Useful Linux Networking Commands

This article describes most useful Linux networking commands, as simple as it sounds.

The truth is that I am writing this article more for myself. I am rarely doing complex networking configurations. As a result, when I have to configure something, I often forget commands and their syntax. Often it takes hours to find out that the only reason why certain route command was not working is because I forgot to add some netmask parameter. Hence, this article.

At the moment I only have few commands described. I’ll add stuff at a time. In the meantime, enjoy it and if you have anything to add, please fill free to email me. My email address is alexander.sandler@gmail.com.

Table of Contents

ifconfigBACK TO TOC

This command is number one command in the alphabet of Linux networking. It configures network interfaces. It features include

  • Turning certain network interface on and off.
  • Changing interface IP address.
  • Changing netmask, MTU and other network parameters of the interface.
  • Putting interface into promiscuous mode.

Turn on/off network interfaceBACK TO TOC

Here are few simplest use scenarios.

ifconfig <interface name> down

Will turn off specified network interface. Similarly

ifconfig <interface name> up

Will turn specified network interface on.

Change interface IP addressBACK TO TOC

ifconfig <network interface> <ip address>

Will turn specified network interface on and give it a IP address.

Add second IP address to an interfaceBACK TO TOC

Another nice thing that you can do with ifconfig is specifying additional IP address for one of the interfaces. Think about it for a second. Why single physical interface should be limited to single IP address? What stops us from giving single interface several different IP addresses? And of course ifconfig is the tool that let you do the job.

As far as semantics concerned, it seems that ifconfig actually creates a new “virtual” interface. Yet, it is simply assigning a new IP address to given network interface. Here’s an example of doing so. Assuming we already have an interface named eth0, following command will create interface named eth0:0 and assign an IP address to it.

ifconfig eth0:0 <ip address>

arpBACK TO TOC

This command is more advanced, yet still exceptionally useful when configuring networks. It observes and alters so called ARP table. ARP stands for Address Resolution Protocol. ARP table defines relationships between MAC address and IP address. In particular, for every IP address, it defines appropriate MAC address. This used when computer decides to send packet to certain IP address and it has to find MAC address for the IP address. This is when ARP table becomes useful. Computer checks if IP address is in the table and if so picks MAC address from it. If IP address is not in the table, computer uses ARP protocol to find it. arp command used to observe and manually alter ARP table entries.

List ARP tableBACK TO TOC

In its basic form, when invoked, it prints content of the ARP table.

$ arp
Address             HWtype  HWaddress           Flags Mask       Iface
192.168.2.174       ether   00:11:25:9B:7F:74   C                eth0
192.168.2.2         ether   00:17:65:C7:10:45   C                eth0

In this example, ARP table on my computer contains two entries. Note the HWtype column. It is common understanding that MAC address refers to Ethernet MAC address, but its not necessarily true. There are many L2 protocols and some have their own MAC address structure. For more information about L2 and protocols that belong to this layer see OSI model on Wikipedia.

Add new ARP entryBACK TO TOC

There are two things that you would probably like to do with ARP table; add and remove entries. This is how you add a new entry.

arp -s <ip address> <hardware address>

Again, hardware address is mostly Ethernet MAC address, but it is not always necessarily true.

Delete ARP entryBACK TO TOC

arp -d <ip address>
arp -d <hardware address>

Both forms of this command delete the specified ARP address. First uses hostname or IP address to identify the ARP entry that we would like to delete. Second uses hardware address to identify appropriate ARP entry.

routeBACK TO TOC

This is another one of the most useful commands available for you in your toolbox. It manages routes between your computer and other computers and networks.

Configure default gatewayBACK TO TOC

One of the most important task that you can accomplish with this command is setting default gateway. This is how you do it.

route add default gw <ip address>

Here, ip address is the address of the default gateway.

Add routing table entry for specified networkBACK TO TOC

With following command you can add a static route to either a network or a specified host. This is how you do it.

route add -net <network address> netmask <netmask> gw <ip address>
route add -net <network address> netmask <netmask> dev <network interface>

These two commands add a new static route to a network. The network address should end with 0 e.g 192.168.10.0. Otherwise route will return an error. Another way to specify the sub-network is by using theĀ CIDR notation. In this case you don’t need to specify the netmask. For example

route add -net 192.168.101.0/24 gw 192.168.102.1

Note that in both cases you need a complete network specifications – either using netmask or using CIDR notation.

Using network interface name instead of gatewayBACK TO TOC

Interesting thing to notice here is that you can specify that packets to given IP address should be transmitted via certain network interface. This works with conjunction with ARP table. For example.

route add -net 192.168.101.0/24 dev eth1

Add routing table entry for specified hostBACK TO TOC

Another kind of routes that you can add with route command is route to certain host. This is how you do it.

route add -host <ip address> gw <gateway>
route add -host <ip address> dev <network interface>

The principle is the same, although instead of specifying the network you specify a single host. For example.

route add -host 192.168.100.100 gw 192.168.102.5

Removing routing table entriesBACK TO TOC

When you want to remove a route, you can do it by specifying del instead of add. Here are several examples of commands removing routes.

route del -host 192.168.100.100
route del -net 192.168.101.0/24
route del -net 192.168.101.0 netmask 255.255.255.0

Note that when removing a route, there is no need to specify the gateway or the network interface that being used to reach that network or a host. The network or a host identifiers are enough to remove the route.

netstatBACK TO TOC

List listening sockets and associated port numbers and process PIDBACK TO TOC

This is a very powerful information providing tool. It can show lots of network related information. For instance, you would like to know if certain process is listening on a certain port. Easy!

$ netstat -l -p -n

Will print list of sockets being listened to accompanied by a process PID and name and port number that being listened to. Note that you need super-user rights to see the list PIDs. In the command above, -l causes netstat to list sockets that being listened to – i.e. servers running on the computer and waiting for someone to connect to them from outside. -p causes netstat to produce names of the processes and their PID and -n causes netstat to use numeric values for port numbers, instead of numbers from /etc/protocols.

Generate statistics aboutBACK TO TOC

Another nice thing that netstat can do for you is to generate statistics about traffic your Linux box received and transmitted. The catch here is that statistics printed per protocol. I.e. you can see number of ICMP packets received. You can do it with -i option.

$ netstat -i

ethtoolBACK TO TOC

What driver is responsible for certain network interfaceBACK TO TOC

Have you ever wondered what is the name of the driver powering certain network interface. Answering this question can be a real pain in the butt. Luckily, ethtool is here to answer.

$ ethtool -i <interface name>

Will tell you what driver is behind given interface, it’s version and firmware version. Note that running ethtool requires superuser privileges.

Figure out interface link speedBACK TO TOC

Another handy thing you can do with ethtool is to see the speed of the network interface. You can do it with…

$ ethtool <interface name>

Did you know that you can receive periodical updates with the latest articles that I write right into your email box? Alternatively, you subscribe to the RSS feed!

Want to know how? Check out
Subscribe page

10 Comments

  1. Rob Roy says:

    Hello, I am trying to find out a way to remove a 2ndary ip address that somehow gets configured on my iPhone which is running a version of Linux. When I do an ifconfig, I get this:
    lo0: flags=8049 mtu 16384
    inet 127.0.0.1 netmask 0xff000000
    en0: flags=8863 mtu 1500
    inet 16.2.0.0 netmask 0xffff0000 broadcast 169.254.255.255
    inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
    ether 00:23:12:c9:37:23

    I would like to remove 16.2.0.0 from en0. How do I do that?

    Thanks

  2. @Rob Roy
    I am sorry, but I have absolutely no idea how to help you. I don’t have an iPhone and I am not familiar with tool set that being installed on it. This is not a standard ifconfig output.

  3. Dan Pun says:

    to remove 16.2.0.0
    do it in root
    #>ifconfig en0 16.2.0.0

    then

    #>ifconfig en0 16.2.0.0 remove

    this work on mine.

  4. Destillat KW25 | duetsch.info says:

    […] Useful Linux Networking Commands […]

  5. Andre Goddard Rosa says:

    Hi, Alexander!

    I was passing by here and perhaps you would like to add more stuff in the future. At that time, perhaps you could consider:

    1) netcat:
    netcat or nc is a very interesting network command for diagnostic or data transfer;

  6. Andre Goddard Rosa says:

    2) wireshark :
    I know you already have tcpdump tutorial, but anyway…

    3) traceroute
    How many hops until some destination?

    4) ping
    Are you there?

  7. jamie st. says:

    thanks for this info.
    Very useful and explained very well

Leave a Reply

Prove you are not a computer or die *