Linux Network Tools Help for Ubuntu, Redhat, Kbuntu, Mandriva, Linpus Linux

dwlsn233
Categories : Linux ,Computing
Tags : Computing linux topics linux introduction

Page content

Learning the Basics

The Linux operating system itself is a power network tool that can provide firewall services, perform routing functions, bridge networks, and provide a high degree of visibility into your network hardware, software and drivers. The commands we introduce today give you the basic tools needed to check status, performance and change the networking configuration of a Linux system. First note that, depending upon your system configuration, some of the tools below may require super user permissions. For most Linux distributions, type sudo in front of the command in order to run that command as root or super user when logged in under a standard user account.

Network Status

What is connected to my Linux system over the network?

One of the best tools to answer this question is the netstat utility. Once you have a terminal open type the following and press Enter:

netstat -ta

The output of this command provides a list of active connections over the network to your Linux system. It also reveals those services that are actively listening on the computer for a connection from the network.

To view only those services that are waiting for a connection (and possible security issues as well) enter the following:

netstat –tcp –listening -programs

For programs that have already established a connection (especially useful if you suspect there may be rogue applications on the system) type:

netstat –p

Netstat can also provide statistics for dropped packets (a potential DOS or denial of service attack) and corrupt packets (a possible driver issue) by typing the following:

netstat - i

Network Performance

So how do I check performance?

First, let me introduce you to one of my favorite tools…iftop. This tool provides a display layout similar to the top tool that is used for monitoring process and memory status on Linux systems. Unfortunately, most systems do not have iftop installed however if your particular Linux distribution has the yum or apt tool, first try installing through one of these tools typing:

sudo aptitude install iftop (if running Ubuntu or Debian)

yum install iftop (if you are a Redhat, Fedora or Centos user)

or if not available on your distribution then you can go to the iftop homepage located here for download and installation information. So once iftop is install go to the terminal enter:

iftop -i eth0

to view a list of connections to your Linux system from the first network interface. If there is more than one network interface substitute eth0 with the appropriate name of the interface such as eth1. The iftop display includes a list of processes that have established connections, and the amount of bandwidth consumed by each connection. Also included are useful statistics such as bit rate averages and the IP address or domain name of the host to which the computer is connected. This is a great tool for analyzing why performance is slow on the network, or if you suspect that a computer slowdown may be network related or just want to check and make sure that your computer is connecting to only those hosts you have allowed.

Network Connectivity

These are the tools you will reach for most often when Linux fails to connect or maintain connections over the network. Many of these tools will look familiar to those that have worked with the Microsoft Windows command line.

First is the essential ping utility. Ping is a fantastic utility in that it provides a wealth of information in an instant. If the computer is having trouble connecting to a network host you can determine right away if that host is up on the network (or if the issue is your Linux box) by entering the following:

ping ip_address_of_host

replacing ip_address_of_host with the IP address or domain name of the host to which you are trying to connect. What ping will output is the size of the payload sent to the host and how long in milliseconds it took to receive a round trip reply, or let you know if it did not receive a reply at all.

A close cousin of ping is the trace route which uses the same ICMP protocol to send and receive packets only traceroute sends an ICMP packet to each router or ‘hop’ located between the host and your Linux computer. So if a ping command does not receive a reply from the host but instead receives a ‘destination unreachable’ message, the traceroute utility may tell you where the connection failed, sometimes revealing network errors such as loops or firewalls that are blocking the traffic. To start traceroute type the following:

traceroute domain_or_IP_Address

replacing the domain_or_IP_Address with the name or IP address of the host to which you are trying to connect. The information displayed by traceroute includes number of hops, the IP address and/or domain name of each hop, and the round trip time in milliseconds for each hop.

Network Addressing

To configure a network interface manuall with an IP address or to see the IP address configuration, use the ifconfig utility. First, to display how the network interfaces are configured type:

ifconfig -a

in the terminal and ifconfig will provide a list of all network interfaces (including the virtual lo interface) along with their configured IP addresses, subnet masks and metrics.

When a network interface needs to be configured with an IP address manually, the simple syntax of ifconfig makes it quick and easy:

ifconfig eth0 10.0.0.1 netmask 255.255.255.0 up

The example would configure the first interface with an IP address of 10.0.0.1 and default class A subnet mask, and tell the interface to start up (of course when you use the command, replace the IP address information above with the IP address and subnet mask you wish to assign to the Linux system).

Network Hardware Issues

If connectivity is sporadic and/or hardware is suspect , the ifconfig tool can provide some insight. Again open a terminal and type the following:

ifconfig -a

and the output will display current IP address information for every network interface on the computer along with individual interface statistics. Included in the output of each interface is the number of errors, dropped packets, buffer overruns and collisions that have occurred since the last time the statistics were refreshed (usually since the last reboot). If numbers other than 0 are displayed for the errors, dropped, and overruns statistics you may need to reinstall the network interface driver and/or inspect the network interface hardware, cables and connectors for issues. If collisions are listed and the Linux computer is not plugged into a hub, then the network device the computer is plugged into needs to be inspected.

For all of the tools presented above, most Linux distributions provide a simple manual that can be accessed at the terminal as a reference if needed. You can access the manual by typing:

man name_of_utility

replacing name_of_utility with the name of the utility for which you need more information.