SlideShare una empresa de Scribd logo

Linux networking

S
sanakiyan
Tecnología
1 de 11
Descargar para leer sin conexión
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 The information presented should act as a guide to Red Hat Linux networking. It is intended to be  accompanied with training and self­study. To access most of these items you will need to have root  access, either directly or through  'sudo su ­', or via sudo exploits we won't discuss:­) Some items are  left for you to review while others are covered in more detail on the following pages. The descriptions are brief and are meant to be starting points. Use 'man <command or filename>' for  help pages. Be aware that man pages expect a certain level of technical knowledge and may require  several visits to grasp the information. Making use of multiple windows when working on a system, be  it local or remote, allows you to view a man page while trying the command or editing the file in a  different window.  Before this information can be useful, you should be able to use the following tools: ● vi  file editor common an all Linux and Unix systems ● cat  concatenate and view files  ● less  file pager with many features ● grep  extract information based on keywords ● man   ­use 'man ­k <word>' to search man pages for a keyword, or try 'man man'  always look at the 'see also' section near the bottom ● basic command line navigation, command execution, and output manipulation ● understand environmental variables  it is valuable to understand system variables, although they may not come into play often ● bash shell scripting  should be able to at least follow the flow and process of a bash script  ● basic network service clients such as ssh and ftp  use to test to local host, for confirming if it is a service problem or a network problem ● tee  use to send output to the monitor as well as a file for later review 1 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 Configuration Files: ● /etc/hosts  used primarily to define static IP to hostname mappings. ● /etc/resolv.conf  defines name servers for DNS resolution. ● /etc/host.conf  defines parameters, the most common being search order, for name resolution. The order  keyword may include hosts, bind, and nis. ● /etc/sysconfig/network  defines network settings common to all interfaces such as hostname and default gateway ● /etc/sysconfig/network­scripts/  ifcfg­lo ifcfg­ethn  define the interface parameters such as IP address and network mask ● /etc/services  defines known port numbers to service names. Commands, services, and utilities often  display the service name in their output. Ports undefined in /etc/services should always be  defined by port number. ● /etc/rc.local  commands to run after the init scripts. You may want a static routing entry in here after the  network is set up. ● /proc pseudo­filesystem  allows you to read and in some cases write kernel variables.  look in /proc/sys/net/ for starters. Files show zero size but are populated when accessed. ● /etc/sysctl.conf  file you can use to control /proc file entries. This allows changes to survive a reboot. ●   /etc/sysconfig/hwconf  information on system hardware used for auto­detection of new hardware  can edit to force re­detection if troubleshooting a network card. File is rarely of interest. ● /etc/modprobe.conf  nic drivers and options are defined here Access Control Files: 2 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 ● /etc/hosts.allow /etc/hosts.deny  controls TCPwrappers utility (see tcpd below)  view man page with 'man 5 hosts_access' [note the 5] ● /etc/init.d/iptables (alias of /etc/rc.d/init.d/iptables)  control and configuration of Iptables/NetFilter Linux Firewall  Log Files: Logs can provide valuable troubleshooting information but are too often overlooked.  dmesg falls into the logs category and should be reviewed, particularly if there are local problems as  opposed to remote host problems.  ● look in /var/log/ ● to view startup messages use 'dmesg|less' Commands and Utilities: ● arp  display or set arp table entries ● dig  query name servers ● dmesg  display ring buffer information from system startup ● ethereal  not installed by default ● ethtool ● host  query name servers ● hostname  display or set hostname  changes do not survive a reboot ● ifup  bring an interface up ● ifdown  shut down an interface ● ifconfig 3 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006  view or set interface parameters  changes do not survive a reboot ● ip ● iptables  user space tools to manipulate netfilter kernel based firewall ● iptraf  displays network statistics  not installed by default ● netstat  use to display routing, open (listening) ports, etc ● ping  send a n icmp packet to an IP address or hostname ● route  display or manipulate routing tables  changes do not survive a reboot ● service  use to start, stop or restart services via supported init scripts ● tcpd (tcpwrappers)  access control for supported services ● tcpdump  view network traffic ● telinit (and runlevel)  use to change runlevels, use runlevel to view current and previous runlevel  not usually involved in networking ● traceroute  displays the route and statistics for UDP or ICMP packets as they traverse a network. Network Services: Starting and stopping of network services can be automated through: ● init scripts  symlinks to various scripts used to manage most system daemons ● /etc/rc.local file  commands to run after the init scripts. You may want a static routing entry in here after the  4 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 network is set up. ● xinetd system  see /etc/xinetd.conf and files in /etc/xinetd.d/  replaces inetd and incorporates TCPwrapers Environmental Variables: These commands are for the bash shell, the default shell for most Linux distributions including Red  Hat. Other shells may use different methods. ● View current settings  display with 'env' for all or 'echo $<var­name>' ● Define new or change existing  variables  set variables with '<var­name>=”<value>”' Virtual Network Interfaces: ● A single interface can easily be configured to answer multiple IP addresses. Virtual Interfaces  are defined as ethn:m as are the configuration files. (0:0 is the physical nic, 0:1 and higher are  virtual, any unique number can be used. ● Create a configuration file /etc/sysconfig/network­scripts/ifcfg­ethn:m then restart the network  or use ifconfig to bring up the new interface. ● When working with iptables be aware it does not distinguish between real and virtual interfaces ● A Virtual Interface configuration file may look like: DEVICE=eth0:1 BOOTPROTO=static BROADCAST=192.168.1.255 IPADDR=192.168.1.41 NETWORK=192.168.1.0 ONBOOT=yes Troubleshooting Steps: These are very general steps used for isolating basic connectivity problems. ● ping 127.0.0.1  if fail here, network service may not be running. Start network, check logs and runlevel ● ping <localhost ip addr>  if fails, confirm IP address and interface state with ifconfig command 5 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 ● ping <default gw ip>  if fails, try other local hosts and confirm physical cabling, check arp table ● ping <default gw hostname>  if first failure here, look at name resolution. Try dig or host and ping the name server. ● ping <destination hostname>  try another remote hostname, check name resolution, try pinging IP address ● traceroute <destination hostname>  this will show each step of the trip and indicate where along the path it fails ● tcpdump  view or save network traffic.  Learn to use the filters such as 'tcpdump ­i eth1 host 192.168.1.254 and not port ssh'  Common Tasks: ● change the systems hostname  use 'hostname <newname.domain.com>' to set the hostname for the running system.  To change the hostname permanently, edit /etc/sysconfig/network and restart the network  (or combine the two methods) ● change an interface IP address  temporarily set the IP address via chkconfig or ip commands.  For a permanent change, edit etc/sysconfig/network­scripts/ifcfg­ethn and restart the  network (or combine the two methods) More Detail on Commands and Files : ● ifcfg­ethn files  The directory /etc/sysconfig/network­scripts contains, among other related files, the  configuration files for each physical and virtual interface.  The configuration entries are pretty self­explanatory. Typical entries are shown below (not all entries are always required): DHCP: DEVICE=eth0 BOOTPROTO=dhcp HWADDR=00:11:D8:44:12:19 ONBOOT=yes 6 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 TYPE=Ethernet Static IP: DEVICE=eth0 BOOTPROTO=static NETWORK=192.168.1.0 BROADCAST=192.168.1.255 IPADDR=192.168.1.40 HWADDR=00:11:D8:44:12:19 ONBOOT=yes TYPE=Ethernet  If you want to disable or save a copy of an ifcfg file, you should remove it from the  directory since a simple appending of _orig (or something similar) will still leave it as a  target for the network services to use. Depending on other details this may harmlessly fail  or may cause much disruption when the network services are (re)started. ● ifconfig command  This command will allow you to view or temporarily modify many aspects of the network  settings. With no arguments 'ifconfig' displays information on all active interfaces.  Information includes IP, broadcast, network mask, and throughput information amongst  other things.  You can change much of the network setup with this command. It is typically used to either  change something temporarily (e.g. for testing) or to bring a single interface up or down,  which can be done with ifup and ifdown using less typing:). One benefit of using ifconfig to  change an IP address is that you do not need to start and stop the network. You can even  change the MAC address using this command. ● ip command  Very similar to ifconfig this command can display or manipulate network settings. Although  some information overlaps these two commands, 'ip' deals with IP, network address, routing  and ARP information.  The different output formats can work for you when creating scripts to report or manipulate  a network. A prime example is how the IP address and Network Mask are displayed: # ifconfig eth0|grep "inet a" 7 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006    inet addr:192.168.1.40  Bcast:192.168.1.255  Mask:255.255.255.0 # ip addr show dev eth0|grep "inet "    inet 192.168.1.40/24 brd 192.168.1.255 scope global eth0   iptables utility   The Linux kernel based Firewall. We do not typically use the Linux Firewall but you  should know how to check it. The firewall is comprised of NetFilter, the heart of the system  which is part of the Linux kernel, and IPtables which is the user space tools and  configurations you use to control the firewall. The firewall is always running and is  controlled by rules (or chains) the user defines. In what is referred to as stopped  the  firewall is actually running but has no blocking rules. You can display the current state of  the firewall with the command 'iptables ­L'. You can flush all rules and in essence 'stop' a  firewall with the command 'service iptables stop' (see service command detailed below).   A non­blocking firewall will display the following: ● tcpdump command  Displays packet headers from an interface. This command offers many ways to manipulate  the display. The most common is to add simple filters to the command line.  A typical remote monitor of web traffic might look like this (wrapped lines are indented):        [root@d207­216­142­87 ~]# tcpdump ­i eth1 port http        tcpdump: verbose output suppressed, use ­v or ­vv for full protocol decode        listening on eth1, link­type EN10MB (Ethernet), capture size 96 bytes       16:35:38.976614 IP d207­216­142­87.bchsia.telus.net.50436 > nfl.bodog.com.http: S            1104743985:1104743985(0) win 5840 <mss 1460,sackOK,timestamp 307804218  0,nop,wscale 2> 8 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 16:35:38.986239 IP nfl.bodog.com.http > d207­216­142­87.bchsia.telus.net.50436: S  78647379:78647379(0) ack 1104743986 win 5792 <mss 1380,sackOK,timestamp  744177594 307804218,nop,wscale 0> 16:35:38.986447 IP d207­216­142­87.bchsia.telus.net.50436 > nfl.bodog.com.http: . ack 1  win 1460 <nop,nop,timestamp 307804221 744177594> 16:35:38.989257 IP d207­216­142­87.bchsia.telus.net.50436 > nfl.bodog.com.http: P  1:462(461) ack 1 win 1460 <nop,nop,timestamp 307804222 744177594> 16:35:39.004945 IP nfl.bodog.com.http > d207­216­142­87.bchsia.telus.net.50436: . ack  462 win 6432 <nop,nop,timestamp 744177596 307804222>  When logged in to a remote system via ssh and want to run tcpdump on the same remote  interface, always include a 'not ssh' filter or every bit of tcpdump info sent to your display  will be caught by tcpdump causing a massive ssh loop.   You should be aware that tcpdump captures packets at the interface level and iptables  handles are passed through to the network IP stack, so incoming traffic is captured by  tcpdump prior to iptables rules being applied but outbound traffic is passed through iptables  rules on it's way to the interface.   ● network file  The file /etc/sysconfig/network defines network settings common to all interfaces.  A typical file may look like this: NETWORKING=yes HOSTNAME=nova3.linux1.ca GATEWAY=192.168.101.1 NOZEROCONF=yes  The 'NOZEROCONF=yes' removes an unnecessary routing entry. ● chkconfig command  This command is used to simplify the management of service daemons. It works in  conjunction with the 'service' command. It sets what runlevels a services will be started and  stopped at.  Any init script that contains the required lines can be managed by chkconfig.  The following two keyword based entries allow an init script to fall under the control of the  chkconfig command: # chkconfig: 2345 08 92 # description: Automates a packet filtering firewall with iptables. 9 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 Use 'man chkconfig' for details about the init script entries as well as how to add, delete, or  modify a services behavior.  The most common use, 'chkconfig –list' (two dashes), is to display what services will be  running at runlevel 3 and 5.  You cannot change the current state of  a daemon with this command. Use service instead. ● service command  Where chkconfig is used to report or set the planed states of daemons, 'service' is used to  check or change the state of a service daemon.  For services that use the 'case' statement, the service commands is used to start, stop, restart  or get the status of a daemon. If you drop the action argument the valid choices are  displayed.  Typical usage, say to troubleshoot flaky ssh connection, could look something like this:  See the comment under “Notes and Tips” regarding restarting a remote network. ● ps command  Although this is a very basic command, I want to touch on it's importance. When  troubleshooting network services, you need to confirm the daemon is actually running. It is  possible for the service command to report a daemon is running when in fact it has crashed  and left behind PID and lock files.  This command has many options but for network troubleshooting you don't need to know  them all, however it would be prudent to spend some time and get comfortable with some of  the output formats.  A simple check to see if java is running could be 'ps ­e|grep java'  See the item under “Notes and Tips” for some further actions 10 of 11
Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 Note and Tips: ● When working on a remote machine, always use 'service network restart' never try and stop  then start the network in two steps or you will be disconnected. Same thing with ssh. ● When using tcpdump remotely, be sure to filter out 'ssh' packets. If you wonder why, try ssh'ing  into a remote system and run 'tcpdump' with no arguments. ● If IP moves from one system to another it will confuse some layer 4 switches, ping out from  new machine to tell switches where you are. Otherwise, the new system will not be available  until the switch flushes it's tables. ● If ps does not show a process running or 'netstat ­l' does not show a listening port, but service  reports it is running or reports a related error, you may need to remove old PID or lock files.  These are located in /var/run/ and /var/lock/subsys/ respectably. ● If ps reports a daemon has a PID but it is not functioning or will not stop or start, you may need  to kill the defunct process. To do this, see the kill and killall man pages. EOF 11 of 11

Recomendados

2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...
2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...
2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...Shawn Wells
 
RPM (Red Hat Package Manager)
RPM (Red Hat Package Manager)RPM (Red Hat Package Manager)
RPM (Red Hat Package Manager)skalaivanibutp
 
Rhce ppt
Rhce pptRhce ppt
Rhce pptMohammed Ben
 
DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In DepthKernel TLV
 
3. configuring a compute node for nfv
3. configuring a compute node for nfv3. configuring a compute node for nfv
3. configuring a compute node for nfvvideos
 
OMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityOMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityAndrew Case
 
Software management in linux
Software management in linuxSoftware management in linux
Software management in linuxnejadmand
 
7 hands on
7 hands on7 hands on
7 hands onvideos
 

Recomendados

2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...
2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...
2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...Shawn Wells
 
RPM (Red Hat Package Manager)
RPM (Red Hat Package Manager)RPM (Red Hat Package Manager)
RPM (Red Hat Package Manager)skalaivanibutp
 
Rhce ppt
Rhce pptRhce ppt
Rhce pptMohammed Ben
 
DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In DepthKernel TLV
 
3. configuring a compute node for nfv
3. configuring a compute node for nfv3. configuring a compute node for nfv
3. configuring a compute node for nfvvideos
 
OMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityOMFW 2012: Analyzing Linux Kernel Rootkits with Volatlity
OMFW 2012: Analyzing Linux Kernel Rootkits with VolatlityAndrew Case
 
Software management in linux
Software management in linuxSoftware management in linux
Software management in linuxnejadmand
 
7 hands on
7 hands on7 hands on
7 hands onvideos
 
101 2.5 use rpm and yum package management
101 2.5 use rpm and yum package management101 2.5 use rpm and yum package management
101 2.5 use rpm and yum package managementAcácio Oliveira
 
Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Accenture
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver developmentAmr Ali (ISTQB CTAL Full, CSM, ITIL Foundation)
 
Perf stat windows
Perf stat windowsPerf stat windows
Perf stat windowsAccenture
 
Ericas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideEricas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideErica StJohn
 
Foss Gadgematics
Foss GadgematicsFoss Gadgematics
Foss GadgematicsBud Siddhisena
 
Software Packaging with RPM
Software Packaging with RPMSoftware Packaging with RPM
Software Packaging with RPMSchalk Cronjé
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applicationsVipin Varghese
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLinaro
 
2009-04-14 IBM ISV Partnership Call
2009-04-14 IBM ISV Partnership Call2009-04-14 IBM ISV Partnership Call
2009-04-14 IBM ISV Partnership CallShawn Wells
 
Linux Ethernet device driver
Linux Ethernet device driverLinux Ethernet device driver
Linux Ethernet device driver艾鍗科技
 
Linux Presentation
Linux PresentationLinux Presentation
Linux Presentationkuldeepakgautam
 
Ip tables
Ip tablesIp tables
Ip tablesnavid ashrafi
 
FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)Kirill Tsym
 
RPM (LINUX)
RPM (LINUX)RPM (LINUX)
RPM (LINUX)Raghu nath
 
SoC Idling for unconf COSCUP 2016
SoC Idling for unconf COSCUP 2016SoC Idling for unconf COSCUP 2016
SoC Idling for unconf COSCUP 2016Koan-Sin Tan
 
Linux Kernel Platform Development: Challenges and Insights
Linux Kernel Platform Development: Challenges and Insights Linux Kernel Platform Development: Challenges and Insights
Linux Kernel Platform Development: Challenges and InsightsGlobalLogic Ukraine
 
Linux kernel
Linux kernelLinux kernel
Linux kernelMahmoud Shiri Varamini
 
Unix::Statgrab
Unix::StatgrabUnix::Statgrab
Unix::StatgrabJens Rehsack
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageKernel TLV
 
gangguan emosi
gangguan emosigangguan emosi
gangguan emosiReni H_dika BK
 
Try out mat
Try out matTry out mat
Try out matg3rg3r
 

Más contenido relacionado

La actualidad más candente

101 2.5 use rpm and yum package management
101 2.5 use rpm and yum package management101 2.5 use rpm and yum package management
101 2.5 use rpm and yum package managementAcácio Oliveira
 
Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Accenture
 
Perf stat windows
Perf stat windowsPerf stat windows
Perf stat windowsAccenture
 
Ericas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideEricas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideErica StJohn
 
Software Packaging with RPM
Software Packaging with RPMSoftware Packaging with RPM
Software Packaging with RPMSchalk Cronjé
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLinaro
 
2009-04-14 IBM ISV Partnership Call
2009-04-14 IBM ISV Partnership Call2009-04-14 IBM ISV Partnership Call
2009-04-14 IBM ISV Partnership CallShawn Wells
 
Linux Ethernet device driver
Linux Ethernet device driverLinux Ethernet device driver
Linux Ethernet device driver艾鍗科技
 
FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)Kirill Tsym
 
SoC Idling for unconf COSCUP 2016
SoC Idling for unconf COSCUP 2016SoC Idling for unconf COSCUP 2016
SoC Idling for unconf COSCUP 2016Koan-Sin Tan
 
Linux Kernel Platform Development: Challenges and Insights
Linux Kernel Platform Development: Challenges and Insights Linux Kernel Platform Development: Challenges and Insights
Linux Kernel Platform Development: Challenges and InsightsGlobalLogic Ukraine
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageKernel TLV
 

La actualidad más candente (20)

101 2.5 use rpm and yum package management
101 2.5 use rpm and yum package management101 2.5 use rpm and yum package management
101 2.5 use rpm and yum package management
 
Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver development
 
Perf stat windows
Perf stat windowsPerf stat windows
Perf stat windows
 
Ericas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideEricas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-Guide
 
Foss Gadgematics
Foss GadgematicsFoss Gadgematics
Foss Gadgematics
 
Software Packaging with RPM
Software Packaging with RPMSoftware Packaging with RPM
Software Packaging with RPM
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel Awareness
 
2009-04-14 IBM ISV Partnership Call
2009-04-14 IBM ISV Partnership Call2009-04-14 IBM ISV Partnership Call
2009-04-14 IBM ISV Partnership Call
 
Linux Ethernet device driver
Linux Ethernet device driverLinux Ethernet device driver
Linux Ethernet device driver
 
Linux Presentation
Linux PresentationLinux Presentation
Linux Presentation
 
Ip tables
Ip tablesIp tables
Ip tables
 
FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)
 
RPM (LINUX)
RPM (LINUX)RPM (LINUX)
RPM (LINUX)
 
SoC Idling for unconf COSCUP 2016
SoC Idling for unconf COSCUP 2016SoC Idling for unconf COSCUP 2016
SoC Idling for unconf COSCUP 2016
 
Linux Kernel Platform Development: Challenges and Insights
Linux Kernel Platform Development: Challenges and Insights Linux Kernel Platform Development: Challenges and Insights
Linux Kernel Platform Development: Challenges and Insights
 
Linux kernel
Linux kernelLinux kernel
Linux kernel
 
Unix::Statgrab
Unix::StatgrabUnix::Statgrab
Unix::Statgrab
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
 

Destacado

Try out mat
Try out matTry out mat
Try out matg3rg3r
 
Ancient egypt!!!! by Daria Gritsko
Ancient egypt!!!! by Daria GritskoAncient egypt!!!! by Daria Gritsko
Ancient egypt!!!! by Daria Gritskozelvianochka
 
Young Architects India - Neotecture profile
Young Architects India - Neotecture profileYoung Architects India - Neotecture profile
Young Architects India - Neotecture profileNeotecture
 
Multimedia lesson 2
Multimedia lesson 2Multimedia lesson 2
Multimedia lesson 2brandibatten
 
Solar energy -the ultimate renewable resource
Solar energy -the ultimate renewable resourceSolar energy -the ultimate renewable resource
Solar energy -the ultimate renewable resourcerahuldawar
 
Budgeting Your Future
Budgeting Your FutureBudgeting Your Future
Budgeting Your Futurebrandibatten
 
Multimedia lesson 1
Multimedia lesson 1Multimedia lesson 1
Multimedia lesson 1brandibatten
 
Multimedia lesson 3
Multimedia lesson 3Multimedia lesson 3
Multimedia lesson 3brandibatten
 
сиволика великобритании
сиволика великобританиисиволика великобритании
сиволика великобританииzelvianochka
 
Media BK layanan Informasi
Media BK layanan InformasiMedia BK layanan Informasi
Media BK layanan InformasiReni H_dika BK
 

Destacado (13)

gangguan emosi
gangguan emosigangguan emosi
gangguan emosi
 
Try out mat
Try out matTry out mat
Try out mat
 
Ancient egypt!!!! by Daria Gritsko
Ancient egypt!!!! by Daria GritskoAncient egypt!!!! by Daria Gritsko
Ancient egypt!!!! by Daria Gritsko
 
Young Architects India - Neotecture profile
Young Architects India - Neotecture profileYoung Architects India - Neotecture profile
Young Architects India - Neotecture profile
 
Multimedia lesson 2
Multimedia lesson 2Multimedia lesson 2
Multimedia lesson 2
 
My apron calendar
My apron calendarMy apron calendar
My apron calendar
 
Working day
Working dayWorking day
Working day
 
Solar energy -the ultimate renewable resource
Solar energy -the ultimate renewable resourceSolar energy -the ultimate renewable resource
Solar energy -the ultimate renewable resource
 
Budgeting Your Future
Budgeting Your FutureBudgeting Your Future
Budgeting Your Future
 
Multimedia lesson 1
Multimedia lesson 1Multimedia lesson 1
Multimedia lesson 1
 
Multimedia lesson 3
Multimedia lesson 3Multimedia lesson 3
Multimedia lesson 3
 
сиволика великобритании
сиволика великобританиисиволика великобритании
сиволика великобритании
 
Media BK layanan Informasi
Media BK layanan InformasiMedia BK layanan Informasi
Media BK layanan Informasi
 

Similar a Linux networking

Graphing Nagios services with pnp4nagios
Graphing Nagios services with pnp4nagiosGraphing Nagios services with pnp4nagios
Graphing Nagios services with pnp4nagiosjasonholtzapple
 
Managing the system and network connection Linux
Managing the system and network connection LinuxManaging the system and network connection Linux
Managing the system and network connection LinuxShriharsh Shendre
 
Linux Basic Networking Command
Linux Basic Networking CommandLinux Basic Networking Command
Linux Basic Networking CommandAkhil Nadh PC
 
2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council MeetingShawn Wells
 
The ifconfig Command
The ifconfig CommandThe ifconfig Command
The ifconfig CommandKevin OBrien
 
101 apend. networking linux
101 apend. networking linux101 apend. networking linux
101 apend. networking linuxAcácio Oliveira
 
LOS Micro project ppt.pptx
LOS Micro project ppt.pptxLOS Micro project ppt.pptx
LOS Micro project ppt.pptxThorOdinson55
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-adminbadamisri
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-adminbadamisri
 
High performance content hosting
High performance content hosting High performance content hosting
High performance content hosting Aleksey Korzun
 
Low cost multi-sensor IDS system
Low cost multi-sensor IDS systemLow cost multi-sensor IDS system
Low cost multi-sensor IDS systemRobert Schrack
 
RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)Sumant Garg
 

Similar a Linux networking (20)

Graphing Nagios services with pnp4nagios
Graphing Nagios services with pnp4nagiosGraphing Nagios services with pnp4nagios
Graphing Nagios services with pnp4nagios
 
Ltsp talk
Ltsp talkLtsp talk
Ltsp talk
 
Managing the system and network connection Linux
Managing the system and network connection LinuxManaging the system and network connection Linux
Managing the system and network connection Linux
 
Linux Basic Networking Command
Linux Basic Networking CommandLinux Basic Networking Command
Linux Basic Networking Command
 
Rac on NFS
Rac on NFSRac on NFS
Rac on NFS
 
2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting
 
The ifconfig Command
The ifconfig CommandThe ifconfig Command
The ifconfig Command
 
101 apend. networking linux
101 apend. networking linux101 apend. networking linux
101 apend. networking linux
 
LOS Micro project ppt.pptx
LOS Micro project ppt.pptxLOS Micro project ppt.pptx
LOS Micro project ppt.pptx
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-admin
 
Linux Conf Admin
Linux Conf AdminLinux Conf Admin
Linux Conf Admin
 
Linux conf-admin
Linux conf-adminLinux conf-admin
Linux conf-admin
 
Rhel7 vs rhel6
Rhel7 vs rhel6Rhel7 vs rhel6
Rhel7 vs rhel6
 
Pdf c1t tlawaxb
Pdf c1t tlawaxbPdf c1t tlawaxb
Pdf c1t tlawaxb
 
High performance content hosting
High performance content hosting High performance content hosting
High performance content hosting
 
linux installation.pdf
linux installation.pdflinux installation.pdf
linux installation.pdf
 
Low cost multi-sensor IDS system
Low cost multi-sensor IDS systemLow cost multi-sensor IDS system
Low cost multi-sensor IDS system
 
RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)
 
Linux network configuration
Linux network configurationLinux network configuration
Linux network configuration
 

Último

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Último (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

Linux networking

  • 1. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 The information presented should act as a guide to Red Hat Linux networking. It is intended to be  accompanied with training and self­study. To access most of these items you will need to have root  access, either directly or through  'sudo su ­', or via sudo exploits we won't discuss:­) Some items are  left for you to review while others are covered in more detail on the following pages. The descriptions are brief and are meant to be starting points. Use 'man <command or filename>' for  help pages. Be aware that man pages expect a certain level of technical knowledge and may require  several visits to grasp the information. Making use of multiple windows when working on a system, be  it local or remote, allows you to view a man page while trying the command or editing the file in a  different window.  Before this information can be useful, you should be able to use the following tools: ● vi  file editor common an all Linux and Unix systems ● cat  concatenate and view files  ● less  file pager with many features ● grep  extract information based on keywords ● man   ­use 'man ­k <word>' to search man pages for a keyword, or try 'man man'  always look at the 'see also' section near the bottom ● basic command line navigation, command execution, and output manipulation ● understand environmental variables  it is valuable to understand system variables, although they may not come into play often ● bash shell scripting  should be able to at least follow the flow and process of a bash script  ● basic network service clients such as ssh and ftp  use to test to local host, for confirming if it is a service problem or a network problem ● tee  use to send output to the monitor as well as a file for later review 1 of 11
  • 2. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 Configuration Files: ● /etc/hosts  used primarily to define static IP to hostname mappings. ● /etc/resolv.conf  defines name servers for DNS resolution. ● /etc/host.conf  defines parameters, the most common being search order, for name resolution. The order  keyword may include hosts, bind, and nis. ● /etc/sysconfig/network  defines network settings common to all interfaces such as hostname and default gateway ● /etc/sysconfig/network­scripts/  ifcfg­lo ifcfg­ethn  define the interface parameters such as IP address and network mask ● /etc/services  defines known port numbers to service names. Commands, services, and utilities often  display the service name in their output. Ports undefined in /etc/services should always be  defined by port number. ● /etc/rc.local  commands to run after the init scripts. You may want a static routing entry in here after the  network is set up. ● /proc pseudo­filesystem  allows you to read and in some cases write kernel variables.  look in /proc/sys/net/ for starters. Files show zero size but are populated when accessed. ● /etc/sysctl.conf  file you can use to control /proc file entries. This allows changes to survive a reboot. ●   /etc/sysconfig/hwconf  information on system hardware used for auto­detection of new hardware  can edit to force re­detection if troubleshooting a network card. File is rarely of interest. ● /etc/modprobe.conf  nic drivers and options are defined here Access Control Files: 2 of 11
  • 3. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 ● /etc/hosts.allow /etc/hosts.deny  controls TCPwrappers utility (see tcpd below)  view man page with 'man 5 hosts_access' [note the 5] ● /etc/init.d/iptables (alias of /etc/rc.d/init.d/iptables)  control and configuration of Iptables/NetFilter Linux Firewall  Log Files: Logs can provide valuable troubleshooting information but are too often overlooked.  dmesg falls into the logs category and should be reviewed, particularly if there are local problems as  opposed to remote host problems.  ● look in /var/log/ ● to view startup messages use 'dmesg|less' Commands and Utilities: ● arp  display or set arp table entries ● dig  query name servers ● dmesg  display ring buffer information from system startup ● ethereal  not installed by default ● ethtool ● host  query name servers ● hostname  display or set hostname  changes do not survive a reboot ● ifup  bring an interface up ● ifdown  shut down an interface ● ifconfig 3 of 11
  • 4. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006  view or set interface parameters  changes do not survive a reboot ● ip ● iptables  user space tools to manipulate netfilter kernel based firewall ● iptraf  displays network statistics  not installed by default ● netstat  use to display routing, open (listening) ports, etc ● ping  send a n icmp packet to an IP address or hostname ● route  display or manipulate routing tables  changes do not survive a reboot ● service  use to start, stop or restart services via supported init scripts ● tcpd (tcpwrappers)  access control for supported services ● tcpdump  view network traffic ● telinit (and runlevel)  use to change runlevels, use runlevel to view current and previous runlevel  not usually involved in networking ● traceroute  displays the route and statistics for UDP or ICMP packets as they traverse a network. Network Services: Starting and stopping of network services can be automated through: ● init scripts  symlinks to various scripts used to manage most system daemons ● /etc/rc.local file  commands to run after the init scripts. You may want a static routing entry in here after the  4 of 11
  • 5. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 network is set up. ● xinetd system  see /etc/xinetd.conf and files in /etc/xinetd.d/  replaces inetd and incorporates TCPwrapers Environmental Variables: These commands are for the bash shell, the default shell for most Linux distributions including Red  Hat. Other shells may use different methods. ● View current settings  display with 'env' for all or 'echo $<var­name>' ● Define new or change existing  variables  set variables with '<var­name>=”<value>”' Virtual Network Interfaces: ● A single interface can easily be configured to answer multiple IP addresses. Virtual Interfaces  are defined as ethn:m as are the configuration files. (0:0 is the physical nic, 0:1 and higher are  virtual, any unique number can be used. ● Create a configuration file /etc/sysconfig/network­scripts/ifcfg­ethn:m then restart the network  or use ifconfig to bring up the new interface. ● When working with iptables be aware it does not distinguish between real and virtual interfaces ● A Virtual Interface configuration file may look like: DEVICE=eth0:1 BOOTPROTO=static BROADCAST=192.168.1.255 IPADDR=192.168.1.41 NETWORK=192.168.1.0 ONBOOT=yes Troubleshooting Steps: These are very general steps used for isolating basic connectivity problems. ● ping 127.0.0.1  if fail here, network service may not be running. Start network, check logs and runlevel ● ping <localhost ip addr>  if fails, confirm IP address and interface state with ifconfig command 5 of 11
  • 6. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 ● ping <default gw ip>  if fails, try other local hosts and confirm physical cabling, check arp table ● ping <default gw hostname>  if first failure here, look at name resolution. Try dig or host and ping the name server. ● ping <destination hostname>  try another remote hostname, check name resolution, try pinging IP address ● traceroute <destination hostname>  this will show each step of the trip and indicate where along the path it fails ● tcpdump  view or save network traffic.  Learn to use the filters such as 'tcpdump ­i eth1 host 192.168.1.254 and not port ssh'  Common Tasks: ● change the systems hostname  use 'hostname <newname.domain.com>' to set the hostname for the running system.  To change the hostname permanently, edit /etc/sysconfig/network and restart the network  (or combine the two methods) ● change an interface IP address  temporarily set the IP address via chkconfig or ip commands.  For a permanent change, edit etc/sysconfig/network­scripts/ifcfg­ethn and restart the  network (or combine the two methods) More Detail on Commands and Files : ● ifcfg­ethn files  The directory /etc/sysconfig/network­scripts contains, among other related files, the  configuration files for each physical and virtual interface.  The configuration entries are pretty self­explanatory. Typical entries are shown below (not all entries are always required): DHCP: DEVICE=eth0 BOOTPROTO=dhcp HWADDR=00:11:D8:44:12:19 ONBOOT=yes 6 of 11
  • 7. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 TYPE=Ethernet Static IP: DEVICE=eth0 BOOTPROTO=static NETWORK=192.168.1.0 BROADCAST=192.168.1.255 IPADDR=192.168.1.40 HWADDR=00:11:D8:44:12:19 ONBOOT=yes TYPE=Ethernet  If you want to disable or save a copy of an ifcfg file, you should remove it from the  directory since a simple appending of _orig (or something similar) will still leave it as a  target for the network services to use. Depending on other details this may harmlessly fail  or may cause much disruption when the network services are (re)started. ● ifconfig command  This command will allow you to view or temporarily modify many aspects of the network  settings. With no arguments 'ifconfig' displays information on all active interfaces.  Information includes IP, broadcast, network mask, and throughput information amongst  other things.  You can change much of the network setup with this command. It is typically used to either  change something temporarily (e.g. for testing) or to bring a single interface up or down,  which can be done with ifup and ifdown using less typing:). One benefit of using ifconfig to  change an IP address is that you do not need to start and stop the network. You can even  change the MAC address using this command. ● ip command  Very similar to ifconfig this command can display or manipulate network settings. Although  some information overlaps these two commands, 'ip' deals with IP, network address, routing  and ARP information.  The different output formats can work for you when creating scripts to report or manipulate  a network. A prime example is how the IP address and Network Mask are displayed: # ifconfig eth0|grep "inet a" 7 of 11
  • 8. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006    inet addr:192.168.1.40  Bcast:192.168.1.255  Mask:255.255.255.0 # ip addr show dev eth0|grep "inet "    inet 192.168.1.40/24 brd 192.168.1.255 scope global eth0   iptables utility   The Linux kernel based Firewall. We do not typically use the Linux Firewall but you  should know how to check it. The firewall is comprised of NetFilter, the heart of the system  which is part of the Linux kernel, and IPtables which is the user space tools and  configurations you use to control the firewall. The firewall is always running and is  controlled by rules (or chains) the user defines. In what is referred to as stopped  the  firewall is actually running but has no blocking rules. You can display the current state of  the firewall with the command 'iptables ­L'. You can flush all rules and in essence 'stop' a  firewall with the command 'service iptables stop' (see service command detailed below).   A non­blocking firewall will display the following: ● tcpdump command  Displays packet headers from an interface. This command offers many ways to manipulate  the display. The most common is to add simple filters to the command line.  A typical remote monitor of web traffic might look like this (wrapped lines are indented):        [root@d207­216­142­87 ~]# tcpdump ­i eth1 port http        tcpdump: verbose output suppressed, use ­v or ­vv for full protocol decode        listening on eth1, link­type EN10MB (Ethernet), capture size 96 bytes       16:35:38.976614 IP d207­216­142­87.bchsia.telus.net.50436 > nfl.bodog.com.http: S            1104743985:1104743985(0) win 5840 <mss 1460,sackOK,timestamp 307804218  0,nop,wscale 2> 8 of 11
  • 9. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 16:35:38.986239 IP nfl.bodog.com.http > d207­216­142­87.bchsia.telus.net.50436: S  78647379:78647379(0) ack 1104743986 win 5792 <mss 1380,sackOK,timestamp  744177594 307804218,nop,wscale 0> 16:35:38.986447 IP d207­216­142­87.bchsia.telus.net.50436 > nfl.bodog.com.http: . ack 1  win 1460 <nop,nop,timestamp 307804221 744177594> 16:35:38.989257 IP d207­216­142­87.bchsia.telus.net.50436 > nfl.bodog.com.http: P  1:462(461) ack 1 win 1460 <nop,nop,timestamp 307804222 744177594> 16:35:39.004945 IP nfl.bodog.com.http > d207­216­142­87.bchsia.telus.net.50436: . ack  462 win 6432 <nop,nop,timestamp 744177596 307804222>  When logged in to a remote system via ssh and want to run tcpdump on the same remote  interface, always include a 'not ssh' filter or every bit of tcpdump info sent to your display  will be caught by tcpdump causing a massive ssh loop.   You should be aware that tcpdump captures packets at the interface level and iptables  handles are passed through to the network IP stack, so incoming traffic is captured by  tcpdump prior to iptables rules being applied but outbound traffic is passed through iptables  rules on it's way to the interface.   ● network file  The file /etc/sysconfig/network defines network settings common to all interfaces.  A typical file may look like this: NETWORKING=yes HOSTNAME=nova3.linux1.ca GATEWAY=192.168.101.1 NOZEROCONF=yes  The 'NOZEROCONF=yes' removes an unnecessary routing entry. ● chkconfig command  This command is used to simplify the management of service daemons. It works in  conjunction with the 'service' command. It sets what runlevels a services will be started and  stopped at.  Any init script that contains the required lines can be managed by chkconfig.  The following two keyword based entries allow an init script to fall under the control of the  chkconfig command: # chkconfig: 2345 08 92 # description: Automates a packet filtering firewall with iptables. 9 of 11
  • 10. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 Use 'man chkconfig' for details about the init script entries as well as how to add, delete, or  modify a services behavior.  The most common use, 'chkconfig –list' (two dashes), is to display what services will be  running at runlevel 3 and 5.  You cannot change the current state of  a daemon with this command. Use service instead. ● service command  Where chkconfig is used to report or set the planed states of daemons, 'service' is used to  check or change the state of a service daemon.  For services that use the 'case' statement, the service commands is used to start, stop, restart  or get the status of a daemon. If you drop the action argument the valid choices are  displayed.  Typical usage, say to troubleshoot flaky ssh connection, could look something like this:  See the comment under “Notes and Tips” regarding restarting a remote network. ● ps command  Although this is a very basic command, I want to touch on it's importance. When  troubleshooting network services, you need to confirm the daemon is actually running. It is  possible for the service command to report a daemon is running when in fact it has crashed  and left behind PID and lock files.  This command has many options but for network troubleshooting you don't need to know  them all, however it would be prudent to spend some time and get comfortable with some of  the output formats.  A simple check to see if java is running could be 'ps ­e|grep java'  See the item under “Notes and Tips” for some further actions 10 of 11
  • 11. Red Hat Linux Networking Fundamental Network Configuration and Troubleshooting Pete Nesbitt March 2006 Note and Tips: ● When working on a remote machine, always use 'service network restart' never try and stop  then start the network in two steps or you will be disconnected. Same thing with ssh. ● When using tcpdump remotely, be sure to filter out 'ssh' packets. If you wonder why, try ssh'ing  into a remote system and run 'tcpdump' with no arguments. ● If IP moves from one system to another it will confuse some layer 4 switches, ping out from  new machine to tell switches where you are. Otherwise, the new system will not be available  until the switch flushes it's tables. ● If ps does not show a process running or 'netstat ­l' does not show a listening port, but service  reports it is running or reports a related error, you may need to remove old PID or lock files.  These are located in /var/run/ and /var/lock/subsys/ respectably. ● If ps reports a daemon has a PID but it is not functioning or will not stop or start, you may need  to kill the defunct process. To do this, see the kill and killall man pages. EOF 11 of 11