All about networking in linux

Introduction to Linux Networking

Learn Algorithms and become a National Programmer

In this article we discuss five commonly used linux networking commands.

Table of contents.

  1. Introduction.
  2. Ping.
  3. netstat.
  4. nslookup.
  5. tcpdump
  6. traceroute.
  7. Summary.
  8. References.

Introduction.

A network refers to interconnected computers which share data and resources. We discuss networking both within a small internal network and across the whole internet. Networking involves troubleshooting and configuration therefore we shall learn about linux networking commands and how to troubleshoot issues within a network.

ping.

Ping is the most widely used troubleshooting networking tool, it verifies network connectivity between two computers by sending ICMP echo requests and receiving echo reply messages.

To execute a ping command write,

The above command checks if google servers are reachable.
You can cancel a ping by Ctrl+C and some information will be displayed.
min: is the minimum time it takes to get a response from the host.
max: is the maximum time it takes to get a response from the host.
avg: is the average time for the same.
ttl: stands for time to live, also known as a hop limit.

In linux, we can use the -c option to send out n number of pings.
To send out 6 pings we write,

To send out 6 ping and only print out the statistics we write,

Here we have used the -q option for only printing out the statistics.

We can opt to run a ping with a specified interface if there exists more than one by writing,

Where wlan0 is a wireless interface.

We can also specify ip versions(4 or 6) by using either -4 or -6 options.

netstat.

With this tool one can print out network connections, routing tables, interface statistics and more.

You can run netstat without any options and study the output.

Читайте также:  Make desktop file linux

From the output we can see four columns;

Proto represents the name of the protocol being used, these can either be TCP or UDP.
Local Address column represents the Ip address of the local computer and port being used separated by a colon.
Foreign address represents the Ip address and port number of the remote computer, a port number or protocol running on that port number can be shown, this is separated by a colon too.
State represents the state of the TCP connection, there are about 10 states, ESTABLISHED, TIME_WAIT, CLOSE_WAIT, CLOSED, SYN_SEND, SYN_RECEIVED, FIN_WAIT_1, FIN_WAIT_2, LAST_ACK, LISTENING.
You can research their descriptions to get the full meaning of each state.

We can list all ports and connection by writing,

For all TCP ports we write

For listening TCP ports we write,

For all UDP ports we write,

For all listening UDP ports we write,

Assuming we want to identify and kill a process, we need its PID, to list all processes with their PID we can write,

nslookup.

This is another very useful linux networking command
It stands for name server lookup.
It is mainly used to perform DNS queries and receive specific DNS records such as domain names, ip addresses.

nslookup [-option] [name | -] [server] 

To verify if an ip address is related to a domain we write,

An A-record maps a host name to an ip address. To find out how many records there are and see their mappings to ip addresses we write,

A NS-record identifies the name servers which are responsible for a DNS zone. For a valid DNS configuration, NS-records configured in the DNS zone must match those configured as name servers at a domain name provider.

We can use nslookup to see the authoritative server for a specific domain by writing the following,

nslookup -type=ns example.com 

Following the above after getting the authoritative server for example.com we can check the use of a specific server by writing,

nslookup example.com ns4.example.com 

We can also find out the maximum records responsible for the email exchange by writing,

nslookup -query=mx example.com 

tcpdump

This is a command line utility used for capturing and analysis of network traffic . It is used as a troubleshooting tool as well as a network security tool.
We begin by listing available interfaces,

Читайте также:  Linux shell if less

Capturing packets.

To capture any and all packets going through the interfaces we write,

sudo tcpdump --interface any 

This command will capture all packets from all interfaces, we can limit the output by using the -c option as follows.

Here we get only the first 10 packets that go through the interfaces.

When troubleshooting networking issues it is easier to use ip addresses and port numbers therefore we can disable name resolution by using the -n and port resolution by using the -nn option.

From the command we get five packets now without name or port resolution, only ip addresses and port numbers.

Filtering captured packets.

We can also filter packets by various parameters such as source an destination ip addresses, protocols, ports and much more.

To filter out imcp packets we can write,

sudo tcmdump -i any c10 icmp 

You can generate icmp packets by opening another terminal and pinging another computer.

An example
To filter out packets related to a specific host we can write,

sudo tcpdump -i any -c10 -nn host 10.14.2.13 

Now we only capture packets that are received by 10.14.2.13 and sent by it.

We can also filter out packets based on a port by writing.

sudo tcpdump -i any -c10 -nn port 80 

Port 80 is used for HTTP web traffic, the command will now only log packets going through this port.

An example
To filter packets based on a source or destination ip address, we write,

sudo tcpdump -i any -c10 -nn src 10.14.2.13 
sudo tcpdump -i any -c10 -nn dst 8.8.8.8 

for a destination address.

Читайте также:  Factorio dedicated server linux

We can also combine filters to achieve a more specific output, for example, all source http packets on a certain port, or all ftp traffic from certain source ip address.

traceroute.

traceroute is a commonly used linux networking monitoring tool that serves three functions, getting the complete path used by packets from source to destination, discover identities of devices on this path and estimate time taken for a packet to reach a destination from source.

An example
To trace the root from your machine to google servers, type,

From the output, each line represents a hop, the last number on the left is the number of hops taken from source to the destination.

Summary.

In this article at OpenGenus, we have discussed five commonly used linux networking commands, that serve the following functions checking connectivity, checking network statistics, looking up dns information, capturing packets for analysis and tracing a path from source to destination. This serves as an introduction to linux networking commands, we have not exhausted all commands, only the common ones used day to day by linux network admins.

References.

Erick Lumunge

Erick is a passionate programmer with a computer science background who loves to learn about and use code to impact lives positively.

OpenGenus Tech Review Team

Linux

Distributed File System

In this article, we have explored the idea of Distributed File System in depth along with the techniques and features of a Distributed File System. We have covered different examples of Distributed File System like Google File System.

Harshita Singh

Harshita Singh

Curl command in Linux

Curl is a tool used for data transfer between client and server and support many protocols and functionalities such as authentication, proxies and much more. In this article we have discussed commonly used curl commands.

Источник

Оцените статью
Adblock
detector