Linux Network Administration Commands

Basics

  • Resolve a name via nsswitch
    getent hosts <host name>
  • CloudShark: Sharing network traces

Configuration

  • ethtool - Usage
    ethtool eth0                       # Print general info on eth0
    ethtool -i eth0                    # Print kernel module info
    ethtool -S eth0                    # Print eth0 traffic statistics
    ethtool -a eth0                    # Print RX, TX and auto-negotiation settings
    
    # Changing NIC settings...
    ethtool -s eth0 speed 100
    ethtool -s eth0 autoneg off
    ethtool -s eth0 duplex full
    ethtool -s eth0 wol g               # Turn on wake-on-LAN
    

    Do not forget to make changes permanent in e.g. /etc/network/interfaces.

  • miitool - Show Link Infos
    # mii-tool -v
    eth0: negotiated 100baseTx-FD flow-control, link ok
      product info: vendor 00:07:32, model 17 rev 4
      basic mode:   autonegotiation enabled
      basic status: autonegotiation complete, link ok
      capabilities: 1000baseT-HD 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD
      advertising:  100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
      link partner: 1000baseT-HD 1000baseT-FD 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control
    
  • Enable Jumbo Frames
    ifconfig eth1 mtu 9000
  • ipsets - Using IP sets for simpler iptables rules
    ipset create smtpblocks hash:net counters
    ipset add smtpblocks 27.112.32.0/19
    ipset add smtpblocks 204.8.87.0/24
    iptables -A INPUT -p tcp --dport 25 -m set --match-set smtpblocks src -j DROP
    
  • iptables - Loopback Routing:
    iptables -t nat -A POSTROUTING -d <internal web server IP> -s <internal network address> -p tcp --dport 80 -j SNAT --to-source <external web server IP>
  • NFS - Tuning Secrets: SGI Slides on NFS Performance

Troubleshooting

  • Black Hole Route: To block IPs create route on loopback
    route add -net 91.65.16.0/24 gw 127.0.0.1 lo   # for a subnet
    route add  91.65.16.4 gw 127.0.0.1 lo   # for a single IP
  • Quick Access Log IP Top List
    tail -100000 access.log | awk '{print $1}' | sort | uniq -c |sort -nr|head -25
  • Find out if IP is used before configuring it
    arping <IP>
  • Traceroute with AS and network name lookup
    lft -AN www.google.de
  • Manually lookup AS
  • dailychanges.com: Tracks DNS changes

Measuring

  • vnstat - Short term measurement bytes/packets min/avg/max:
    vnstat -l      # Live listing until Ctrl-C and summary
    vnstat -tr     # 5s automatic traffic sample
  • vnstat - Long term statistics:
    vnstat -h      # last hours (including ASCII graph)
    vnstat -d      # last days
    vnstat -w      # last weeks
    vnstat -m     # last months
    
    vnstat -t       # top 10 days

Discovery

  • nmap commands
    # Network scan
    nmap -sP 192.168.0.0/24
    
    # Host scan
    nmap <ip>
    nmap -F <ip>      # fast
    nmap -O <ip>     # detect OS
    nmap -sV <ip>     # detect services and versions
    nmap -sU <ip>     # detect UDP services
    
    # Alternative host discovery
    nmap -PS <ip>     # TCP SYN scan
    nmap -PA <ip>     # TCP ACK scan
    nmap -PO <ip>     # IP ping
    nmap -PU <ip>     # UDP ping
    
    # Alternative service discovery
    nmap -sS <ip>      
    nmap -sT <ip>
    nmap -sA <ip>
    nmap -sW <ip>
    
    # Checking firewalls
    nmap -sN <ip>
    nmap -sF <ip>
    nmap -sX <ip>
    

Debugging

  • X-Trace - Multi-protocol tracing framework
  • iptraf - Real-time statistics in ncurses interfaces
  • mtr - Debug routing/package loss issues
  • netstat - The different modes
    # Typically used modes
    netstat -rn          # List routes
    netstat -tlnp       # List all open TCP connections
    netstat -tlnpc      # Continuously do the above
    netstat -tulpen    # Extended connection view
    netstat -a           # List all sockets
    
    # And more rarely used
    netstat -s            # List per protocol statistics
    netstat -su          # List UDP statistics
    netstat -M           # List masqueraded connections
    netstat -i            # List interfaces and counters
    netstat -o           # Watch time/wait handling
    
  • nttcp - TCP performance testing
    # On sending host
    nttcp -t -s
    
    # On receiving host
    nttcp -r -s
    
  • List Kernel Settings
    sysctl net
  • tcpdump - Be verbose and print full package hex dumps:
     tcpdump -i eth0 -nN -vvv -xX -s 1500 port <some port>
  • SNMP - Dump all MIBs: When you need to find the MIB for an object known only by name try
    snmpwalk -c public -v 1 -O s <myhost> .iso | grep <search string>
  • Hurricane Electric - BGP Tools: Statistics on all AS as well as links to their looking glasses.
  • tcpdump - Tutorial: Many usage examples.
    # Filter port
    tcpdump port 80
    tcpdump src port 1025 
    tcpdump dst port 389
    tcpdump portrange 21-23
    
    # Filter source or destination IP
    tcpdump src 10.0.0.1
    tcpdump dest 10.0.0.2
    
    # Filter  everything on network 
    tcpdump net 1.2.3.0/24
    
    # Logically operators
    tcpdump src port 1025 and tcp 
    
    # Provide full hex dump of captured HTTP packages
    tcpdump -s0 -x port 80
    
    # Filter TCP flags (e.g. RST)
    tcpdump 'tcp[13] & 4!=0'
    


NFS Administration Commands

Comments

yo la verda no entiendo mucho

yo la verda no entiendo mucho de comandos en linux pero es bueno aprender un poco mas sobre este sistema operativo

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

To prevent automated spam submissions leave this field empty.
Syndicate content