List of Linux Networking and Troubleshooting Commands for Beginners

Network configuration and troubleshooting are the essential part of Linux administration. Even for a developer who works with Linux Systems, knowledge about Linux network commands is an added advantage. Few Linux networking command people use today is deprecated. In this post, I will explain about the important networking commands and its new versions.

List of Linux Networking and Troubleshooting Commands

Let’s have a look at the list of  commands you can use to configure and troubleshoot networking in Linux

hostname
ping
ip
ss (netstat)
traceroute
dig
route

1. hostname

Hostname command is used to view the hostname of the machine and to set the hostname.

[email protected]:~$ hostname
devopscube.com
[email protected]:~$

You can use the hostname command to set a new hostname for the machine.

[email protected]:~$ sudo hostname temp.com
[email protected]:~$ hostname
temp.com
[email protected]:~$

If you set the hostname using “hostname” command, when you restart the machine, the hostname will change to the name specified in the hostname file ( eg: /etc/hostname). So if you want to change the hostname permanently, you can use the /etc/hosts file or relevant hostname file present on the server.

For ubuntu machines, you can change it in the /etc/hostname file.

For RHEL, CentOS and Fedora you can change it in the /etc/sysconfig/network file.

Also read: List of Linux Commands Every Developer Should Know

2. ping

The ping command is used to check if the remote server is reachable or not. Ping command has the following syntax.

ping

ping using DNS name

[email protected]:~$ ping devopscube.com
PING devopscube.com (208.91.198.132) 56(84) bytes of data.
64 bytes from cp-18.webhostbox.net (208.91.198.132): icmp_seq=1 ttl=51 time=64.8 ms
64 bytes from cp-18.webhostbox.net (208.91.198.132): icmp_seq=2 ttl=51 time=65.3 ms

ping using the IP address

[email protected]:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=8.47 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=54 time=8.68 ms

Limit the packets to send

If you want to limit the ping output without using ctrl+c, then you can use the “-c” flag with a number as shown below.

[email protected]:~$ ping -c 1 devopscube.com
PING devopscube.com (208.91.198.132) 56(84) bytes of data.
64 bytes from cp-18.webhostbox.net (208.91.198.132): icmp_seq=1 ttl=51 time=64.8 ms
--- devopscube.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 64.885/64.885/64.885/0.000 ms
[email protected]:~$

3. ip (ifconfig)

ip command is used to display and manipulate routes and network interfaces. ip command is the newer version of ifconfig. ifconfig works in all the systems, but it is better to use ip command instead of ifconfig. Let’s have a look at few examples of ip command.

Display network devices and configuration

ip a or ip addr

[email protected]:~$ ip a
1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN group default
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 inet 127.0.0.1/8 scope host lo
 valid_lft forever preferred_lft forever
 inet6 ::1/128 scope host
 valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
 link/ether 06:e1:76:a0:eb:c9 brd ff:ff:ff:ff:ff:ff
 inet 172.31.18.184/20 brd 172.31.31.255 scope global eth0
 valid_lft forever preferred_lft forever
 inet6 fe80::4e1:76ff:fea0:ebc9/64 scope link
 valid_lft forever preferred_lft forever

You can use this command with pipes and grep to get more granular output like IP address of eth0 interface. The following command gets the IP address of eth0 network interface.

ip a | grep eth0  | grep "inet" | awk -F" " '{print $2}'

[email protected]:~$ ip a | grep eth0  | grep "inet" | awk -F" " '{print $2}'
172.31.18.184/20
[email protected]:~$

Get details of a specific interface

ip a show eth0

[email protected]:~$ ip a show eth0
2: eth0: <broadcast,multicast,up,lower_up> mtu 9001 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 06:e1:76:a0:eb:c9 brd ff:ff:ff:ff:ff:ff
    inet 172.31.18.184/20 brd 172.31.31.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::4e1:76ff:fea0:ebc9/64 scope link
       valid_lft forever preferred_lft forever
[email protected]:~$

Enable and disable a network interface

You can enable and disable a particular network interface using IP command.

Syntax: ip link set

[email protected]:~$ sudo ip link set docker0 down
[email protected]:~$ sudo ip link set docker0 up
[email protected]:~$

4. ss (netstat)

ss command is a replacement for netstat. You can still use netstat command on all systems. Using ss command, you can get more information than netstat command. ss command is fast because it gets all the information from the kernel userspace. Now let’s have a look at few usages of ss command.

Listing all connections

The “ss” command will list all the TCP, UDP and Unix socket connections on your machine.

[email protected]:~$ ss
Netid  State      Recv-Q Send-Q   Local Address:Port       Peer Address:Port
u_str  ESTAB      0      0                    * 7594                  * 0
u_str  ESTAB      0      0      @/com/ubuntu/upstart 7605                  * 0  
u_str  ESTAB      0      0                    * 29701                 * 0
u_str  ESTAB      0      0      /var/run/dbus/system_bus_socket 29702                 * 0
tcp    ESTAB      0      400      172.31.18.184:ssh         1.22.167.31:61808

The output of ss command will be big so you can use ” ss | less ” command to make the output scrollable.

Filtering out TCP, UDP and Unix sockets

If you want to filter out TCP , UDP or UNIX socket details, use “-t” “-u” and “-x” flag with the “ss” command. It will show all the established connections to the specific ports. If you want to list both connected and listening ports using “a” with the specific flag as shown below.

ss -ta
ss -ua
ss -xa

List all listening ports

To list all the listening ports, use “-l” flag with ss command. To list specific TCP, UDP or UNIX socket, use “-t”, “-u” and “-x” flag with “-l” as shown below.

[email protected]:~$ ss -lt
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
LISTEN     0      128                     *:ssh                      *:*
LISTEN     0      50                     :::http-alt                 :::*
LISTEN     0      50                     :::55857                   :::*
LISTEN     0      128                    :::ssh                     :::*
LISTEN     0      50                     :::53285                   :::*
[email protected]:~$

5. traceroute

traceroute is a network troubleshooting utility. Using traceroute you can find the number of hops required for a particular packet to reach the destination. If you do not have traceroute utility in your system or server, you can install it from the native repository.

syntax: traceroute 
traceroute google.com

traceroute to google.com (173.194.33.163), 30 hops max, 60 byte packets
 1  ec2-50-112-0-84.us-west-2.compute.amazonaws.com (50.112.0.84)  1.974 ms  1.895 ms  1.899 ms
 2  100.64.1.247 (100.64.1.247)  1.414 ms 100.64.1.137 (100.64.1.137)  1.127 ms 100.64.1.97 (100.64.1.97)  1.313 ms
 3  100.64.0.198 (100.64.0.198)  1.443 ms 100.64.0.62 (100.64.0.62)  2.160 ms 100.64.0.60 (100.64.0.60)  2.116 ms
10  66.249.94.214 (66.249.94.214)  6.313 ms  7.104 ms 209.85.249.34 (209.85.249.34)  5.986 ms
11  209.85.244.65 (209.85.244.65)  6.157 ms  6.341 ms  6.574 m.
.
12  sea09s18-in-f3.1e100.net (173.194.33.163)  6.302 ms  6.517 ms  6.071 ms
[email protected]:~$

The above output shows the hop count (12) to reach google.com from devopscube AWS ec2 server.

6. dig

If you have any task related to DNS lookup, you can use “dig” command to query the DNS name servers. If you want to get the A record for the particular domain name, you can use the dig command with the domain name. From the output, in the answer section, you will find the A record of the domain name as shown below.

[email protected]:~$ dig twitter.com
; <<>> DiG 9.9.5-3-Ubuntu <<>> twitter.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17052
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;twitter.com.                   IN      A
;; ANSWER SECTION:
twitter.com.            30      IN      A       199.59.149.230
twitter.com.            30      IN      A       199.59.150.7
;; Query time: 9 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Mon Jan 26 06:17:56 UTC 2015
;; MSG SIZE  rcvd: 104
[email protected]:~$

7. route

“route” command is used to get the details of route table for your system and to manipulate it. Let us look at few examples for the route command.

Listing all routes

Execute the “route” command without any arguments to list all the existing routes in your system or server.

[email protected]:~$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         ip-172-31-16-1. 0.0.0.0         UG    0      0        0 eth0
172.17.0.0      *               255.255.0.0     U     0      0        0 docker0
172.31.16.0     *               255.255.240.0   U     0      0        0 eth0
[email protected]:~$

If you want to get the full output in numerical form without any hostname, you can use “-n” flag with the route  command.

[email protected]:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.31.16.1     0.0.0.0         UG    0      0        0 eth0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.31.16.0     0.0.0.0         255.255.240.0   U     0      0        0 eth0
[email protected]:~$

If you think we missed any important command,  let us know in the comments section.