Linux Networking

Linux networking encompasses network configuration, monitoring, troubleshooting, and security. Understanding networking concepts and tools is essential for system administration and application deployment.

Overview

Linux networking involves several key areas:

  • Network Interfaces - Physical and virtual network adapters
  • IP Configuration - IP addresses, subnets, and routing
  • DNS Resolution - Domain name to IP address translation
  • Network Services - SSH, HTTP, FTP, and other network services
  • Firewall Configuration - iptables, ufw, and firewalld
  • Network Monitoring - Traffic analysis and performance monitoring

Essential Network Commands

Command Purpose Example
ip Network interface and routing configuration ip addr show
ping Test network connectivity ping google.com
netstat Display network connections netstat -tuln
ss Modern replacement for netstat ss -tuln
wget Download files from web wget http://example.com/file
curl Transfer data to/from servers curl -I http://example.com
nmap Network discovery and security auditing nmap -sn 192.168.1.0/24
traceroute Trace network path to destination traceroute google.com
dig DNS lookup utility dig google.com
iptables Configure firewall rules iptables -L

Network Interface Configuration

View network interfaces

ip addr show # Show all interfaces ip addr show eth0 # Show specific interface ifconfig # Legacy command (if available) ip link show # Show link layer information

Display current network interface configuration

Configure IP address

# Add IP address sudo ip addr add 192.168.1.100/24 dev eth0 # Remove IP address sudo ip addr del 192.168.1.100/24 dev eth0 # Bring interface up/down sudo ip link set eth0 up sudo ip link set eth0 down

Configure network interfaces using the ip command

Configure routing

# View routing table ip route show # Add default gateway sudo ip route add default via 192.168.1.1 # Add specific route sudo ip route add 10.0.0.0/8 via 192.168.1.1 # Delete route sudo ip route del 10.0.0.0/8

Configure network routing and default gateway

Persistent network configuration

# Ubuntu/Debian - /etc/network/interfaces auto eth0 iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 8.8.8.8 8.8.4.4 # RHEL/CentOS - /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.1.100 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 DNS1=8.8.8.8 ONBOOT=yes

Configure persistent network settings in configuration files

Network Connectivity Testing

Basic connectivity testing

ping google.com # Test connectivity ping -c 4 google.com # Send 4 packets only ping -i 2 google.com # 2 second interval ping6 ipv6.google.com # IPv6 ping

Test basic network connectivity using ping

Trace network path

traceroute google.com # Trace route to destination tracepath google.com # Alternative trace command mtr google.com # Continuous trace (if installed)

Trace the network path to a destination

Port connectivity testing

# Test specific port telnet google.com 80 nc -zv google.com 80 # Using netcat # Test multiple ports nmap -p 22,80,443 google.com # Test port range nmap -p 1-1000 192.168.1.1

Test connectivity to specific ports and services

Network Monitoring

View network connections

# Modern ss command ss -tuln # TCP and UDP listening ports ss -tulpn # Include process information ss -s # Summary statistics # Legacy netstat command netstat -tuln # TCP and UDP listening ports netstat -tulpn # Include process information netstat -i # Interface statistics

Monitor active network connections and listening ports

Network traffic monitoring

# Real-time interface statistics watch -n 1 'cat /proc/net/dev' # Network traffic with iftop (if installed) sudo iftop -i eth0 # Bandwidth monitoring with vnstat (if installed) vnstat -i eth0 # Packet capture with tcpdump sudo tcpdump -i eth0 -n

Monitor network traffic and bandwidth usage

Network performance testing

# Bandwidth testing with iperf3 (if installed) iperf3 -s # Server mode iperf3 -c server_ip # Client mode # Download speed test wget -O /dev/null http://speedtest.wdc01.softlayer.com/downloads/test100.zip # Network latency testing ping -c 100 google.com | tail -1

Test network performance and bandwidth

DNS Configuration and Testing

DNS lookup tools

# DNS lookup with dig dig google.com # A record lookup dig @8.8.8.8 google.com # Use specific DNS server dig google.com MX # Mail exchange records dig google.com NS # Name server records # DNS lookup with nslookup nslookup google.com nslookup google.com 8.8.8.8 # Reverse DNS lookup dig -x 8.8.8.8

Perform DNS lookups and troubleshooting

DNS configuration

# View current DNS settings cat /etc/resolv.conf # Configure DNS servers echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf echo "nameserver 8.8.4.4" | sudo tee -a /etc/resolv.conf # Local hostname resolution cat /etc/hosts echo "192.168.1.100 myserver.local" | sudo tee -a /etc/hosts

Configure DNS servers and local hostname resolution

Web and HTTP Tools

Download files with wget

wget http://example.com/file.zip # Download file wget -c http://example.com/file.zip # Continue partial download wget -r http://example.com/ # Recursive download wget -O newname.zip http://example.com/file.zip # Save with different name wget --limit-rate=200k http://example.com/file.zip # Limit bandwidth

Download files and websites using wget

HTTP requests with curl

curl http://example.com # GET request curl -I http://example.com # HEAD request (headers only) curl -X POST http://example.com/api # POST request curl -d "data=value" http://example.com/api # POST with data curl -H "Authorization: Bearer token" http://example.com/api # Custom headers curl -o file.html http://example.com # Save output to file

Make HTTP requests and test web services using curl

Web server testing

# Test HTTP response codes curl -s -o /dev/null -w "%{http_code}" http://example.com # Test response time curl -s -o /dev/null -w "%{time_total}" http://example.com # Test SSL certificate curl -I https://example.com openssl s_client -connect example.com:443

Test web servers and analyze HTTP responses

Network Security

Basic firewall with iptables

# View current rules sudo iptables -L # Allow SSH sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow HTTP and HTTPS sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Block specific IP sudo iptables -A INPUT -s 192.168.1.100 -j DROP # Save rules (Ubuntu/Debian) sudo iptables-save > /etc/iptables/rules.v4

Configure basic firewall rules using iptables

UFW (Uncomplicated Firewall)

# Enable UFW sudo ufw enable # Allow services sudo ufw allow ssh sudo ufw allow http sudo ufw allow https # Allow specific port sudo ufw allow 8080 # Deny specific IP sudo ufw deny from 192.168.1.100 # View status sudo ufw status verbose

Simplified firewall configuration using UFW

Network scanning and security

# Port scanning with nmap nmap -sS 192.168.1.1 # SYN scan nmap -sU 192.168.1.1 # UDP scan nmap -A 192.168.1.1 # Aggressive scan nmap -sn 192.168.1.0/24 # Network discovery # Check for open ports nmap -p- 192.168.1.1 # Scan all ports nmap --top-ports 1000 192.168.1.1 # Scan top 1000 ports

Network security scanning and assessment

Network Troubleshooting

Common connectivity issues

# Check interface status ip link show # Check IP configuration ip addr show # Check routing table ip route show # Check DNS resolution nslookup google.com # Check if service is listening ss -tuln | grep :80

Systematic approach to diagnosing network connectivity issues

Network performance issues

# Check network interface errors cat /proc/net/dev # Monitor network traffic sudo tcpdump -i eth0 -c 100 # Check for packet loss ping -c 100 google.com | grep "packet loss" # Test bandwidth wget -O /dev/null http://speedtest.wdc01.softlayer.com/downloads/test10.zip

Diagnose network performance and bandwidth issues

DNS resolution problems

# Test DNS resolution dig google.com nslookup google.com # Try different DNS servers dig @8.8.8.8 google.com dig @1.1.1.1 google.com # Check DNS configuration cat /etc/resolv.conf # Flush DNS cache (if systemd-resolved) sudo systemd-resolve --flush-caches

Troubleshoot DNS resolution issues

Advanced Networking

Network namespaces

# Create network namespace sudo ip netns add myns # List namespaces ip netns list # Execute command in namespace sudo ip netns exec myns ip addr show # Delete namespace sudo ip netns del myns

Work with network namespaces for isolation

VLAN configuration

# Create VLAN interface sudo ip link add link eth0 name eth0.100 type vlan id 100 # Configure VLAN interface sudo ip addr add 192.168.100.1/24 dev eth0.100 sudo ip link set eth0.100 up # Remove VLAN interface sudo ip link del eth0.100

Configure VLAN interfaces for network segmentation

Bridge networking

# Create bridge sudo ip link add br0 type bridge # Add interface to bridge sudo ip link set eth0 master br0 # Configure bridge sudo ip addr add 192.168.1.1/24 dev br0 sudo ip link set br0 up # Show bridge information bridge link show

Configure network bridges for virtual networking

Network Services

SSH configuration

# SSH client connection ssh user@hostname ssh -p 2222 user@hostname # Custom port ssh -i ~/.ssh/key user@hostname # Specific key # SSH server configuration (/etc/ssh/sshd_config) Port 22 PermitRootLogin no PasswordAuthentication yes PubkeyAuthentication yes # Restart SSH service sudo systemctl restart sshd

Configure SSH client and server settings

Web server testing

# Simple HTTP server (Python) python3 -m http.server 8000 # Test web server curl -I http://localhost:8000 wget -O - http://localhost:8000 # Check web server logs sudo tail -f /var/log/apache2/access.log sudo tail -f /var/log/nginx/access.log

Set up and test web servers

Networking Best Practices

Security Guidelines
  • Use firewalls to control network access
  • Disable unnecessary network services
  • Use SSH keys instead of passwords when possible
  • Regularly update network-related software
  • Monitor network traffic for suspicious activity
  • Use VPNs for secure remote access
Performance Optimization
  • Monitor network bandwidth usage regularly
  • Use appropriate MTU sizes for your network
  • Configure QoS for critical applications
  • Use local DNS caching to reduce lookup times
  • Optimize TCP window sizes for high-bandwidth connections
  • Use content delivery networks (CDNs) when appropriate
Common Pitfalls
  • Firewall blocking - Always check firewall rules when troubleshooting
  • DNS issues - DNS problems can appear as connectivity issues
  • MTU problems - Incorrect MTU can cause packet fragmentation
  • Routing loops - Incorrect routing can cause network loops
  • Port conflicts - Multiple services trying to use the same port

Network Monitoring and Logging

System network logs

# View network-related logs sudo journalctl -u networking sudo journalctl -u NetworkManager # Kernel network messages dmesg | grep -i network dmesg | grep -i eth0 # Firewall logs sudo tail -f /var/log/ufw.log sudo journalctl -f -u iptables

Monitor network-related system logs

Network monitoring scripts

#!/bin/bash # network_monitor.sh echo "=== Network Status Report ===" echo "Date: $(date)" echo echo "Network Interfaces:" ip addr show | grep -E "^[0-9]|inet " echo echo "Routing Table:" ip route show echo echo "Active Connections:" ss -tuln | head -10 echo echo "DNS Servers:" cat /etc/resolv.conf | grep nameserver

Create scripts for automated network monitoring

See also