The linux networking commands
In this article i share a list of essential networking commands
So upon reading you will be a small network administrator.
You want it!!! ,then go ahead..
1.ping
This command is used to check the connectivity of a system to a network.Whenever there is problem in network connectivity we use ping to ensure the system is connected to network.
shuhaib@ubuntu:~$ ping 172.16.0.254
PING 172.16.0.254 (172.16.0.254) 56(84) bytes of data.
64 bytes from 172.16.0.254: icmp_req=1 ttl=64 time=51.9 ms
64 bytes from 172.16.0.254: icmp_req=2 ttl=64 time=78.2 ms
64 bytes from 172.16.0.254: icmp_req=3 ttl=64 time=54.2 ms
64 bytes from 172.16.0.254: icmp_req=4 ttl=64 time=31.4 ms
or
shuhaib@ubuntu:~$ ping yahoo.com
PING yahoo.com (98.139.127.62) 56(84) bytes of data.
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=2 ttl=49 time=1605 ms
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=4 ttl=49 time=462 ms
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=5 ttl=49 time=470 ms
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=6 ttl=49 time=522 ms
2.ifconfig
The ifconfig command allows you to check and configure your server's network cards, assigning IP,DNS, and Gateway addresses. For example, to assign a specific IP address for the eth0 network card,you can use:
ifconfig eth0 172.11.11.1
(replace to 172.11.11.1 with an actual IP address)
3.arp
Arp manipulates the kernel’s ARP cache in various ways. The primary options are clearing an address mapping entry and manually setting up one. For debugging purposes, the arp program also allows a complete dump of the ARP cache.ARP displays the IP address assigned to particular ETH card and mac address
shuhaib@ubuntu:~$ arp
Address HWtype HWaddress Flags Mask Iface
172.26.0.254 ether 00:17:9a:78:ea:67 C eth1
4.netstat
The netstat command offers you a simple way to review each of your network connections and open sockets. I frequently use the netstat with the head command to review the top few lines of output, which are helpful when performing web server administration. For example:
netstat | head
Also, by including the -r option, you get a very good summary of all of the network routing addresses.
5.nslookup
Checks the domain name and IP information of a server
nslookup host_to_find
Most common use: nslookup www.hostname.com
shuhaib@ubuntu:~$ nslookup google.com
Server: 172.26.0.254
Address: 172.26.0.254#53
Non-authoritative answer:
Name: google.com
Address: 173.194.36.2
Name: google.com
Address: 173.194.36.5
Name: google.com
Address: 173.194.36.14
Name: google.com
Address: 173.194.36.1
Name: google.com
Address: 173.194.36.8
Name: google.com
Address: 173.194.36.9
Name: google.com
Address: 173.194.36.6
Name: google.com
Address: 173.194.36.0
Name: google.com
Address: 173.194.36.7
Name: google.com
Address: 173.194.36.3
Name: google.com
Address: 173.194.36.4
or use host or dig
(Three commands, use any.) Query your default domain name server (DNS) for an
Internet name (or IP number) host_to_find. This way you can check if your DNS
works. You can also find out the name of the host of which you only know the IP
number.
6.host host_to_find
shuhaib@ubuntu:~$ host google.com
google.com has address 173.194.36.7
google.com has address 173.194.36.1
google.com has address 173.194.36.6
google.com has address 173.194.36.0
google.com has address 173.194.36.9
google.com has address 173.194.36.3
google.com has address 173.194.36.8
google.com has address 173.194.36.2
google.com has address 173.194.36.14
google.com has address 173.194.36.4
google.com has address 173.194.36.5
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
7.dig ip_to_find
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
8.netstat | more
Displays a lot (too much?) information on the status of your network.
9.route
Route manipulates the IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig program.When the add or del options are used, route modifies the routing tables. Without these options, route displays the current contents of the routing tables.
shuhaib@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.26.0.0 * 255.255.240.0 U 2 0 0 eth1
link-local * 255.255.0.0 U 1000 0 0 eth1
default 172.26.0.254 0.0.0.0 UG 0 0 0 eth1
10.whois
This command allows you to check the Internic database for proper hostnames. This is very handy when you are trying to trace back an IP address to a specific hostname, or the reverse. I often use it when troubleshooting connectivity between hosts and checking whether the problem is a host configuration error or an actual physical connectivity error. The most commonly used version of the command is:
whois -f 11.11.11.1
11.W
w displays information about the users currently on the machine, and their processes. The header shows, in this order, the current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
shuhaib@ubuntu:~$ w
04:53:50 up 7:36, 2 users, load average: 0.00, 0.01, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
shuhaib tty7 :0 21:17 7:36m 1:59m 1.20s gnome-session --sessio
shuhaib pts/0 :0.0 02:32 0.00s 0.30s 0.00s w
12.nmap
Nmap is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what services they are offering. nmap supports a large number of scanning techniques such as:UDP, TCP connect(), TCP SYN (half open), ftp proxy (bounce attack), ICMP (ping sweep), FIN, ACK sweep, Xmas Tree,SYN sweep, IP Protocol, and Null scan. See the Scan Types section for more details. nmap also offers a number of advanced features such as remote OS detection via TCP/IP fingerprinting, stealth scanning, dynamic delay and
retransmission calculations, parallel scanning, detection of down hosts via parallel pings, decoy scanning, port filtering detection, direct (non-portmapper) RPC scanning, fragmentation scanning, and flexible target and port specification.
shuhaib@ubuntu:~$ nmap google.com
Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-01 04:59 IST
Nmap scan report for google.com (173.194.36.1)
Host is up (0.35s latency).
Hostname google.com resolves to 11 IPs. Only scanned 173.194.36.1
rDNS record for 173.194.36.1: bom04s01-in-f1.1e100.net
Not shown: 996 filtered ports
PORT STATE SERVICE
21/tcp open ftp
53/tcp open domain
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 26.99 seconds
13.Traceroute
Internet is a large and complex aggregation of network hardware, connected
together by gateways. Tracking the route one’s packets follow (or finding the miscreant gateway that’s discarding your packets) can be difficult. Traceroute utilizes the IP protocol ‘time to live’ field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host. The only mandatory parameter is the destination host name or IP number. The default probe datagram length is 40 bytes, but this may be increased by specifying a packet length (in bytes) after the destination host name.
shuhaib@ubuntu:~$ traceroute google.com
traceroute to google.com (173.194.36.4), 30 hops max, 60 byte packets
1 172.26.0.254 (172.26.0.254) 265.505 ms 270.090 ms 273.867 ms
2 * * *
3 * * *
14.mtr host_to_trace
(as root) A powerful and nice tool that combines the functionality of the older ping
and traceroute (RH7.0)
15.ifup interface_name
(/sbin/ifup to run as a user) Startup a network interface. E.g.:
ifup eth0
ifup ppp0
ifup ppp1
Users can start up or shutdown the ppp interface only when the permission is
given in the ppp setup (using netconf ). To start a ppp interface (dial-up connection), I normally use kppp available under the KDE "K" menu (or by typing kppp in an X-terminal).
/etc/rc.d/init.d/network restart
Restart the network using its normal initialization script (the same which is used
during bootup). Useful if you just have manually made changes to your network
configuration. Any other service listed in init.d can be stopped, started, or
restarted in a similar way (call the script with an options stop, start or restart).
16.ifdown interface_name
(/sbin/ifdown to run it as a user). Shut down the network interface.
E.g.: ifdown ppp0
So upon reading you will be a small network administrator.
You want it!!! ,then go ahead..
1.ping
This command is used to check the connectivity of a system to a network.Whenever there is problem in network connectivity we use ping to ensure the system is connected to network.
shuhaib@ubuntu:~$ ping 172.16.0.254
PING 172.16.0.254 (172.16.0.254) 56(84) bytes of data.
64 bytes from 172.16.0.254: icmp_req=1 ttl=64 time=51.9 ms
64 bytes from 172.16.0.254: icmp_req=2 ttl=64 time=78.2 ms
64 bytes from 172.16.0.254: icmp_req=3 ttl=64 time=54.2 ms
64 bytes from 172.16.0.254: icmp_req=4 ttl=64 time=31.4 ms
or
shuhaib@ubuntu:~$ ping yahoo.com
PING yahoo.com (98.139.127.62) 56(84) bytes of data.
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=2 ttl=49 time=1605 ms
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=4 ttl=49 time=462 ms
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=5 ttl=49 time=470 ms
64 bytes from ir2.fp.vip.sp2.yahoo.com (98.139.127.62): icmp_req=6 ttl=49 time=522 ms
2.ifconfig
The ifconfig command allows you to check and configure your server's network cards, assigning IP,DNS, and Gateway addresses. For example, to assign a specific IP address for the eth0 network card,you can use:
ifconfig eth0 172.11.11.1
(replace to 172.11.11.1 with an actual IP address)
3.arp
Arp manipulates the kernel’s ARP cache in various ways. The primary options are clearing an address mapping entry and manually setting up one. For debugging purposes, the arp program also allows a complete dump of the ARP cache.ARP displays the IP address assigned to particular ETH card and mac address
shuhaib@ubuntu:~$ arp
Address HWtype HWaddress Flags Mask Iface
172.26.0.254 ether 00:17:9a:78:ea:67 C eth1
4.netstat
The netstat command offers you a simple way to review each of your network connections and open sockets. I frequently use the netstat with the head command to review the top few lines of output, which are helpful when performing web server administration. For example:
netstat | head
Also, by including the -r option, you get a very good summary of all of the network routing addresses.
5.nslookup
Checks the domain name and IP information of a server
nslookup host_to_find
Most common use: nslookup www.hostname.com
shuhaib@ubuntu:~$ nslookup google.com
Server: 172.26.0.254
Address: 172.26.0.254#53
Non-authoritative answer:
Name: google.com
Address: 173.194.36.2
Name: google.com
Address: 173.194.36.5
Name: google.com
Address: 173.194.36.14
Name: google.com
Address: 173.194.36.1
Name: google.com
Address: 173.194.36.8
Name: google.com
Address: 173.194.36.9
Name: google.com
Address: 173.194.36.6
Name: google.com
Address: 173.194.36.0
Name: google.com
Address: 173.194.36.7
Name: google.com
Address: 173.194.36.3
Name: google.com
Address: 173.194.36.4
or use host or dig
(Three commands, use any.) Query your default domain name server (DNS) for an
Internet name (or IP number) host_to_find. This way you can check if your DNS
works. You can also find out the name of the host of which you only know the IP
number.
6.host host_to_find
shuhaib@ubuntu:~$ host google.com
google.com has address 173.194.36.7
google.com has address 173.194.36.1
google.com has address 173.194.36.6
google.com has address 173.194.36.0
google.com has address 173.194.36.9
google.com has address 173.194.36.3
google.com has address 173.194.36.8
google.com has address 173.194.36.2
google.com has address 173.194.36.14
google.com has address 173.194.36.4
google.com has address 173.194.36.5
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
7.dig ip_to_find
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
8.netstat | more
Displays a lot (too much?) information on the status of your network.
9.route
Route manipulates the IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig program.When the add or del options are used, route modifies the routing tables. Without these options, route displays the current contents of the routing tables.
shuhaib@ubuntu:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.26.0.0 * 255.255.240.0 U 2 0 0 eth1
link-local * 255.255.0.0 U 1000 0 0 eth1
default 172.26.0.254 0.0.0.0 UG 0 0 0 eth1
10.whois
This command allows you to check the Internic database for proper hostnames. This is very handy when you are trying to trace back an IP address to a specific hostname, or the reverse. I often use it when troubleshooting connectivity between hosts and checking whether the problem is a host configuration error or an actual physical connectivity error. The most commonly used version of the command is:
whois -f 11.11.11.1
11.W
w displays information about the users currently on the machine, and their processes. The header shows, in this order, the current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
shuhaib@ubuntu:~$ w
04:53:50 up 7:36, 2 users, load average: 0.00, 0.01, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
shuhaib tty7 :0 21:17 7:36m 1:59m 1.20s gnome-session --sessio
shuhaib pts/0 :0.0 02:32 0.00s 0.30s 0.00s w
12.nmap
Nmap is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what services they are offering. nmap supports a large number of scanning techniques such as:UDP, TCP connect(), TCP SYN (half open), ftp proxy (bounce attack), ICMP (ping sweep), FIN, ACK sweep, Xmas Tree,SYN sweep, IP Protocol, and Null scan. See the Scan Types section for more details. nmap also offers a number of advanced features such as remote OS detection via TCP/IP fingerprinting, stealth scanning, dynamic delay and
retransmission calculations, parallel scanning, detection of down hosts via parallel pings, decoy scanning, port filtering detection, direct (non-portmapper) RPC scanning, fragmentation scanning, and flexible target and port specification.
shuhaib@ubuntu:~$ nmap google.com
Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-01 04:59 IST
Nmap scan report for google.com (173.194.36.1)
Host is up (0.35s latency).
Hostname google.com resolves to 11 IPs. Only scanned 173.194.36.1
rDNS record for 173.194.36.1: bom04s01-in-f1.1e100.net
Not shown: 996 filtered ports
PORT STATE SERVICE
21/tcp open ftp
53/tcp open domain
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 26.99 seconds
13.Traceroute
Internet is a large and complex aggregation of network hardware, connected
together by gateways. Tracking the route one’s packets follow (or finding the miscreant gateway that’s discarding your packets) can be difficult. Traceroute utilizes the IP protocol ‘time to live’ field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host. The only mandatory parameter is the destination host name or IP number. The default probe datagram length is 40 bytes, but this may be increased by specifying a packet length (in bytes) after the destination host name.
shuhaib@ubuntu:~$ traceroute google.com
traceroute to google.com (173.194.36.4), 30 hops max, 60 byte packets
1 172.26.0.254 (172.26.0.254) 265.505 ms 270.090 ms 273.867 ms
2 * * *
3 * * *
14.mtr host_to_trace
(as root) A powerful and nice tool that combines the functionality of the older ping
and traceroute (RH7.0)
15.ifup interface_name
(/sbin/ifup to run as a user) Startup a network interface. E.g.:
ifup eth0
ifup ppp0
ifup ppp1
Users can start up or shutdown the ppp interface only when the permission is
given in the ppp setup (using netconf ). To start a ppp interface (dial-up connection), I normally use kppp available under the KDE "K" menu (or by typing kppp in an X-terminal).
/etc/rc.d/init.d/network restart
Restart the network using its normal initialization script (the same which is used
during bootup). Useful if you just have manually made changes to your network
configuration. Any other service listed in init.d can be stopped, started, or
restarted in a similar way (call the script with an options stop, start or restart).
16.ifdown interface_name
(/sbin/ifdown to run it as a user). Shut down the network interface.
E.g.: ifdown ppp0
Comments
Post a Comment