From Omnia
Jump to navigation Jump to search

IP and Routing


List interfaces:

ifconfig -a
ifconfig eth1
ip a
ip route addr show
ip address show
ip address show dev eth1
ls /proc/sys/net/ipv4/conf/
ls /sys/class/net/

Bring interface up/down:

ifconfig eth1 up
ifconfig eth1 down

To configure an interface:

ifconfig [interface] [address] netmask [netmask]
ifconfig eth1 netmask
# Note: This will add the following to the routing table:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface      *        U     0      0        0 eth1


ifconfig eth0 up
ifconfig eth0 netmask
route add default gw


List routes:

route -n
ip route
ip route show

Secondary IP Address

# ifconfig [nic]:0 [IP-Address] netmask [mask] up
ifconfig eth0:0 netmask up

Ref: [1]


$ ipcalc -bnmp
$ ipcalc -bnmp

Default Gateway

route add default gw
# with ip route
ip route add default via
# routing table:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface   U     0      0        0 eth1         UG    0      0        0 eth0

/etc/sysconfig/network-scripts/ifup-eth:     U     0      0        0 eth0
test (APIPA / DHCP link local)

Static Network Route

route add -net [network] netmask [netmask] dev [iface]
route add -net netmask dev eth0
route add -net [network]/[cidr] dev [iface]
route add -net dev eth0
# delete is same format as 'add', but with 'del' keyword.
route del -net netmask dev eth0
route add -net [network] netmask [netmask] gw [gw-address]
route add -net netmask gw
route add -net [network] netmask [netmask] gw [gw-address] dev [iface]
route add -net netmask gw dev eth1
# Using ip route:
ip route add [network]/[cidr] via [gw-address]
ip route add via
# startup
echo "ip route add via" >> /etc/rc.local

Static Host Route

route add -host [host] dev [iface]
route add -host dev eth1
route add -host [host] gw [gw-address]
route add -host gw

Note: use 'arp -a' to verify source address


dhclient eth0      # get dhcp address
dhclient -r eth0   # release address

Server Lease information: (including DHCP server) [2]

  option dhcp-server-identifier;

Client side lease information: (DHCP server is 'option dhcp-server-identifier')


How do I find out my DHCP server address -


See Linux/DNS

Network Monitoring

20 Linux System Monitoring Tools Every SysAdmin Should Know -

netstat and ss - Network Statistics
iptraf - Real-time Network Statistics
tcpdump - Detailed Network Traffic Analysis
nmap - scan your server for open ports.
ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

IP Forwarding

Check if IP Forwarding is enabled

We have to query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not:

Using sysctl:

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0

or just checking out the value in the /proc system:

cat /proc/sys/net/ipv4/ip_forward

As we can see in both the above examples this was disabled (as show by the value 0).

Enable IP Forwarding on the fly

As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly (without rebooting the system):

sysctl -w net.ipv4.ip_forward=1


echo 1 > /proc/sys/net/ipv4/ip_forward

the setting is changed instantly; the result will not be preserved after rebooting the system.

Permanent setting

Permanent setting using /etc/sysctl.conf

If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1

net.ipv4.ip_forward = 1

if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.

To enable the changes made in sysctl.conf you will need to run the command:

sysctl -p /etc/sysctl.conf

On RedHat based systems this is also enabled when restarting the network service:

service network restart

and on Debian/Ubuntu systems this can be also done restarting the procps service:

/etc/init.d/ restart

Source: How to enable IP Forwarding in Linux | MDLog:/sysadmin

SSH Tunneling

Port Forwarding

Local port forwarding:

ssh -L 1234:localhost:23 username@host

All traffic coming to port 1234 on the client will be forwarded to port 23 on the server (host). Note that localhost will be resolved by the sshdserver after the connection is established. In this case localhost therefore refers to the server (host) itself.

Remote port forwarding:

ssh2 -R 1234:localhost:23 username@host

All traffic which comes to port 1234 on the server (host) will be forwarded to port 23 on the client (localhost).

Port Forwarding using Iptables

iptables -t nat -A PREROUTING -p tcp -i eth0 -d --dport 3306 -j DNAT --to
iptables -A FORWARD -p tcp -i eth0 -d --dport 3306 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

Firewall Topologies

Address Translation

Wiki: PAT

Wiki: NAT

Red Hat Static Routes


  Contains lines that specify additional routes that should be added when the
  associated interface is brought up.

  The files are processed by the ifup-routes script and uses the /sbin/ipcalc
  utility for all network masks and numbers. Routes are specified using the

    NETMASKn=<network/prefix mask>
    GATEWAYn=<next-hop router/gateway IP address>

  The "n" can be any integer number, but is expected to be monotonically
  increasing and counting starts from 0. For example:


  adds a network route to the network via the gateway at Since you must already have a route to the network of the
  gateway, there is no need to specify a device.

  Note: The ifup-routes script also supports an older syntax designed to be
  used directly as an argument to "/sbin/ip route add". This syntax is
  deprecated, but if no "ADDRESSn" lines are found the following will still
  work: dev ppp0

  adds a network route to the network through ppp0.

Source: /usr/share/doc/initscripts-8.45.30/sysconfig.txt



To set an IP address for a device:

ifconfig eth0 netmask

To bring up / bring down a device:

ifconfig eth0 up
ifconfig eth0 down

To create a virtual IP address:

ifconfig eth0:1 netmask

counter reset

The TX/RX bytes reset at 4GB

Bytes counter of ifconfig in 7.2 resets?:

"the values are stored as unsigned 32-bit integers, in which case the maximum value which can be stored is 4,294,967,295 (2^32 - 1)"

This means that one can not track the usage of the system over much time.

The ifconfig counters can be forcefully reset by unloading/reloading the module.


To add a static route:

route add -net netmask gw
route add -net netmask dev eth0
route add -net netmask eth0

To add a default gateway:

route add default gw


My Traceroute


"mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool.

As mtr starts, it investigates the network connection between the host mtr runs on and a user-specified destination host. After it determines the address of each network hop between the machines, it sends a sequence ICMP ECHO requests to each one to determine the quality of the link to each machine. As it does this, it prints running statistics about each machine."


                                    My traceroute  [v0.80] (                                               Sat Nov  6 23:04:45 2010
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                                     Packets               Pings
 Host                                              Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. xxxx                                            0.0%   112    0.3   0.3   0.3   0.5   0.0
 2. xxxx                                            0.0%   112    0.4   0.4   0.4   0.5   0.0
 3.       0.0%   112    1.5   3.2   1.4  79.5  10.5
 4.                0.0%   112   18.3  18.1  17.6  19.4   0.3


From yum:

yum install mtr


# if you want the TUI:
yum install ncurses-devel

cd ~/src
tar -zvxf mtr-$VER.tar.gz
cd mtr-$VER
./configure --prefix=/opt/mtr
sudo make install


mtr [HOST]
/opt/mtr/sbin/mtr [HOST]

ip and iproute

The iproute2 package is designed to be a replacement for the standard networking toolset (ie. ifconfig, route, etc)

iproute2 - Advanced IP routing and network device configuration tools.

The iproute package contains networking utilities (ip and rtmon, for
example) which are designed to use the advanced networking
capabilities of the Linux 2.4.x and 2.6.x kernel.

# ip link list

1: lo:  mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:06:5b:8d:13:a0 brd ff:ff:ff:ff:ff:ff
# ip address show

1: lo:  mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet brd scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:06:5b:8d:13:a0 brd ff:ff:ff:ff:ff:ff
    inet brd scope global eth0
    inet6 fe80::206:5bff:fe8d:13a0/64 scope link 
       valid_lft forever preferred_lft forever
# ip route show dev eth0  proto kernel  scope link  src default via dev eth0 

NIC Bonding

Also known as teaming, ether channel, or maybe trunking.

See Linux/Network Bonding

kping - History Ping

See kping


See pinglog


route add default gw wlan0

Determining Network Driver

Linux: Find out Ethernet card driver name -

What was installed:

grep eth0 /etc/modprobe.conf

What is currently in use:

ethtool -i eth0

Show module information:

modinfo [MODULE]

Linux: Find Wireless Driver Chipset Information -

lspci -vv -s [ID] | grep driver  # doesn't always work!
  Kernel driver in use: iwlagn

Show vendor/device ID:

lspci -n -s [ID]

Show name and vendor/device ID: # doesn't always work

lspci -nn -s [ID]


linux networking