Linux/Networking

From Omnia
Jump to: navigation, search

IP and Routing

Interfaces

List interfaces:

ifconfig
ifconfig -a
ifconfig eth1
ip a
ip route addr show
ip address show
ip address show dev eth1
ls /proc/sys/net/ipv4/conf/
ls /sys/class/net/

Bring interface up/down:

ifconfig eth1 up
ifconfig eth1 down

To configure an interface:

ifconfig [interface] [address] netmask [netmask]
ifconfig eth1 10.10.11.15 netmask 255.255.255.0
# Note: This will add the following to the routing table:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.11.0      *               255.255.255.0   U     0      0        0 eth1

Example:

ifconfig eth0 up
ifconfig eth0 10.10.10.5 netmask 255.255.255.0
route add default gw 10.10.10.1

Routes

List routes:

route
route -n
ip route
ip route show

ipcalc

$ ipcalc 10.20.30.55 255.255.255.0 -bnmp
$ ipcalc 10.20.30.55/24 -bnmp
NETMASK=255.255.255.0
PREFIX=24
BROADCAST=10.20.30.255
NETWORK=10.20.30.0

Default Gateway

route add default gw 10.10.11.1
# with ip route
ip route add default via 10.10.11.1
# routing table:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.11.0      0.0.0.0         255.255.255.0   U     0      0        0 eth1
0.0.0.0         10.10.11.1      0.0.0.0         UG    0      0        0 eth0

/etc/sysconfig/network-scripts/ifup-eth:

169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
test 169.254.0.0/16 (APIPA / DHCP link local)

Static Network Route

route add -net [network] netmask [netmask] dev [iface]
route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0
route add -net [network]/[cidr] dev [iface]
route add -net 192.56.76.0/24 dev eth0
# delete is same format as 'add', but with 'del' keyword.
route del -net 192.56.76.0 netmask 255.255.255.0 dev eth0
route add -net [network] netmask [netmask] gw [gw-address]
route add -net 192.57.66.0 netmask 255.255.255.0 gw 10.10.11.1
route add -net [network] netmask [netmask] gw [gw-address] dev [iface]
route add -net 192.57.66.0 netmask 255.255.255.0 gw 10.10.11.1 dev eth1
# Using ip route:
ip route add [network]/[cidr] via [gw-address]
ip route add 172.16.0.0/24 via 192.168.0.3
# startup
echo "ip route add 172.16.0.0/24 via 192.168.0.3" >> /etc/rc.local

Static Host Route

route add -host [host] dev [iface]
route add -host 10.10.10.31 dev eth1
route add -host [host] gw [gw-address]
route add -host 192.168.98.42 gw 192.168.99.1

Note: use 'arp -a' to verify source address

DHCP

dhclient eth0      # get dhcp address
dhclient -r eth0   # release address

Server Lease information: (including DHCP server) [1]

/var/lib/dhcp/dhclient.leases
  option dhcp-server-identifier 192.168.1.1;

Client side lease information: (DHCP server is 'option dhcp-server-identifier')

/var/lib/dhclient/dhclient.leases

How do I find out my DHCP server address - http://www.cyberciti.biz/faq/linux-find-out-dhcp-server-ip-address/

DNS

See Linux/DNS

Network Monitoring

20 Linux System Monitoring Tools Every SysAdmin Should Know - http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html

netstat and ss - Network Statistics
iptraf - Real-time Network Statistics
tcpdump - Detailed Network Traffic Analysis
nmap - scan your server for open ports.
ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

IP Forwarding

Check if IP Forwarding is enabled

We have to query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not:

Using sysctl:

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0

or just checking out the value in the /proc system:

cat /proc/sys/net/ipv4/ip_forward
0

As we can see in both the above examples this was disabled (as show by the value 0).

Enable IP Forwarding on the fly

As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly (without rebooting the system):

sysctl -w net.ipv4.ip_forward=1

or

echo 1 > /proc/sys/net/ipv4/ip_forward

the setting is changed instantly; the result will not be preserved after rebooting the system.

Permanent setting

Permanent setting using /etc/sysctl.conf

If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1

/etc/sysctl.conf:
net.ipv4.ip_forward = 1

if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.

To enable the changes made in sysctl.conf you will need to run the command:

sysctl -p /etc/sysctl.conf

On RedHat based systems this is also enabled when restarting the network service:

service network restart

and on Debian/Ubuntu systems this can be also done restarting the procps service:

/etc/init.d/procps.sh restart

Source: How to enable IP Forwarding in Linux | MDLog:/sysadmin

SSH Tunneling

Port Forwarding

Local port forwarding:

ssh -L 1234:localhost:23 username@host

All traffic coming to port 1234 on the client will be forwarded to port 23 on the server (host). Note that localhost will be resolved by the sshdserver after the connection is established. In this case localhost therefore refers to the server (host) itself.

Remote port forwarding:

ssh2 -R 1234:localhost:23 username@host

All traffic which comes to port 1234 on the server (host) will be forwarded to port 23 on the client (localhost).

Port Forwarding using Iptables

iptables -t nat -A PREROUTING -p tcp -i eth0 -d 10.161.101.40 --dport 3306 -j DNAT --to 10.20.30.48:3306
iptables -A FORWARD -p tcp -i eth0 -d 10.20.30.48 --dport 3306 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

Firewall Topologies

Address Translation

Wiki: PAT

Wiki: NAT

Red Hat Static Routes

/etc/sysconfig/network-scripts/route-<interface-name>

  Contains lines that specify additional routes that should be added when the
  associated interface is brought up.

  The files are processed by the ifup-routes script and uses the /sbin/ipcalc
  utility for all network masks and numbers. Routes are specified using the
  syntax:

    ADDRESSn=<network>
    NETMASKn=<network/prefix mask>
    GATEWAYn=<next-hop router/gateway IP address>

  The "n" can be any integer number, but is expected to be monotonically
  increasing and counting starts from 0. For example:

    ADDRESS0=192.168.2.0
    NETMASK0=255.255.255.0
    GATEWAY0=192.168.1.1

  adds a network route to the 192.168.2.0 network via the gateway at
  192.168.1.1. Since you must already have a route to the network of the
  gateway, there is no need to specify a device.

  Note: The ifup-routes script also supports an older syntax designed to be
  used directly as an argument to "/sbin/ip route add". This syntax is
  deprecated, but if no "ADDRESSn" lines are found the following will still
  work:

  192.168.2.0/24 dev ppp0

  adds a network route to the 192.168.2.0 network through ppp0.

Source: /usr/share/doc/initscripts-8.45.30/sysconfig.txt

Networking

ifconfig

To set an IP address for a device:

ifconfig eth0 10.10.10.1 netmask 255.255.255.0

To bring up / bring down a device:

ifconfig eth0 up
ifconfig eth0 down

To create a virtual IP address:

ifconfig eth0:1 10.10.20.1 netmask 255.255.255.0

counter reset

The TX/RX bytes reset at 4GB

Bytes counter of ifconfig in 7.2 resets?:

"the values are stored as unsigned 32-bit integers, in which case the maximum value which can be stored is 4,294,967,295 (2^32 - 1)"

This means that one can not track the usage of the system over much time.

The ifconfig counters can be forcefully reset by unloading/reloading the module.

route

To add a static route:

route add -net 10.10.30.1 netmask 255.255.255.0 gw 10.10.10.1
route add -net 10.10.30.1 netmask 255.255.255.0 dev eth0
route add -net 10.10.30.1 netmask 255.255.255.0 eth0

To add a default gateway:

route add default gw 10.10.10.1

mtr

My Traceroute

MTR - http://www.bitwizard.nl/mtr/

"mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool.

As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the machines, it sends a sequence ICMP ECHO requests to each one to determine the quality of the link to each machine. As it does this, it prints running statistics about each machine."

Sample:

                                    My traceroute  [v0.80]
oeey.com.com (0.0.0.0)                                               Sat Nov  6 23:04:45 2010
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                                     Packets               Pings
 Host                                              Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. xxxx                                            0.0%   112    0.3   0.3   0.3   0.5   0.0
 2. xxxx                                            0.0%   112    0.4   0.4   0.4   0.5   0.0
 3. ip65-44-63-65.z63-46-65.customer.algx.net       0.0%   112    1.5   3.2   1.4  79.5  10.5
 4. vb1611.rar3.sanjose-ca.us.xo.net                0.0%   112   18.3  18.1  17.6  19.4   0.3

Installation

From yum:

yum install mtr

Source:

# if you want the TUI:
yum install ncurses-devel

VER=0.80
cd ~/src
wget ftp://ftp.bitwizard.nl/mtr/mtr-$VER.tar.gz
tar -zvxf mtr-$VER.tar.gz
cd mtr-$VER
./configure --prefix=/opt/mtr
make
sudo make install

Execute:

mtr [HOST]
/opt/mtr/sbin/mtr [HOST]

ip and iproute

The iproute2 package is designed to be a replacement for the standard networking toolset (ie. ifconfig, route, etc)

iproute2 - Advanced IP routing and network device configuration tools.

The iproute package contains networking utilities (ip and rtmon, for
example) which are designed to use the advanced networking
capabilities of the Linux 2.4.x and 2.6.x kernel.


# ip link list

1: lo:  mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:06:5b:8d:13:a0 brd ff:ff:ff:ff:ff:ff
# ip address show

1: lo:  mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:06:5b:8d:13:a0 brd ff:ff:ff:ff:ff:ff
    inet 200.3.128.12/24 brd 216.3.128.255 scope global eth0
    inet6 fe80::206:5bff:fe8d:13a0/64 scope link 
       valid_lft forever preferred_lft forever
# ip route show

200.3.128.0/24 dev eth0  proto kernel  scope link  src 
200.3.128.12 default via 216.3.128.1 dev eth0 

NIC Bonding

Also known as teaming, ether channel, or maybe trunking.

See Linux/Network Bonding

kping - History Ping

See kping

pinglog

See pinglog

Notes

http://www.felipecruz.com/blog_change-gateway-linux-unix.php

route add default gw 192.168.1.1 wlan0

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables

http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html

http://www.linuxforums.org/forum/linux-networking/36934-port-forwarding-iptables.html

http://www.hackorama.com/network/portfwd.shtml

Determining Network Driver

Linux: Find out Ethernet card driver name - http://www.cyberciti.biz/faq/linux-find-out-what-driver-my-ethernet-card-is-using/

What was installed:

grep eth0 /etc/modprobe.conf

What is currently in use:

ethtool -i eth0

Show module information:

modinfo [MODULE]

Linux: Find Wireless Driver Chipset Information - http://www.cyberciti.biz/faq/linux-find-wireless-driver-chipset/

lspci -vv -s [ID] | grep driver  # doesn't always work!
  Kernel driver in use: iwlagn

Show vendor/device ID:

lspci -n -s [ID]

Show name and vendor/device ID: # doesn't always work

lspci -nn -s [ID]

keywords

linux networking