[go: up one dir, main page]
Scribd
Upload
64 views4 pages

RH124 - ch11s03

The document discusses using command line utilities to validate and inspect a server's network configuration. It describes using the ip link command to view network interfaces, ip addr to view IP addresses on an interface, and ping to test IPv4 and IPv6 connectivity. It also covers using traceroute and tracepath to trace network traffic routes and troubleshooting ports and services using the ss command.

Uploaded by

felip
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
64 views4 pages

RH124 - ch11s03

The document discusses using command line utilities to validate and inspect a server's network configuration. It describes using the ip link command to view network interfaces, ip addr to view IP addresses on an interface, and ping to test IPv4 and IPv6 connectivity. It also covers using traceroute and tracepath to trace network traffic routes and troubleshooting ports and services using the ss command.

Uploaded by

felip
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

26/8/23, 18:12 RH124 - ch11s03

Validate Network Configuration


Objectives
Test and inspect the current network configuration with command-line utilities.

Gather Network Interface Information


The ip link command lists all available network interfaces on your system. In the following example, the server has three network interfaces: lo,
which is the loopback device that is connected to the server itself, and two Ethernet interfaces, ens3 and ens4.

[user@host ~]$ ip link show


1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:00:00:0a brd ff:ff:ff:ff:ff:ff
3: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:00:00:1e brd ff:ff:ff:ff:ff:ff

To configure a network interface correctly, you must know which interface is connected to which network. Often, you can obtain the MAC address of the
interface that is connected to each network, either because it is physically printed on the card or server, or because it is a virtual machine and you know
how it is configured. The MAC address of the device is listed after link/ether for each interface. So you know that the network card with the MAC
address 52:54:00:00:00:0a is the network interface ens3.

Display IP Addresses
Use the ip command to view device and address information. A single network interface can have multiple IPv4 or IPv6 addresses.

[user@host ~]$ ip addr show ens3


2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:00:00:0b brd ff:ff:ff:ff:ff:ff
inet 192.0.2.2/24 brd 192.0.2.255 scope global ens3
valid_lft forever preferred_lft forever
inet6 2001:db8:0:1:5054:ff:fe00:b/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe00:b/64 scope link
valid_lft forever preferred_lft forever
https://rha.ole.redhat.com/rha/app/courses/rh124-9.0/pages/ch11s03/85223ae4-a208-4a0c-8807-f8580dad018f 1/4
An active interface is UP.
26/8/23, 18:12 RH124 - ch11s03

[user@host ~]$ ping6 2001:db8:0:1::1


PING 2001:db8:0:1::1(2001:db8:0:1::1) 56 data bytes
64 bytes from 2001:db8:0:1::1: icmp_seq=1 ttl=64 time=18.4 ms
64 bytes from 2001:db8:0:1::1: icmp_seq=2 ttl=64 time=0.178 ms
64 bytes from 2001:db8:0:1::1: icmp_seq=3 ttl=64 time=0.180 ms
^C
--- 2001:db8:0:1::1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.178/6.272/18.458/8.616 ms
[user@host ~]$

When you ping the link-local addresses and the link-local all-nodes multicast group (ff02::1), the network interface to use must be specified explicitly
with a scope zone identifier (such as ff02::1%ens3). If this network interface is omitted, then the connect: Invalid argument error is displayed.

You can use the ping6 ff02::1 command to find other IPv6 nodes on the local network.

[user@host ~]$ ping6 ff02::1%ens4


PING ff02::1%ens4(ff02::1) 56 data bytes
64 bytes from fe80::78cf:7fff:fed2:f97b: icmp_seq=1 ttl=64 time=22.7 ms
64 bytes from fe80::f482:dbff:fe25:6a9f: icmp_seq=1 ttl=64 time=30.1 ms (DUP!)
64 bytes from fe80::78cf:7fff:fed2:f97b: icmp_seq=2 ttl=64 time=0.183 ms
64 bytes from fe80::f482:dbff:fe25:6a9f: icmp_seq=2 ttl=64 time=0.231 ms (DUP!)
^C
--- ff02::1%ens4 ping statistics ---
2 packets transmitted, 2 received, +2 duplicates, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.183/13.320/30.158/13.374 ms
[user@host ~]$
[user@host ~]$ ping6 -c 1 fe80::f482:dbff:fe25:6a9f%ens4
PING fe80::f482:dbff:fe25:6a9f%ens4(fe80::f482:dbff:fe25:6a9f) 56 data bytes
64 bytes from fe80::f482:dbff:fe25:6a9f: icmp_seq=1 ttl=64 time=22.9 ms

--- fe80::f482:dbff:fe25:6a9f%ens4 ping statistics ---


1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 22.903/22.903/22.903/0.000 ms

Other hosts on the same link can use IPv6 link-local addresses, like normal addresses.

[user@host ~]$ ssh fe80::f482:dbff:fe25:6a9f%ens4


user@fe80::f482:dbff:fe25:6a9f%ens4's password:
https://rha.ole.redhat.com/rha/app/courses/rh124-9.0/pages/ch11s03/85223ae4-a208-4a0c-8807-f8580dad018f 2/4
Last login: Thu Jun 5 15:20:10 2014 from host.example.com
26/8/23, 18:12 RH124 - ch11s03

3. The default route to all networks on the IPv6 Internet (the ::/0 network) uses the router at the 2001:db8:0:1::ffff network and it is reachable
with the ens3 device.

Trace Traffic Routes


To trace the network traffic path to reach a remote host through multiple routers, use either the traceroute or the tracepath command. These
commands can identify issues with one of your routers or an intermediate router. Both commands use UDP packets to trace a path by default; however,
many networks block UDP and ICMP traffic. The traceroute command has options to trace the path with UDP (default), ICMP (-I), or TCP (-T)
packets. Typically, the traceroute command is not installed by default.

[user@host ~]$ tracepath access.redhat.com


...output omitted...
4: 71-32-28-145.rcmt.qwest.net 48.853ms asymm 5
5: dcp-brdr-04.inet.qwest.net 100.732ms asymm 7
6: 206.111.0.153.ptr.us.xo.net 96.245ms asymm 7
7: 207.88.14.162.ptr.us.xo.net 85.270ms asymm 8
8: ae1d0.cir1.atlanta6-ga.us.xo.net 64.160ms asymm 7
9: 216.156.108.98.ptr.us.xo.net 108.652ms
10: bu-ether13.atlngamq46w-bcr00.tbone.rr.com 107.286ms asymm 12
...output omitted...

Each line in the output of the tracepath command represents a router or hop that the packet passes through between the source and the final
destination. The command outputs information for each hop as it becomes available, including the round trip timing (RTT) and any changes in the 
maximum transmission unit (MTU) size. The asymm indication means that the traffic that reached the router returned from that router by different (
asymmetric) routes. These routers here are for outbound traffic, not for return traffic.

The tracepath6 and traceroute -6 commands are the equivalent IPv6 commands to the tracepath and traceroute commands.

[user@host ~]$ tracepath6 2001:db8:0:2::451


1?: [LOCALHOST] 0.091ms pmtu 1500
1: 2001:db8:0:1::ba 0.214ms
2: 2001:db8:0:1::1 0.512ms
3: 2001:db8:0:2::451 0.559ms reached
Resume: pmtu 1500 hops 3 back 3

Troubleshoot Port and Service Issues


TCP services use sockets as endpoints for communication, and are composed of an IP address, protocol, and port number. Services typically listen on
standard ports, whereas clients use a random available port. Well-known names for standard ports are listed in the /etc/services file.
https://rha.ole.redhat.com/rha/app/courses/rh124-9.0/pages/ch11s03/85223ae4-a208-4a0c-8807-f8580dad018f 3/4
The ss command is used to display socket statistics. The ss command replaces the earlier netstat tool, from the net-tools package, which might be
26/8/23, 18:12 RH124 - ch11s03

Option Description

-a Show all (listening and established) sockets.

-p Show the process that uses the sockets.

-A Display active connections (but not listening sockets) for the inet address family. That is, ignore local UNIX domain sockets.
inet For the ss command, both IPv4 and IPv6 connections are displayed. For the netstat command, only IPv4 connections are
displayed. (The netstat -A inet6 command displays IPv6 connections, and the netstat -46 command displays IPv4 and
IPv6 at the same time.)

 
References
ip-link(8), ip-address(8), ip-route(8), ip(8), ping(8), tracepath(8), traceroute(8), ss(8), and netstat(8) man pages

For more information, refer to the Configuring and Managing Networking Guide at https://access.redhat.com/documentation/en-


us/red_hat_enterprise_linux/9/html-single/configuring_and_managing_networking/index

https://rha.ole.redhat.com/rha/app/courses/rh124-9.0/pages/ch11s03/85223ae4-a208-4a0c-8807-f8580dad018f 4/4

You might also like