9 Essential Linux Commands for DevOps Network Management: Level Up Your Skills
To effectively manage and troubleshoot networking issues, it’s crucial for a DevOps engineer to possess knowledge of some essential networking commands as they work with various networking components. Therefore, below are nine networking commands that every DevOps engineer must know:
1. ping
Ping command sends an ICMP (Internet Control Message Protocol) echo request to a remote host and waits for a response. The time it takes to receive the response, or whether a response is received at all, can provide valuable information about the network performance and connectivity. Here are some ways the ping command helps in network management:
Checking network connectivity: It checks whether a remote host is reachable over the network.
Testing network performance: It measures the round-trip time (RTT) and identifies high RTT values that may indicate network congestion or other performance issues.
Troubleshooting network issues: It helps identify network issues by checking the connectivity and response times to various hosts along the network path.
Diagnosing DNS issues: By pinging a remote host using its hostname, it can diagnose DNS issues by detecting failures to resolve the hostname.
#SYNTAX
ping <destination-ip>
#OUTPUT
[DevOps@rhegi ~]$ ping google.com
PING google.com (142.251.42.14) 56(84) bytes of data.
64 bytes from bom12s19-in-f14.1e100.net (142.251.42.14): icmp_seq=1 ttl=113 time=26.8 ms
64 bytes from bom12s19-in-f14.1e100.net (142.251.42.14): icmp_seq=2 ttl=113 time=16.8 ms
2. traceroute
Traceroute command is a useful tool for network management in Linux that helps identify network issues by tracing the route that packets take from the source to the destination. It provides information about each hop along the path, including the IP address and response time of each router or device that the packet passes through. Here are some ways the traceroute command helps in network management:
Identifying network connectivity issues: by showing the last successful hop and the first failed hop.
Identifying network performance issues: by measuring response times or packet loss.
Troubleshooting network issues: such as misconfigured routers, network congestion, or firewall issues.
Optimizing network routing: by identifying the fastest route and improving network performance.
#SYNTAX
traceroute <destination-ip>
#OUTPUT
[DevOps@rhegi ~]$ traceroute google.com
traceroute to google.com (142.251.42.14), 30 hops max, 60 byte packets
1 gateway (192.168.0.1) 19.713 ms 19.327 ms 19.209 ms
2 192.168.1.1 (192.168.1.1) 19.099 ms 19.040 ms 18.971 ms
3 10.230.0.1 (10.230.0.1) 18.909 ms 18.741 ms 18.655 ms
4 125.99.88.133 (125.99.88.133) 23.212 ms 23.156 ms 23.056 ms
5 203.212.193.26 (203.212.193.26) 18.239 ms 18.183 ms 18.068 ms
6 192.168.221.14 (192.168.221.14) 9.182 ms 34.450 ms 34.246 ms
7 125.99.55.169 (125.99.55.169) 34.347 ms 34.298 ms 34.219 ms3. netstat
Netstat command is a tool that provides network statistics and helps in network management. It is used to display active network connections, open ports, and various other network statistics. Here are some ways the netstat command helps in network management:
Identifying network connections: Identifying active network connections, both inbound and outbound, and displays information such as the IP address, port number, and the protocol used.
Displaying open ports: Displays a list of all open ports on a system, which helps in identifying any unauthorized or unexpected network traffic.
Monitoring network traffic: Used to monitor network traffic on a system, providing information about the amount of traffic, the type of traffic, and the endpoints involved.
Troubleshooting network issues: To identify network issues by displaying network statistics such as the number of packets transmitted and received, the number of errors, and the status of network interfaces.
Managing network services: Manages network services by displaying the status of network services and the ports they are listening on.
#SYNTAX
netstat
#OUTPUT
[DevOps@rhegi ~]$ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 RHEGI:33660 bom12s09-in-f5.1e:https ESTABLISHED
tcp 0 0 RHEGI:52874 bom12s17-in-f10.1:https ESTABLISHED
tcp 0 0 RHEGI:51430 bom07s33-in-f14.1:https ESTABLISHED
tcp 0 0 RHEGI:52876 bom12s17-in-f10.1:https ESTABLISHED
tcp 0 0 RHEGI:33200 bom12s15-in-f3.1e:https ESTABLISHED
tcp 0 0 RHEGI:39376 bom07s32-in-f14.1:https ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 13328 /run/systemd/shutdownd
unix 3 [ ] DGRAM 7513 /run/systemd/notify
unix 2 [ ] DGRAM 7515 /run/systemd/cgroups-agent
unix 6 [ ] DGRAM 7530 /run/systemd/journal/socket
unix 27 [ ] DGRAM 7532 /dev/log
unix 2 [ ] DGRAM 19359 /var/run/chrony/chronyd.sock
unix 3 [ ] STREAM CONNECTED 32342 @/tmp/dbus-jwZn7FDQa3
unix 3 [ ] STREAM CONNECTED 33799 /run/systemd/journal/stdout
unix 3 [ ] STREAM CONNECTED 30286
unix 3 [ ] STREAM CONNECTED 26094 /run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 250764. nslookup
nslookupcommand is a tool used to query the Domain Name System (DNS) to obtain information about domain names, IP addresses, and other DNS records. Here are some ways the nslookup command helps in network management:
Domain name resolution: It resolves domain names to IP addresses, helping to identify network issues caused by DNS misconfiguration.
DNS record retrieval: It retrieves various DNS records, such as MX, TXT, and SRV records, for email servers, domain authentication, and service discovery.
Debugging DNS issues: It helps to debug DNS issues by allowing users to query specific DNS servers, test DNS zone transfers, and troubleshoot DNS configuration issues.
Network troubleshooting: It verifies that DNS is functioning correctly and provides information about the DNS resolution process, helping in network troubleshooting.
Network security: It verifies the authenticity of DNS responses, ensuring that they originate from the expected DNS server and have not been tampered with, enhancing network security.
#SYNTAX
nslookup <domain-name>
#OUTPUT
[DevOps@rhegi ~]$ nslookup google.com
Server: 192.168.0.1
Address: 192.168.0.1#53
Non-authoritative answer:
Name: google.com
Address: 142.251.42.14
Name: google.com
Address: 2404:6800:4009:82f::200e5. ifconfig
ifconfigcommand is used to configure and manage network interfaces. Here are some ways the ifconfig command helps in network management:
Displaying network interface information for all interfaces, Configuring network interfaces by assigning IP addresses, netmasks, and other parameters, Enabling and disabling network interfaces, Checking network connectivity by pinging other hosts, Troubleshooting network problems by identifying issues like misconfigured IP addresses or dropped packets.
#SYNTAX
ifconfig
#OUTPUT
[DevOps@rhegi ~]$ ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.108 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::5bd4:ef6e:915f:fe9f prefixlen 64 scopeid 0x20<link>
ether 08:00:27:60:3a:5b txqueuelen 1000 (Ethernet)
RX packets 14083 bytes 14034045 (13.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6375 bytes 2730684 (2.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1 bytes 49 (49.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1 bytes 49 (49.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:e7:63:59 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 06. top
topcommand is used to monitor system processes and resource usage. Here are some ways the top command helps in network management:
Monitors resource usage to identify resource-hungry applications, Allows viewing and managing of running processes, Provides real-time updates on system performance to identify bottlenecks, Helps identify potential security threats through monitoring of system activity.
#SYNTAX
top
#OUTPUT
[DevOps@rhegi ~]$ top
top - 15:27:20 up 1:20, 2 users, load average: 0.20, 0.16, 0.15
Tasks: 231 total, 1 running, 230 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.5 us, 1.1 sy, 0.0 ni, 98.1 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem : 7401484 total, 4970272 free, 1484008 used, 947204 buff/cache
KiB Swap: 8388604 total, 8388604 free, 0 used. 5630608 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1128 root 20 0 358432 53812 30436 S 6.0 0.7 3:01.65 X
2232 DevOps 20 0 3932740 181772 66800 S 4.0 2.5 2:59.84 gnome-shell
6411 DevOps 20 0 682692 32864 17468 S 1.3 0.4 0:09.38 gnome-terminal-
550 root 20 0 0 0 0 S 0.7 0.0 0:14.70 xfsaild/sda5
5940 DevOps 20 0 3384320 256872 98744 S 0.7 3.5 4:51.18 firefox
6160 DevOps 20 0 3352476 424132 90844 S 0.7 5.7 7:26.63 Web Content
7888 DevOps 20 0 162200 2372 1584 R 0.7 0.0 0:00.09 top
9 root 20 0 0 0 0 S 0.3 0.0 0:23.56 rcu_sched
306 root 20 0 0 0 0 S 0.3 0.0 0:07.64 xfsaild/sda2
659 root 20 0 90568 3184 2324 S 0.3 0.0 0:20.08 rngd
1022 root 20 0 222740 6252 3268 S 0.3 0.1 0:03.22 rsyslogd
7737 root 20 0 0 0 0 S 0.3 0.0 0:01.14 kworker/3:1
7769 root 20 0 0 0 0 S 0.3 0.0 0:00.05 kworker/1:2
1 root 20 0 193972 7080 4196 S 0.0 0.1 0:10.07 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.08 kthreadd
4 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:0H
6 root 20 0 0 0 0 S 0.0 0.0 0:06.48 ksoftirqd/0
7 root rt 0 0 0 0 S 0.0 0.0 0:04.35 migration/07. ARP
arpThe Address Resolution Protocol command is used in computer networks to map a network address (such as an IP address) to a physical address (such as a MAC address). Here are some ways that ARP helps in network management:
Enables communication between devices using physical addresses, Troubleshoots network issues by checking address mappings, Enhances security by detecting and preventing ARP spoofing attacks, Creates network maps for identifying unauthorized devices and diagnosing performance issues.
#SYNTAX
arp
#OUTPUT
[DevOps@rhegi ~]$ arp
Address HWtype HWaddress Flags Mask Iface
gateway ether 84:d8:1b:26:ab:29 C enp0s3
8. route
In computer networking, a routing table is a database that stores information about the routes that network packets can take. The route command is used to view and modify the routing table in Unix-based operating systems. Here are some ways that the route command helps in network management:
Determines network connectivity by checking the routing table, Troubleshoots network issues by identifying errors or inconsistencies in the routing table, Optimizes network traffic by modifying the routing table to add or remove routes, change priority, or set up load balancing, Enhances security by setting up VPNs or firewall rules with the route command.
#SYNTAX
route
#OUTPUT
[DevOps@rhegi ~]$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 100 0 0 enp0s3
192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 enp0s3
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
9. ip
ip command is a powerful tool for managing network interfaces, IP addresses, routing tables, and other aspects of the network. It provides a wide range of functionalities that enable administrators to configure, monitor, and troubleshoot the network. Here are some ways that the ip command helps in network management:
Configuring network interfaces: Used to set up network interfaces with IP addresses, netmasks, and other network-related parameters.
Managing routing tables: Manages routing tables, including adding, modifying, and deleting routing entries.
Monitoring network traffic: Displays real-time statistics on network traffic, including packet counts, bytes transmitted and received, and errors.
Troubleshooting network issues: To diagnose network issues by displaying information about network interfaces, routing tables, and network traffic.
Configuring network namespaces: Creates and manages network namespaces, which can help isolate network traffic and simplify network management.
#SYNTAX
ip [OPTIONS] OBJECT {COMMAND | help}
#OUTPUT
# Display network interface information
[DevOps@rhegi ~]$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 08:00:27:60:3a:5b brd ff:ff:ff:ff:ff:ff
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
link/ether 52:54:00:e7:63:59 brd ff:ff:ff:ff:ff:ff
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen 1000
link/ether 52:54:00:e7:63:59 brd ff:ff:ff:ff:ff:ff
# Display IP address information for a specific network interface
[DevOps@rhegi ~]$ ip address show virbr0
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:e7:63:59 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
# Display routing table information
[DevOps@rhegi ~]$ ip route show
default via 192.168.0.1 dev enp0s3 proto dhcp metric 100
192.168.0.0/24 dev enp0s3 proto kernel scope link src 192.168.0.108 metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1In conclusion, networking commands are essential tools for DevOps engineers in managing and troubleshooting networking issues. The nine commands we’ve discussed in this blog — including utilities for network monitoring, connectivity testing, and configuration management — are just a few examples of the many tools available to engineers. By mastering these commands and incorporating them into their workflows, DevOps engineers can more effectively manage their networks and ensure their systems are running smoothly and securely. However, it’s worth noting that these commands are just a starting point, and networking is a complex and constantly evolving field. As such, engineers should continually seek to expand their knowledge of networking and stay up to date with the latest tools and techniques. By doing so, they can stay ahead of the curve and provide the best possible service to their users.
Stay up to date with the latest insights and trends in DevOps by following me on LinkedIn, where I share valuable content and resources that can help you enhance your skills and knowledge in this field.
