There seem to be an infinite number of commands forLinux Administratorsto remember. Some are for file manipulation, some are for managing hardware, and still others are for configuring services or databases.
Network connectivity is a critical part of Linux server functionality. Read on to learn nine commands that cover most network management needs on Linux devices. Some of these tools are built-in, while others need to be added using a package manager.
4 configuration commands
There are some basic approaches to troubleshooting or examining the configuration of network nodes. One of the first steps is to determine the current configuration, including IP address, subnet mask, and interface settings.
1. The IP command
The IP command is available by default on many Linux distributions these days. The command and its associated subcommands are very flexible and allow administrators to view and change IP address settings.
To see the IP addresses of all interfaces, type:
This command displays the current IP address and subnet mask for all interfaces on the system. Specify a specific interface using ip addr show enp0s3 as shown below:
Figure 1: The IP address shows the enp0s3 command
Don't forget that theifconfigThe command will display similar information if available on your preferred distribution.
There are some variations on the IP command that you should be aware of. For example, displays route and connection information:
Figure 2: The IP route command
Figure 3: IP-Link shows enp0s3 command
2. The nmcli command
your favoriteLinux distributioncan handle network connections using NetworkManager. NetworkManager has Graphical User Interface (GUI) and Textual User Interface (TUI) utilities, but in this case I will focus on the Command Line Interface (CLI) tool.
Device information is displayed withnmcli connectionShow Command (abbreviated tonmcli com). The output shows the link name, user identifier (UID), device type and name.
Figure 4: Or nmcli command with
Additional device information can be displayed for each deviceshow devicessubcommand. Here is an example:
Figure 5: The nmcli dev showing the enp0s3 command
It is also useful to confirm that the interface is enabled withnmcli development status.
Figure 6: O command nmcli dev status
3. The dhclient command
Most Linux servers are configured with static IP addresses. But workstations and other devices are probably DHCP (Dynamic Host Configuration Protocol) clients. These devices lease an IP address configuration from a DHCP server.
Periodically, the leased information may become out of date due to recent network changes. In that case, it makes sense to start a new DHCP lease generation process.
OdhclientThe command is used to delete and then lease an IP address configuration from the DHCP server. First, use the command with no options, and then add the -r option to start the new lease.
Figure 7: The dhclient and dhclient -r commands
Windows administrators are probably familiar with its use.ipconfig /releaseEipconfig /refreshto perform the same task.
4. The ethtool command
Oettoolutility activatedsystem adminto configure network interfaces. Many options are available including speed, duplex, activationLANand driver information, among other settings.
Figure 8 The ethtool enp0s3 command
through queriesettool, a system administrator can discover the capabilities of a network interface card (NIC) to determine whether support for options such as remote enable features on the LAN is available. Additional information may be helpful in confirming that the switch and NIC speeds are compatible and duplexing is enabled.
5 connection utilities
Administrators can use the above commands to check the current system's network settings. What if these settings are correct? How can system administrators gather information about how these settings are used?
1. The SS Command
The ss command displays current connections to the system, replacing the venerableliquid stateUtility. It displays detailed information about socket statistics for supportProblems solutionand performance monitoring. If you need to see current connection information for your Linux server, ss is the command to use.
The ss command with no options displays existing connections with Transmission Control Protocol (TCP) sockets on the host. An unmodified ss command displays large output. Filtering this output is the key to getting useful information.
For many system administrators, the first useful option is the-4Switch showing IPv4 data. Many internal networks have not yet migrated to IPv6. In addition, the results of TCP or UDP (User Datagram Protocol) connections can be displayed using-TE-youoptions or
Even more convenient is the output displayed based on the state of connections. A simple example is the listening sockets display:
Figure 9: The ss -4 state listen command
You can also view output for specific connections by specifying the destination IP address, as shown below with the 192.168.2.200 destination example:
# ss-dst 192.168.2.200
The ss utility is a powerful replacement forliquid state, but it certainly requires some dedication to learn.
2. The nmap command
Network Mapper (nmap) searches for open ports on remote systems. It is an incredibly powerful tool used for both nefarious and benevolent motives. Keep this in mind when trying to troubleshoot situations where remote connections are unknown, fail, or are rejected.
Many different types of scans are available, including whole subnet or targeted host scans.
A basic scan of the 10.0.0.0/24 network looks like this:
Figure 10: The nmap command (truncated output)
A quick scan shows active hosts on a network without showing additional information (e.g. ports):
Figure 11: The nmap -sn 10.0.0.0 command
the power ofnmapreally shines when performing more specific checks. One of the most common uses is to display open ports on target systems. Although a scan can show all open ports, administrators usually already know which port to check.
To confirm the statusPort 22/TCP(the default Secure Shell (SSH) port) on a server with IP address 10.0.0.1, type:
Figure 12: The nmap -p 22 10.0.0.1 command
Similarly, nmap can show port 22 results for an entire subnet with:
# nmap -p 22 10.0.0.0/24
To search the top 25 ports, add the --top-ports 25 option:
# nmap --top-ports 25 10.0.0.0/24
Nmapit's extremely powerful, and there are a lot more options. A general scan is useful, but system administrators can use this tool to really get into the details.
For those more comfortable with graphical tools, consider ZenMap.
3. The tcpdump utility
BothssEnmapprovide information about existing connections, but do not tell system administrators how these connections are used.
The tcpdump utility is installed on many Linux distributions. It intercepts network traffic and gives administrators an overview of what kind of information is flowing over existing connections.
One reasontcpdumpcommand looks like this:
# tcpdump -i enp0s3
The output is all traffic on the specified interface.
It's easy to specify traffic to or from a specific IP address, for example 10.0.0.42. To do this, type the following:
# tcpdump-Host 10.0.0.42
However, on a server with busy network connections, a lot of information can be collected in a very short time. Try filtering coverage by the specific traffic port you need.
Here's a recording for the port 80 traffic, along with words to write the output to a file called webtraffic:
# porta tcpdump 80 -w webtraffic
The file isn't easy to read with a standard editor, but you can use it.tcpdump -r webtrafficor open the file withWiresharkto make the content more user-friendly.
Of course, Wireshark offers similar functionality and has a very nice GUI.
4. The mtr command
While tools likePing e Tracerouteare invaluable for network troubleshooters whomtrCommand can be even more effective. It includes the functionality of standard tools and provides visibility into network performance information, including dropped packets along a route. It updates this information automatically, giving system administrators real-time information about network performance.
A basic test looks like this:
Figure 13: The mtr command
In this case I also targeted localhostmtrto view available baselines.
The mtr command also works by simply specifying an IP address instead of a fully qualified domain name (FQDN) or hostname.
If the output is too disorganized, try the-cOption to display results in a wide format. I usually walkmtras-4Option to return only IPv4 information.
The output includes the percentage of packets lost, the number of packets sent, and various fields related to network performance. As results are displayed for each hop, administrators can identify where communication is failing or which routers may be experiencing performance issues.
you can installmtron Linux, macOS and Windows. In fact, Windows administrators may already be familiar with a similar tool called Pathping.
5. The iperf command
The mtr command can certainly provide valuable information about a network route, but what about the available bandwidth being used by a specific server? there is theiperfutility is coming.
There are two basic ways to use it.iperf, either directed to a server owned by an Internet hosting organization or directed to one of your internal servers.
To useiperfinternally dedicating two systems. One acts as the destination server while the other is the client. To installiperfin both systems.
To set the target device as the target server, use the-SPossibility:
# iperf -s
A default port number is displayed. The client uses this connection to test performance.
Then switch to the client device. O -Ccauses the device to run iperf in client mode. Provide at least the IP address of the destination server.
The command looks like this on the client, assuming the server's IP address is 10.0.0.5:
# iperf -c 10.0.0.5
The output provides system administrators with information about the server's available bandwidth. However, testing a single server connection is not necessarily realistic. Most servers must support many simultaneous connections. gladly,iperfcan help with that.
Use o-POption to specify the number of parallel connections to the destination, which gives much more information about how the server's actual network performance is.
# iperf -P 30 -c 10.0.0.5
Use iperf on Linux servers, of course, but note that there are versions for Windows, macOS, and even Android and iOS (iPhone). Consider network testing possibilities with this variety.
Understand basic networking commands
Linux server administrators are often responsible for critical services including web and database functions. These services depend on network connectivity and it is up to system administrators to know many different basic network commands for configuration and troubleshooting. The nine commands listed here represent a solid list of utilities that play an important role in maintaining network connectivity.
CompTIA Linux+ covers the skills needed to be a Linux administrator and use commands like the ones in this article. CompTIA CertMaster Learn + Labs for Linux+ allow you to learn and practice your hands-on skills on one platform.Sign up for your free trial today.
- Check your network configuration. ...
- Check the network configuration file. ...
- Check the servers DNS records. ...
- Test the connection both ways. ...
- Find out where the connection fails. ...
- Firewall settings. ...
- Host status information.
- lspci command : List all PCI devices.
- lshw command : Linux identify Ethernet interfaces and NIC hardware.
- dmidecode command : List all hardware data from BIOS.
- ifconfig command : Outdated network config utility.
- ip command : Recommended new network config utility.
- ls - The most frequently used command in Linux to list directories.
- pwd - Print working directory command in Linux.
- cd - Linux command to navigate through directories.
- mkdir - Command used to create directories in Linux.
- mv - Move or rename files in Linux.
There are well over 100 Unix commands shared by the Linux kernel and other Unix-like operating systems.How to check Ethernet status in Linux? ›
- $ cat /sys/class/net/eno1/carrier. $ cat /sys/class/net/eno1/operstate. Another option is use the ip command along with grep command/egrep command:
- $ ip a s eno1 | grep state.
- $ sudo ethtool eno1 | grep -i 'Link det'
- $ nmcli device status.
- Click Start, click Run, type cmd.exe, and then press ENTER.
- Type set devmgr_show_nonpresent_devices=1 , and then press ENTER.
- Type Start DEVMGMT. ...
- Click View, and then click Show Hidden Devices.
- Expand the Network adapters tree.
- Use the Ping Remote tool to determine whether the network can reach a remote target. ...
- Use the traceroute command to trace the network path to a remote target.
- Use the TCP Connection Test tool to verify connectivity to a specific port on a remote target.
- Open the command prompt.
- Enter the command “ipconfig” for Mac or “ifconfig” on Linux. ...
- Next, input the command “arp -a”. ...
- Optional: Input the command “ping -t”.
- Open a command prompt.
- Type netstat -a.
- Press Enter.
- Observe active TCP and UDP connections and listening ports, the local address and port number, the remote name or address and port number if a connection is established, and the connection status.
If you enter the command “ifconfig” in the terminal, all information will be displayed. You can also use the commands “ip addr” or “ip a”. Confirm with [Enter]. You'll now be shown all IP addresses that are in your network.
As we learned, networking commands are used at the command prompt to get network information like the IP address of the system (remember that an IP address is the address of your device in a network), MAC address, network route traversed by a packet, and the IP address of the server in which a website or URL is hosted.What is the command for network connections? ›
Press Win + R to open the Run command dialog box. Type ncpa. cpl and press Enter to open the Network Connections tool.How do I list network services in Linux? ›
- Check the service status. A service can have any of the following statuses: ...
- Start the service. If a service isn't running, you can use the service command to start it. ...
- Use netstat to find port conflicts. ...
- Check xinetd status. ...
- Check logs. ...
- Next steps.
from the command line. A summary of the most useful commands are here: /all is used to display more in depth details about the TCP/IP and DHCP lease settings. /release is used to clear the current IP address settings. /renew is used to obtain new IP address settings after using the /release command.