Networking
Comprehensive reference guide for Linux network configuration, troubleshooting, and management.
Network Configuration and Interfaces
IP Command (Modern)
# Interface management
ip link show # List all network interfaces
ip link show eth0 # Show specific interface
ip link set eth0 up # Bring interface up
ip link set eth0 down # Bring interface down
ip link set eth0 mtu 1500 # Set MTU size
# IP address management
ip addr show # Show all IP addresses
ip addr show eth0 # Show IP for specific interface
ip addr add 192.168.1.100/24 dev eth0 # Add IP address
ip addr del 192.168.1.100/24 dev eth0 # Remove IP address
ip addr flush dev eth0 # Remove all IPs from interface
# IPv6 addresses
ip -6 addr show # Show IPv6 addresses
ip -6 addr add 2001:db8::1/64 dev eth0 # Add IPv6 address
Legacy ifconfig Command
# Interface information
ifconfig # Show all interfaces
ifconfig eth0 # Show specific interface
ifconfig -a # Show all interfaces (including down)
# Interface configuration
ifconfig eth0 192.168.1.100 netmask 255.255.255.0 # Set IP and netmask
ifconfig eth0 up # Bring interface up
ifconfig eth0 down # Bring interface down
ifconfig eth0 mtu 1500 # Set MTU size
# Interface statistics
ifconfig eth0 | grep "RX packets" # Show RX statistics
ifconfig eth0 | grep "TX packets" # Show TX statistics
NetworkManager (nmcli)
# Connection management
nmcli con show # List all connections
nmcli con show --active # Show active connections
nmcli con up connection-name # Activate connection
nmcli con down connection-name # Deactivate connection
# Device management
nmcli dev show # Show all devices
nmcli dev show eth0 # Show specific device
nmcli dev status # Show device status
nmcli dev wifi list # List WiFi networks
# WiFi management
nmcli dev wifi connect SSID password PASSWORD # Connect to WiFi
nmcli dev wifi disconnect # Disconnect from WiFi
nmcli dev wifi rescan # Rescan for networks
# Create connections
nmcli con add type ethernet con-name eth0-static ifname eth0 \
ip4 192.168.1.100/24 gw4 192.168.1.1 # Static IP connection
nmcli con add type wifi con-name wifi-home ifname wlan0 \
ssid "Home-WiFi" wifi-sec.key-mgmt wpa-psk wifi-sec.psk "password"
Network Configuration Files
# Debian/Ubuntu - /etc/network/interfaces
auto eth0
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 8.8.8.8 8.8.4.4
# Red Hat/CentOS - /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=8.8.4.4
ONBOOT=yes
# Apply configuration changes
sudo systemctl restart networking # Debian/Ubuntu
sudo systemctl restart network # Red Hat/CentOS
DNS Configuration and Troubleshooting
DNS Configuration Files
# /etc/resolv.conf - DNS resolver configuration
nameserver 8.8.8.8
nameserver 8.8.4.4
search example.com
options timeout:2
# /etc/hosts - Static hostname resolution
127.0.0.1 localhost
192.168.1.100 server.example.com server
::1 localhost ip6-localhost ip6-loopback
# /etc/nsswitch.conf - Name service switch configuration
hosts: files dns
networks: files dns
DNS Troubleshooting Tools
# Basic DNS lookup
nslookup google.com # Basic DNS lookup
nslookup google.com 8.8.8.8 # Query specific DNS server
# Advanced DNS queries with dig
dig google.com # Basic query
dig google.com A # Query A record
dig google.com MX # Query MX record
dig google.com NS # Query nameserver records
dig google.com TXT # Query TXT records
dig @8.8.8.8 google.com # Query specific DNS server
dig +trace google.com # Trace DNS resolution path
dig -x 8.8.8.8 # Reverse DNS lookup
# Host command
host google.com # Simple DNS lookup
host -t MX google.com # Query specific record type
host -a google.com # Query all records
# DNS cache management
sudo systemctl flush-dns # Ubuntu with systemd-resolved
sudo dscacheutil -flushcache # macOS
DNS Testing and Validation
# Test DNS resolution speed
dig google.com | grep "Query time"
# Test multiple DNS servers
for server in 8.8.8.8 1.1.1.1 208.67.222.222; do
echo "Testing $server:"
dig @$server google.com | grep "Query time"
done
# Check DNS propagation
dig google.com @8.8.8.8 # Google DNS
dig google.com @1.1.1.1 # Cloudflare DNS
dig google.com @208.67.222.222 # OpenDNS
Routing and IP Tables
Routing Table Management
# View routing table
ip route show # Show all routes
ip route show table main # Show main routing table
route -n # Show routes (numeric)
netstat -rn # Show routing table
# Add/remove routes
ip route add 192.168.2.0/24 via 192.168.1.1 dev eth0 # Add route
ip route del 192.168.2.0/24 # Delete route
ip route add default via 192.168.1.1 dev eth0 # Add default route
ip route del default # Delete default route
# Policy routing
ip rule list # List routing rules
ip rule add from 192.168.1.0/24 table 100 # Add rule
ip rule del from 192.168.1.0/24 table 100 # Delete rule
IPTables Firewall
# Basic iptables operations
iptables -L # List all rules
iptables -L -n # List rules (numeric)
iptables -L INPUT # List INPUT chain rules
iptables -F # Flush all rules
iptables -F INPUT # Flush INPUT chain
# Basic rules
iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow SSH
iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Allow HTTP
iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Allow HTTPS
iptables -A INPUT -i lo -j ACCEPT # Allow loopback
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Block specific IP
iptables -A INPUT -s 192.168.1.100 -j DROP # Block IP
iptables -A INPUT -s 192.168.1.0/24 -j DROP # Block subnet
# Port forwarding
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443
# Save and restore rules
iptables-save > /etc/iptables/rules.v4 # Save rules
iptables-restore < /etc/iptables/rules.v4 # Restore rules
Advanced Routing
# Multiple routing tables
echo "100 custom" >> /etc/iproute2/rt_tables # Add custom table
ip route add default via 192.168.2.1 table custom # Add route to custom table
ip rule add from 192.168.2.0/24 table custom # Use custom table for subnet
# Load balancing
ip route add default scope global \
nexthop via 192.168.1.1 dev eth0 weight 1 \
nexthop via 192.168.2.1 dev eth1 weight 1
# Source-based routing
ip rule add from 192.168.1.100 table 100
ip route add default via 192.168.1.1 table 100
Network Tools
Connection Monitoring (netstat/ss)
# netstat (legacy)
netstat -tuln # Show listening ports (TCP/UDP)
netstat -tuna # Show all connections
netstat -i # Show interface statistics
netstat -r # Show routing table
netstat -s # Show network statistics
# ss (modern replacement)
ss -tuln # Show listening ports
ss -tuna # Show all connections
ss -s # Show socket statistics
ss -i # Show interface info
ss -p # Show process information
ss -o # Show timer information
# Specific port monitoring
ss -tlnp sport = :80 # Show what's listening on port 80
ss -tlnp sport = :443 # Show what's listening on port 443
netstat -tlnp | grep :22 # Show SSH connections
Traffic Analysis (tcpdump)
# Basic packet capture
tcpdump -i eth0 # Capture on interface
tcpdump -i any # Capture on all interfaces
tcpdump -n # Don't resolve hostnames
tcpdump -v # Verbose output
tcpdump -X # Show packet contents in hex/ASCII
# Protocol filtering
tcpdump -i eth0 tcp # TCP packets only
tcpdump -i eth0 udp # UDP packets only
tcpdump -i eth0 icmp # ICMP packets only
tcpdump -i eth0 arp # ARP packets only
# Port and host filtering
tcpdump -i eth0 port 80 # Port 80 traffic
tcpdump -i eth0 host 192.168.1.100 # Specific host
tcpdump -i eth0 src 192.168.1.100 # Source host
tcpdump -i eth0 dst 192.168.1.100 # Destination host
tcpdump -i eth0 net 192.168.1.0/24 # Network subnet
# Complex filters
tcpdump -i eth0 'tcp and port 80' # TCP on port 80
tcpdump -i eth0 'host 192.168.1.100 and port 22' # SSH to specific host
tcpdump -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0' # SYN/FIN packets
# Save and read captures
tcpdump -i eth0 -w capture.pcap # Save to file
tcpdump -r capture.pcap # Read from file
tcpdump -i eth0 -c 100 -w capture.pcap # Capture 100 packets
Network Scanning (nmap)
# Basic host discovery
nmap 192.168.1.0/24 # Scan subnet
nmap -sn 192.168.1.0/24 # Ping scan (no port scan)
nmap -sL 192.168.1.0/24 # List scan (no ping)
# Port scanning
nmap -sS 192.168.1.100 # SYN scan (stealth)
nmap -sT 192.168.1.100 # TCP connect scan
nmap -sU 192.168.1.100 # UDP scan
nmap -sA 192.168.1.100 # ACK scan
# Specific ports
nmap -p 80,443 192.168.1.100 # Scan specific ports
nmap -p 1-1000 192.168.1.100 # Scan port range
nmap -p- 192.168.1.100 # Scan all ports
nmap --top-ports 100 192.168.1.100 # Scan top 100 ports
# Service detection
nmap -sV 192.168.1.100 # Version detection
nmap -O 192.168.1.100 # OS detection
nmap -A 192.168.1.100 # Aggressive scan (OS, version, scripts)
nmap -sC 192.168.1.100 # Default scripts
# Output formats
nmap -oN output.txt 192.168.1.100 # Normal output
nmap -oX output.xml 192.168.1.100 # XML output
nmap -oG output.grep 192.168.1.100 # Greppable output
nmap -oA output 192.168.1.100 # All formats
Connectivity Testing
# Basic connectivity
ping google.com # Test connectivity
ping -c 4 google.com # Send 4 packets
ping -i 0.5 google.com # Change interval
ping -s 1000 google.com # Large packet size
# IPv6 ping
ping6 google.com # IPv6 ping
ping6 -c 4 2001:4860:4860::8888 # Google IPv6 DNS
# Traceroute
traceroute google.com # Trace route to destination
traceroute -n google.com # Numeric output
traceroute -I google.com # Use ICMP instead of UDP
traceroute6 google.com # IPv6 traceroute
# MTU discovery
ping -M do -s 1472 google.com # Test MTU size
tracepath google.com # MTU discovery along path
# Port testing
telnet google.com 80 # Test TCP port
nc -zv google.com 80 # Test port with netcat
nc -zvu google.com 53 # Test UDP port
VPN and Tunneling
OpenVPN
# Server configuration (/etc/openvpn/server.conf)
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 3
# Start OpenVPN
sudo openvpn --config /etc/openvpn/server.conf
systemctl start openvpn@server
systemctl enable openvpn@server
# Client connection
openvpn --config client.ovpn
systemctl start openvpn@client
WireGuard
# Install WireGuard
sudo apt install wireguard # Debian/Ubuntu
sudo yum install wireguard-tools # Red Hat/CentOS
# Generate keys
wg genkey | tee private.key | wg pubkey > public.key
wg genkey | tee server-private.key | wg pubkey > server-public.key
# Server configuration (/etc/wireguard/wg0.conf)
[Interface]
PrivateKey = <server-private-key>
Address = 10.0.0.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT
[Peer]
PublicKey = <client-public-key>
AllowedIPs = 10.0.0.2/32
# Client configuration
[Interface]
PrivateKey = <client-private-key>
Address = 10.0.0.2/24
DNS = 8.8.8.8
[Peer]
PublicKey = <server-public-key>
Endpoint = server.example.com:51820
AllowedIPs = 0.0.0.0/0
# Start WireGuard
wg-quick up wg0 # Start interface
wg-quick down wg0 # Stop interface
systemctl enable wg-quick@wg0 # Enable at boot
wg show # Show status
SSH Tunneling
# Local port forwarding
ssh -L 8080:localhost:80 user@server # Forward local 8080 to remote 80
ssh -L 3306:db.example.com:3306 user@server # Forward to different host
# Remote port forwarding
ssh -R 8080:localhost:80 user@server # Forward remote 8080 to local 80
# Dynamic port forwarding (SOCKS proxy)
ssh -D 1080 user@server # Create SOCKS proxy on port 1080
# Keep tunnels alive
ssh -N -L 8080:localhost:80 user@server # No command execution
ssh -f -N -L 8080:localhost:80 user@server # Run in background
# SSH tunnel through multiple hops
ssh -L 8080:target:80 -o ProxyCommand="ssh -W %h:%p user@jumphost" user@server
Network File Systems
NFS (Network File System)
# NFS Server setup
sudo apt install nfs-kernel-server # Install NFS server
# /etc/exports configuration
/srv/nfs 192.168.1.0/24(rw,sync,no_subtree_check)
/home/user 192.168.1.100(rw,sync,no_root_squash)
# NFS server management
sudo exportfs -a # Export all filesystems
sudo exportfs -r # Re-export filesystems
sudo exportfs -v # Show exported filesystems
sudo systemctl restart nfs-kernel-server
# NFS Client
sudo apt install nfs-common # Install NFS client
sudo mount -t nfs 192.168.1.100:/srv/nfs /mnt/nfs # Mount NFS share
sudo umount /mnt/nfs # Unmount NFS share
# /etc/fstab entry for automatic mounting
192.168.1.100:/srv/nfs /mnt/nfs nfs defaults 0 0
# NFS troubleshooting
showmount -e 192.168.1.100 # Show exports from server
rpcinfo -p 192.168.1.100 # Show RPC services
SMB/CIFS (Samba)
# Install Samba
sudo apt install samba samba-common-bin # Debian/Ubuntu
sudo yum install samba samba-client # Red Hat/CentOS
# Samba server configuration (/etc/samba/smb.conf)
[global]
workgroup = WORKGROUP
security = user
map to guest = bad user
[share]
path = /srv/samba/share
guest ok = yes
read only = no
browsable = yes
# Samba user management
sudo smbpasswd -a username # Add Samba user
sudo smbpasswd -d username # Disable user
sudo smbpasswd -e username # Enable user
sudo pdbedit -L # List Samba users
# Start Samba services
sudo systemctl start smbd nmbd
sudo systemctl enable smbd nmbd
# SMB/CIFS client
sudo apt install cifs-utils # Install client tools
sudo mount -t cifs //192.168.1.100/share /mnt/samba \
-o username=user,password=pass # Mount SMB share
sudo umount /mnt/samba # Unmount share
# /etc/fstab entry
//192.168.1.100/share /mnt/samba cifs username=user,password=pass,uid=1000,gid=1000 0 0
# SMB troubleshooting
smbclient -L 192.168.1.100 # List shares
smbclient //192.168.1.100/share -U user # Connect to share
testparm # Test Samba configuration
Network Bonding and Bridging
Network Bonding
# Install bonding module
sudo modprobe bonding
echo "bonding" >> /etc/modules
# Create bonding interface
sudo ip link add bond0 type bond mode 802.3ad
sudo ip link set bond0 up
# Add interfaces to bond
sudo ip link set eth0 master bond0
sudo ip link set eth1 master bond0
# Configure bonding (/etc/network/interfaces - Debian/Ubuntu)
auto bond0
iface bond0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1
bond-slaves eth0 eth1
bond-mode 802.3ad
bond-lacp-rate 1
bond-miimon 100
# Red Hat/CentOS bonding configuration
# /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BONDING_OPTS="mode=802.3ad miimon=100 lacp_rate=1"
BOOTPROTO=static
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
ONBOOT=yes
# /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
MASTER=bond0
SLAVE=yes
ONBOOT=yes
# Bond monitoring
cat /proc/net/bonding/bond0 # Show bond status
Network Bridging
# Create bridge
sudo ip link add br0 type bridge
sudo ip link set br0 up
# Add interfaces to bridge
sudo ip link set eth0 master br0
sudo ip link set eth1 master br0
# Configure bridge (/etc/network/interfaces)
auto br0
iface br0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1
bridge-ports eth0 eth1
bridge-stp on
bridge-fd 0
bridge-maxwait 0
# Bridge management
bridge link show # Show bridge links
bridge fdb show # Show forwarding database
bridge vlan show # Show VLAN information
brctl show # Show bridge information (legacy)
Network Security and Port Scanning
Port Security
# Check open ports
ss -tuln # Show listening ports
netstat -tuln # Legacy method
lsof -i # Show network connections
# Port scanning detection
sudo netstat -tuln | grep LISTEN # Local listening ports
sudo lsof -i -n | grep LISTEN # Processes listening on ports
# Firewall rules for port security
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent \
--set --name SSH -j ACCEPT # Rate limit SSH
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent \
--update --seconds 60 --hitcount 4 --rttl --name SSH -j DROP
Intrusion Detection
# Monitor failed login attempts
sudo grep "Failed password" /var/log/auth.log
sudo grep "authentication failure" /var/log/auth.log
# Monitor network connections
sudo netstat -tuln | grep ESTABLISHED # Current connections
sudo lsof -i | grep ESTABLISHED # Process connections
# Fail2ban configuration
sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
# /etc/fail2ban/jail.local
[DEFAULT]
bantime = 600
findtime = 600
maxretry = 3
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
Network Hardening
# Disable unnecessary services
sudo systemctl disable telnet
sudo systemctl disable rsh
sudo systemctl disable rlogin
# Network parameter tuning (/etc/sysctl.conf)
net.ipv4.ip_forward = 0 # Disable IP forwarding
net.ipv4.conf.all.send_redirects = 0 # Disable redirects
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.all.accept_source_route = 0 # Disable source routing
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_redirects = 0 # Disable ICMP redirects
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.conf.all.log_martians = 1 # Log martian packets
net.ipv4.conf.default.log_martians = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1 # Ignore ICMP broadcasts
net.ipv4.icmp_ignore_bogus_error_responses = 1 # Ignore bogus ICMP responses
# Apply sysctl settings
sudo sysctl -p
Bandwidth Monitoring and Traffic Shaping
Bandwidth Monitoring
# Real-time monitoring
iftop # Interface traffic monitoring
iftop -i eth0 # Monitor specific interface
nethogs # Process bandwidth usage
nload # Network load monitor
slurm -i eth0 # Simple network monitor
# Interface statistics
cat /proc/net/dev # Network interface statistics
watch -n 1 cat /proc/net/dev # Real-time statistics
vnstat -i eth0 # Interface statistics history
vnstat -l -i eth0 # Live statistics
# Bandwidth testing
iperf3 -s # Start iperf3 server
iperf3 -c server_ip # Connect to iperf3 server
iperf3 -c server_ip -t 30 # Run test for 30 seconds
iperf3 -c server_ip -P 4 # Use 4 parallel streams
Traffic Shaping with tc
# Create traffic control qdisc
sudo tc qdisc add dev eth0 root handle 1: htb default 30
# Create classes
sudo tc class add dev eth0 parent 1: classid 1:1 htb rate 1mbit
sudo tc class add dev eth0 parent 1:1 classid 1:10 htb rate 800kbit ceil 1mbit
sudo tc class add dev eth0 parent 1:1 classid 1:20 htb rate 200kbit ceil 400kbit
# Add filters
sudo tc filter add dev eth0 parent 1: protocol ip prio 1 u32 \
match ip dport 80 0xffff flowid 1:10 # HTTP traffic
sudo tc filter add dev eth0 parent 1: protocol ip prio 1 u32 \
match ip dport 443 0xffff flowid 1:10 # HTTPS traffic
sudo tc filter add dev eth0 parent 1: protocol ip prio 2 u32 \
match ip dport 22 0xffff flowid 1:20 # SSH traffic
# Show traffic control configuration
sudo tc qdisc show dev eth0
sudo tc class show dev eth0
sudo tc filter show dev eth0
# Remove traffic control
sudo tc qdisc del dev eth0 root
Network Monitoring Scripts
# Monitor bandwidth usage
#!/bin/bash
INTERFACE="eth0"
while true; do
RX_BYTES=$(cat /sys/class/net/$INTERFACE/statistics/rx_bytes)
TX_BYTES=$(cat /sys/class/net/$INTERFACE/statistics/tx_bytes)
echo "RX: $RX_BYTES bytes, TX: $TX_BYTES bytes"
sleep 1
done
# Monitor connection count
#!/bin/bash
while true; do
CONNECTIONS=$(ss -tun | wc -l)
echo "Active connections: $CONNECTIONS"
sleep 5
done
Network Troubleshooting Methodologies
Systematic Troubleshooting Approach
# Layer 1 - Physical
ethtool eth0 # Check physical link
ethtool eth0 | grep "Link detected" # Check link status
ip link show eth0 # Interface status
dmesg | grep eth0 # Check for hardware errors
# Layer 2 - Data Link
arp -a # Show ARP table
ip neighbor show # Show neighbor table
tcpdump -i eth0 arp # Monitor ARP traffic
bridge fdb show # Show MAC address table
# Layer 3 - Network
ping -c 4 192.168.1.1 # Test default gateway
ping -c 4 8.8.8.8 # Test external connectivity
traceroute 8.8.8.8 # Trace network path
ip route show # Check routing table
# Layer 4 - Transport
telnet google.com 80 # Test TCP connectivity
nc -zv google.com 80 # Test port connectivity
ss -tuln | grep :80 # Check if service is listening
# Layer 7 - Application
curl -I http://google.com # Test HTTP connectivity
wget --spider http://google.com # Test web connectivity
Common Network Issues and Solutions
# DNS resolution issues
nslookup google.com # Test DNS resolution
dig google.com # Detailed DNS query
cat /etc/resolv.conf # Check DNS configuration
systemctl restart systemd-resolved # Restart DNS resolver
# IP configuration issues
ip addr show # Check IP configuration
dhclient eth0 # Renew DHCP lease
systemctl restart networking # Restart networking service
# Routing issues
ip route show # Check routing table
ping -c 4 $(ip route | grep default | awk '{print $3}') # Test gateway
traceroute 8.8.8.8 # Trace routing path
# Firewall issues
iptables -L # Check firewall rules
iptables -F # Flush firewall rules (temporary)
systemctl status ufw # Check UFW status
Performance Testing and Optimization
# Network performance testing
ping -c 100 -i 0.1 google.com # Latency testing
iperf3 -c iperf.he.net # Bandwidth testing
mtr google.com # Combined ping/traceroute
# Network optimization
echo 'net.core.rmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.core.wmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.ipv4.tcp_rmem = 4096 87380 16777216' >> /etc/sysctl.conf
echo 'net.ipv4.tcp_wmem = 4096 65536 16777216' >> /etc/sysctl.conf
sysctl -p # Apply changes
# Interface optimization
ethtool -G eth0 rx 4096 tx 4096 # Increase ring buffer size
ethtool -K eth0 tso on # Enable TCP segmentation offload
ethtool -K eth0 gso on # Enable generic segmentation offload
Network Monitoring and Logging
# Enable network logging
echo 'net.netfilter.nf_log_all_netns = 1' >> /etc/sysctl.conf
iptables -A INPUT -j LOG --log-prefix "INPUT: "
iptables -A OUTPUT -j LOG --log-prefix "OUTPUT: "
# Monitor network logs
tail -f /var/log/syslog | grep "INPUT:"
tail -f /var/log/syslog | grep "OUTPUT:"
journalctl -u networking -f # Follow networking service logs
# Network event monitoring
ip monitor # Monitor network events
ip monitor route # Monitor routing changes
ip monitor link # Monitor link changes
Quick Reference Commands
Most Common Network Commands
# Interface management
ip addr show # Show IP addresses
ip link show # Show network interfaces
ip route show # Show routing table
# Connectivity testing
ping google.com # Test connectivity
traceroute google.com # Trace network path
telnet google.com 80 # Test port connectivity
# DNS troubleshooting
nslookup google.com # Basic DNS lookup
dig google.com # Advanced DNS query
host google.com # Simple DNS lookup
# Network monitoring
ss -tuln # Show listening ports
netstat -tuln # Show network connections
lsof -i # Show network connections by process
# Firewall management
iptables -L # List firewall rules
iptables -F # Flush firewall rules
ufw status # Check UFW firewall status
Emergency Network Recovery
# Reset network configuration
sudo systemctl restart networking # Restart networking service
sudo systemctl restart NetworkManager # Restart NetworkManager
sudo dhclient eth0 # Renew DHCP lease
sudo ifdown eth0 && sudo ifup eth0 # Restart interface
# Emergency connectivity
sudo ip addr add 192.168.1.100/24 dev eth0 # Manual IP assignment
sudo ip route add default via 192.168.1.1 # Manual default route
echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf # Manual DNS