Network

This comprehensive guide covers Linux networking concepts, configuration, and troubleshooting.

🌐 Network Configuration

Network Interfaces

# View network interfaces
ip link show                # Show all interfaces
ip addr show               # Show interfaces with IP
ifconfig                   # Traditional command
nmcli device show         # NetworkManager info

# Enable/disable interface
ip link set eth0 up       # Enable interface
ip link set eth0 down     # Disable interface

IP Configuration

# Configure IP address
ip addr add 192.168.1.10/24 dev eth0    # Add IP
ip addr del 192.168.1.10/24 dev eth0    # Remove IP

# DHCP configuration
dhclient eth0             # Request DHCP address
dhclient -r eth0         # Release DHCP address

# Static IP in /etc/network/interfaces
auto eth0
iface eth0 inet static
    address 192.168.1.10
    netmask 255.255.255.0
    gateway 192.168.1.1
    dns-nameservers 8.8.8.8 8.8.4.4

🔄 Routing

Route Management

# View routing table
ip route show              # Show routing table
route -n                  # Traditional command

# Add/remove routes
ip route add 192.168.2.0/24 via 192.168.1.1    # Add route
ip route del 192.168.2.0/24                    # Remove route

# Default gateway
ip route add default via 192.168.1.1           # Set default gateway

Advanced Routing

# Policy routing
ip rule add from 192.168.1.0/24 table 10    # Add rule
ip route add default via 192.168.1.1 table 10 # Add route to table

# Source routing
ip route add 192.168.2.0/24 via 192.168.1.1 src 192.168.1.10

🔍 Network Diagnostics

Basic Tools

# Ping test
ping -c 4 8.8.8.8         # Test connectivity
ping -c 4 google.com      # DNS resolution test

# Traceroute
traceroute google.com     # Show route to host
mtr google.com           # Continuous traceroute

# DNS lookup
nslookup google.com      # Query DNS
dig google.com           # Detailed DNS info
host google.com          # Simple DNS lookup

Network Analysis

# Port scanning
netstat -tuln            # Show listening ports
ss -tuln                # Modern netstat
lsof -i                 # List open ports

# Packet capture
tcpdump -i eth0         # Capture on interface
tcpdump -i any 'port 80' # Capture HTTP traffic

🛡️ Firewall Configuration

iptables

# View rules
iptables -L              # List all rules
iptables -S              # Show rules as commands

# Basic rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT    # Allow SSH
iptables -A INPUT -j DROP                        # Drop all other

# Save/restore rules
iptables-save > rules.v4                        # Save rules
iptables-restore < rules.v4                     # Restore rules

UFW (Uncomplicated Firewall)

# Basic operations
ufw enable              # Enable firewall
ufw disable            # Disable firewall
ufw status            # Show status

# Rule management
ufw allow 22          # Allow SSH
ufw deny 80           # Deny HTTP
ufw delete deny 80    # Remove rule

📡 Network Services

SSH Configuration

# SSH client
ssh user@host                 # Connect to host
ssh -p 2222 user@host        # Connect to specific port
ssh-keygen -t rsa            # Generate SSH key
ssh-copy-id user@host        # Copy SSH key to host

# SSH server config (/etc/ssh/sshd_config)
Port 22
PermitRootLogin no
PasswordAuthentication no

Network Time Protocol

# NTP synchronization
timedatectl set-ntp true    # Enable NTP
ntpq -p                     # Show NTP peers

🔒 Network Security

SSL/TLS

# Generate self-signed certificate
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
    -keyout private.key -out certificate.crt

# View certificate
openssl x509 -in certificate.crt -text -noout

VPN Configuration

# OpenVPN setup
openvpn --config client.ovpn    # Connect to VPN
systemctl start openvpn@server  # Start OpenVPN server

📊 Network Monitoring

Performance Monitoring

# Bandwidth monitoring
iftop -i eth0              # Real-time bandwidth
nethogs                   # Per-process bandwidth
iptraf-ng                # Network statistics

# Connection tracking
conntrack -L              # Show connections
netstat -st              # Protocol statistics

System Logging

# View network logs
tail -f /var/log/syslog    # System logs
tail -f /var/log/auth.log  # Authentication logs
journalctl -u networking   # Network service logs

💡 Best Practices

Security
- Regular security updates
- Strong firewall rules
- Disable unused services
- Use SSH keys instead of passwords
Performance
- Monitor bandwidth usage
- Optimize MTU settings
- Use appropriate DNS servers
- Regular performance testing
Maintenance
- Document network configuration
- Regular backup of config files
- Monitor system logs
- Test failover procedures

🔧 Troubleshooting

Common Issues

# DNS issues
systemd-resolve --status    # Check DNS settings
cat /etc/resolv.conf       # DNS configuration
resolvectl query google.com # Test DNS resolution

# Network connectivity
ip link                    # Check interface status
ethtool eth0              # Interface information
ping gateway              # Test local network
mtr 8.8.8.8              # Trace route issues

Performance Issues

# Check network speed
speedtest-cli            # Internet speed test
iperf3 -s               # Speed test server
iperf3 -c server        # Speed test client

# Interface statistics
ip -s link show eth0    # Interface statistics
ethtool -S eth0         # Detailed statistics

📝 Network Configuration Files

Important Files

/etc/network/interfaces    # Interface configuration
/etc/netplan/*.yaml       # Netplan configuration
/etc/hosts                # Static host entries
/etc/resolv.conf          # DNS configuration
/etc/sysconfig/network    # Network configuration (RHEL)

Example Configurations

# Netplan configuration (/etc/netplan/01-netcfg.yaml)
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      addresses: [192.168.1.10/24]
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4]

PreviousJobs NextOperating System

Last updated 1 year ago

Was this helpful?