/etc/network/interfaces uses it too.

Samuel

]] Russ Allbery
I picked a few arbitrary networking platforms:

From
http://www.juniper.net/techpubs/software/junos-es/junos-es93/junos-es-jseries-quick-start/basic-connection-and-configuration-with-the-cli.html:

root# set interfaces ge-0/0/0 unit 0 family inet address 1.1.2.31/24
[***@MikroTik] ip address> add address=10.10.10.1/24 interface=ether2

From
http://stackoverflow.com/questions/11225681/interface-configuration-in-arista-eos :

localhost(config-if-Eth1)# ip address 172.16.204.4/24

(Arista's configuration manual is a PDF, hence linking to a random
stackoverflow description.)

From
http://dev-random.net/d-link-dgs-3324sr-management-ip-address-configuration/ :

config ipif System ipaddress 192.168.2.2/24

Cisco does it differently, and I'm sure some others do too, but the
$ip/prefixlen notation is pretty common in the networking world at
least.

It's quite common. For example, on JunOS, this is also how IP addresses
are expressed. This is quite like "192.168.0.195 netmask 255.255.255.0",
except this is "192.168.0.195 prefixlen 24" which then can be
abbrieviated to "192.168.0.195/24". You know this is not a prefix
because the prefix is "192.168.0.0/24" (and the prefix length is less
than 31).

This is also how it works with IPv6 (even on Cisco).

Yeah, I'm clearly incorrect about this, and I apologize for the noise (and
appreciate all the good information). I'm also now remembering, to my
embarassment, that I'd already ranted about and been corrected on this
before and then didn't retain that. I suppose that shows how little I
deal with the ip tool. (I probably should alias ifconfig to something
that reminds me to use ip to force myself to do the mental conversion.)

I apparently haven't gotten over my initial confusion when I ran into it
for the first time, but that isn't a good idea not to use the notation,
and I do see the merits. Hopefully this time I'll remember and learn and
not forget the whole conversation again!

I believe that is a mis-interpretation of that RFC. The examples are
all network addresses, but I don't think there is anything there that
restricts the CIDR notation only to that class of IPv4 addresses.

FWIW, the notation is much older and has been used for IPv4 address +
mask long before that RFC or the introduction of the "ip" tool. I am
unable to find the original first use, but here's at least one older
reference (from 1998):
https://tools.ietf.org/html/rfc2373#section-2.3

"The text representation of IPv6 address prefixes is similar to the
way IPv4 addresses prefixes are written in CIDR notation. An IPv6
address prefix is represented by the notation:

ipv6-address/prefix-length
"


The IPv4 CIDR notation was obviously already well enough known to be
used to explain the new IPv6 notation. I believe the above paragraph
would be very confusing, to the point of not making sense at all, if the
IPv4 notation was known to be used only for network address +
prefix-length.
"save space" by removing redundant information was pretty much the only
reason to introduce the prefix-length, wasn't it? Well, maybe not... It
also prevents anyone from trying to configure a netmask with holes in
it.

But if you always had to include the redundant network address, then you
wouldn't save any space. What would the point of the CIDR notation be
then? You might as well use one of the mask notations:

192.168.0.195 0.0.0.255
192.168.0.195 255.255.255.0

They are just as short (and commonly used, just like 192.168.0.195/24 is)
True. But in this case it makes the result easier to read by removing
duplicate information. That is good.


Bjørn

Those used to ifconfig's old output might dislike its new output too:

JESSIE

# ifconfig en0
en0 Link encap:Ethernet HWaddr 08:00:27:31:6a:8c
inet addr:192.168.43.242 Bcast:192.168.43.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

# ip a sh en0
2: en0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
link/ether 08:00:27:31:6a:8c brd ff:ff:ff:ff:ff:ff
inet 192.168.43.242/24 brd 192.168.43.255 scope global en0
valid_lft forever preferred_lft forever

STRETCH

# ifconfig en0
en0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.43.242 netmask 255.255.255.0 broadcast 192.168.43.255
ether 08:00:27:31:6a:8c txqueuelen 1000 (Ethernet)

# ip a sh en0
2: en0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
state UP group default qlen 1000
link/ether 08:00:27:31:6a:8c brd ff:ff:ff:ff:ff:ff
inet 192.168.43.242/24 brd 192.168.43.255 scope global en0
valid_lft forever preferred_lft forever

The stretch output's similar to the output on the BSDs and Solaris...

There are two things that make it less clear.

The thing you are looking for no longer starts at the first column

there are no blank lines between interfaces

If the numbers reach 2 digits then the interface name is indented at the
same level as the rest of the data, which makes it slightly worse.

I suspect that "wasting" a line feed between records would have made a
vast difference to people's ease of adoption.

Try comparing:

ip addr

to

ip addr | sed '2,$s/^\b/\n/'

I'm obviously already somewhat used to the normal output, so that now
looks weird, but it is also triggering my pattern recognition from
ifconfig a bit, so seems to have made me feel rather better about ip's
output.

I'm not suggesting we should actually change ip to have blank lines now,
but if you still find ip's output confusing, perhaps trying it with the
sed for a bit will allow you to transfer your familiarity from ifconfig.

If you want an even more old school look without losing any info, try:

| sed 's/^\(.*\): \(.*:\)/\1-\2/;2,$s/^\b/\n/;s/ /\t/'

Cheers, Phil.

Yes, it does indeed keep the offset of the headers for the various
protocol layers (link, ip, transport) in the skbuff. And yes, it uses
them where it can - for example when routing it knows it will be
looking at the destination ip address, and when routing it can use
those fields. In netfilter (iptables) has a separate block of code for
each test, so it can use them so the test knows . Unfortunately this
comes at a large cost - sequential execution. In the traffic control
engine the main filter, u32, doesn't have a clue what you are looking
at, so it can't. nftables could conceivably do it - but internally is
structured like u32 so it doesn't. eBpf could also conceivably do it -
but it has less of an idea of what it is looking at than u32 so it
doesn't either.

Linux provides what 2(?) API's for manipulating files - read/write and
memory mapped io. Want to count the number of ways it provides to
dissect and act upon network packets? These aren't the esoteric things
the file system hides under ioctl's either (which is arguably how it
the main API remains so clean) - all these ways of pulling apart and
manipulating packets are in the fast path.
I bet the bash authors use that argument when they add another feature.
In reality all code has a cost. Do you remember Van Jacobson's
suggestion for speeding up Linux's network stack? (It's mentioned in
his Wikipedia page.) I was lucky enough to be at linux.conf.au when he
first presented it. He provided working code and some very impressive
benchmarks. It went nowhere because of that cost thing - the code
doesn't have to be executed in order to slow down development. I think
Linux's networking mob pretty much gave up after the ipchains to
iptables transition. Now stuff doesn't get ripped out and replaced,
instead new ideas are bolted onto the side - creating a bigger ball of
wax that's even harder to move. Which is how we got to having the
ability to drop packets added in so many different places.
Maybe you trust Facebook's opinion instead (it's weird - that wasn't
easy to write):

http://www.theinquirer.net/inquirer/news/2359272/f

I have submitted patches for kernel the network stack to improve QoS
for ADSL (ie where ATM cells are the link layer carrier). I'm not
terribly forgiving of the long drawn out initiation rites the kernel
dev's seem to demand, so I eventually gave up. (It didn't help that
the kernel networking dev's all seemed to use cable and so didn't
notice the issue. As I was a heavy ADSL user it was a very pertinent
itch for me.) My co-conspirator, Jesper Brouer, did persevere in the
area and is now a name some in kernel development might recognise.
Years later he re-submitted the patch. When it was rejected by the
same people in much the same way he responded "please lets not go
through this again", and it was accepted.
As it happens I did write documentation. Not stuff most people consume
directly, but in a effort to use QoS I pored through the kernel source,
documented what it did and put the result up in a public place. That
documentation is now referenced in a number of places. For example
it's in the "SEE ALSO" of the tc-u32 man page, I think because it
copied large chunks of it.
I acknowledge it's hard to write good documentation. But I wasn't
talking about language skills. I was talking about writing a single
word. There wasn't one for tc for a long while. Some modules of tc
are still only mentioned in examples - like the ifb device (which sadly
because it's a key part of the traffic control puzzle).

Some get an introductory para only:

atm - a scheduler for ATM VC's.
gact - probabilistic filter action.
gred - generalised random early detection scheduler.
hhf - Heavy-Hitter Filter scheduler.
multiq - driver for multi queue devices, disguised as a scheduler
rsvp - Match Resource Reservation Protocol filter.
qfq - better version of pfifo, maybe.

At least a casual user can find the above and look up the kernel source
if they are desperate enough (I did it after all). But there are other
parts still haven't attracted a single word:

blackhole - a scheduler that always drops packets.
canid - a filter that looks at CAN bus ID's.
mq - the default scheduler used for virtual devices.
plug - scheduler allowing user space start / stopping of flows.
teql - link bonder disguised as a scheduler.
text - filter matching strings of text in a packet.
You learn something new every day. I had read the kernel devs had
rewritten net-tools. I presumed that was because the ioctl interface
had gone, so they were doing it out of the kindness of their hearts to
reduce the impact of the change over. Now I've looked at the source I
see that isn't so.
It always puzzles me when I see someone make a point like this - right
after adding another 100 words to the very discussion they say is
pointless!
There are 2(!) versions of ifconfig available - one in inettools and
one in net-tools. I don't recall anybody suggesting we remove either.

The issue is the new maintainer of net-tools is changing it's output.
This could reasonably be expected to break scripts scraping it. Since
its been superseded the suggestion is packages using it switch to
iproute2 rather than simply adapting to the change. Re-wording that in
Debian terms: that means no packages should depend on it.

Granted this simple suggestion has prompted several people to charge
off on vaguely related hobby horses, and I'm a prime if not the major
offender. Undoubtedly this has distracted from the original
discussion. That is unfortunate as the original idea seemed sound to
me - and not at all pointless.