How-ToTech

10 Linux Network Commands and How to Use Them

Linux, like other advanced operating systems, supports communication over the network. In Linux all settings are stored in accessible files. In this way, certain files can be edited, and necessary settings can be made easily. You can easily manage the commands used for network and DNS settings from the command screen.

In this article you will find information about the most used basic network commands in Linux and how to edit DNS settings.

1. For Network Connection and IP Configuration: ifconfig

The ifconfig command allows you to examine and change the network connection and IP configuration settings available in the system.

ifconfig

data-modal-container-id=”single-image-modal-container” data-img-caption='”Output of ifconfig command”‘>


Firstly, you see the eth0 information. eth0 is the part that shows the information about your Ethernet card. If other Ethernet cards connected to the system, they would have names such as eth1, and eth2, respectively.

lo represents the computer itself, ie localhost.

If you are using a wireless network environment, you can also see the wlan0 information. wlan0 means the wireless network card.

Instead of using the ifconfig command this way, you can list the desired information one by one. For example, if you want to list only the Ethernet card information, ifconfig eth0 the command will suffice.

 ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
inet6 fe00::000:00xx:xx00:0x00 prefixlen 64 scopeid 0x20&lt;link&gt;
ether 08:00:00:00:0x:00 txqueuelen 1000 (Ethernet)
RX packets 11 bytes 3310 (3.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 25 bytes 3050 (2.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

For example, you saw above that the local IP address of eth0 is 10.0.2.15. To change this IP address to 10.0.2.13:

sudo ifconfig eth0 10.0.2.13 

data-modal-container-id=”single-image-modal-container” data-img-caption='”Local IP address change with ifconfig command”‘>


With ifconfig, you can change the information here, as well as adjust the information cards you encounter in the output. ifconfig card_name down the command can remove the desired card from display, you can show this card again with ifconfig card_name up the command.

sudo ifconfig lo down

data-modal-container-id=”single-image-modal-container” data-img-caption='”Using the down parameter with the ifconfig command”‘>


As can be seen from the output, the down parameter made the lo card invisible now.

sudo ifconfig lo up

data-modal-container-id=”single-image-modal-container” data-img-caption='”Using the up parameter with the ifconfig command”‘>


2. A Kind of Control Mechanism: ping

The ping command checks whether communication is established between the target and your system. For example, you can query the communication speed between you and Google.

ping google.com

data-modal-container-id=”single-image-modal-container” data-img-caption='”Using the ping command”‘>


While doing this, I ended this process with the Ctrl + C combination after the 5th query package. If you use a command like a ping -c 4 google.com, you only send 4 query packets. The process will terminate after the number of query packets exhausted.

ping -c 4 google.com
PING google.com (216.58.206.174) 56(84) bytes of data.
64 bytes from sof02s27-in-f14.1e100.net (216.58.206.174): icmp_seq=1 ttl=111 time=79.0 ms
64 bytes from sof02s27-in-f14.1e100.net (216.58.206.174): icmp_seq=2 ttl=111 time=73.5 ms
64 bytes from sof02s27-in-f14.1e100.net (216.58.206.174): icmp_seq=3 ttl=111 time=72.7 ms
64 bytes from sof02s27-in-f14.1e100.net (216.58.206.174): icmp_seq=4 ttl=111 time=75.1 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3014ms
rtt min/avg/max/mdev = 72.710/75.089/79.030/2.432 ms

3. For IP Routing Table: route

The route command allows you to see the contents of the IP routing table on your system. You can type the route -n command in the console for this.

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.2.1 0.0.0.0 UG 100 0 0 eth0
10.0.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0

The gateway address here is the forwarding address used when passing from the local network to the internet network.

4. Forwarding Tracking for a Specific Target: traceroute

With Traceroute, your command shows you which hosts the packet sent to a specific destination has passed through. This time, let’s think of the target address www.makeuseof.com as an example.

traceroute www.makeuseof.com      
traceroute to www.makeuseof.com (54.157.137.27), 30 hops max, 60 byte packets
1 10.0.2.1 (10.0.2.1) 0.430 ms 0.326 ms 0.414 ms
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *

As you can see, to be able to be directed to the desired address, first a request made to the address 10.0.2.1. You can use the traceroute command to see such routing paths and to understand any routing problems that occur in the network.

5. For Domain Information: whois

The whois query contains information such as when the domain established, how long it is valid and so on. Let’s target google.com as an example of a whois query.

whois google.com            
Domain Name: GOOGLE.COM
Registry Domain ID: 2138514_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.markmonitor.com
Registrar URL: http:
Updated Date: 2019-09-09T15:39:04Z
Creation Date: 1997-09-15T04:00:00Z
Registry Expiry Date: 2028-09-14T04:00:00Z
Registrar: MarkMonitor Inc.
Registrar IANA ID: 292
Registrar Abuse Contact Email: abusecomplaints@markmonitor.com
Registrar Abuse Contact Phone: +1.2083895740
Domain Status: clientDeleteProhibited https:
Domain Status: clientTransferProhibited https:
Domain Status: clientUpdateProhibited https:
Domain Status: serverDeleteProhibited https:
Domain Status: serverTransferProhibited https:
Domain Status: serverUpdateProhibited https:
Name Server: NS1.GOOGLE.COM
Name Server: NS2.GOOGLE.COM
Name Server: NS3.GOOGLE.COM
Name Server: NS4.GOOGLE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https:

Also, you can avoid having to use the command screen by using the best websites to look up whois information for free.

6. Getting Information About Target Address: host

The host command allows you to get information about the destination address. With the host command, you can access the domain name from the IP address and the IP address from the domain name.

data-modal-container-id=”single-image-modal-container” data-img-caption='”Using the host command”‘>


7. To Look at DNS Records: dig

The dig command (domain information groper) is a common Linux network command used to lookup DNS records.

dig google.com
; <<>> DiG 9.17.21-1-Debian <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64917
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 177 IN A 216.58.206.174
;; Query time: 3 msec
;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP)
;; WHEN: Thu Apr 14 19:25:15 EDT 2022
;; MSG SIZE rcvd: 44

Also, you can examine NS (Nameserver) records with the dig command. You can use the -t NS the command for this.

dig google.com -t NS
; <<>> DiG 9.17.21-1-Debian <<>> google.com -t NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41881
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN NS
;; ANSWER SECTION:
google.com. 70621 IN NS ns3.google.com.
google.com. 70621 IN NS ns2.google.com.
google.com. 70621 IN NS ns4.google.com.
google.com. 70621 IN NS ns1.google.com.
;; Query time: 3 msec
;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP)
;; WHEN: Thu Apr 14 19:34:38 EDT 2022
;; MSG SIZE rcvd: 100

8. For IP-MAC Address Matchings: arp

The arp command shows the tables where IP-MAC Address mappings are kept.

arp                          
Address HWtype HWaddress Flags Mask Iface
10.0.2.1 ether 52:54:00:12:35:00 C eth0
10.0.2.3 ether 08:00:27:66:24:25 C eth0

9. For Connections Made by the System: tcpdump

The tcpdump command allows you to instantly view the connections made by your system and the connections made to your system.


tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
19:44:59.746452 IP 10.0.2.15.48657 &gt; homerouter.cpe.domain: 14329+ A? www.makeuseof.com. (37)
19:44:59.746574 IP 10.0.2.15.48657 &gt; homerouter.cpe.domain: 39924+ AAAA? www.makeuseof.com. (37)
19:44:59.770573 IP 10.0.2.15.44391 &gt; homerouter.cpe.domain: 44735+ A? content-signature-2.cdn.mozilla.net. (53)
19:44:59.770685 IP 10.0.2.15.44391 &gt; homerouter.cpe.domain: 31664+ AAAA? content-signature-2.cdn.mozilla.net. (53)

In addition, if you want to follow the links directly without address resolution, you can use the tcpdump -n command.


tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
19:47:41.327149 IP 10.0.2.15.43892 &gt; 192.168.1.1.53: 44991+ A? content-signature-2.cdn.mozilla.net. (53)
19:47:41.327574 IP 10.0.2.15.43892 &gt; 192.168.1.1.53: 46778+ AAAA? content-signature-2.cdn.mozilla.net. (53)
19:47:41.425041 IP 192.168.1.1.53 > 10.0.2.15.43892: 44991 5/0/0 CNAME d2nxq2uap88usk.cloudfront.net., A 18.66.248.5, A 18.66.248.40, A 18.66.248.112, A 18.66.248.105 (157)
19:47:41.425042 IP 192.168.1.1.53 > 10.0.2.15.43892: 46778 9/0/0 CNAME d2nxq2uap88usk.cloudfront.net., AAAA 2600:9000:224a:e400:a:da5e:7900:93a1, AAAA 2600:9000:224a:1c00:a:da5e:7900:93a1, AAAA 2600:9000:224a:9400:a:da5e:7900:93a1, AAAA 2600:9000:224a:8200:a:da5e:7900:93a1, AAAA 2600:9000:224a:c00:a:da5e:7900:93a1, AAAA 2600:9000:224a:8e00:a:da5e:7900:93a1, AAAA 2600:9000:224a:9a00:a:da5e:7900:93a1, AAAA 2600:9000:224a:a400:a:da5e:7900:93a1 (317)
19:47:42.470901 IP 10.0.2.15.44369 &gt; 192.168.1.1.53: 28874+ A? safebrowsing.googleapis.com. (45)

10. DNS Settings

Compared to other operating systems, settings DNS on Linux is quite easy. To do this, you can make some changes to the etc/resolv.conf file where DNS information stored.


nameserver 192.168.1.1

If you want to add a new DNS here, you can use the echo command.


# echo nameserver 8.8.4.4 >> etc/resolv.conf

After making these additions, when you browse the etc/resolv.conf file again, you will see that the desired changes made.

 
nameserver 8.8.8.8
nameserver 8.8.4.4

Inside the /etc/ folder, there is another file called hosts that acts as a domain nameserver. This file is checked when performing domain name resolution in the system.


127.0.0.1 localhost
127.0.1.1 kali
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Network Management Is Simpler With Linux Commands

Linux is one of the most widely used operating systems. Knowing the correct commands used in Linux will be very beneficial in terms of time and effort. When configuring your Linux network and looking for any problems that may occur in the network, you can make use of the Linux network commands.


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker