Linux is the kernel of an operating system and is a popular software and server. Commands present on Linux can be used to analyze, maintain, inspect, and troubleshoot all networks connected to the system. First, let us guide you through the twenty network commands used on Linux and Unix.
Twenty Network Commands Used On Linux And Unix
1] dig Command
This domain information groper (dig) is used to fix DNS-related issues. Primarily, this command is a lookup utility that is used as a tool to query DNS-related information. The information includes MX RECORD, CNAME, etc. iT IS is a better and more advanced version of the nslookup command. You can verify other DNS records too.
Syntax: dig <domainName>
Example: $ dig google.com
Output:
This command’s output is the A records by default from the DNS records. You can even use the syntax given below to search for specific MX or NS types.
Command: $ dig google.com MX
2] Netstat Command
This command, as the name suggests, works for network statistics. This command is used if you need statistical figures for network connections, interface, routing tables, etc.
Syntax: netstat
Example:
To see both listing and non-listing sockets, use the following command:
# netstat -a
Output: This command’s output is all listing and non-listing sockets.
Variations:
These are variations of the netstat command:
- To view all programs associated to open sockets
Syntax: netstat -p
- To view the details of ports
Syntax: netstat -s
- To see routing tables
Syntax: netstat -r
3] ifconfig
This command is one of the fundamental commands in Linux, and it is used for network inspection. The complete form of ifconfig is interface configurator. You can initialize, enable, disable and configure an interface with an IP address using this command. ifconfig shows the following information:
- IP Address
- Maximum Transmission Unit (MTU)
- MAC Address
Syntax: Ifconfig
Example:
To see all the interfaces available, use the following command:
ifconfig -a
Output:
The output of the Syntax ifconfig displays the three networks, local network, Ethernet, and WLAN.
4] tracepath
This command and the traceroute command are similar to each other. It can detect network delays without having to use root privileges. Ubuntu comes with this command by default. It can identify the specific points where your network is weak.
Syntax: tracepath <destination>
Example: tracepath mindmajix.com
Output:
root@mops:~ # tracepath6 3ffe:2400:0:109::2 1?: [LOCALHOST] pmtu 1500 1: dust.inr.ac.ru 0.411ms 2: dust.inr.ac.ru asymm 1 0.390ms pmtu 1480 2: 3ffe:2400:0:109::2 463.514ms reached Resume: pmtu 1480 hops 2 back 2
5] IP
This command is an updated version of the ifconfig command we talked about earlier.
Syntax:
- ip a
- ip addr
Example:
This command will provide you the details of specific interfaces and networks like ifconfig. The syntaxes to see the facts is as follows:
ip a show eth0 ip a show lo ip a show wlan0
Output: The output will look like this when you wish to see a list of all network interfaces and the associated IP addresses using IP address show;
lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever
Another example:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 52:54:00:8c:62:44 brd ff:ff:ff:ff:ff:ff inet 192.168.121.241/24 brd 192.168.121.255 scope global dynamic eth0 valid_lft 2900sec preferred_lft 2900sec inet6 fe80::5054:ff:fe8c:6244/64 scope link valid_lft forever preferred_lft forever
6] whois
The whois command in Linux brings all the information related to a website like registration and owner information.
Syntax: whois <webisteName>
Example: whois minmajix.com
7] host
The host command is used to view the domain name for a specific IP address and vice versa, which means the IP address for a particular domain name. And you can also see the DNS lookup for DNS-related queries.
Example:
host mindmajix.com
host 149.77.21.18
To get DNS resource records like SRV, SOA, MX, CNAME, NS, A, you can add a -t with this command.
Syntax: host -t <resourceName>
8] ss
We learned of the netstat command earlier. The ss command is a much faster alternative to that. It is faster because it offers more information within the kernel userspace than the netstat command in Linux.
Syntax: ss
Using this command, you can access information related to all TCP, UNIX, and UDP socket connections. To see TCP/UDP or UNIX sockets, attach -u, -t, -x in the command, and you are good to go! Combine the above-mentioned commands if you wish to see connected and listing sockets.
ss -ua ss -ta ss -xa
To see just the listing sockets, add an l with the syntax:
ss -lt ss -lt ss -lx
Example:
To see the details of all the closed TCP sockets;
$ ss -t4 state closed
9] route
The route command shows the routing table that exists for your system. This method is one of the easiest ways to send packets to a destination.
Syntax: route
Output: When you enter the above command, you will see a list of all the table entries for the system. For the packets that are outside this network range, are forwarded and further routed.
To See The Numerical IP Address
To see the output in incomplete numerical form, go for the -n syntax.
Syntax: route -n
10] mtr
This command in Linux helps you view the network issues and works similar to the ping and traceroute command. It shows the ping time of every hop with the details of the packets that are sent.
Syntax: mtr <path>
Example: $ mtr google.com
Output: If you have to send ten packets to each hop that comes along, add the -report option to the syntax.
$ mtr --report <path>
11] ifplugstatus
You won’t find the ifplugstatus command directly on Ubuntu. You can use it to check whether a cable is plugged into a network interface. The installation process is as follows:
Command: sudo apt-get install ifplugd
Syntax: ifplugstatus
Output:
In the output above, the link beat detected means that the cable is plugged in. The output of this command is in affirmative if you see link beat detected, and it means the cable is plugged into the network interface.
12] hostname
This command is a very simple and straightforward one and is used to see and set the hostname of a system.
Syntax: hostname
Output: Use the following syntax to set the hostname.
Syntax: sudo hostname <newName>
Although the hostname that you set using this command is only temporary because it will reset once the system reboots, to permanently set a hostname, you must go to the hostname file and rewrite the hostname. Then, reboot the box.
13] ping
Ping is the short form for Packet Internet Groper. We can safely say that you will often come across the ping command to troubleshoot network issues as it checks the connectivity between two nodes. Unless you interrupt it (which you can do by pressing Ctrl+C), this command continues to send ICMP echo requests to check the network.
Syntax: ping <destination>
Example: $ ping google.co
m
Command: To ping directly, you can use the IP address too. To set a limit for the number of packets, add a-c to the command.
Syntax: ping -c <number> <destination>
14] iwconfig
In Linux, the iwconfig command is used to view and even set Wifi specifics like SSID and encryption. You can put this command to use when you have to configure the wireless network interface.
Syntax: iwconfig
Example: To tweak with the encryption or scrambling keys and security mode, use the following:
iwconfig [Interface] key 0123-4567-89
15] Tcpdump
When it comes to network analysis, this command is the most frequently used. It captures and displays any traffic that is passing through the network interface.
Syntax: $ tcpdump -i <network_device>
Output: Another way to go about this is to specify the protocol (TCP, ICMP, UDP, etc.):
Command: $ tcpdump -i <network_device> tcp
16] arp
arpm represents Address Resolution Protocol and is used to see and add content. This content is added to the kernel’s ARP table. The ARP lookup table is a log of all the IP addresses and their corresponding MAC addresses. The basic funda is this: If the MAC address in this table for a destination connected through an IP address is cached, it will not be used.
Syntax: Arp
By default, this command shows the hostnames. To see the IP addresses, use the following command:
Command: $ arp -n
17] curl or wget
The curl and wget commands are used to download files from CLI via the internet.
curl command
Syntax: curl -O <filelink>
Example: curl -O google.com/doodles/childrens-day-2014-multiple-countries
Wget command
Syntax: wget <filelink>
Example: wget google.com/doodles/new-years-day-2012
18] traceroute
This command is convenient when network-related troubleshooting has to be done. Apart from detecting delays, it does the following jobs:
- Identifies the names of every device on the path.
- Follow the route to the destination that is specified.
- It finds out where the network latency comes from and reports it.
Syntax: traceroute <destination>
Example: $ traceroute <google.com>
Output: The output looks something like this;
- The specified hostname
- Size of the packets
- IP Address
19] nslookup
The nslookup is the predecessor of the dig command and can be used to get the details of the DNS-related queries.
Syntax: nslookup <domainName>
Example: nslookup mindmajix.com
Outfit: You will see the details about mindmajix.com.
20] iftop
iftop is used to keep track of the traffic.
Command: To install iftop on your laptop:
$ wget http://www.ex-parrot.com/pdw/iftop/download/iftop-0.17.tar.gz
It will be a zip file. Use the following command to extract and open it:
Command:
$ tar zxvf iftop-0.17.tar.gz
Output: The -p option allows you to view the ports.
Command: $ sudo iftop -p
These are the twenty network commands used on Linux and Unix that are often used and will be very useful for you!