Day 9 - Networking Basics

2025-09-296 min read

linuxnetworkingiproutesdnsnmclisspingcurl

Day9 ping

This lesson focuses on practical networking tasks on a single Linux host. It covers viewing and understanding addresses and routes, checking connectivity, investigating DNS, inspecting open sockets, and basic NetworkManager operations with nmcli.

What you learn today

Read interface state and addresses, understand default routes and gateways, test reachability layer by layer, perform DNS lookups, and list local listeners with ss.

Prerequisites

  • Day 1 through Day 8 completed
  • Terminal with sudo privileges

Network interfaces and addresses

Linux names interfaces such as eth0, enp3s0, wlan0, or wlp3s0. Use ip to list state and IPs.

bash
# list links and basic state
ip link show

# list IPv4 and IPv6 addresses
ip addr show
ip -brief addr

# show one interface only
ip addr show dev eth0 2>/dev/null || ip addr show dev enp3s0 2>/dev/null

Key fields:

  • state UP or DOWN shows link state
  • inet is IPv4 address with prefix, for example 192.168.1.50/24
  • inet6 is IPv6 address with prefix

Bring an interface up or down temporarily.

bash
sudo ip link set dev eth0 up
sudo ip link set dev eth0 down
Do not cut your own connection

Avoid bringing down the active interface over SSH. Prefer out of band access or a console when changing live settings.

Routes and gateways

The kernel routing table decides where packets go.

bash
ip route show
ip -6 route show    # IPv6

Typical lines:

  • default via 192.168.1.1 dev eth0 is the default gateway
  • 192.168.1.0/24 dev eth0 proto kernel src 192.168.1.50 is a directly connected network

Add a temporary route for testing.

bash
sudo ip route add 10.10.10.0/24 via 192.168.1.1 dev eth0
sudo ip route del 10.10.10.0/24

Persistent configuration belongs to the network manager in use, for example NetworkManager, Netplan on Ubuntu, or distribution specific files.

Connectivity tests

Start with the local stack, then move out.

bash
# local interface reachable
ping -c 2 127.0.0.1

# local host name resolves correctly
ping -c 2 $(hostname -f) 2>/dev/null || ping -c 2 $(hostname)

# default gateway reachable
ip route | awk '/default/ {print $3}' | xargs -r -n1 -I{} ping -c 2 {}

# public reachability
a) ping -c 2 1.1.1.1 || ping -c 2 8.8.8.8
b) curl -I https://example.com

Traceroute helps when pings work to the gateway but not to the internet.

bash
sudo apt install -y traceroute 2>/dev/null || sudo dnf install -y traceroute 2>/dev/null
traceroute example.com
ICMP may be blocked

Some networks block ICMP. Use curl or nc to test TCP reachability when ping fails.

DNS resolution

Use getent hosts for a libc level lookup that respects the system resolver.

bash
getent hosts example.com

Use dig for detailed DNS queries.

bash
sudo apt install -y dnsutils 2>/dev/null || sudo dnf install -y bind-utils 2>/dev/null

dig example.com +short

dig A example.com @1.1.1.1 +short

dig www.example.com ANY +noall +answer

# reverse lookup
IP=8.8.8.8
dig -x $IP +short

On systems with nslookup only:

bash
nslookup example.com
nslookup example.com 1.1.1.1

Resolver configuration varies.

  • systemd-resolved with a stub resolver often uses /etc/resolv.conf as a symlink to /run/systemd/resolve/stub-resolv.conf.
  • Traditional setups write nameserver lines into /etc/resolv.conf directly.

Check active resolvers.

bash
resolvectl status 2>/dev/null || cat /etc/resolv.conf
Hosts file

/etc/hosts provides static name to address mappings. It overrides external DNS for the listed names on this host only.

Inspect sockets and listening services

Use ss to view TCP and UDP sockets. It replaces the older netstat in many distributions.

bash
# listeners
ss -tulpen | head -20

# connections to a specific port
ss -tn sport = :22 or dport = :22

# processes holding a socket
sudo ss -tulp | awk 'NR==1 || /LISTEN/'

List processes that hold open files or ports with lsof when installed.

bash
sudo apt install -y lsof 2>/dev/null || sudo dnf install -y lsof 2>/dev/null
sudo lsof -iTCP -sTCP:LISTEN -P -n | head

NetworkManager with nmcli

For desktops and many servers, NetworkManager manages connections. Use nmcli to list and modify them.

bash
# show device state and IP
nmcli device status
nmcli -p device show

# list connections and active profiles
nmcli connection show
nmcli connection show --active

# add a simple static IPv4 for a wired device (example interface enp3s0)
sudo nmcli connection add type ethernet ifname enp3s0 con-name office \
  ipv4.addresses 192.168.10.50/24 ipv4.gateway 192.168.10.1 \
  ipv4.dns 1.1.1.1 ipv4.method manual autoconnect yes

# bring connection up or down
sudo nmcli connection up office
sudo nmcli connection down office

To revert to DHCP on a connection:

bash
sudo nmcli connection modify office ipv4.method auto ipv4.addresses "" ipv4.gateway "" ipv4.dns ""
sudo nmcli connection up office
Headless servers

Some servers do not use NetworkManager. Ubuntu Server often uses Netplan, which writes to systemd networkd. Follow distribution documentation for persistent settings.

HTTP requests for quick checks

Use curl for simple HTTP tests.

bash
# headers only
curl -I https://example.com

# follow redirects and show timing
curl -L -w "\n%{http_code} in %{time_total}s\n" -o /dev/null https://example.com

# fetch a page through a specific interface
curl --interface eth0 https://ifconfig.me/ip 2>/dev/null || true

Combine with jq from Day 26 for JSON APIs later in the series.

Practical lab

  1. Inspect interface state and addresses on the system.
bash
ip -brief link
ip -brief addr
  1. Identify the default route and gateway, then test reachability.
bash
ip route
ip route | awk '/default/ {print $3}' | xargs -r -n1 -I{} ping -c 2 {}
  1. Perform DNS lookups with the system resolver and with a chosen server.
bash
getent hosts debian.org

dig debian.org +short

dig A debian.org @1.1.1.1 +short
  1. List local listeners and investigate who owns them.
bash
ss -tulpen | head -20
sudo lsof -iTCP -sTCP:LISTEN -P -n | head
  1. Use curl to verify HTTP reachability and TLS.
bash
curl -I https://example.org

Troubleshooting

  • No address on an interface. Check ip link for state DOWN and bring it up, then check DHCP client logs.
  • DNS resolves but HTTP still fails. Inspect proxy settings and firewall rules. Verify that outbound ports 80 and 443 are allowed.
  • Temporary failure in name resolution. Check /etc/resolv.conf or resolvectl status. Ensure nameserver entries are present and reachable.
  • SSH works but pings fail. ICMP may be blocked. Use curl to test HTTP instead.
  • Multiple interfaces with overlapping subnets. The kernel may choose an unexpected route. Review ip route and use policy routing if needed.

Next steps

Day 10 focuses on SSH for remote access and file transfer. It covers key generation, agent forwarding, ~/.ssh/config, secure copy with scp, and syncing with rsync over SSH.