logo

Cheatsheets - Networking

Last Updated: 2023-09-17

Private Networks IP Address Ranges

Assigned by Internet Assigned Numbers Authority (IANA).

  • Class A: 10.0.0.0 to 10.255.255.255
  • Class B: 172.16.0.0 to 172.31.255.255
  • Class C: 192.168.0.0 to 192.168.255.255

Shell Commands

Check IP Routes:

$ ip route

Display TCP/IP and other packets being transmitted or received over a network:

$ sudo tcpdump

Ping, sending ICMP echo request:

$ ping wikipedia.org

Trace the route

$ traceroute wikipedia.org

Query Name Servers:

$ nslookup wikipedia.org

Check if a port is open on a remote machine

Or "How to 'ping' a port".

nc

Use nc (nc=netcat):

$ nc -vz <host> <port_number>
$ nc -vz <domain> <port_number>
  • -z = sets nc to simply scan for listening daemons, without actually sending any data to them.
  • -v = enables verbose mode.

Result:

  • if failed: nc: connect to xx.xx.xx.xx port 443 (tcp) failed: No route to host
  • if succeeded: Connection to xx.xx.xx.xx 443 port [tcp/https] succeeded!

nmap

Use nmap (note that param order is different from nc)

nmap -p <port> <ip>

Use telnet:

$ telnet <ip_address> <port_number>
$ telnet <domain_name> <port_number>

/dev/tcp/host/port

$ cat < /dev/tcp/xx.xx.xx.xx/443
-bash: connect: No route to host
-bash: /dev/tcp/xx.xx.xx.xx/443: No route to host

get your sshd header

$ cat < /dev/tcp/localhost/22
SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.9

Check ip forward

$ sudo iptables-save

How to check if a port is being used?

$ lsof -i:$PORT # e.g. lsof -i:5000

# Linux
$ netstat -tulpn | grep LISTEN

# macOS
$ netstat -anp tcp | grep LISTEN

$ less /etc/services

Network Interface Names

Naming conventions (what you may see in ip a):

  • if it has firmware or BIOS-provided index numbers for onboard devices. => eno1
  • else if it has firmware or BIOS-provided PCI Express (PCIe) hot plug slot index numbers => ens1
  • else if it has the physical location of the connector of the hardware => enp2s0
  • else => eth0 (The traditional unpredictable kernel naming scheme.)

to config:

/usr/lib/systemd/network/99-default.link => NamePolicy

DNS

  • /etc/resolv.conf file defines how the system uses DNS to resolve host names and IP addresses. This file usually contains a line specifying the search domains and up to three lines that specify the IP addresses of DNS server.
  • /etc/systemd/resolved.conf
  • /etc/hosts: list of hosts.
  • /etc/hostname: the hostname of the machine.
$ cat /etc/hosts
127.0.1.1   example-hostname

# DNS lookup
$ host $HOST_NAME
$ host example-hostname
example-hostname.foo.bar.example.com has address 10.64.xxx.xxx

# Show hostname
$ hostname
$ cat /etc/hosts

# Show IP
$ hostname -i

# Show all IPs
$ hostname -I

# Set hostname
$ hostname newname

dig

dig (domain information groper): DNS lookup utility

Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf

Example

$ dig google.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13686
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com.			IN	A

;; ANSWER SECTION:
google.com.		8	IN	A	xxx.xxx.xxx.xxx

;; Query time: 16 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Thu Jan 01 20:24:55 PDT 2020
;; MSG SIZE  rcvd: 55

nmcli

For controlling NetworkManager.

Show connections

$ nmcli connection show

iftop

There are top-like tools for network, but need to be installed separately, e.g. iftop

Deprecated Commands

Deprecated Linux commands and their replacements:

deprecated replaced by
arp ip n (ip neighbor)
ifconfig ip a (ip addr), ip link, ip -s (ip -stats)
iptunnel ip tunnel
iwconfig iw
nameif ip link, ifrename
route ip route
ipmaddr ip maddr
netstat ip -s, nstat
netstat -r ip route
netstat -i ip -s link
netstat -g ip maddr