There are various commands in Linux to check network configuration and connectivity. Let's look at a number of very useful commands and their functions.
ifquery command
ifquery is a very useful command that shows a brief list of network interfaces. However, you may only see the loopback interface as follows:
$ ifquery --list
lo
This is because the /etc/network/interfaces file does not contain information about network interfaces other than loopback interfaces. Assuming DHCP is used for address allocation, this can be solved by adding code like the last two lines of the example.
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
ifup and ifdown commands
If you have the data you need in the file, you can use the ifup and ifdown commands to bring up or shut down the network connection as needed. Just remember that "if" in this command does not mean "if", but means "interface" just like in the case of the ifconfig command.
ifconfig command
The ifconfig command, on the other hand, does not read the /etc/network/interfaces file at all and provides a number of useful information about network interfaces. It shows the number of packets along with the configuration data, so you can check how much usage of each interface is. You can also use the ifconfig command to shut down and restart the network interface. For example ifconfig eth0 down.
$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:1e:4f:c8:43:fc
inet addr:192.168.0.6 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::b44b:bdb6:2527:6ae9/ 64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:60474 errors:0 dropped:0 overruns:0 frame:0
TX packets:33463 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen :1000
RX bytes:43922053 (43.9 MB) TX bytes:4000460 (4.0 MB)
Interrupt:21 Memory:fe9e0000-fea00000
The number of RX and TX packets at this output is very low. There are also no reported errors or packet collisions. As you can see by using the uptime command, this system has probably been rebooted recently. In the previous example, the broadcast and network mask addresses show that the system operates on a Class C class network (default), and that the local address ranges from 192.168.0.1 to 192.168.0.254.
netstat command
The netstat command provides information about routing and network connectivity. If there are no arguments, a list of open sockets is displayed. Almost everything relates to a process on the local system. For example, in the following example, you can see that only two incoming ssh connections to the local system (dragonfly) have been established.
$ netstat | head -4
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 64 dragonfly:ssh dragonfly:8812 ESTABLISHED
tcp 0 0 dragonfly:ssh dragonfly:33505 ESTABLISHED
netstat -rn
Use -m with netstat to view the system routing table.
$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth 0
The 192.168.0.1 address is the local gateway (Flags=UG). In the example above, item 169.254.0.0 is only needed when using or planning to use link-local communication. If not, comment out the relevant line in the /etc/network/if-up.d/avahi-autoipd file.
$ tail -12 /etc/network/if-up.d/avahi-autoipd
#if [-x /bin/ip ]; then
# # route already present?
# ip route show | grep -q'^169.254.0.0/16[[:space:]]' && exit 0
#
# /bin/ip route add 169.254.0.0/16 dev $IFACE metric 1000 scope link
#elif [-x /sbin/route ]; then
# # route already present?
# /sbin/route -n | egrep -q "^169.254.0.0[[:space:]]" && exit 0
#
# /sbin/route add -net 169.254.0.0 netmask 255.255.0.0 dev $
IFACE metric 1000 #fi
netstat -a command
The netstat -a command shows all network connections. To limit the range to only listening and established connections (usually this is more useful), you can use the netstat -at command.
$ netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 256 192.168.0.6:ssh 192.168.0.32:53550 ESTABLISHED
tcp6 0 0 [::]:http [::]:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN
tcp6 0 0 ip6-localhost:smtp [::]:*
host command
The host command is similar to nslookup in that it looks up the IP address of the remote system, but it also shows the system's mail handler.
$ host world.std.com
world.std.com has address 192.74.137.5
world.std.com mail is handled by 10 smtp.theworld.com.
nslookup command
nslookup also provides information about the system that provides DNS lookup service (in this case, the local system).
$ nslookup world.std.com
Server: 127.0.1.1
Address: 127.0.1.1#53
Non-authoritative answer:
Name: world.std.com
Address: 192.74.137.5
dig command
The dig command provides a number of information about the remote system connection, such as the name server it is communicating with and the time it takes to respond to queries, and is often used for troubleshooting.
$ dig world.std.com
; <<>> DiG 9.10.3-P4-Ubuntu <<>> world.std.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28679 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;world.std.com. IN A
;; ANSWER SECTION: world.std.com. 78146 IN A 192.74.137.5
;; Query time: 37 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Mon Oct 09 13:26:46 EDT 2017 ;; MSG SIZE rcvd: 58
nmap command
The most common use of the nmap command is remote system detection, but it can also be used to report on services provided by the local system. In the following example, you can use ssh to log in, see that smtp is serving email, the website is active, and the ipp print service is running.
$ nmap localhost
Starting Nmap 7.01 (https://nmap.org) at 2017-10-09 15:01 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00016s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
631/tcp open ipp
Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds
Linux systems have a number of useful commands for checking network configuration and connectivity. If you think you know most, try running the apropos network command. You can see more commands.
0 Comments