LinuxNetworking

HowNetworkingWorks

ConfiguringNetworkinginLinux

Usingsystemconfignetwork

Networkdebugging

Wirelessnetworking

IPv6

IowaStateUniversityInformationTechnologyServices
Lastupdate2/11/2008byjbalvanz

Networking

NetworkingusestheTCP/IPprotocolbydefault,but
Linuxcanuseotherprotocolstointeractwithother
operatingsystems:
MSNetworking(samba)
NovellNetware(ipx)
AppleShare(netatalk)

NetworkingReferences

MuchmoreinfoonTCP/IPavailableat:
LinuxNetworkAdministrator'sGuidebyDawson,Bautts
andPurdy(O'Reilly)
[Link]
se/RHEL-5-manual/Deployment_Guide-enUS/[Link]
[Link]
html

NetworkInterfaces

Allinterfacestreatedasdevices,foundunder
/dev/devname
loloopbackdevice
Usedfortestingandaccessingserversrunningonthe
localmachine.
NamedlocalhostwithIP127.0.0.1

Ethernet/wirelessinterfaces

eth0,eth1,...
Ethernetandwirelesscards
Mostcommonconnectionsoncampus
Driversareusuallyloadedasamoduleduringstartup
(usinginsmod)butsomeolderdriversmayhavetobe
[Link]
detectedatinstallationunlessyouaddthecardlater.

PPPinterfaces

ppp0,ppp1,...
Pointtopointprotocol,usuallytelephonemodem
AppearswhenyouinvokethePPPclientdaemon,usually
byrunningsomethinglikewvdialorkdial,toconnectto
anInternetserviceprovider

Otherinterfaces

tk0,tk1... Tokenringinterfaces
sl0,sl1... SLIP(serial,usuallymodem,outdatedand
replacedbyPPP)

plip0...

ParallelLineInterfaceProtocol
(parallelport,likeLapLink)

cipebc0...CryptoIPEncapsulation(IPtunnel)

isdn0...

ISDNmodems

ax0,ax1...

AX.25(foramateurradiobuffs)

NamingofParts

NIC:NetworkInterfaceCard,thehardwarethatconnects
themachinetothenetwork(mightbebuiltinto
motherboard,mightbeaPCIorISAorPCCardaddon)
MACAddress:hardwareaddressoftheNIC,assigned
bythecardmanufacturerwhenthecardismade
Ex:00:0a:95:a7:62:d8
IPAddress:32bitaddressrelatingmachinetoits
"physical"locationonthenetwork(alsocalledIPnumber)

IPPacket

ContainsthedatatobetransferredplusMACaddresses
andIPaddressesforbothsourceanddestination
Headerinfo

IPAddresses Actualdatatobetransferred

Headerinfoincludespacketidentifier,packettype,
protocoltobeused,timetoliveandchecksum

Thisstringofbytesis"yelled"ontothesubnet,andthe
routerforwardsitwhereit'ssupposedtogo.

IPNumbers

Eachinterfacemusthaveaunique32bitIPnumber(at
least,onitssubnet)
Usuallywrittenasfour8bitnumbers
[Link]
Firstthreenumbersdeterminethesubnet
Eachsubnethasarouterthattransferspacketstoandfrom
thesubnet

WheredoestheIPNumberCome
From?

localhostisalways127.0.0.1

PPPconnectionsareassignedanIPwhentheyconnect

Ethernet,wirelessandsimilarconnectionsgetanIP
numberinoneoftwoways:

StaticIPnumber

Dynamicaddressing(DHCPorBOOTP)

StaticIPNumber

Assignedbythenetworkadministrator
AtISU,primarilyusedformachinesthatmustbeat
predictablelocations(serverorremoteaccessdesktop)
AtISU,loginto[Link]
forServices>DomainNameService>IPRequestto
requestastaticIPnumber
Alsousedonprivatenetworks(isolatedbehindarouter
withnoDHCP,orinalocationwithnoInternet
connection)

DynamicIPNumbers

Amachineconnectingtothenetrequestsanaddressanda
DHCPservergivesitone

Mostofcampusbuildings(includingresidence)

MostDSLroutersandcablemodems

ManyLinuxbasedrouterprojects

Microsoft'sInternetConnectionSharing(Windows
98+)

PrivateNetworks

PrivatenetworkIPaddressesfallinthefollowingranges:

10.0.0.0through10.255.255.255
172.16.0.0through172.31.0.0
192.168.0.0through192.168.255.0
Aslongasyournetworkisisolatedorconnectedtothe
Internetbyarouter,youcanuseIPnumbersinthisrange.
Assignonetoeachmachineandkeeptrackofwhatyou
[Link]'tusethemoncampus!

ConfiguringNetworking

Basicnetworking(firstEthernetcard)isconfigured
duringinstallation
Networkingchangescanbedoneintwoways:

Editconfigurationfiles,restartinterfacewithifdown
ifaceandifupiface(orifconfigifacedownand
ifconfigifaceup)
UsetheNetworkAdministrationTool
systemconfignetwork

NetworkConfigurationFiles

/etc/sysconfig/network
Basicinformationaboutthecomputer;whetherornot
networkingisonandthehostname
/etc/sysconfig/networkscripts/ifcfgiface
Configurationinformationforinterfaceiface,plusifup
andifdownscripts
/etc/hosts
IPnumbersforspecialmachines
/etc/[Link]
Infoondomainnameserversandsearchdomains

/etc/sysconfig/network

Setswhetherornotnetworkingison,thehostnameand
(optionally)thegatewaydeviceandIP.
NETWORKING=yes
HOSTNAME=[Link]
GATEWAYDEV=eth0
GATEWAY=[Link]

WhenusingDHCP,theDHCPclientwillcreate
thisfileforyou.
Thehostnameshouldalsobein/etc/hostnamefor
compatibility.

/etc/sysconfig/networkscripts

Configurationsforthedifferentnetworkinterfacesare
locatedin/etc/sysconfig/networkscripts/ifcfgiface
Thescriptsifupandifdowncanbeusedtostartandstop
interfaces:
ifup interface
ifdown interface

Changestoconfigurationscanbedonemanuallyorwith
theNetworkConfigurationtool(systemconfignetwork)
we'llshowyoubothbeforewe'redone.

ifcfgeth0,staticIPonisolated
network
DEVICE=eth0
# static IP, do not use a boot protocol
BOOTPROTO=none
# activate interface at startup
ONBOOT=yes
NETWORK=[Link]
NETMASK=[Link]
IPADDR=[Link]
# do not allow users to enable and disable
USERCTL=no

ifcfgeth0,dynamicIPwithDHCP
DEVICE=eth0
# use DHCP for configuration information
BOOTPROTO=dhcp
# activate on startup
ONBOOT=yes

PPPconnections

Forthemostpartyoudon'tneedtomodifyifcfgpppn;if
youusewvdial,Kppporasimilartooltomakeyour
connections,itwillmanagethatfileforyou.
Youmayneedtomodifyifcfgpppnand/ordialingscripts
manuallyifyourPPPservicehasstrangerequirements
(ISU'sdoesn't)oryouhaveacrankymodem

Typicalifcfgppp0(page1of2)
DEVICE=ppp0
NAME=test
# Name in WVDIAL's configuration list
WVDIALSECT=test
# Modem device and serial port speed
MODEMPORT=/dev/modem
LINESPEED=115200
# name used for PAP authentication at dialup
PAPNAME=jbalvanz
# User can activate and deactivate PPP
USERCTL=true
# Do not activate on startup
ONBOOT=no

ifcfgppp0(p.2of2)
# do not force reconnect if connection drops
PERSIST=no
# use this interface as the default route
DEFROUTE=yes
# modify /etc/[Link] with host's DNS info
PEERDNS=yes
# do not automatically open PPP on demand
DEMAND=no
# hang up after 10 minutes inactivity
IDLETIMEOUT=600

DomainNames

Usedsoyoucanremembereasynames(like
[Link])insteadof129.186.1.122
Whenitdoesn'tknow,yourmachineasksthedomain
nameserver(DNS)whatIPnumbercorrespondstothe
nameithas.
ControlledbytwofilesinRedHatLinux:
/etc/hosts
/etc/[Link]

/etc/hosts

Normallyusedonlyonisolatednetworkswithoutdomain
nameservers,orforthosemachinesyouhavetobeableto
connecttoeveniftheDNSisn'[Link]
isolatednetwork:
[Link] [Link]
[Link] pavillion
[Link] jeffs486
192.168.0.10duron fileserver

Secondnamesarecalledaliases

/etc/[Link]

TellsLinuxwhatmachinestoaskforDNSinfoifthe
namegivenisn'tin/etc/hosts
YoumaynothavetomakethisifusingDHCPorPPP;
thoseclientscancreate/etc/[Link]
Typical/etc/[Link]'snetwork:
[Link]
nameserver129.186.142.200
nameserver129.186.140.200
nameserver129.186.1.200

NetworkingCommands

Mostofnetworkconfigurationcanbedonewithasmall
numberoftextmodecommands:
hostname
ifconfig
route
FromaGUI,youcanusetheNetworkAdministration
Tool(systemnetworkconfig)

hostname

Setsthehostnamein/etc/sysconfig/networkand
/etc/hostname
hostname machinename

Thisisnormallydoneduringstartupbythescript
/etc/rc.d/sysinit;youshouldn'tneedtodoitmanually.
Usetheshorthandname(emperor)insteadofthefully
justifieddomainname([Link])

ifconfig

Usedtogetstatisticsandsetconfigurationinfoabout
networkdevices
CommontodistributionsotherthanRedHat(isusedin
Debian,forinstance)sowillprobablybeavailableevenif
you'renotonyourstandardmachines.
Toexaminethesettingsandstatisticsforaninterface,type
ifconfig iface
/sbin/ifconfig iface

ifconfigeth0output
eth0

Link encap:Ethernet HWaddr 00:0B:DB:67:18:CA

inet addr:[Link] Bcast:[Link] Mask:[Link]
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:982598 errors:0 dropped:0 overruns:0 frame:0
TX packets:114372 errors:0 dropped:0 overruns:0 carrier:0
collisions:9214 txqueuelen:100
RX bytes:238620678 (227.5 Mb) TX bytes:45184277 (43.0 Mb)
Interrupt:9 Base address:0xdcc0 Memory:ff6e0000-ff700000

HwaddristheMACaddressNetRegneeds
inetaddristheIPaddressofthemachine
NoteRXandTX(receiveandtransmit)statistics(usefulindiagnosing
interfaceproblems)
Infoaboutethernetcardhardwareappearsinlastline

Activatinganddeactivating
interfaces

Toactivateaninterface,type
ifconfig iface up

Todeactivateaninterface,type
ifconfig iface down

Settingconfigurationwithifconfig

Type
/sbin/ifconfig iface address netmask [Link]

Example:
/sbin/ifconfig eth0 [Link] netmask [Link]

Settinganaddresstriggersanautomaticup;tochange
IP,bringinterfacedown,thensetaddress
OtheroptionscanbeusedtosetEthernetcardsettings,IP
tunneling,pointtopointconnections,etc.

route

Whichinterfaceandgatewaydoesapacketusetogettoa
particularhost?Theanswerisintheroutingtables.
routeeditstheroutingtables,determiningwhichinterface
packetsusetogettowhichnetworkhost.
routeisnotalwaysinthepath;ifnot,try
/sbin/route

Seeingtheroutingtable

Type
/sbin/route

Kernel IP routing table

Destination
Gateway
[Link]
*
[Link]
*
default
router-129-186

Genmask
[Link]
[Link]
[Link]

Flags
U
U
UG

Metric
0
0
0

Ref
0
0
0

Use
0
0
0

Iface
eth0
lo
eth0

Itemswithagatewayof*areonthesamesubnetasthis
machine;theydon'tneedagatewaytoreachthem.
Thedefaultroutermustbeonthelocalsubnet,oronasubnet
withanexplicitlydefinedroute.
Notethatthegatewayisdescribedbydomainname,notIP
[Link]/sbin/route -ntogetIPnumbers.

Addingroutesandgateways
route add default gw [Link]

setsgatewayforalltrafficnototherwiseroutedto
[Link]

route add -net 192.168.0.* netmask

[Link] dev eth1

setsroutetothenetwork192.168.0.*viadeviceeth1
DoesNOTroutetrafficfromtheisolatednettoother
interfaceyouneedroutedtodothat.

TheNetworkAdministrationTool

akasystem-config-network

AGUItoolfordoingnetworkconfiguration

Reallyjusteditstheappropriatefilesandrunsscriptsto
startandrestartinterfaces,butsomepeoplefindituseful
becauseeverythingisinonebigplace.
GNOME:System>Administration>Network
KDE:Start>SystemSettings>Network
Shell:type
system-config-network &

ConfiguringDevices

FromtheDevicetab
youcanactivateor
deactivateanetwork
interfacewiththe
buttonsatlowerright
Toeditconfiguration
foraninterface,
highlightandclick
Edit;toaddan
interface,clickNew

ConfiguringanInterfacewithSCN

TosetastaticIP
address,turnon
StaticallysetIP
addressesand
entervaluesfor
address,subnet
maskanddefault
gatewayaddress

ModifyingroutingwithSCN

Toaddaroute,click
Addandenterthe
network,netmask
andgateway
addresses(asinthe
routecommand)

Managing/etc/hostswithSCN

TheHoststabisan
interfaceto
/etc/[Link]
Newtoaddahost,
andenterIPnumber,
nameandaliases.

ChangingDNSwithSCN

Setmachinehostname
withtheHostnamefield.
Adduptothreedomain
nameserversinthe
PrimaryDNS,Secondary
DNSandTertiaryDNS
fields.
Tospecifythesearch
path(s),enteraSearch
DomainandclickAdd.

DebuggingTools

pingtestconnectiontoamachine

hostgetDNSinformationaboutacomputer

traceroutefollowthepathofrouterstoamachine

netstatseewhatportsareopenandwhatisconnectedto
them

Ping

Teststheconnectiontoamachine
ping hostname

PING [Link] ([Link]) from [Link]

64 bytes from [Link] ([Link]): icmp_seq=1
64 bytes from [Link] ([Link]): icmp_seq=2
64 bytes from [Link] ([Link]): icmp_seq=3
64 bytes from [Link] ([Link]): icmp_seq=4
64 bytes from [Link] ([Link]): icmp_seq=5
64 bytes from [Link] ([Link]): icmp_seq=6

: 56(84) bytes of data.

ttl=127 time=0.647 ms
ttl=127 time=0.640 ms
ttl=127 time=0.550 ms
ttl=127 time=0.594 ms
ttl=127 time=0.626 ms
ttl=127 time=0.685 ms

--- [Link] ping statistics --6 packets transmitted, 6 received, 0% loss, time 5042ms
rtt min/avg/max/mdev = 0.550/0.623/0.685/0.051 ms

Press<Ctrl/C>tostoppinging(it'snotpolite)

host

hostreturnstheDNSinformationaboutadomainname
oranIPnumber.

vincent% host [Link]

[Link] has address [Link]

vincent% host [Link]

[Link].[Link] domain name pointer [Link].

host -areturnsinformationabouttheDNSservers
returningtheinformationaswell.

traceroute

traceroutetracesthepathfromyourmachinetoaremotehost.
/usr/sbin/traceroute hostname

#/usr/sbin/traceroute [Link]
traceroute: Warning: [Link] has multiple addresses; using [Link]
traceroute to [Link] ([Link]), 30 hops max, 38 byte packets
1 [Link] ([Link]) 0.467 ms 0.395 ms 0.829 ms
2 [Link] ([Link]) 0.441 ms 0.554 ms 0.464 ms
3 [Link] ([Link]) 0.938 ms 0.737 ms 0.714 ms
4 [Link] ([Link]) 11.432 ms 11.547 ms 11.831 ms
5 [Link] ([Link]) 11.686 ms 12.065 ms 11.197 ms
6 [Link] ([Link]) 12.059 ms 12.668 ms 11.079 ms

Eachlineisa"hop"[Link]
[Link]
willappearifitisunabletoconnectbeforetimeout.

Netstat

Usedtodeterminenetworkconnectionsbyandtoyour
machine.
netstat

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address
Foreign Address
State
tcp
0
256 [Link].e:ssh [Link] ESTABLISHED
tcp
0
0 [Link] [Link].i:ssh TIME_WAIT
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags
Type
State
I-Node Path
unix 7
[ ]
DGRAM
964
/dev/log
unix 3
[ ]
STREAM
CONNECTED
5213642
unix 3
[ ]
STREAM
CONNECTED
5213641
unix 2
[ ]
DGRAM
1727409
unix 2
[ ]
DGRAM
1244
unix 2
[ ]
DGRAM
1198
unix 2
[ ]
DGRAM
1097
unix 2
[ ]
DGRAM
979

Wireless(802.11?)Networking

Linuxdoessupportwirelessnetworking,BUT...

NotallwirelesscardshaveLinuxdrivers
Therearewaysaroundthis(oni386machines)but
onlysometimes

Toavoidproblemsinconfiguration,checkthatthecard
you'relookingatissupportedbeforeyoubuy
TousePCCardsyoumustalsohavethePCMCIAsupport
loaded(it'saservice)

AddingaWirelessCard

ChooseSystemSettings>Network

ClickDevices,thenNew.

ChooseWirelessconnectionandclickForward.

ChooseOtherwirelesscard,clickForward.

Chooseyouradapterfromthelist,clickForwardthree
times,thenclickApply.

WorkingwithWireless

Onceinstalled,awirelesscardlookslikeanormal
Ethernetcard.

IPaddress,DNS,[Link]

Channels,[Link]
/sbin/iwconfig ethN options
[Link]
allwithsystemconfignetworkinstead.

WirelesswithSCN

Anextratabappears
wheneditinga
wirelessdevice
Foranencrypted
network,entername
underSSIDandkey
below

Morewirelesshelp

ThecurrentWirelessHOWTOislocatedat
[Link]

ThepertinentsectionoftheRedHatEnterprisemanualis
at
[Link]
Manual/sysadminguide/[Link]

Ndiswrapper

SupportforNICs(particularlywireless)thatdon'thave
Linuxdriversavailable
ProvidesaWindowsAPIcompatiblelayerlettingthe
WindowsNDISdriverworkwithLinux

You'llneedtocompilefromsourceandinstallmanually

[Link]

rfswitch

Manylaptopsallowyoutoswitchthewirelessadapteron
andofftosavepower
Unfortunately,somelaptopsuseasoftwareswitch
whichdoesn'tworkwithLinux!

rfswitchgivesyoucontroloftheradioinsomelaptops

[Link]

(MostDelllaptopsuseahardwareswitch,sodon'tneedthis
utility.)

IPv6

ThecurrentversionofIP(IPv4)hasaproblem;itonly
allowsabout4billionaddresses(32bits)
IPv6usesa128bitaddress,allowing
340282366920938463463374607431768211456(three
hundredfortyundecillion)addresses
Therearealsomanyotherimprovementsinsecurityand
efficiency(IPsecisrequired,NATsareunnecessary...)

LinuxSupportforIPv6

Supported(badly)inRHEL4,betterinRHEL5;checkfor
file/proc/net/if_inet6

Supportcanbeaddedwithinsmod ivp6

Someutilitiessupportit,othersnot

AtISU,IPv6addressesarestaticonly,noDHCP,andthe
associatedIPv4addressmustalsobestatic
Howtoandstatusat
[Link]