There are a few commands that should always be in your sysadmin toolbox. Get to know these 7 essential networking commands.
Posted: June 2, 2021 |%t min read| by Evans Amoany [Sudoer], Tyler Carrigan [Editorial Team, Red Hat]
Image
Image by Hebi B. from Pixabay
This article is the first in a series centered around 'crowd sourced' command recommendations. I asked a group of our core contributors what their favorite Linux commands were, and the feedback was overwhelming. We received 46 individual commands, and many of them were underscored by multiple submissions.
This series represents the complete list, broken down by category. I have dubbed these first seven commands "Networking commands that everyone should know."
Editors Note: Evans Amoany provided the command information and examples. One of our Sudoers and a talented *nix admin. Shoutout to Evans for doing the heavy lifting here.
[ You might also enjoy: Linux networking: 13 uses for netstat ]
More about cloud services
- What is hybrid cloud?
- eBook: Modernize your IT with managed cloud services
- Try for 60 days: Red Hat OpenShift Dedicated
- eBook: Hybrid cloud strategy for dummies
ip
The
[root@server ~]# ip link set eth0 promisc on
5 command is one of the basic commands every administrator will need in daily work, from setting up new systems and assigning IPs to troubleshooting existing systems. The [root@server ~]# ip link set eth0 promisc on
5 command can show address information, manipulate routing, plus display network various devices, interfaces, and tunnels.The syntax is as follows:
ip
The OBJECT is the most important part of the synopsis, and the following are supported [some omitted for brevity]:
address - protocol [IPv4 or IPv6] address on a device.
- tunnel - tunnel over IP
- route - routing table entry
- rule - rule in routing policy database
- vrf - manage virtual routing and forwarding devices
- xfrm - manage IPSec policies
Here are some common use cases for the
[root@server ~]# ip link set eth0 promisc on
5 command.To show the IP addresses assigned to an interface on your server:
[root@server ~]# ip address show
To assign an IP to an interface, for example, enps03:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
To delete an IP on an interface:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
Alter the status of the interface by bringing the interface eth0 online:
[root@server ~]# ip link set eth0 up
Alter the status of the interface by bringing the interface eth0 offline:
[root@server ~]# ip link set eth0 down
Alter the status of the interface by changing the MTU of eth0:
[root@server ~]# ip link set eth0 mtu 9000
Alter the status of the interface by enabling promiscuous mode for eth0:
[root@server ~]# ip link set eth0 promisc on
Add a default route [for all addresses] via the local gateway 192.168.1.254 that can be reached on device eth0:
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
Add a route to 192.168.1.0/24 via the gateway at 192.168.1.254:
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
Add a route to 192.168.1.0/24 that can be reached on device eth0:
[root@server ~]# ip route add 192.168.1.0/24 dev eth0
Delete the route for 192.168.1.0/24 via the gateway at 192.168.1.254:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
0Display the route taken for IP 10.10.1.4:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
1ifconfig
The
[root@server ~]# ip link set eth0 promisc on
8 command was/is a staple in many sysadmin's tool belt for configuring and troubleshooting networks. It has since been replaced by the [root@server ~]# ip link set eth0 promisc on
5 command discussed above. However, if you would like more information on it, check out our previously published article here.mtr
MTR [Matt's traceroute] is a program with a command-line interface that serves as a network diagnostic and troubleshooting tool. This command combines the functionality of the
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 and [root@server ~]# ip route add default via 192.168.1.254 dev eth0
1 commands. Just like a [root@server ~]# ip route add default via 192.168.1.254 dev eth0
1, the [root@server ~]# ip route add default via 192.168.1.254 dev eth0
3 command will show the route from a computer to a specified host. [root@server ~]# ip route add default via 192.168.1.254 dev eth0
3 provides a lot of statistics about each hop, such as response time and percentage. With the [root@server ~]# ip route add default via 192.168.1.254 dev eth0
3 command, you will get more information about the route and be able to see problematic devices along the way. If you see a sudden increase in response time or packet loss, then obviously, there is a bad link somewhere.The syntax of the command is as follows:
mtr hostname/IP
Let's look at some common use cases.
The basic
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
3 command shows you the statistics, including each hop [hostnames] with time and loss%:[root@server ~]# ip address add 192.168.1.254/24 dev enps03
2Show numeric IP addresses [if you use
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
7, you will get IP addresses [numbers] instead of hostnames]:[root@server ~]# ip address add 192.168.1.254/24 dev enps03
3Show the numeric IP addresses and hostnames, too:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
4Set the number of pings that you want to send:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
5Get a report of the
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
3 command result:[root@server ~]# ip address add 192.168.1.254/24 dev enps03
6or:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
7Force the use of the TCP instead of the ICMP:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
8Force the use of the UDP instead of the ICMP:
[root@server ~]# ip address add 192.168.1.254/24 dev enps03
9Set the maximum amount of hops:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
0Define the packet size:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
1Print to CSV output:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
2Print to XML output:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
3tcpdump
The
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
9 command is designed for capturing and displaying packets.You can install
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
9 with the command below:[root@server ~]# ip address del 192.168.1.254/24 dev enps03
4Before starting any capture, you need to know which interfaces
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
9 can use. You will need to use sudo or have root access in this case.[root@server ~]# ip address del 192.168.1.254/24 dev enps03
5If you want to capture traffic on eth0, you can initiate that with
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
2 sample output:[root@server ~]# ip address del 192.168.1.254/24 dev enps03
6Capture traffic to and from one host
You can filter out traffic coming from a specific host. For example, to find traffic coming from and going to 8.8.8.8, use the command:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
7For traffic coming from 8.8.8.8, use:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
8For outbound traffic going to 8.8.8.8, use:
[root@server ~]# ip address del 192.168.1.254/24 dev enps03
9Capture traffic to and from a network
You can also capture traffic to and from a specific network using the command below:
[root@server ~]# ip link set eth0 up
0or:
[root@server ~]# ip link set eth0 up
1You can also filter based on either source or destination.
Based on the source [traffic coming from]:
[root@server ~]# ip link set eth0 up
2Based on the destination [traffic going to]:
[root@server ~]# ip link set eth0 up
3Capture traffic to and from port numbers
Capture only DNS port 53 traffic:
[root@server ~]# ip link set eth0 up
4For a specific host,
[root@server ~]# ip link set eth0 up
5To capture only HTTPS traffic,
[root@server ~]# ip link set eth0 up
6To capture all port except port 80 and 25,
[root@server ~]# ip link set eth0 up
7netstat
The
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
3 tool for printing network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. This utility is part of the net-tool package, as is [root@server ~]# ip link set eth0 promisc on
8. In the new iproute2 package, the [root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
5 tool is used to achieve the same objectives.If
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
3 is not found on your system, install it with this command:[root@server ~]# ip link set eth0 up
8The primary usage of
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
3 is without any parameters:[root@server ~]# ip link set eth0 up
9For advanced usage, expand the
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
3 command with options:[root@server ~]# ip link set eth0 down
0Or list the options one by one:
[root@server ~]# ip link set eth0 down
1To list all ports and connections regardless of their state or protocol, use:
[root@server ~]# ip link set eth0 down
2List all TCP ports by running:
[root@server ~]# ip link set eth0 down
3List all UDP ports with:
[root@server ~]# ip link set eth0 down
4To return a list of only listening ports for all protocols, use:
[root@server ~]# ip link set eth0 down
5List all listening TCP ports with:
[root@server ~]# ip link set eth0 down
6Return only listening UDP ports by running:
[root@server ~]# ip link set eth0 down
7To list UNIX listening ports, use:
[root@server ~]# ip link set eth0 down
8Display statistics for all ports regardless of the protocol with:
[root@server ~]# ip link set eth0 down
9List statistics for TCP ports only with:
[root@server ~]# ip link set eth0 mtu 9000
0To view the TCP connections with the PID/Program name listed, use:
[root@server ~]# ip link set eth0 mtu 9000
1To find a process that is using a particular port number, run:
[root@server ~]# ip link set eth0 mtu 9000
2nslookup
Use the
[root@server ~]# ip route add 192.168.1.0/24 via 192.168.1.254
9 utility to query Internet name servers interactively. Use it to perform DNS queries and receive domain names or IP addresses, or any other specific DNS records.Consider the following common examples.
To find the A record of а domain:
[root@server ~]# ip link set eth0 mtu 9000
3To check the NS records of a domain:
[root@server ~]# ip link set eth0 mtu 9000
4To find the MX records responsible for the email exchange:
[root@server ~]# ip link set eth0 mtu 9000
5To find all of the available DNS records of a domain:
[root@server ~]# ip link set eth0 mtu 9000
6To check the use of a specific DNS server [in this case, query using the specific nameserver ns1.nsexample.com]:
[root@server ~]# ip link set eth0 mtu 9000
7Checking DNS A records to see the IPs of a domain is a common practice, but sometimes you need to verify if an IP address is related to a specific domain. For that purpose, you need a reverse DNS lookup.
[root@server ~]# ip link set eth0 mtu 9000
8ping
Ping is a tool that verifies IP-level connectivity to another TCP/IP computer by sending Internet Control Message Protocol [ICMP] Echo Request messages. The receipt of corresponding Echo Reply messages is displayed, along with round-trip times. Ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and name resolution.
Simple
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 commands take only one parameter: The hostname or the host IP address that you want to verify. A simple [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 example is just like below:[root@server ~]# ip link set eth0 mtu 9000
9You need to stop the
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 command by pressing CTRL+C. Otherwise, it will [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 until you stop it. After every [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 command, it will display a summary report with the following information:- Min: Minimum time that it takes to get a response from the host that has been pinged from your end.
- Avg: Average time that it takes to get a response from the host that has been pinged from your end.
- Max: Maximum time that it takes to get a response from the host that has been pinged from your end.
Also, you will see TTL, which stands for Time To Live. Ping uses a numerical TTL value to attempt to reach a given host computer via the route path. This is also known as the hop limit.
Normally, when you run a simple
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 command without passing any additional parameters, Linux will [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 that host for an infinite amount of time. If you want to [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 a host ten times, use the following command:[root@server ~]# ip link set eth0 promisc on
0Use option
[root@server ~]# ip route add 192.168.1.0/24 dev eth0
8 to view only the [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 statistics summary:[root@server ~]# ip link set eth0 promisc on
0On systems with multiple interfaces, you can specify the interface for the
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 command to use. If the system has both eth0 and eth1 and I want to [root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 using the eth0:[root@server ~]# ip link set eth0 promisc on
2Or use the address on the interface, assuming the interface as 10.233.201.45 as the IP:
[root@server ~]# ip link set eth0 promisc on
3You can also
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 and specify the IP version as either v4 or v6:[root@server ~]# ip link set eth0 promisc on
4While pinging a host, you'll find different output from the
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 results, including the following three examples.More Linux resources
- Advanced Linux commands cheat sheet
- Download RHEL 9 at no charge through the Red Hat Developer program
- A guide to installing applications on Linux
- Linux system administration skills assessment
Destination Host Unreachable
The possible best reason is there is no route from the local host system and to the destination desired destination host, or a remote router reports that it has no route to the destination host.
Request timed out
This result means that no Echo Reply messages were received within the default time of one second or the time that you set while you are pinging that host. This can be due to many different causes; the most common include network congestion, failure of the ARP request, packet filtering/firewall, etc.
Unknown host/Ping Request Could Not Find Host
Maybe you misspelled the hostname or the host does not exist at all in the network.
You must have 0% packet loss for every
[root@server ~]# ip route add default via 192.168.1.254 dev eth0
0 result with a good latency or lower response time. Depending on which transmission medium [UTP, fiber optics cable, Wi-Fi] you're using, your latency will differ.[ Free cheat sheet: Get a list of Linux utilities and commands for managing servers and networks. ]
Looking forward
You should add these commands and examples into your routines as you configure and troubleshoot your own networks. If you found this type of article helpful, be sure to reach out and let us know. Also, keep an eye out for part two of our community commands list. The next one is 16 general Linux commands that you can't do without.
Check out these related articles on Enable Sysadmin
Image
A beginner's guide to network troubleshooting in Linux
Every system administrator needs to have at least a basic understanding of network troubleshooting. And the first rule of network troubleshooting to remember is, "Packets don't lie."
Posted: September 24, 2019
Author: Anthony Critelli [Sudoer]
Image
My go-to Linux network troubleshooting commands
Every sysadmin needs a good troubleshooting strategy, and you can't fix a problem if you cannot identify it. These are my favorite commands to quickly filter through the possibilities of a given problem.
Posted: November 29, 2019
Author: Tyler Carrigan [Editorial Team, Red Hat]
Image
Packet sniffer basics for network troubleshooting
Capturing packets with a free tool like tcpdump is an essential skill that you need to acquire as a sysadmin. Anthony Critelli shows you the ropes.
Posted: November 19, 2019
Author: Anthony Critelli [Sudoer]
Topics: Linux Linux administration Networking Command line utilities
Evans Amoany
I work as Unix/Linux Administrator with a passion for high availability systems and clusters. I am a student of performance and optimization of systems and DevOps. I have passion for anything IT related and most importantly automation, high availability, and security. More about me
Tyler Carrigan
Tyler is the Sr. Community Manager at Enable Sysadmin, a submarine veteran, and an all-round tech enthusiast! He was first introduced to Red Hat in 2012 by way of a Red Hat Enterprise Linux-based combat system inside the USS Georgia Missile Control Center. More about me
Red Hat Summit 2022: On Demand
Get the latest on Ansible, Red Hat Enterprise Linux, OpenShift, and more from our virtual event on demand.
Register for free
Related Content
Image
How to schedule jobs using the Linux 'cron' utility
Scheduling tasks to run automatically at specific times is essential knowledge for any sysadmin.
Posted: December 15, 2022
Author: Alexon Oliveira [Sudoer, Red Hat]
Image
Learn how Unix influenced Linux, understand Ansible lists and dictionaries, and more tips for sysadmin