Table of contents
- 1. Viewing Network Interfaces
- 2. Assigning an IP Address
- 3. Checking Open Ports
- 4. Checking Open Ports (part 2)
- 5 . Using grep to Filter Ports
- 6 . Purpose of DNS and Configuring Google DNS
- 7. Testing Network Connectivity
- 8. Scanning Open Ports and Services
- 9. Capturing Network Packets
- 10. Checking the Routing Table
This blog provides essential Linux commands for network administration, including real-world examples, outputs, and explanations. It covers configuring network interfaces, troubleshooting, DNS, open ports, and other administration topics in detail.
1. Viewing Network Interfaces
Command:
ip a
Example Output:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4d:5f:72 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global dynamic ens33
valid_lft 86385sec preferred_lft 86385sec
Explanation:
lo: The loopback interface (127.0.0.1) for local testing.
ens33: A network interface with IP
192.168.1.100and subnet mask/24.Use the
ipcommand to display all active interfaces and their configurations.
2. Assigning an IP Address
Command:
ip addr add 192.168.1.150/24 dev ens33
- This assigns the IP
192.168.1.150to theens33interface.
Verification:
ip a show ens33
Output:
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4d:5f:72 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.150/24 brd 192.168.1.255 scope global dynamic ens33
valid_lft forever preferred_lft forever
Explanation:
- The interface
ens33now has the additional IP192.168.1.150assigned to it.
3. Checking Open Ports
Command:
ss -tuln
Example Output:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 100 127.0.0.1:3306 0.0.0.0:*
Explanation:
Local Address:Port: Displays listening IP and port.
127.0.0.1:53is a DNS resolver running locally.0.0.0.0:22is the SSH service listening on all interfaces.127.0.0.1:3306is the MySQL database bound to localhost.
Recv-Q/Send-Q: Queued incoming/outgoing data for sockets.
Use this command to monitor open ports and active listeners.
Identifying Service for a Port:
lsof -i :22
Output:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1234 root 3u IPv4 12345 0t0 TCP *:ssh (LISTEN)
Explanation:
- Shows that
sshd(SSH daemon) is listening on port22.
4. Checking Open Ports (part 2)
Command:
ss -tuln
Example Output:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 100 127.0.0.1:3306 0.0.0.0:*
Explanation:
Local Address:Port: Displays listening IP and port.
127.0.0.1:53is a DNS resolver running locally.0.0.0.0:22is the SSH service listening on all interfaces.127.0.0.1:3306is the MySQL database bound to localhost.
Use this command to monitor open ports and active listeners.
5 . Using grep to Filter Ports
Command:
ss -tuln | grep ':22'
Example Output:
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
Explanation:
- Filters the output of
ss -tulnto show only the lines containing:22.
This is useful for quickly identifying if a specific port (e.g., SSH) is active on the system.
6 . Purpose of DNS and Configuring Google DNS
Purpose of DNS:
DNS (Domain Name System) translates human-readable domain names (e.g., google.com) into IP addresses (e.g., 142.250.72.206) required for devices to communicate over a network.
Command to View Current DNS Configuration:
cat /etc/resolv.conf
Example Output:
nameserver 192.168.1.1
- Indicates the DNS server is
192.168.1.1.
Adding Google DNS:
Edit /etc/resolv.conf and replace or append the following:
nameserver 8.8.8.8
nameserver 8.8.4.4
Verification:
nslookup google.com
Example Output:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 142.250.72.206
7. Testing Network Connectivity
Command:
ping -c 4 google.com
Example Output:
PING google.com (142.250.72.206) 56(84) bytes of data.
64 bytes from sea30s11-in-f14.1e100.net (142.250.72.206): icmp_seq=1 ttl=114 time=8.12 ms
64 bytes from sea30s11-in-f14.1e100.net (142.250.72.206): icmp_seq=2 ttl=114 time=7.94 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 7.937/8.045/8.124/0.077 ms
Explanation:
Sends 4 ICMP packets to
google.comand measures response times.Use this command to test basic connectivity and packet loss.
8. Scanning Open Ports and Services
Command:
nmap -p 1-1000 192.168.1.100
Example Output:
PORT STATE SERVICE
22/tcp open ssh
3306/tcp open mysql
Explanation:
Scans ports
1-1000on the host192.168.1.100.Indicates
ssh(22) andmysql(3306) services are running.
9. Capturing Network Packets
Command:
tcpdump -i ens33
Example Output:
18:23:12.485745 IP 192.168.1.100.54742 > 142.250.72.206.443: Flags [P.], seq 1:518, ack 1, win 229, length 517
Explanation:
Captures live network traffic on the
ens33interface.Useful for troubleshooting or analyzing packets.
10. Checking the Routing Table
Command:
ip route show
Example Output:
default via 192.168.1.1 dev ens33 proto dhcp src 192.168.1.100 metric 100
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.100
Explanation:
default via 192.168.1.1: All traffic not matching specific routes will use
192.168.1.1as the gateway.192.168.1.0/24: Traffic within the
192.168.1.0subnet is handled byens33.
Use these commands and explanations to manage and troubleshoot Linux networks effectively.