A reference list of Linux utilities and commands makes managing servers and networks easier.
If you're a sysadmin, your daily tasks include managing servers and the data center's network. The following Linux utilities and commands—from basic to advanced—will help make network management easier.
In several of these commands, you'll see
<fqdn>, which stands for "fully qualified domain name." When you see this, substitute your website URL or your server (e.g.,
server-name.company.com), as the case may be.
As the name suggests,
ping is used to check the end-to-end connectivity from your system to the one you are trying to connect to. It uses ICMP echo packets that travel back to your system when a ping is successful. It's also a good first step to check system/network connectivity. You can use the
ping command with IPv4 and IPv6 addresses. (Read my article "How to find your IP address in Linux" to learn more about IP addresses.)
ping <ip address>/<fqdn>
ping6 <ip address>/<fqdn>
You can also use
ping to resolve names of websites to their corresponding IP address, as shown below:
pingchecks end-to-end connectivity, the
tracerouteutility tells you all the router IPs on the path you travel to reach the end system, website, or server.
tracerouteis usually is the second step after
pingfor network connection debugging.
traceroute <ip address>/<fqdn>
telnet <ip address>/<fqdn>is used to telnet into any server.
The network statistics (
netstat) utility is used to troubleshoot network-connection problems and to check interface/port statistics, routing tables, protocol stats, etc. It's any sysadmin's must-have tool.
netstat -lshows the list of all the ports that are in listening mode.
netstat -ashows all ports; to specify only TCP, use
-at(for UDP use
netstat -rprovides a routing table.
netstat -sprovides a summary of statistics for each protocol.
netstat -idisplays transmission/receive (TX/RX) packet statistics for each interface.
nmcli is a good utility for managing network connections, configurations, etc. It can be used to control Network Manager and modify any device's network configuration details.
nmcli device lists all devices on the system.
nmcli device show <interface> shows network-related details of the specified interface.
nmcli connection checks a device's connection.
nmcli connection down <interface> shuts down the specified interface.
nmcli connection up <interface> starts the specified interface.
nmcli con add type vlan con-name <connection-name> dev <interface> id <vlan-number> ipv4 <ip/cidr> gw4 <gateway-ip> adds a virtual LAN (VLAN) interface with the specified VLAN number, IP address, and gateway to a particular interface.
There are many commands you can use to check and configure routing. Here are some useful ones:
ip routeshows all the current routes configured for the respective interfaces.
route add default gw <gateway-ip>adds a default gateway to the routing table.
route add -net <network ip/cidr> gw <gateway ip> <interface>adds a new network route to the routing table. There are many other routing parameters, such as adding a default route, default gateway, etc.
route del -net <network ip/cidr>deletes a particular route entry from the routing table.
ip neighborshows the current neighbor table and can be used to add, change, or delete new neighbors.
arp(which stands for address resolution protocol) is similar to
arpmaps a system's IP address to its corresponding MAC (media access control) address.
Linux provides many packet-capturing tools like
tshark, etc. They are used to capture network traffic in packets that are transmitted/received and hence are very useful for a sysadmin to debug any packet losses or related issues. For command-line enthusiasts,
tcpdump is a great tool, and for GUI users,
wireshark is a great utility to capture and analyze packets.
tcpdump is a built-in Linux utility to capture network traffic. It can be used to capture/show traffic on specific ports, protocols, etc.
tcpdump -i <interface-name>shows live packets from the specified interface. Packets can be saved in a file by adding the
-wflag and the name of the output file to the command, for example:
tcpdump -w <output-file.> -i <interface-name>.
tcpdump -i <interface> src <source-ip>captures packets from a particular source IP.
tcpdump -i <interface> dst <destination-ip>captures packets from a particular destination IP.
tcpdump -i <interface> port <port-number>captures traffic for a specific port number like 53, 80, 8080, etc.
tcpdump -i <interface> <protocol>captures traffic for a particular protocol, like TCP, UDP, etc.
iptables is a firewall-like packet-filtering utility that can allow or block certain traffic. The scope of this utility is very wide; here are some of its most common uses.
iptables -Llists all existing
iptables -Fdeletes all existing rules.
The following commands allow traffic from the specified port number to the specified interface:
iptables -A INPUT -i <interface> -p tcp –dport <port-number> -m state –state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o <interface> -p tcp -sport <port-number> -m state – state ESTABLISHED -j ACCEPT
The following commands allow loopback access to the system:
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
nslookup tool is used to obtain IP address mapping of a website or domain. It can also be used to obtain information on your DNS server, such as all DNS records on a website (see the example below). A similar tool to
nslookup is the
dig (Domain Information Groper) utility.
nslookup <website-name.com>shows the IP address of your DNS server in the Server field, and, below that, gives the IP address of the website you are trying to reach.
nslookup -type=any <website-name.com>shows all the available records for the specified website/domain.
Here is a summary of the necessary commands and files used to troubleshoot interface connectivity or related network issues.
ssis a utility for dumping socket statistics.
nmap <ip-address>, which stands for Network Mapper, scans network ports, discovers hosts, detects MAC addresses, and much more.
ip addr/ifconfig -aprovides IP addresses and related info on all the interfaces of a system.
ssh -vvv user@<ip/domain>enables you to SSH to another server with the specified IP/domain and username. The
-vvvflag provides "triple-verbose" details of the processes going on while SSH'ing to the server.
ethtool -S <interface>checks the statistics for a particular interface.
ifup <interface>starts up the specified interface.
ifdown <interface>shuts down the specified interface.
systemctl restart networkrestarts a network service for the system.
/etc/sysconfig/network-scripts/<interface-name>is an interface configuration file used to set IP, network, gateway, etc. for the specified interface. DHCP mode can be set here.
/etc/hoststhis file contains custom host/domain to IP mappings.
/etc/resolv.confspecifies the DNS nameserver IP of the system.
/etc/ntp.confspecifies the NTP server domain.
на главную сниппетов