In simplest form network is computers connected together. But during connection issues we have to check the fault within network. Hence in this article we will be discussing diagnostic Linux network command that you should know!!
1.Ping Linux Network command for connectivity check!!
In Linux or windows Ping is very basic network command used for checking the connectivity between servers or computers. Ping uses ICMP protocol to do so. Any IP or hostname to be check has to followed by ping command.
[root@rhel1 ~]# ping google.com PING google.com (216.58.220.14) 56(84) bytes of data. 64 bytes from bom05s05-in-f14.1e100.net (216.58.220.14): icmp_seq=1 ttl=46 time=57.7 ms 64 bytes from bom05s05-in-f14.1e100.net (216.58.220.14): icmp_seq=2 ttl=46 time=57.7 ms 64 bytes from bom05s05-in-f14.1e100.net (216.58.220.14): icmp_seq=3 ttl=46 time=57.8 ms 64 bytes from bom05s05-in-f14.1e100.net (216.58.220.14): icmp_seq=4 ttl=46 time=57.7 ms 64 bytes from bom05s05-in-f14.1e100.net (216.58.220.14): icmp_seq=5 ttl=46 time=57.8 ms ^C --- google.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4004ms rtt min/avg/max/mdev = 57.737/57.778/57.828/0.217 ms [root@rhel1 ~]#
In the above example ping generates infinite requests, In order to limit the ping request use below method:
[root@rhel1 ~]# ping google.com -c 3 PING google.com (172.217.26.238) 56(84) bytes of data. 64 bytes from bom05s09-in-f14.1e100.net (172.217.26.238): icmp_seq=1 ttl=46 time=57.6 ms 64 bytes from bom05s09-in-f14.1e100.net (172.217.26.238): icmp_seq=2 ttl=46 time=57.6 ms 64 bytes from bom05s09-in-f14.1e100.net (172.217.26.238): icmp_seq=3 ttl=46 time=57.6 ms --- google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 57.608/57.626/57.650/0.017 ms [root@rhel1 ~]#
Here we have given limits to ping command upto 3 requests by using “-c” option.
2.ifconfig Linux Network command for interface config
In Linux ifconfig command is used for configuring the network interface. Along with this it can also be used to check current interfaces, IP address and also mac id of the interface as below:
[root@rhel1 ~]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9001 inet 172.31.15.60 netmask 255.255.240.0 broadcast 172.31.15.255 inet6 fe80::8eb:83ff:fe1e:b711 prefixlen 64 scopeid 0x20<link> ether 0a:eb:83:1e:b7:11 txqueuelen 1000 (Ethernet) RX packets 78852 bytes 62452303 (59.5 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 60167 bytes 11003904 (10.4 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 4 bytes 340 (340.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4 bytes 340 (340.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@rhel1 ~]#
3. ifup & ifdown Linux Network command for interface up/down
In case you want to bring down or bring up any perticular interface on Linux system you need to use ifdown & ifup command followed by the interface name. So in case you want to bring down the network interface “eth0” then your command would be:
[root@rhel1 ~]# ifdown eth0
And to bring this up use below command.
[root@rhel1 ~]# ifup eth0
4. route Linux Network command for routing table
With the help of route command you can view or modify the routing table in Linux system,
[root@rhel1 ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default ip-172-31-0-1.a 0.0.0.0 UG 100 0 0 eth0 172.31.0.0 0.0.0.0 255.255.240.0 U 100 0 0 eth0 [root@rhel1 ~]#
If in case you want to add the route follow below basic syntax to add the route:
route add -net <IP of target network> gw <IP of Gateway>
Same route can be deleted using command structure as below:
route del -net <IP of target network> gw <IP of Gateway>
In order to add the default gateway in Linux follow below syntax:
route add default gw <IP of Gateway>
5. tcpdump Linux Network command for packet capturing
Using tcpdump command you can capture the packets flowing within the network. Basically it dumps the data about the traffic on your network, which can be inspected later on.
[root@rhel1 system]# tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 08:35:50.815182 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 1755671150:1755671358, ack 3171140696, win 611, length 208 08:35:50.815539 IP ip-172-31-15-60.ap-south-1.compute.internal.53297 > ip-172-31-0-2.ap-south-1.compute.internal.domain: 26995+ PTR? 123.225.242.43.in-addr.arpa. (45) 08:35:50.819327 IP 43.242.225.123.62057 > ip-172-31-15-60.ap-south-1.compute.internal.ssh: Flags [.], ack 208, win 16586, length 0 08:35:50.819529 IP ip-172-31-0-2.ap-south-1.compute.internal.domain > ip-172-31-15-60.ap-south-1.compute.internal.53297: 26995 NXDomain 0/1/0 (134) 08:35:50.820201 IP ip-172-31-15-60.ap-south-1.compute.internal.36332 > ip-172-31-0-2.ap-south-1.compute.internal.domain: 22206+ PTR? 60.15.31.172.in-addr.arpa. (43) 08:35:50.821307 IP ip-172-31-0-2.ap-south-1.compute.internal.domain > ip-172-31-15-60.ap-south-1.compute.internal.36332: 22206 1/0/0 PTR ip-172-31-15-60.ap-south-1.compute.internal. (100) 08:35:50.821410 IP ip-172-31-15-60.ap-south-1.compute.internal.53738 > ip-172-31-0-2.ap-south-1.compute.internal.domain: 53588+ PTR? 2.0.31.172.in-addr.arpa. (41) 08:35:50.821442 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 208:432, ack 1, win 611, length 224 08:35:50.822209 IP ip-172-31-0-2.ap-south-1.compute.internal.domain > ip-172-31-15-60.ap-south-1.compute.internal.53738: 53588 1/0/0 PTR ip-172-31-0-2.ap-south-1.compute.internal. (96) 08:35:50.822332 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 432:1792, ack 1, win 611, length 1360 08:35:50.822393 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 1792:2000, ack 1, win 611, length 208 08:35:50.827101 IP 43.242.225.123.62057 > ip-172-31-15-60.ap-south-1.compute.internal.ssh: Flags [.], ack 1792, win 16698, length 0 08:35:50.827109 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 2000:2208, ack 1, win 611, length 208 08:35:50.827163 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 2208:2544, ack 1, win 611, length 336 08:35:50.831557 IP 43.242.225.123.62057 > ip-172-31-15-60.ap-south-1.compute.internal.ssh: Flags [.], ack 2208, win 16594, length 0 08:35:50.831563 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 2544:2752, ack 1, win 611, length 208 08:35:50.831609 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 2752:3088, ack 1, win 611, length 336 08:35:50.835854 IP 43.242.225.123.62057 > ip-172-31-15-60.ap-south-1.compute.internal.ssh: Flags [.], ack 2752, win 16458, length 0 08:35:50.835860 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 3088:3296, ack 1, win 611, length 208 08:35:50.835918 IP ip-172-31-15-60.ap-south-1.compute.internal.ssh > 43.242.225.123.62057: Flags [P.], seq 3296:3632, ack 1, win 611, length 336 08:35:50.841530 IP 43.242.225.123.62057 > ip-172-31-15-60.ap-south-1.compute.internal.ssh: Flags [.], ack 3632, win 16698, length 0
6. nslookup Linux Network command for DNS query
nslookup is a tool used for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
[root@rhel1 ~]# nslookup linuxroutes.com Server: 172.31.0.2 Address: 172.31.0.2#53 Non-authoritative answer: Name: linuxroutes.com Address: 208.91.198.91 [root@rhel1 ~]#
7. whois Linux Network command for Domain details!!!
Using whois command you can able to check the details like “Registrar, Name Server , Status & also expiry date of domain” about the domain owner.
[root@rhel1 ~]# whois google.com Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Aborting search 50 records found ..... Server Name: GOOGLE.COM.ACKNOWLEDGES.NON-FREE.COM.NAMESILO.COM IP Address: 1.1.1.1 Registrar: NAMESILO, LLC Whois Server: whois.namesilo.com Referral URL: http://www.namesilo.com Server Name: GOOGLE.COM.AFRICANBATS.ORG Registrar: TUCOWS DOMAINS INC. Whois Server: whois.tucows.com Referral URL: http://www.tucowsdomains.com Server Name: GOOGLE.COM.ANGRYPIRATES.COM IP Address: 8.8.8.8 Registrar: NAME.COM, INC. Whois Server: whois.name.com Referral URL: http://www.name.com OUTPUT truncated!!!!
Same results can be achieved using “https://www.whois.com/” in your browser.
8. traceroute Linux Network command for packet flow
Traceroute command helps us to find how the packets taken the route to reach the destination IP.
[root@rhel1 ~]# traceroute google.com traceroute to google.com (216.58.220.14), 30 hops max, 60 byte packets 1 * * * 2 * * * 3 * * * 4 100.64.16.71 (100.64.16.71) 0.393 ms 100.64.16.227 (100.64.16.227) 0.410 ms 100.64.16.161 (100.64.16.161) 0.395 ms 5 52.95.67.209 (52.95.67.209) 2.014 ms 52.95.67.213 (52.95.67.213) 2.130 ms 52.95.67.209 (52.95.67.209) 2.042 ms 6 52.95.66.64 (52.95.66.64) 8.427 ms 52.95.66.152 (52.95.66.152) 4.399 ms 52.95.66.64 (52.95.66.64) 8.050 ms 7 52.95.66.69 (52.95.66.69) 1.857 ms 52.95.66.157 (52.95.66.157) 1.761 ms 52.95.66.199 (52.95.66.199) 1.835 ms 8 115.114.89.121.static-Mumbai.vsnl.net.in (115.114.89.121) 1.815 ms 115.114.89.117.static-Mumbai.vsnl.net.in (115.114.89.117) 1.594 ms 115.114.89.37.static-Mumbai.vsnl.net.in (115.114.89.37) 3.640 ms 9 * 115.113.165.98.static-mumbai.vsnl.net.in (115.113.165.98) 6.173 ms 121.240.1.42 (121.240.1.42) 1.714 ms 10 108.170.248.177 (108.170.248.177) 57.797 ms 115.113.165.98.static-mumbai.vsnl.net.in (115.113.165.98) 1.705 ms 108.170.248.177 (108.170.248.177) 57.803 ms 11 209.85.251.103 (209.85.251.103) 57.710 ms 209.85.254.173 (209.85.254.173) 57.801 ms 108.170.248.177 (108.170.248.177) 57.782 ms 12 bom05s05-in-f14.1e100.net (216.58.220.14) 57.612 ms 57.712 ms 57.685 ms
In case you get tracerout command not found error , install it using below command on RHEL.
[root@rhel1 ~]# yum install traceroute -y
for Ubuntu.
apt-get install traceroute
9. host Linux Network command for DNS lookup!!
In Linux Host is an DNS lookup utility available in Linux. Using host command we can able to translate the domain name into to IP and vice versa.
[root@rhel1 ~]# host yahoo.com yahoo.com has address 98.139.180.149 yahoo.com has address 206.190.36.45 yahoo.com has address 98.138.253.109 yahoo.com has IPv6 address 2001:4998:c:a06::2:4008 yahoo.com has IPv6 address 2001:4998:44:204::a7 yahoo.com has IPv6 address 2001:4998:58:c02::a9 yahoo.com mail is handled by 1 mta7.am0.yahoodns.net. yahoo.com mail is handled by 1 mta5.am0.yahoodns.net. yahoo.com mail is handled by 1 mta6.am0.yahoodns.net. [root@rhel1 ~]# host 98.139.180.149 149.180.139.98.in-addr.arpa domain name pointer ir1.fp.vip.bf1.yahoo.com. [root@rhel1 ~]#
View Comments (0)