- 1 IP and Routing
- 2 DNS
- 3 Network Monitoring
- 4 IP Forwarding
- 5 SSH Tunneling
- 6 Port Forwarding using Iptables
- 7 Firewall Topologies
- 8 Address Translation
- 9 Red Hat Static Routes
- 10 Networking
- 11 mtr
- 12 ip and iproute
- 13 NIC Bonding
- 14 kping - History Ping
- 15 pinglog
- 16 Notes
- 17 Determining Network Driver
- 18 keywords
IP and Routing
ifconfig ifconfig -a ifconfig eth1 ip a ip route addr show ip address show ip address show dev eth1 ls /proc/sys/net/ipv4/conf/ ls /sys/class/net/
Bring interface up/down:
ifconfig eth1 up ifconfig eth1 down
To configure an interface:
ifconfig [interface] [address] netmask [netmask] ifconfig eth1 10.10.11.15 netmask 255.255.255.0
# Note: This will add the following to the routing table: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.11.0 * 255.255.255.0 U 0 0 0 eth1
ifconfig eth0 up ifconfig eth0 10.10.10.5 netmask 255.255.255.0 route add default gw 10.10.10.1
route route -n ip route ip route show
$ ipcalc 10.20.30.55 255.255.255.0 -bnmp $ ipcalc 10.20.30.55/24 -bnmp NETMASK=255.255.255.0 PREFIX=24 BROADCAST=10.20.30.255 NETWORK=10.20.30.0
route add default gw 10.10.11.1
# with ip route ip route add default via 10.10.11.1
# routing table: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.11.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0.0.0.0 10.10.11.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 test 169.254.0.0/16 (APIPA / DHCP link local)
Static Network Route
route add -net [network] netmask [netmask] dev [iface] route add -net 184.108.40.206 netmask 255.255.255.0 dev eth0
route add -net [network]/[cidr] dev [iface] route add -net 220.127.116.11/24 dev eth0
# delete is same format as 'add', but with 'del' keyword. route del -net 18.104.22.168 netmask 255.255.255.0 dev eth0
route add -net [network] netmask [netmask] gw [gw-address] route add -net 22.214.171.124 netmask 255.255.255.0 gw 10.10.11.1
route add -net [network] netmask [netmask] gw [gw-address] dev [iface] route add -net 126.96.36.199 netmask 255.255.255.0 gw 10.10.11.1 dev eth1
# Using ip route: ip route add [network]/[cidr] via [gw-address] ip route add 172.16.0.0/24 via 192.168.0.3
# startup echo "ip route add 172.16.0.0/24 via 192.168.0.3" >> /etc/rc.local
Static Host Route
route add -host [host] dev [iface] route add -host 10.10.10.31 dev eth1
route add -host [host] gw [gw-address] route add -host 192.168.98.42 gw 192.168.99.1
Note: use 'arp -a' to verify source address
dhclient eth0 # get dhcp address dhclient -r eth0 # release address
Server Lease information: (including DHCP server) 
/var/lib/dhcp/dhclient.leases option dhcp-server-identifier 192.168.1.1;
Client side lease information: (DHCP server is 'option dhcp-server-identifier')
How do I find out my DHCP server address - http://www.cyberciti.biz/faq/linux-find-out-dhcp-server-ip-address/
20 Linux System Monitoring Tools Every SysAdmin Should Know - http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html
- netstat and ss - Network Statistics
- iptraf - Real-time Network Statistics
- tcpdump - Detailed Network Traffic Analysis
- nmap - scan your server for open ports.
- ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
- vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
- mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
Check if IP Forwarding is enabled
We have to query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not:
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 0
or just checking out the value in the /proc system:
cat /proc/sys/net/ipv4/ip_forward 0
As we can see in both the above examples this was disabled (as show by the value 0).
Enable IP Forwarding on the fly
As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly (without rebooting the system):
sysctl -w net.ipv4.ip_forward=1
echo 1 > /proc/sys/net/ipv4/ip_forward
the setting is changed instantly; the result will not be preserved after rebooting the system.
Permanent setting using /etc/sysctl.conf
If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1
/etc/sysctl.conf: net.ipv4.ip_forward = 1
if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.
To enable the changes made in sysctl.conf you will need to run the command:
sysctl -p /etc/sysctl.conf
On RedHat based systems this is also enabled when restarting the network service:
service network restart
and on Debian/Ubuntu systems this can be also done restarting the procps service:
Local port forwarding:
ssh -L 1234:localhost:23 username@host
All traffic coming to port 1234 on the client will be forwarded to port 23 on the server (host). Note that localhost will be resolved by the sshdserver after the connection is established. In this case localhost therefore refers to the server (host) itself.
Remote port forwarding:
ssh2 -R 1234:localhost:23 username@host
All traffic which comes to port 1234 on the server (host) will be forwarded to port 23 on the client (localhost).
Port Forwarding using Iptables
iptables -t nat -A PREROUTING -p tcp -i eth0 -d 10.161.101.40 --dport 3306 -j DNAT --to 10.20.30.48:3306 iptables -A FORWARD -p tcp -i eth0 -d 10.20.30.48 --dport 3306 -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward
Red Hat Static Routes
/etc/sysconfig/network-scripts/route-<interface-name> Contains lines that specify additional routes that should be added when the associated interface is brought up. The files are processed by the ifup-routes script and uses the /sbin/ipcalc utility for all network masks and numbers. Routes are specified using the syntax: ADDRESSn=<network> NETMASKn=<network/prefix mask> GATEWAYn=<next-hop router/gateway IP address> The "n" can be any integer number, but is expected to be monotonically increasing and counting starts from 0. For example: ADDRESS0=192.168.2.0 NETMASK0=255.255.255.0 GATEWAY0=192.168.1.1 adds a network route to the 192.168.2.0 network via the gateway at 192.168.1.1. Since you must already have a route to the network of the gateway, there is no need to specify a device. Note: The ifup-routes script also supports an older syntax designed to be used directly as an argument to "/sbin/ip route add". This syntax is deprecated, but if no "ADDRESSn" lines are found the following will still work: 192.168.2.0/24 dev ppp0 adds a network route to the 192.168.2.0 network through ppp0.
To set an IP address for a device:
ifconfig eth0 10.10.10.1 netmask 255.255.255.0
To bring up / bring down a device:
ifconfig eth0 up ifconfig eth0 down
To create a virtual IP address:
ifconfig eth0:1 10.10.20.1 netmask 255.255.255.0
The TX/RX bytes reset at 4GB
- "the values are stored as unsigned 32-bit integers, in which case the maximum value which can be stored is 4,294,967,295 (2^32 - 1)"
This means that one can not track the usage of the system over much time.
The ifconfig counters can be forcefully reset by unloading/reloading the module.
To add a static route:
route add -net 10.10.30.1 netmask 255.255.255.0 gw 10.10.10.1 route add -net 10.10.30.1 netmask 255.255.255.0 dev eth0 route add -net 10.10.30.1 netmask 255.255.255.0 eth0
To add a default gateway:
route add default gw 10.10.10.1
"mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool.
As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the machines, it sends a sequence ICMP ECHO requests to each one to determine the quality of the link to each machine. As it does this, it prints running statistics about each machine."
My traceroute [v0.80] oeey.com.com (0.0.0.0) Sat Nov 6 23:04:45 2010 Keys: Help Display mode Restart statistics Order of fields quit Packets Pings Host Loss% Snt Last Avg Best Wrst StDev 1. xxxx 0.0% 112 0.3 0.3 0.3 0.5 0.0 2. xxxx 0.0% 112 0.4 0.4 0.4 0.5 0.0 3. ip65-44-63-65.z63-46-65.customer.algx.net 0.0% 112 1.5 3.2 1.4 79.5 10.5 4. vb1611.rar3.sanjose-ca.us.xo.net 0.0% 112 18.3 18.1 17.6 19.4 0.3
yum install mtr
# if you want the TUI: yum install ncurses-devel VER=0.80 cd ~/src wget ftp://ftp.bitwizard.nl/mtr/mtr-$VER.tar.gz tar -zvxf mtr-$VER.tar.gz cd mtr-$VER ./configure --prefix=/opt/mtr make sudo make install
mtr [HOST] /opt/mtr/sbin/mtr [HOST]
ip and iproute
The iproute2 package is designed to be a replacement for the standard networking toolset (ie. ifconfig, route, etc)
iproute2 - Advanced IP routing and network device configuration tools.
- The iproute package contains networking utilities (ip and rtmon, for
- example) which are designed to use the advanced networking
- capabilities of the Linux 2.4.x and 2.6.x kernel.
# ip link list 1: lo: mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:06:5b:8d:13:a0 brd ff:ff:ff:ff:ff:ff
# ip address show 1: lo: mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:06:5b:8d:13:a0 brd ff:ff:ff:ff:ff:ff inet 188.8.131.52/24 brd 184.108.40.206 scope global eth0 inet6 fe80::206:5bff:fe8d:13a0/64 scope link valid_lft forever preferred_lft forever
# ip route show 220.127.116.11/24 dev eth0 proto kernel scope link src 18.104.22.168 default via 22.214.171.124 dev eth0
Also known as teaming, ether channel, or maybe trunking.
kping - History Ping
route add default gw 192.168.1.1 wlan0
Determining Network Driver
Linux: Find out Ethernet card driver name - http://www.cyberciti.biz/faq/linux-find-out-what-driver-my-ethernet-card-is-using/
What was installed:
grep eth0 /etc/modprobe.conf
What is currently in use:
ethtool -i eth0
Show module information:
Linux: Find Wireless Driver Chipset Information - http://www.cyberciti.biz/faq/linux-find-wireless-driver-chipset/
lspci -vv -s [ID] | grep driver # doesn't always work! Kernel driver in use: iwlagn
Show vendor/device ID:
lspci -n -s [ID]
Show name and vendor/device ID: # doesn't always work
lspci -nn -s [ID]