete it using the ‘ip rule delete’ command. This example demonstrates how to remove a rule based on packet source addresses.

Explanation:

  • ‘sudo’ is used to run the command with administrative privileges.
  • ‘ip rule delete’ is the command structure that deletes an existing rule from the routing policy.
  • ‘from 192.168.178.2/32’ is an argument that specifies the source address range for the packets to be matched against. This allows the command to identify and delete the corresponding rule.

Use case 5: Delete a rule based on packet destination addresses

Code:

sudo ip rule delete to 192.168.178.2/32

Motivation: Similar to use case 4, this example demonstrates how to delete a routing rule, but based on the packet’s destination addresses. By removing rules that are no longer needed, network administrators can ensure that their routing policy remains up to date and efficient.

Explanation:

  • ‘sudo’ is used to run the command with administrative privileges.
  • ‘ip rule delete’ is the command structure that deletes an existing rule from the routing policy.
  • ’to 192.168.178.2/32’ is an argument that specifies the destination address range for the packets to be matched against. This allows the command to identify and delete the corresponding rule.

Use case 6: Flush all deleted rules

Code:

ip rule flush

Motivation: After deleting multiple rules, it may be necessary to remove all deleted rules from the routing policy database completely. The ‘ip rule flush’ command allows users to clear all the previously deleted rules, providing a clean slate for adding new rules or reconfiguring existing ones.

Explanation:

  • ‘ip’ is the main command that refers to the IP tool.
  • ‘rule’ is the subcommand that specifically deals with IP routing policy.
  • ‘flush’ is an option that directs the command to remove all deleted rules from the routing policy database.

Use case 7: Save all rules to a file

Code:

ip rule save > path/to/ip_rules.dat

Motivation: To save a snapshot of all the current routing rules defined in the routing policy database, users can use the ‘ip rule save’ command. This can be useful for documentation purposes or to create a backup of the routing rules that can be easily restored later.

Explanation:

  • ‘ip’ is the main command that refers to the IP tool.
  • ‘rule’ is the subcommand that specifically deals with IP routing policy.
  • ‘save’ is an option that directs the command to save all the routing rules to a file.
  • ‘> path/to/ip_rules.dat’ is a redirect command that saves the output of the command to the specified file path.

Use case 8: Restore all rules from a file

Code:

ip rule restore < path/to/ip_rules.dat

Motivation: If users have previously saved the routing rules to a file, they can restore those rules at a later time using the ‘ip rule restore’ command. This allows for easy migration of routing policies between systems or to revert to a known working configuration.

Explanation:

  • ‘ip’ is the main command that refers to the IP tool.
  • ‘rule’ is the subcommand that specifically deals with IP routing policy.
  • ‘restore’ is an option that directs the command to restore routing rules from a file.
  • ‘< path/to/ip_rules.dat’ is a redirect command that provides the command with the saved routing rules contained in the specified file.

Conclusion:

The ‘ip rule’ command is a powerful tool for managing the routing policy database in Linux. By utilizing the various options and arguments provided by this command, users can define, modify, delete, and restore routing rules based on different criteria such as source or destination addresses. This flexibility allows network administrators to customize the routing behavior of their Linux systems and ensure efficient packet routing.

Tags :

Related Posts

Authenticating with GitHub using `gh auth` (with examples)

Authenticating with GitHub using `gh auth` (with examples)

GitHub authentication is essential for accessing and interacting with resources on the platform.

Read More
How to use the command 'pueue group' (with examples)

How to use the command 'pueue group' (with examples)

This article will guide you on how to use the ‘pueue group’ command for displaying, adding, and removing groups.

Read More
How to use the command 'tac' (with examples)

How to use the command 'tac' (with examples)

The ’tac’ command is a command-line utility in Linux that is used to display and concatenate files with lines in reverse order.

Read More