Linux Network Administration Commands with Examples
Anique Ahmad SarfrazTable of contents
- 1. Viewing Network Interfaces
- 2. Assigning an IP Address
- 3. Checking Open Ports
- 4. Checking Open Ports (part 2)
- 5 . Using grep to Filter Ports
- 6 . Purpose of DNS and Configuring Google DNS
- 7. Testing Network Connectivity
- 8. Scanning Open Ports and Services
- 9. Capturing Network Packets
- 10. Checking the Routing Table
This blog provides essential Linux commands for network administration, including real-world examples, outputs, and explanations. It covers configuring network interfaces, troubleshooting, DNS, open ports, and other administration topics in detail.
1. Viewing Network Interfaces
Command:
ip a
Example Output:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4d:5f:72 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global dynamic ens33
valid_lft 86385sec preferred_lft 86385sec
Explanation:
lo: The loopback interface (127.0.0.1) for local testing.
ens33: A network interface with IP
192.168.1.100and subnet mask/24.Use the
ipcommand to display all active interfaces and their configurations.
2. Assigning an IP Address
Command:
ip addr add 192.168.1.150/24 dev ens33
- This assigns the IP
192.168.1.150to theens33interface.
Verification:
ip a show ens33
Output:
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:4d:5f:72 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.150/24 brd 192.168.1.255 scope global dynamic ens33
valid_lft forever preferred_lft forever
Explanation:
- The interface
ens33now has the additional IP192.168.1.150assigned to it.
3. Checking Open Ports
Command:
ss -tuln
Example Output:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 100 127.0.0.1:3306 0.0.0.0:*
Explanation:
Local Address:Port: Displays listening IP and port.
127.0.0.1:53is a DNS resolver running locally.0.0.0.0:22is the SSH service listening on all interfaces.127.0.0.1:3306is the MySQL database bound to localhost.
Recv-Q/Send-Q: Queued incoming/outgoing data for sockets.
Use this command to monitor open ports and active listeners.
Identifying Service for a Port:
lsof -i :22
Output:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1234 root 3u IPv4 12345 0t0 TCP *:ssh (LISTEN)
Explanation:
- Shows that
sshd(SSH daemon) is listening on port22.
4. Checking Open Ports (part 2)
Command:
ss -tuln
Example Output:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 127.0.0.1:53 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 100 127.0.0.1:3306 0.0.0.0:*
Explanation:
Local Address:Port: Displays listening IP and port.
127.0.0.1:53is a DNS resolver running locally.0.0.0.0:22is the SSH service listening on all interfaces.127.0.0.1:3306is the MySQL database bound to localhost.
Use this command to monitor open ports and active listeners.
5 . Using grep to Filter Ports
Command:
ss -tuln | grep ':22'
Example Output:
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
Explanation:
- Filters the output of
ss -tulnto show only the lines containing:22.
This is useful for quickly identifying if a specific port (e.g., SSH) is active on the system.
6 . Purpose of DNS and Configuring Google DNS
Purpose of DNS:
DNS (Domain Name System) translates human-readable domain names (e.g., google.com) into IP addresses (e.g., 142.250.72.206) required for devices to communicate over a network.
Command to View Current DNS Configuration:
cat /etc/resolv.conf
Example Output:
nameserver 192.168.1.1
- Indicates the DNS server is
192.168.1.1.
Adding Google DNS:
Edit /etc/resolv.conf and replace or append the following:
nameserver 8.8.8.8
nameserver 8.8.4.4
Verification:
nslookup google.com
Example Output:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 142.250.72.206
7. Testing Network Connectivity
Command:
ping -c 4 google.com
Example Output:
PING google.com (142.250.72.206) 56(84) bytes of data.
64 bytes from sea30s11-in-f14.1e100.net (142.250.72.206): icmp_seq=1 ttl=114 time=8.12 ms
64 bytes from sea30s11-in-f14.1e100.net (142.250.72.206): icmp_seq=2 ttl=114 time=7.94 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 7.937/8.045/8.124/0.077 ms
Explanation:
Sends 4 ICMP packets to
google.comand measures response times.Use this command to test basic connectivity and packet loss.
8. Scanning Open Ports and Services
Command:
nmap -p 1-1000 192.168.1.100
Example Output:
PORT STATE SERVICE
22/tcp open ssh
3306/tcp open mysql
Explanation:
Scans ports
1-1000on the host192.168.1.100.Indicates
ssh(22) andmysql(3306) services are running.
9. Capturing Network Packets
Command:
tcpdump -i ens33
Example Output:
18:23:12.485745 IP 192.168.1.100.54742 > 142.250.72.206.443: Flags [P.], seq 1:518, ack 1, win 229, length 517
Explanation:
Captures live network traffic on the
ens33interface.Useful for troubleshooting or analyzing packets.
10. Checking the Routing Table
Command:
ip route show
Example Output:
default via 192.168.1.1 dev ens33 proto dhcp src 192.168.1.100 metric 100
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.100
Explanation:
default via 192.168.1.1: All traffic not matching specific routes will use
192.168.1.1as the gateway.192.168.1.0/24: Traffic within the
192.168.1.0subnet is handled byens33.
Use these commands and explanations to manage and troubleshoot Linux networks effectively.
Subscribe to my newsletter
Read articles from Anique Ahmad Sarfraz directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by