Linux Network Commands – A Complete List With Examples and Explanations

By /

Networking is a fundamental capability of Linux, and mastery of Linux networking commands is crucial for network administrators and systems engineers to effectively manage their infrastructure. This comprehensive guide provides a practical reference to key Linux CLI tools for various network-related tasks.

Importance of Networking Commands in Linux

Linux is built for networking and provides extremely robust networking capabilities. It implements the full TCP/IP networking stack and IPv4/IPv6 protocols. Powerful networking features are deeply integrated into the Linux kernel and most distributions.

For administering Linux systems at scale, knowledge of networking commands is indispensable. Linux provides a vast collection of CLI tools to configure, monitor, analyze and troubleshoot networks and network services. Mastering these tools is a must for any serious Linux system administrator.

Compared to GUI tools, CLI network commands provide finer-grained control, more detailed insights, and flexibility to automate repetitive tasks. They are ideal for scripting and integrating into workflows. For these reasons, networking commands are the preferred tools for many Linux network and system administrators.

Categorization of Linux Network Commands

The wide range of Linux networking commands can be categorized based on their purpose and use case:

  • Status and Info: Commands like ip, ifconfig, netstat, ss display status and configuration info about network interfaces, connections, routing tables etc.
  • Troubleshooting: ping, traceroute, tracepath, mtr help diagnose connectivity and network issues.
  • Traffic Analysis: Tools like tcpdump, Wireshark, nethogs capture and analyze network traffic.
  • Configuration: ip, ifconfig, nmcli are used to configure network interfaces and connections.
  • DNS tools: dig, host, nslookup query DNS servers and display DNS records.
  • Performance: iperf, nload, slurm measure bandwidth utilization and network throughput.
  • File transfers: scp, rsync, curl, wget transfer files and data.
  • Security and PenTesting: nmap, netcat assess vulnerabilities and penetration test networks.

This categorization provides a high-level overview of the functionality. Many tools have overlapping capabilities that span multiple categories.

1. ifconfig

The ifconfig command is used to configure and view details of network interfaces. It can set IP addresses, enable/disable interfaces, set MTU sizes etc.

To view details of active interfaces:

$ ifconfig

To view all interfaces, including inactive ones:

$ ifconfig -a

To assign an IP address:

$ sudo ifconfig eth0 192.168.56.5 netmask 255.255.255.0

To activate an interface:

$ sudo ifconfig eth0 up

To deactivate an interface:

$ sudo ifconfig eth0 down

ifconfig is now considered obsolete and replaced by ip command.

2. ip

The ip command manages network interfaces, IP addresses, routing etc. It provides more features compared to old ifconfig tool.

To view interface details:

$ ip addr show

To add an IP address:

$ sudo ip addr add 192.168.56.5/24 dev eth0

To remove an IP address:

$ sudo ip addr del 192.168.56.5/24 dev eth0

To activate an interface:

$ sudo ip link set eth0 up

To deactivate an interface:

$ sudo ip link set eth0 down

3. ping

The ping command sends ICMP echo requests to a host to test connectivity. A successful ping indicates the host is reachable.

$ ping example.com

Limit number of packets:

$ ping -c 5 example.com

4. traceroute

The traceroute command prints the route packets take to reach a destination. It lists all the hops and transit times.

$ traceroute example.com

Use ICMP instead of default UDP:

$ traceroute -I example.com

5. tracepath

tracepath is similar to traceroute but doesn‘t require root privileges. It also detects path MTU.

$ tracepath example.com

6. netstat

The netstat command prints network connections, routing tables, interface stats etc.

List open sockets:

$ netstat

List sockets associated with processes:

$ netstat -p

List detailed socket statistics:

$ netstat -s

Print routing table info:

$ netstat -r

netstat is deprecated and replaced by ss.

7. ss

The ss command prints socket statistics similar to netstat but faster, since it reads info from kernel space.

List all sockets:

$ ss

List only TCP sockets:

$ ss -t

List UDP sockets:

$ ss -u

Show established connections:

$ ss -t state established

8. tcpdump

The tcpdump command captures network packets and prints them on the screen. It‘s useful for network troubleshooting and analysis.

Capture packets on eth0:

$ tcpdump -i eth0

Capture only TCP packets:

$ tcpdump -i eth0 tcp

Capture packets to/from a host:

$ tcpdump host 192.168.0.1

Save capture to a file:

$ tcpdump -w /tmp/capture.pcap

Read from a saved capture:

$ tcpdump -r /tmp/capture.pcap

9. lsof

The lsof command lists open files and network connections being used by processes.

List all open network connections:

$ lsof -i

List open TCP connections:

$ lsof -i TCP

List open UDP connections:

$ lsof -i UDP

10. nmap

The nmap command is a network scanner useful for discovery and security auditing. It can probe ports, OS detection, service detection etc.

Scan a host:

$ nmap 192.168.0.1

Scan a subnet:

$ nmap 192.168.0.1/24

Scan a port:

$ nmap -p 80 192.168.0.1

OS detection:

$ nmap -O 192.168.0.1

11. hostname

The hostname command prints or sets the system‘s hostname.

Print hostname:

$ hostname

Set temporary hostname:

$ hostname new-hostname

Set permanent hostname (edit /etc/hostname file):

$ sudo nano /etc/hostname

12. nslookup

The nslookup command queries DNS servers to retrieve DNS records.

Lookup IP address of domain:

$ nslookup example.com

Get MX records:

$ nslookup -query=MX example.com

13. dig

The dig command queries DNS servers and retrieves DNS records. It offers more detailed output than nslookup.

A record lookup:

$ dig example.com

MX record lookup:

$ dig example.com MX

Any record lookup:

$ dig example.com ANY

14. host

The host command does DNS lookups to convert between domain names and IP addresses.

IP lookup:

$ host 8.8.8.8

Domain lookup:

$ host google.com

15. arp

The arp command displays and modifies the system‘s ARP cache, which maps IP addresses to MAC addresses.

Show ARP cache entries:

$ arp

Clear ARP cache:

$ sudo arp -d

16. iwconfig

The iwconfig command shows and sets wireless interface parameters like SSID, frequency, power management etc.

Show wireless config:

$ iwconfig

Set SSID:

$ iwconfig wlan0 essid "MyWireless"

17. iwlist

The iwlist command scans for available wireless networks. It can also perform various tests like checking connectivity or bandwidth measurements.

Scan for networks:

$ iwlist wlan0 scan

Get signal quality:

$ iwlist wlan0 survey

18. route

The route command displays and modifies the system‘s IP routing table. It configures how packets are forwarded between network interfaces and subnets.

Show routing table:

$ route -n

Add static route:

$ sudo route add -net 192.168.2.0/24 gw 192.168.0.1

Delete route:

$ sudo route del -net 192.168.2.0/24

19. mtr

The mtr combines functionality of traceroute and ping. It provides network diagnostics by measuring response times and packet loss across each hop.

$ mtr example.com

20. nethogs

nethogs monitors bandwidth usage per process in real time. It‘s useful for identifying bandwidth hogs.

$ sudo nethogs

21. iftop

iftop monitors overall bandwidth usage on network interfaces. Helpful for identifying interfaces facing high traffic.

$ sudo iftop -i eth0

22. nload

nload displays real-time network usage graph for incoming and outgoing traffic. Useful for basic traffic monitoring.

$ nload

23. ip route

The ip route command displays and manages the routing table. Replaces old route command.

Show routing table:

$ ip route show

Add static route:

$ sudo ip route add 192.168.2.0/24 via 192.168.0.1

24. ip neigh

The ip neigh commands manages ARP cache entries. It displays and modifies ARP entries.

Show ARP entries:

$ ip neigh

Add static ARP entry:

$ sudo ip neigh add 192.168.2.5 lladdr 00:11:22:33:44:55 dev eth0

25. curl & wget

curl and wget are command line tools for downloading files via HTTP, HTTPS, FTP etc.

Download file with curl:

$ curl -O example.com/file.zip

Download file with wget:

$ wget example.com/file.zip

Network Configuration Commands

  • ip – new tool that replaced ifconfig for interface configuration
  • ifconfig – old interface configuration tool, deprecated now
  • nmcli – command line tool to manage NetworkManager
  • netplan – utility for network configuration in Ubuntu
  • nmtui – text user interface for controlling NetworkManager
  • systemd-networkd – systemd service for network configuration
  • networkctl – tool to show network connections status

Network Security and PenTesting Tools

  • nmap – network scanner for discovery, auditing and vulnerability assessment
  • netcat – versatile networking utility, can be used for port scanning, transfers, backdoors etc.
  • hping – generates custom TCP/IP packets for pen testing
  • unicornscan – asynchronous TCP/UDP port scanner
  • semtex – TCP/UDP-based vulnerability scanner

Conclusion

This guide covers the most essential Linux networking commands line tools. Mastery of these will enable you to effectively manage your Linux networks and troubleshoot any issues that may arise.

The power of Linux lies in combining these tools to gather insights and automate tasks. For example, use tcpdump to collect traffic, analyze with Wireshark and use sed, awk, grep to extract information.

Keep this reference handy and keep exploring more networking commands as you advance in your Linux journey!

Related Posts

Scroll to Top