To get information on all the network interfaces on your system
1. ip a
ip a (or ip addr)
The two interfaces on this system — the loopback (lo) and network (enp0s25) — are displayed along with a lot of stats. The “lo” interface is clearly the loopback. We can see the loopback IPv4 address (127.0.0.1) and the loopback IPv6 (::1) in the listing.
Why enp0s25 and not eth0?
The new naming scheme is referred to as the “Predictable Network Interface” naming. The “en” simply means “ethernet” just like “eth” does for eth0. The “p” is the bus number of the ethernet card and the “s” is the slot number. So “enp0s25” tells us a lot about the hardware we’re working with.
2. ip route show
ip route show
Displaying a routing table with ip route show. In its simplest form, ip route can be used to display the main routing table output.
3. ifconfig
ifconfig
CLi tool for network interface configuration and also used to initialize an interfaces at system boot time.
it can be used to assign an IP Address to an interface and enable or disable the interface on demand.
view the status IP Address, Hardware / MAC address, as well as MTU (Maximum Transmission Unit) size of the currently active interfaces.
ifconfig -a
To list all interfaces which are currently available
sudo ifconfig eth0 192.168.0.29 netmask 255.255.255.0
To assign an IP address to an interface (edit IP and netmask accordingly)
sudo ifconfig up eth0
To activate an network interface. (where eth0 is network interface)
sudo ifconfig down eth0
To deactivate or shut down an network interface. (where eth0 is network interface)
4. IP Command
Utility for displaying and manipulating routing, network devices, interfaces. It is a replacement for ifconfig and many other networking commands.
ip addr show
show the IP address and other information about an network interface.
sudo ip addr add 192.168.56.1 dev eth0
To temporarily assign IP Address to a specific network interface (eth0)
sudo ip addr del 192.168.56.15/24 dev eth0
remove an assigned IP address from an network interface (eth0)
ip neigh
To show the current neighbour table in kernel
5. ifup, ifdown, and ifquery command
sudo ifup eth0
actives a network interface, making it available to transfer and receive data
sudo ifdown eth0
disables a network interface, keeping it in a state where it cannot transfer or receive data
sudo ifquery eth0
used to parse the network interface configuration, enabling you to receive answers to query about how it is currently configured.
6. Ethtool Command
Querying and modifying network interface controller parameters and device drivers.
ethtool eth0
to view the parameters for the network interface
7. Ping Command
ping 192.168.0.29 (hostname or interface ip)
testing connectivity between two systems on a network (Local Area Network (LAN) or Wide Area Network (WAN)). It use ICMP (Internet Control Message Protocol) to communicate to nodes on a network.
ping -c 4 192.168.0.29
tell ping to exit after a specified number of ECHO_REQUEST packets, using the -c flag as shown.
8. Traceroute Command
utility for tracing the full path from your local system to another network system. It prints number of hops (router IP’s) in that path you travel to reach the end server. It is an easy-to-use network troubleshooting utility after ping command.
traceroute google.com (ip or hostname)
tracing the route packets take from the local system to one of Google’s servers.
9. MTR Network Diagnostic Tool
modern command-line network diagnostic tool that combines the functionality of ping and traceroute into a single diagnostic tool.
mtr google.com OR mtr 216.58.223.78
easiest way of running mtr is to provide it a host name or IP address
mtr -c 4 google.com
limit the number of pings to a specific value and exit mtr after those pings.
10. Route Command
displaying or manipulating the IP routing table of a Linux system. It is mainly used to configure static routes to specific hosts or networks via an interface.
route
view Kernel IP routing table
sudo route add default gw
Add a default gateway to the routing table
sudo route add -net gw
Add a network route to the routing table.
sudo route del -net
Delete a specific route entry from the routing table.
11. Nmcli Command
scriptable command-line tool to report network status, manage network connections, and control the NetworkManager.
nmcli dev status
view all your network devices
nmcli con show
To check network connections on your system
nmcli con show -a
o see only the active connections
12. Netstat Command
displays useful information such as network connections, routing tables, interface statistics, and much more, concerning the Linux networking subsystem. It is useful for network troubleshooting and performance analysis. a fundamental network service debugging tool used to check which programs are listening on what ports
sudo netstat -tnlp
Active Internet connections
netstat -r
To view kernel routing table, use the -r flag (which is equivalent to running route command above).
13. ss Command
Although Netstat is a great tool, it is now obsolete (deprecated), its replacement is ss command. utility to investigate sockets. It dumps socket statistics and displays information similar to netstat. In addition, it shows more TCP and state information compared to other similar utilities
ss -ta
to list all TCP ports (sockets) that are open on a server.
ss -to
To display all active TCP connections together with their timers
14. NC (NetCat) Command
used for almost any task related to TCP, UDP, or UNIX-domain sockets. It is used open TCP connections, listen on arbitrary TCP and UDP ports, perform port scanning plus more. you can employ nc together with pv command to transfer files between two computers.
nc -zv server2.network.local 21 22 80 443 3000
will show how to scan a list of ports.
nc -zv server2.network.local 20-90
specify a range of ports as shown
nc -p 3000 -w 10 server2.network.local 5000
shows how to use nc to open a TCP connection to port 5000 on server2.network.local, using port 3000 as the source port, with a timeout of 10 seconds.
15. Nmap Command
gather information about a single host or explore networks an entire network. Nmap is also used to perform security scans, network audit and finding open ports on remote hosts and so much more.
nmap google.com
scan a host using its host name or IP address
16. host Command (DNS Lookup)
host google.com
carrying out DNS lookups, it translates host names to IP addresses and vice versa.
17. dig Command (domain information groper)
Used to query DNS related information such as A Record, CNAME, MX Record.
dig google.com
A Record, CNAME, MX Record for google.com
18. NSLookup Command
To query DNS servers both interactively and non-interactively. It is used to query DNS resource records (RR).
nslookup google.com
find out “A” record (IP address) of a google.com
nslookup 216.58.208.174
ou can also perform a reverse domain lookup
19. (Tcpdump Command) Linux Network Packet Analyzers
Used command-line network sniffer. It is used to capture and analyze TCP/IP packets transmitted or received over a network on a specific interface.
tcpdump -i eth0
To capture packets from a given interface
tcpdump -c 5 -i eth0
To capture a specific number of packets
tcpdump -w captured.pacs -i eth0
You can also capture and save packets to a file for later analysis