This document provides information on various networking tools and concepts in Linux. It discusses network basics like hosts, servers, clients and protocols. It then summarizes tools for remote access (Telnet), file transfer (FTP), downloading files (Wget, Curl), secure connections (SSH), network configuration (ifconfig, route), viewing connections (netstat), and network tracing (tcpdump).

1. Network Tools

2. Network Basics
• Host – is a computer system on the network.
• Server – provides resources to clients via the network.
• Client – uses services from servers on the network.
• Protocol – a globally defined way for clients and servers
to communicate a service
• With Linux and Unix systems most tools are basing data
transfer on Network transport. The most outstanding
example of this is the X Server and Clients.
These initialize Network connection to provide a GUI

3. Telnet
• telnet is an application that enables users to connect to
a remote system
• The telnet server simulates a terminal to allow you to
connect to and work on a remote system, including:
– Operating a session on a remote machine.
– Alternating between the remote session and the local
session.
– Accessing machines that do not run under the Unix
environment, and vice versa
• Telnet protocol is very simple – it transfers every key
typed. For this reason the telnet program is sometimes
used to debug problems with servers by emulating
protocols manually

4. Ftp
• The ftp program is a command line interface to the ftp
protocol for file transfer.
• ftp uses a set of commands to connect, authenticate and
view and transfer files
• The ftp server allows access to the file system of the
host, under certain limits. Ftp allows to transfer files to
and from the remote host.
• Many implementations of ftp exists, including the web
browsers.
• It is much less common today to use the ftp program,
but the ftp protocol is in very common use on the internet

5. Wget and curl
• In today’s computing world, the internet speaks mainly
http.
• Besides its use as the html protocol, it is now used as a
downloading protocol, besides ftp
• Getting files from the internet can be done with a browser
• But on a server when you don’t have a GUI, a browser is
not available
• There is an exception: the lynx text based browser
displays can be used in terminal windows
• But, if all you want is to download a file when you have a
url, all you need is wget or curl, two tools that will act as
ftp or http clients and will do all that is necessary to
connect, authenticate and deliver the file to your local
system

6. SSH- secure connection
• SSH is the secured alternative to both trust and telnet
• All traffic in ssh is encrypted, so it cannot be
eavesdropped
• It is very simple to set up a password-less authentication
using a key-pair. There is no way for a third party to pose
as client

7. SSH- secure connection
• Ssh has a set of utilities for various needs:
– ‘ssh’ remote connect to a system (open a shell by
default, or execute any command using –c)
– ‘scp’ copy files between systems in a format similar to
cp
$ scp fromhost:/frompath tohost:topath
– ‘sftp’ ftp like interactive program with enhanced
security
– SSH tunneling: transfer any protocol over an ssh
connection, securing it

8. SSH- secure connection
• Linux uses SSH as the main transport for Graphical
Display data, in case these are needed on a remote
machine.
• SSH Tunneling is being used in order to transfer the
data, instead of the older method of working directly with
the X Server
• In order for ssh to support getting the Display data from
a remote hosts, it should be invoked with the ‘-X’ flag

9. @ Copyrights InterBit LTD.
Networking Subsystem
• NIC configuration entity is called an interface.
• Interface configuration files are located in:
/etc/sysconfig/network-scripts
• NIC drivers need to be compiled into kernel or
loaded as modules.
• Interfaces have names based on their types:
– Ethernet – eth0,eth1,eth2….
– PPP – ppp0,ppp1….
– etc..

10. @ Copyrights InterBit LTD.
ifconfig
• General network interface configuration
and debugging utility.
• Used to set up network interfaces during boot
time and runtime.
• Supports multiple address families – ipv4, ipv6

11. @ Copyrights InterBit LTD.
ifconfig
• Interface specific tuning – txqueue length, MTU,
etc..
• Query interface network statistics – packets
tx/rx,packet loss,etc…
• Configuring eth0 interface using ifconfig can be
as easy as:
$ ifconfig eth0 10.0.0.1 up
• Ifconfig will derive the netmask, broadcast
address based on the ip given.

12. @ Copyrights InterBit LTD.
ifconfig
• Queriying newly set interface eth0:
$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:01:02:F3:36:83
inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.0.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:50 TX bytes:124
Interrupt:20 Base address:0x2280

13. @ Copyrights InterBit LTD.
Routing
• Routing table is manipulated using /sbin/route.
• Setting default gateway:
$ /sbin/route add default gw 10.0.0.138
• Setting route to specific network:
$ /sbin/route add –net 172.16.0.0 gw 10.0.0.254
• Set a route permanent by either
/etc/sysconfig/route
or by adding the route command to
/etc/rc.d/rc.local
• Removing routing entry:
$ /sbin/route del –net 172.16.0.0 gw 10.0.0.254

14. @ Copyrights InterBit LTD.
Viewing network connections
• ‘netstat’ prints network connections, routing
table, interface statistics.
• Printing routing table:
$ netstat –r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window Iface
212.150.51.136 * 255.255.255.248 U 40 eth0
default 212.150.51.137 0.0.0.0 UG 40 eth0

15. @ Copyrights InterBit LTD.
Viewing network connections
• Listing open connections and their state:
$ netstat –n
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 32803 212.150.53.141:6881 80.162.21.171:63273 ESTABLISHED
tcp 0 0 212.150.53.141:6882 219.93.56.246:2214 ESTABLISHED
tcp 0 81 212.150.53.141:4982 81.86.150.228:4891 ESTABLISHED
tcp 0 0 212.150.53.141:49525 82.42.56.48:4662 TIME_WAIT
• Printing Varios protocol specific statistics:
$ netstat –s

16. @ Copyrights InterBit LTD.
Persistent Network config
• Network startup script uses configuration files
to set up networking upon boot.
• Network configuration files are located under
‘/etc/sysconfig/’.
• ‘/etc/sysconfig/network’ file defines non
interface specific network configuration:
– NETWORKING=<YES|NO>.
– GATEWAY=<default gateway ip>.
– GATEWAYDEV=<default gateway interface>.

17. @ Copyrights InterBit LTD.
Persistent Network config
• Interface specific configuration files located in
‘/etc/sysconfig/network-scripts’.
• Each interface has a corresponding config file of
the following scheme:
ifcfg-<interface>

18. @ Copyrights InterBit LTD.
Persistent Network config
• Sample
/etc/sysconfig/network-scripts/ifcfg-eth0:
DEVICE=eth0
BOOTPROTO=none # valid values are dhcp,none,bootp
ONBOOT=yes
NETWORK=10.0.1.0
NETMASK=255.255.255.0
IPADDR=10.0.1.27
USERCTL=no # can be controlled by non root

19. @ Copyrights InterBit LTD.
IP Aliasing
• Method of specifying multiple ip addresses for a
single NIC is called ip aliasing.
• In order to use ip aliasing, a kernel must be
compiled with ip aliasing support.
• Ip aliasing is configured by specifying an
interface of the following form:
<first interface on a nic>:’n’ – where n is a number

20. @ Copyrights InterBit LTD.
IP Aliasing
• Example:
$ ifconfig eth0 172.16.3.1 up
$ ifconfig eth0:1 172.16.3.10
$ ifconfig –a
eth0
Link encap:10Mbps Ethernet HWaddr 00:8E:B8:83:19:20
inet addr:172.16.3.1 Bcast:172.16.3.255 Mask:255.255.255.0 UP BROADCAST RUNNING
PROMISC MULTICAST MTU:1500 Metric:1
RX packets:334036 errors:0 dropped:0 overruns:0
TX packets:11605 errors:0 dropped:0 overruns:0 Interrupt:7 Base address:0x378
eth0:1
Link encap:10Mbps Ethernet HWaddr 00:8E:B8:83:19:20
inet addr:172.16.3.10 Bcast:172.16.3.255 Mask:255.255.255.0 UP BROADCAST RUNNING
MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:0

21. @ Copyrights InterBit LTD.
IP Aliasing
• Defining boot time ip aliased interfaces is done
similarly to regular interfaces.
• Example:
/etc/sysconfig/network-scripts/ifcfg-eth0:1
DEVICE=eth0:1
BOOTPROTO=none
ONBOOT=yes
NETWORK=172.16.3.0
NETMASK=255.255.255.0
IPADDR=172.16.3.10
USERCTL=no

22. @ Copyrights InterBit LTD.
NIC link configuration
• Most current NICs and network devices support
auto- negotiation of speed and duplex.
• ‘/sbin/ethtool’ is used to view, manage NIC
auto- negotiation.
• Disabling auto-negotiation and forcing 100Mbit
Full Duplex mode:
$ /sbin/ethtool eth0 –s autoneg off speed 100 duplex full
• Use ethtool eth0 to view current link
configuration.

23. @ Copyrights InterBit LTD.
NIC link configuration
# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: Yes
Speed: 10Mb/s
Duplex: Half
Port: MII
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: g
Wake-on: g
Current message level: 0x00000007 (7)
Link detected: yes

24. @ Copyrights InterBit LTD.
Network kernel parameters
• Network related tunable parameters located in
‘/proc/sys/net’
• Ip forwarding enabled/disabled by
‘/proc/sys/net/ipv4/ip_forward’
• Interface specific kernel tunables located at:
‘/proc/sys/net/ipv4/conf/<interface>’

25. @ Copyrights InterBit LTD.
Network Tracing
• tcpdump is a network tracing tool. It connects
to a network interface, and print out
information about every packet going through
this interface
• Syntax:
tcpdump [options]
• Options:
– -i interface trace packets on interface
– -w file write data to file

26. @ Copyrights InterBit LTD.
Network Tracing
– -r file get data from file
Note: tcpdump output data files are written in PCAP
format, which is the same format that is used by tools
like ethereal and wireshark