ifconfig sucks

On Linux, ifconfig is an archaic network interface configuration command. The implementation commonly encountered, "net-tools", has a number of problems which make it more and more unsuitable. The list of replacements is below.

1. Makes secondary addresses look like separate interfaces

People often get the impression that labeled secondary addresses are a separate interface (thanks to the dumb output of ifconfig, as a result of ioctl limitations), which in fact is not the case. You cannot use eth0:1 in iptables nor iproute2, so do not even think of eth0:1 being an interface on its own.

Similarly, you cannot set flags on these “interfaces”.

# ifconfig dummy0:1 up
# ifconfig dummy0
dummy0    Link encap:Ethernet  HWaddr FE:50:31:E6:14:17
          BROADCAST NOARP  MTU:1500  Metric:1

Still down. Obviously, since it is not an interface.

2. Overrides colon

Linux does allow interfaces to be composed of any characters, except the slash (to make it fit for filesystem exposure, cf. sysfs) and the NUL byte (obvious string terminator in C). As such, you could indeed have an interface called "eth0:foo", and properly interact with it with iproute2. But it would be inaccessible from ifconfig.

3. Cannot handle same-label addresses

Now that we have established that ifconfig essentially uses interface labels for lookups (when one is defined), one can notice that it does not — or more specifically, can not, because it uses an ancient BSD interface — deal with non-unique labels. In fact, it will miss out on the first result's label.

# modprobe dummy
# ip addr add dev dummy0 label eth0:A
# ip addr add dev dummy0 label eth0:A
# ip addr add dev dummy0 label eth0:C

4. Locale-specific behavior

The output of ifconfig is localized, which means you get it in your preferred language. This for example breaks when other tools are used to parse its output, like grep in the simplest case. Writing a grep formula to automatically catch this is error prone. The use of resetting the environment LC_MESSAGES or LANG in every call is not that nice either.

5. Does not support non-labeled secondary addresses

The title speaks for itself. Execute the following with an IP address of your choice (given that eth0 already has an address), and it will not show up in ifconfig.

ip addr add brd + dev eth0

6. Does not display peer address

You can set up a peer binding on Ethernet, but eventually, ifconfig will not show the peer that was just set.

# ip addr add peer dev eth0
# ifconfig eth0

7. Does not support nor use CIDR notation

ifconfig still operates with the old-fashioned netmasks (for IPv4).

8. Strange hardware address for tun tunnels and wmaster0 interfaces

`ifconfig tun0` gives lots of zeroes for the hardware address, but what for please?

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:  P-t-P:  Mask:

Additionally, this is where parsers might choke on, since the hardware address does not match typical 48-bit MAC Ethernet format.

I hear InfiniBand addresses are 20 bytes in size, but ifconfig would only show 16.

9. Not developed anymore

Except for the patch mass that some distros accumulated, the net-tools package (the variant used in Linux distributions, at least) has not seen any significant upstream development after version 1.60, released sometime about April 15 2001.


Given that we have the successor ip from the iproute2 package with the features (including newer things like policy routing), there is just no need to continue using ifconfig. Consider to be ridiculed at when posting traces of utilizing it.

State of Linux distributions: openSUSE is known to exclusively use iproute2 for setting up networking during boot and installation. Debian and its offsprings are known to exclusively go the archaic way, and (as of 2008), things don't look brighter in Fedora either. (Update 2015-01: Once systemd-networkd gains hold in Fedora, one can be reasonably sure ifconfig is gone for boot.)

New equivalents

net-tools iproute2
ifconfig ip addr, ip link
ifconfig (interface stats) ip -s link
route ip route
arp ip neigh
netstat ss
netstat -M conntrack -L
netstat -g ip maddr
netstat -i ip -s link
netstat -r ip route
iptunnel ip tunnel
ipmaddr ip maddr
tunctl ip tuntap (since iproute-2.6.34)
(none) for interface rename ip link set dev OLDNAME name NEWNAME
brctl bridge (since iproute-3.5.0)

Posted 2008-02-19 21:02 / Tags: Linux. / link