Twenty Network Commands Used On Linux And Unix

Linux is the kernel of an operating system and is a popular software and server. Commands present on Linux can be used to analyze, maintain, inspect, and troubleshoot all networks connected to the system. First, let us guide you through the twenty network commands used on Linux and Unix.

Linux Networking Commands

Twenty Network Commands Used On Linux And Unix

1] dig Command

This domain information groper (dig) is used to fix DNS-related issues. Primarily, this command is a lookup utility that is used as a tool to query DNS-related information. The information includes MX RECORD, CNAME, etc. iT IS is a better and more advanced version of the nslookup command. You can verify other DNS records too.

Syntax:  dig <domainName>

Example: $ dig


This command’s output is the A records by default from the DNS records. You can even use the syntax given below to search for specific MX or NS types.

Command: $ dig MX

2] Netstat Command

This command, as the name suggests, works for network statistics. This command is used if you need statistical figures for network connections, interface, routing tables, etc.

Syntax: netstat


To see both listing and non-listing sockets, use the following command:

# netstat -a

Output: This command’s output is all listing and non-listing sockets.


These are variations of the netstat command:

  1. To view all programs associated to open sockets

Syntax: netstat -p

  1. To view the details of ports

Syntax: netstat -s

  1. To see routing tables

Syntax: netstat -r

3] ifconfig

This command is one of the fundamental commands in Linux, and it is used for network inspection. The complete form of ifconfig is interface configurator. You can initialize, enable, disable and configure an interface with an IP address using this command. ifconfig shows the following information:

  1. IP Address
  2. Maximum Transmission Unit (MTU)
  3. MAC Address

Syntax: Ifconfig


To see all the interfaces available, use the following command:

ifconfig -a


The output of the Syntax ifconfig displays the three networks, local network, Ethernet, and WLAN.

4] tracepath

This command and the traceroute command are similar to each other. It can detect network delays without having to use root privileges. Ubuntu comes with this command by default. It can identify the specific points where your network is weak.

Syntax: tracepath <destination>

Example:  tracepath


root@mops:~ # tracepath6 3ffe:2400:0:109::2

 1?: [LOCALHOST]                              pmtu 1500

 1:                   0.411ms

 2:        asymm  1   0.390ms pmtu 1480

 2:  3ffe:2400:0:109::2               463.514ms reached

Resume: pmtu 1480 hops 2 back 2

5] IP

This command is an updated version of the ifconfig command we talked about earlier.


  1. ip a
  2. ip addr


This command will provide you the details of specific interfaces and networks like ifconfig. The syntaxes to see the facts is as follows:

ip a show eth0

ip a show lo

ip a show wlan0

Output: The output will look like this when you wish to see a list of all network interfaces and the associated IP addresses using IP address show;

lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet scope host lo

valid_lft forever preferred_lft forever

Another example:

eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000

link/ether 52:54:00:8c:62:44 brd ff:ff:ff:ff:ff:ff

inet brd scope global dynamic eth0

valid_lft 2900sec preferred_lft 2900sec

inet6 fe80::5054:ff:fe8c:6244/64 scope link 

valid_lft forever preferred_lft forever

6] whois

The whois command in Linux brings all the information related to a website like registration and owner information.

Syntax: whois <webisteName>

Example: whois

7] host

The host command is used to view the domain name for a specific IP address and vice versa, which means the IP address for a particular domain name. And you can also see the DNS lookup for DNS-related queries.




To get DNS resource records like SRV, SOA, MX, CNAME, NS, A, you can add a -t with this command.

Syntax: host -t <resourceName>

8] ss

We learned of the netstat command earlier. The ss command is a much faster alternative to that. It is faster because it offers more information within the kernel userspace than the netstat command in Linux.

Syntax:  ss

Using this command, you can access information related to all TCP, UNIX, and UDP socket connections. To see TCP/UDP or UNIX sockets, attach -u, -t, -x in the command, and you are good to go! Combine the above-mentioned commands if you wish to see connected and listing sockets.

ss -ua

ss -ta

ss -xa

To see just the listing sockets, add an l with the syntax:

ss -lt

ss -lt

ss -lx


To see the details of all the closed TCP sockets;

$ ss -t4 state closed

9] route

The route command shows the routing table that exists for your system. This method is one of the easiest ways to send packets to a destination.

Syntax: route

Output:  When you enter the above command, you will see a list of all the table entries for the system. For the packets that are outside this network range, are forwarded and further routed.

To See The Numerical IP Address

To see the output in incomplete numerical form,  go for the -n  syntax.

Syntax: route -n

10] mtr

This command in Linux helps you view the network issues and works similar to the ping and traceroute command. It shows the ping time of every hop with the details of the packets that are sent.

Syntax: mtr <path>

Example: $ mtr

Output:  If you have to send ten packets to each hop that comes along, add the -report option to the syntax.

$ mtr --report <path>

11] ifplugstatus

You won’t find the ifplugstatus command directly on Ubuntu. You can use it to check whether a cable is plugged into a network interface. The installation process is as follows:

Command: sudo apt-get install ifplugd

Syntax: ifplugstatus


In the output above, the link beat detected means that the cable is plugged in. The output of this command is in affirmative if you see link beat detected, and it means the cable is plugged into the network interface.

12] hostname

This command is a very simple and straightforward one and is used to see and set the hostname of a system.

Syntax: hostname

Output:  Use the following syntax to set the hostname.

Syntax: sudo hostname <newName>

Although the hostname that you set using this command is only temporary because it will reset once the system reboots, to permanently set a hostname, you must go to the hostname file and rewrite the hostname. Then, reboot the box.

13] ping

Ping is the short form for Packet Internet Groper. We can safely say that you will often come across the ping command to troubleshoot network issues as it checks the connectivity between two nodes. Unless you interrupt it (which you can do by pressing Ctrl+C), this command continues to send ICMP echo requests to check the network.

Syntax: ping <destination>

Example: $ ping

Command: To ping directly, you can use the IP address too. To set a limit for the number of packets, add a-c to the command.

Syntax: ping -c <number> <destination>

14] iwconfig

In Linux, the iwconfig command is used to view and even set Wifi specifics like SSID and encryption. You can put this command to use when you have to configure the wireless network interface.

Syntax: iwconfig

Example: To tweak with the encryption or scrambling keys and security mode, use the following:

iwconfig [Interface] key 0123-4567-89

15] Tcpdump

When it comes to network analysis, this command is the most frequently used. It captures and displays any traffic that is passing through the network interface.

Syntax: $ tcpdump -i <network_device>

Output: Another way to go about this is to specify the protocol (TCP, ICMP, UDP, etc.):

Command: $ tcpdump -i <network_device> tcp

16] arp

arpm represents Address Resolution Protocol and is used to see and add content. This content is added to the kernel’s ARP table. The ARP lookup table is a log of all the IP addresses and their corresponding MAC addresses. The basic funda is this: If the MAC address in this table for a destination connected through an IP address is cached, it will not be used.

Syntax: Arp

By default, this command shows the hostnames. To see the IP addresses, use the following command:

Command: $ arp -n

17] curl or wget

The curl and wget commands are used to download files from CLI via the internet.

curl command 

Syntax: curl -O <filelink>

Example: curl -O

Wget command

Syntax: wget <filelink>

Example: wget

18] traceroute

This command is convenient when network-related troubleshooting has to be done. Apart from detecting delays, it does the following jobs:

  1. Identifies the names of every device on the path.
  2. Follow the route to the destination that is specified.
  3. It finds out where the network latency comes from and reports it.

Syntax: traceroute <destination>

Example: $ traceroute <>

Output:  The output looks something like this;

  1. The specified hostname
  2. Size of the packets
  3. IP Address

19] nslookup

The nslookup is the predecessor of the dig command and can be used to get the details of the DNS-related queries.

Syntax:  nslookup <domainName>

Example: nslookup

Outfit: You will see the details about

20] iftop

iftop is used to keep track of the traffic.

Command:  To install iftop on your laptop:

$ wget

It will be a zip file. Use the following command to extract and open it:


$  tar zxvf iftop-0.17.tar.gz

Output: The -p option allows you to view the ports.

Command:  $ sudo iftop -p

These are the twenty network commands used on Linux and Unix that are often used and will be very useful for you!


Please enter your comment!
Please enter your name here