Firebird Flight Wiki: Networking Basics
Firebird Flight

Networking Basics

Learn how to configure, diagnose, and troubleshoot networking on a Linux system. This page covers essential commands for interface management, routing, DNS resolution, and basic firewall introspection.

Contents
  1. Interfaces & Routing
    1. IP Commands
  2. Connectivity Tests
    1. ping
    2. traceroute
    3. mtr
  3. DNS Tools
    1. dig
    2. nslookup
  4. Network Inspection
    1. ss
    2. iptables / nft
  5. Conclusion

1. Interfaces & Routing

Managing network interfaces and configuring routes is the foundation of system connectivity. Linux provides powerful tools via the ip suite to inspect and manipulate addresses, routes, and more.

1a. ip Commands

The ip command replaces older tools like ifconfig for managing network interfaces, addresses, and routes.

Command / Flag Description
ip a Lists all network interfaces and IP addresses.
ip route Shows the current routing table.
ip addr add [ip/mask] dev [iface] Adds a new IP address to an existing interface (e.g., eth0).
ip link set [iface] up/down Brings an interface up or down.
Table 1: Basic ip Commands

2. Connectivity Tests

Before delving into logs or firewall rules, test connectivity with commands that probe network reachability and measure latency.

2a. ping

ping sends ICMP echo requests to a host to measure response time and packet loss. It’s typically the first step in diagnosing connectivity issues.

Usage Description
ping [host] Sends continuous pings to [host] until interrupted with Ctrl+C.
ping -c 4 [host] Sends exactly 4 packets, then stops automatically.
Table 2: Common ping Usage

2b. traceroute

traceroute maps the route packets take to reach a destination, listing each router hop along the way. Helpful for spotting latency spikes or routing loops.

Flag / Usage Description
traceroute [host] Traces the path from your system to [host] using UDP datagrams by default.
traceroute -I [host] Uses ICMP echo instead of UDP. Sometimes more reliable if firewalls drop UDP traceroute packets.
Table 3: Common traceroute Usage

2c. mtr

mtr (My Traceroute) combines ping and traceroute functionality, continually measuring latency and packet loss at each network hop for real-time analysis.

Flag / Usage Description
mtr [host] Launches an interactive console that updates hop statistics continuously.
mtr -u [host] Uses UDP packets (default is often ICMP). Similar reasoning to traceroute differences.
Table 4: Common mtr Usage

3. DNS Tools

When domain names fail to resolve or you suspect DNS issues, these utilities help verify records and troubleshoot name resolution.

3a. dig

dig (Domain Information Groper) queries DNS servers for records (A, AAAA, CNAME, MX, etc.), returning detailed response data that’s great for troubleshooting.

Usage / Flag Description
dig [domain] Queries DNS for the A record of [domain] using the default resolver.
dig [domain] MX Asks for mail exchange (MX) records of [domain].
dig +short [domain] Returns a concise, short-form result without extra header data.
Table 5: Common dig Usage

3b. nslookup

nslookup is an older DNS query tool, still found on many systems, letting you query name servers interactively or in non-interactive mode. Some consider dig more modern, but nslookup is still widely used.

Usage / Flag Description
nslookup [domain] Queries the default DNS server for the IP of [domain].
nslookup Launches an interactive shell where you can specify a domain, server, record type, etc.
Table 6: Common nslookup Usage

4. Network Inspection

Viewing active connections, listening ports, and firewall rules can reveal open or blocked channels essential for diagnosing connectivity problems.

4a. ss

ss (socket statistics) is a modern alternative to netstat, showing sockets, connections, and listening ports with less overhead.

Flag / Usage Description
ss -tuln Shows all TCP and UDP listening ports in numeric form (no DNS resolution).
ss -s Displays summarized socket usage stats (TCP, UDP counts, etc.).
ss -tp Shows TCP connections with the associated process (needs root or proper permissions).
Table 7: Common ss Usage

4b. iptables / nft

Basic firewall handling often involves iptables or its successor nftables. Understanding your firewall rules can confirm whether ports or protocols are being blocked.

Command / Flag Description
iptables -L Lists current firewall rules for each chain (INPUT, FORWARD, OUTPUT). Might need sudo.
iptables -vnL Verbose numeric output; prints interface, match details, and counters for each rule.
nft list ruleset Displays all nftables rules (if your system uses nft instead of iptables).
Table 8: Common Firewall Inspection Commands

5. Conclusion

Armed with these commands—spanning interface management, connectivity tests, DNS lookups, and firewall inspections—you can pinpoint where network issues arise and take steps to resolve them. Further exploration might include configuring advanced routing, VPNs, or security frameworks like SELinux and AppArmor for even deeper network-related control.