https://www.maketecheasier.com/top-linux-networking-commands-and-troubleshooting-tips

Top Linux Networking Commands and Troubleshooting Tips

Table of Contents

• 1. Ping command
• 2. Traceroute command
• 3. Tracepath command
• 4. Nslookup command
• 5. ip command
• 6. Ifconfig command
• 7. Nmcli command
• 8. Ethtool command
• 9. Checking Network Routes and ARP Tables
• 10. Netstat command
• 11. SS command
• 12. Tcpdump command
• Secure Network Configurations

When I first started working with Linux networking, I was amazed by its powerful command-line tools. With just a few commands, I could configure, manage, and troubleshoot network connections effortlessly. This allows me to easily maintain system stability, monitor traffic, and ensure seamless communication. In this article, I’ll explore some of the most important Linux networking commands every administrator should know.

Basic Network Connectivity Commands

When dealing with computer networks, it’s important to diagnose connectivity problems and understand how data moves through the network. Luckily, a few simple commands can help us troubleshoot and gather key information quickly.

1. Ping command

If you want to check if a website or server is accessible, just use the ping command in your terminal. It sends ICMP echo request packets to the destination and shows response times if it’s reachable.

For example, use the command:

ping google.com

to check the network connectivity to Google’s servers:

It’s a quick way to check network connectivity, but keep in mind that some servers block ICMP requests, so no response doesn’t always mean the server is down.

2. Traceroute command

The traceroute command in Linux shows the path a packet takes to reach its destination. It lists each hop along the way. By default, it traces up to 30 hops with a packet size of 60 bytes for IPv4 and 80 bytes for IPv6. The traceroute command is often used to identify slow or failing links in the path:

3. Tracepath command

The tracepath command works like traceroute but is simpler and doesn’t need superuser privileges. It auto-detects the Maximum Transmission Unit (MTU) and spots packet size issues that could lead to fragmentation or transmission failures.

For example, the command tracepath google.com traces packet routes, shows each hop, and detects network issues like latency, packet loss, and MTU size problems:

4. Nslookup command

The nslookup command is a network utility for querying Domain Name System (DNS) servers. It retrieves information about domain names, IP addresses, and other DNS records. It checks if a website’s address is correct and finds issues with DNS settings.

For example, the nslookup google.com command queries the DNS server to find the IP address of google.com. It checks if the domain resolves correctly and can be useful for troubleshooting DNS issues:

Network Configuration and Interface Management Commands

Managing network interfaces and settings is a key task for anyone working with Linux. There are plenty of commands to help, from modern tools like ip, nmcli, and ethtool to the older, now-deprecated ifconfig for legacy systems. These commands make it easy to configure and troubleshoot network connections.

5. ip command

The ip command is a common unified networking tool for managing network interfaces in modern Linux distributions. It replaces the older ifconfig and route commands and provides a unified way to manage IP addresses, routes, and interfaces.

For example, we can run the ip a or ip addr show command to get all network interfaces along with assigned IP addresses:

Similarly, we can use the ip command to assign or remove an IP address from an interface, enable or disable a network interface, display a routing table, and add or remove a route.

6. Ifconfig command

The ifconfig command was once used to manage network interfaces but is now mostly replaced by ip. However, some older Linux versions still support it. With ifconfig command, you can check active network interfaces, assign an IP address, bring an interface up or down, and change the MAC address of an interface.

For example, running ifconfig without any flag returns the active network interfaces along with their configurations:

7. Nmcli command

The nmcli command manages network connections using NetworkManager. It’s especially useful for Linux systems with a graphical interface that depends on NetworkManager. Using this command, we can list available network connections, display network interfaces, connect to a Wi-Fi network, assign a static IP address, and restart the NetworkManager service.

For example, the nmcli device status command returns the list of available network connections:

8. Ethtool command

Need to check or modify your network card settings? That’s where ethtool comes in. It lets you view and adjust settings like speed, duplex mode, and driver details.

For example, the ethtool enp0s3 command shows the Ethernet device information:

9. Checking Network Routes and ARP Tables

Ever wondered how your system knows where to send network traffic? That’s where network routes and ARP tables come in. They help troubleshoot connectivity issues, optimize performance, and manage routing.

In Linux, we can check routes with route and ip route commands. The route command was traditionally used to display and manipulate the kernel’s IP routing table. However, it has been replaced by ip route command:

Also, we can view connected devices using arp or ip neigh command. The arp command shows the system’s ARP table, which maps IP addresses to MAC addresses on the local network. The ip neigh command provides similar details but is a modern alternative. It supports both IPv4 and IPv6 and lists neighbor entries used for address resolution and communication:

Monitoring Network Traffic and Performance

Monitoring network traffic helps fix connection issues, track bandwidth use, and keep the network secure. For this purpose, Linux offers tools like netstat, ss, tcpdump, and iftop. Some check open connections, while others capture live network data.

10. Netstat command

The netstat command shows network connections, open ports, and routing details. While ss has replaced it, some older systems still use netstat.

You can simply type netstat to get details about network connections, listening ports, and routing information:

Additionally, we can use options like -tulnp to show listening ports with process names, or -r to display routing tables.

11. SS command

The ss (socket statistics) command provides detailed information about sockets (connections). It is faster than netstat command. It is used to show active TCP connections, listening ports, processes using network connections, UDP connections, and connections to a specific port.

For example, ss -ant command returns active TCP connections:

12. Tcpdump command

The tcpdump command captures and analyzes network packets in real time. It is useful for diagnosing network issues and security monitoring.

For example, the sudo tcpdump -i enp0s3 command captures all packets on the enp0s3 interface:

Secure Network Configurations

To secure your Linux network, disable unused interfaces and services, set up strong firewall rules with iptables or nftables, and use SELinux or AppArmor for extra protection. Encrypt traffic with VPNs, SSH, or TLS, and keep your system updated. Control access with hosts.allow and hosts.deny, secure SSH by disabling root login and using key-based authentication, and monitor activity with netstat, ss, or tcpdump. Finally, enforce strong passwords and use Fail2Ban to prevent unauthorized access.

You can also monitor suspicious network activity in Linux using ss or netstat for unusual connections, and tcpdump for packet analysis. Enable firewall logging, check system logs (/var/log/syslog and /var/log/auth.log), and use fail2ban to block unauthorized access. Deploy IDS tools like Snort or Suricata for real-time threat detection.

Don’t hesitate to experiment and troubleshoot issues. That’s the best way to learn and improve your skills.