Cheatsheets - Networking
Private Networks IP Address Ranges
Assigned by Internet Assigned Numbers Authority (IANA).
- Class A:
10.0.0.0to10.255.255.255 - Class B:
172.16.0.0to172.31.255.255 - Class C:
192.168.0.0to192.168.255.255
Shell Commands
Check IP Routes:
$ ip route
Display TCP/IP and other packets being transmitted or received over a network:
$ sudo tcpdump
Ping, sending ICMP echo request:
$ ping wikipedia.org
Trace the route
$ traceroute wikipedia.org
Query Name Servers:
$ nslookup wikipedia.org
Check if a port is open on a remote machine
Or "How to 'ping' a port".
nc
Use nc (nc=netcat):
$ nc -vz <host> <port_number>
$ nc -vz <domain> <port_number>
-z= setsncto simply scan for listening daemons, without actually sending any data to them.-v= enables verbose mode.
Result:
- if failed:
nc: connect to xx.xx.xx.xx port 443 (tcp) failed: No route to host - if succeeded:
Connection to xx.xx.xx.xx 443 port [tcp/https] succeeded!
nmap
Use nmap (note that param order is different from nc)
nmap -p <port> <ip>
Use telnet:
$ telnet <ip_address> <port_number>
$ telnet <domain_name> <port_number>
/dev/tcp/host/port
$ cat < /dev/tcp/xx.xx.xx.xx/443
-bash: connect: No route to host
-bash: /dev/tcp/xx.xx.xx.xx/443: No route to host
get your sshd header
$ cat < /dev/tcp/localhost/22
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9
Check ip forward
$ sudo iptables-save
How to check if a port is being used?
$ lsof -i:$PORT # e.g. lsof -i:5000
# Linux
$ netstat -tulpn | grep LISTEN
# macOS
$ netstat -anp tcp | grep LISTEN
$ less /etc/services
Network Interface Names
Naming conventions (what you may see in ip a):
- if it has firmware or BIOS-provided index numbers for onboard devices. =>
eno1 - else if it has firmware or BIOS-provided PCI Express (PCIe) hot plug slot index numbers =>
ens1 - else if it has the physical location of the connector of the hardware =>
enp2s0 - else =>
eth0(The traditional unpredictable kernel naming scheme.)
to config:
/usr/lib/systemd/network/99-default.link => NamePolicy
DNS
/etc/resolv.conffile defines how the system uses DNS to resolve host names and IP addresses. This file usually contains a line specifying the search domains and up to three lines that specify the IP addresses of DNS server./etc/systemd/resolved.conf/etc/hosts: list of hosts./etc/hostname: the hostname of the machine.
$ cat /etc/hosts
127.0.1.1 example-hostname
# DNS lookup
$ host $HOST_NAME
$ host example-hostname
example-hostname.foo.bar.example.com has address 10.64.xxx.xxx
# Show hostname
$ hostname
$ cat /etc/hosts
# Show IP
$ hostname -i
# Show all IPs
$ hostname -I
# Set hostname
$ hostname newname
dig
dig (domain information groper): DNS lookup utility
Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf
Example
$ dig google.com
; <<>> DiG 9.10.3-P4-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13686
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 8 IN A xxx.xxx.xxx.xxx
;; Query time: 16 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Thu Jan 01 20:24:55 PDT 2020
;; MSG SIZE rcvd: 55
nmcli
For controlling NetworkManager.
Show connections
$ nmcli connection show
iftop
There are top-like tools for network, but need to be installed separately, e.g. iftop
Deprecated Commands
Deprecated Linux commands and their replacements:
| deprecated | replaced by |
|---|---|
| arp | ip n (ip neighbor) |
| ifconfig | ip a (ip addr), ip link, ip -s (ip -stats) |
| iptunnel | ip tunnel |
| iwconfig | iw |
| nameif | ip link, ifrename |
| route | ip route |
| ipmaddr | ip maddr |
| netstat | ip -s, nstat |
| netstat -r | ip route |
| netstat -i | ip -s link |
| netstat -g | ip maddr |