Network management of [Linux learning] practical series

Let's start with some simple and common ones, but note that the simple and common ones should also be used skillfully

ping

As we all know, ping is used to test whether a host can communicate with each other.

The output of a ping command is as follows:

root@***:~# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.036 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.035 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.035 ms

Take the second line as an example. Changing lines means:

The 64 byte data from the target host is received. The icmp sequence number is 2 (icmp is the protocol based on which the ping command is based). There are 64 hops left in the number of routing hops, and the delay is 0.035ms

ifconfig

We also use this command most. It is ipconfig on the window. It is generally used to view the network configuration information of the current user's network card.

Note that ipconfig can view the wireless network card information under win, while iwconfig needs to be used under linux.

nslookup

This command is used to resolve the ip address of the target domain name. Of course, you can also get the host name from ip

want a go:

root@iZf8z652pdzc0gbkpyatowZ:~# nslookup www.baidu.com
Server:         100.100.2.136
Address:        100.100.2.136#53

Non-authoritative answer:
www.baidu.com   canonical name = www.a.shifen.com.
Name:   www.a.shifen.com
Address: 14.215.177.38
Name:   www.a.shifen.com
Address: 14.215.177.39

traceroute

icmp Protocol can detect all problems in our routing process, and the ping command can only give us the information of whether the target is reachable or not. How to check the specific intermediate routing process?

root@iZf8z652pdzc0gbkpyatowZ:~# traceroute www.baidu.com
traceroute to www.baidu.com (14.215.177.39), 30 hops max, 60 byte packets
 1  * * *
 2  11.105.116.53 (11.105.116.53)  0.994 ms  1.151 ms 11.105.116.101 (11.105.116.101)  0.683 ms
 3  11.105.117.53 (11.105.117.53)  0.985 ms 11.105.113.165 (11.105.113.165)  0.793 ms 11.105.117.105 (11.105.117.105)  1.082 ms
 4  11.48.238.145 (11.48.238.145)  0.587 ms 11.48.238.181 (11.48.238.181)  0.706 ms 10.54.230.125 (10.54.230.125)  1.088 ms
 5  103.49.79.213 (103.49.79.213)  1.546 ms 157.119.192.9 (157.119.192.9)  0.754 ms 103.49.79.237 (103.49.79.237)  2.968 ms
 6  117.49.54.58 (117.49.54.58)  4.356 ms 117.49.54.46 (117.49.54.46)  4.945 ms 157.119.193.74 (157.119.193.74)  6.979 ms
 7  42.120.242.221 (42.120.242.221)  8.986 ms 116.251.113.133 (116.251.113.133)  8.375 ms 117.49.38.6 (117.49.38.6)  4.140 ms
 8  * * *
 9  58.61.162.157 (58.61.162.157)  7.413 ms 183.2.182.97 (183.2.182.97)  6.618 ms  7.246 ms
10  119.147.221.201 (119.147.221.201)  7.456 ms 119.147.221.245 (119.147.221.245)  8.322 ms 119.147.221.193 (119.147.221.193)  7.658 ms
11  113.96.5.146 (113.96.5.146)  7.623 ms 113.96.5.130 (113.96.5.130)  10.482 ms 113.96.5.114 (113.96.5.114)  7.775 ms
12  98.96.135.219.broad.fs.gd.dynamic.163data.com.cn (219.135.96.98)  10.569 ms 94.96.135.219.broad.fs.gd.dynamic.163data.com.cn (219.135.96.94)  13.393 ms 98.96.135.219.broad.fs.gd.dynamic.163data.com.cn (219.135.96.98)  10.130 ms
13  14.29.121.198 (14.29.121.198)  11.574 ms 14.29.117.234 (14.29.117.234)  10.331 ms 14.215.32.122 (14.215.32.122)  12.080 ms
14  14.215.32.134 (14.215.32.134)  13.835 ms * *
15  * * *
16  * * *
17  * *

You can see the host ip and the delay of each hop of our route. The asterisk indicates that the information is blocked by the firewall and can not be obtained.

netstat

Here's the point. This is the most commonly used command for network detection under linux

Let's use it briefly to see what it outputs:

root@iZf8z652pdzc0gbkpyatowZ:~# netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 iZf8z652pdzc0gbkp:34380 100.100.30.25:http      ESTABLISHED
tcp        0     48 iZf8z652pdzc0gbkpya:ssh 43.227.137.125:47069    ESTABLISHED
tcp        0      0 iZf8z652pdzc0gbkpya:ssh 43.227.137.125:61336    ESTABLISHED
tcp        0      0 iZf8z652pdzc0gbkp:59780 100.100.0.5:https       TIME_WAIT
tcp6       0      0 iZf8z652pdzc0gbkpy:http 122.14.200.19:62564     ESTABLISHED
tcp6       0      0 iZf8z652pdzc0gbkpy:http 61-219-11-
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ]         DGRAM                    18020    /run/user/0/systemd/notify
unix  4      [ ]         DGRAM                    9327     /run/systemd/notify
unix  2      [ ]         DGRAM                    9328     /run/systemd/cgroups-agent
unix  9      [ ]         DGRAM                    9339     /run/systemd/journal/dev-log
unix  8      [ ]         DGRAM                    9341     /run/systemd/journal/socket
unix  2      [ ]         DGRAM                    9560     /run/systemd/journal/syslog
unix  2      [ ]         DGRAM                    665918   @00020
unix  2      [ ]         STREAM     CONNECTED     44202

As you can see, the output mainly includes two parts:

The first is active internet connections, which means active TCP connections

The second part is active unix domain socket, which represents the socket connection in the local machine.

In addition, the following parameters are available:

-a (all) displays all options, and list related is not displayed by default
-t (tcp) displays only tcp related options
-u (udp) displays only udp related options
-n refuse to display aliases and convert all that can display numbers into numbers.
-l only the service status that is listening is listed

-p displays the name of the program that establishes the relevant link
-r display routing information, routing table
-e display extended information, such as uid, etc
-s statistics by protocol
-c execute the netstat command every fixed time