Linux Networking Config
Network Interfaces
A network interface is how the kernel links up the software side of networking to the hardware side. We’ve already seen an example of this:
$ ifconfig -a
eth0 Link encap:Ethernet HWaddr 1d:3a:32:24:4d:ce
inet addr:192.168.1.129 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fd60::21c:29ff:fe63:5cdc/64 Scope:Link
- The
ifconfig
tool allows us to configure our network interfaces, if we don’t have any network interfaces set up, the kernel’s device drivers and the network won’t know how to talk to each other. - Ifconfig runs on bootup and configures our interfaces through config files, but we can also manually modify them.
- The loopback interface is used to represent your computer, it just loops you back to yourself. This is good for debugging or connecting to servers running locally.
- The status of interfaces, can be up or down.
- Most commonly used fields in the
ifcoinfig -a
output areHWaddr (MAC address of the interface)
,inet address (IPv4 address)
andinet6 (IPv6 address)
. - The common configuration file for network insterfaces is
/etc/network/interfaces
.
To create an interface and bring it up
$ ifconfig eth0 192.168.2.1 netmask 255.255.255.0 up
To bring up or down an interface
$ ifup eth0
$ ifdown eth0
- The
ip
command also allows us to manipulate the networking stack of a system. Depending on the distribution you are using it may be the preferred method of manipulating your network settings.
To show interface information for all interfaces
$ ip link show
To show the statistics of an interface
$ ip -s link show eth0
To add an IP address to an interface
$ ip address add 192.168.1.1/24 dev eth0
Network managers
nm-tool
nm-tools reports NetworkManager’s state and it’s devices.nmcli
The nmcli command allows you to control and modify NetworkManager, see the manpage for more details.
ARP
Remember when we lookup a MAC address with ARP, it first checks the locally stored ARP cache on our system, you can actually view this cache:
$ arp
Address HWtype HWaddress Flags Mask Iface
192.168.22.1 ether 00:12:24:fc:12:cc C eth0
192.168.22.254 ether 00:12:45:f2:84:64 C eth0
The ARP cache is actually empty when a machine boots up, it gets populated as packets are being sent to other hosts. If we send a packet to a destination that isn’t in the ARP cache, the following happens:
- The source host creates the Ethernet frame with an ARP request packet
- The source host broadcasts this frame to the entire network
- If one of the hosts on the network knows the correct MAC address, it will send a reply packet and frame containing the MAC address
- The source host adds the IP to MAC address mapping to the ARP cache and then proceeds with sending the packet
You can also view your arp cache via the ip command:
$ ip neighbour show