UNIT:II Issues of TCP/IP Networking: Networking Interfaces, IP Addresses, Address

Resolution, IP Routing, IP Networks, Subnetworks, Gateways, The Routing Table, Metric Values, The
Internet Control Message Protocol, Resolving Host Names.

Issues of TCP/IP Networking

This is a problem which arises in TCP flow control. In this the sender window size shrinks to an
extremely low value due that the data being sent in each trip is even smaller than the TCP header.
Due to which TCP protocol becomes extremely inefficient.
 Inadequate memory
 Slow disk speed/contention
 Slow channel speed/contention
 Excessive workload
 Inadequate processors/slow processor speed
 Inefficient performance groups and dispatch priorities
 Resource competition among applications on same system
 Resource competition among LPARs

Network Interfaces
A network interface is how the kernel links up the software side of networking to the hardware
side. We've already seen an example of this:

pete@icebox:~$ ifconfig -a
eth0 Link encap:Ethernet HWaddr [Link]
inet addr:[Link] Bcast:[Link] Mask:[Link]
inet6 addr: fd60::21c:29ff:fe63:5cdc/64 Scope:Link

The ifconfig command

The ifconfig tool allows us to configure our network interfaces, if we don't have any network
interfaces set up, the kernel's device drivers and the network won't know how to talk to each other.
Ifconfig runs on bootup and configures our interfaces through config files, but we can also manually
modify them. The output of ifconfig shows the interface name on the left side and the right side
shows detailed information. You'll most commonly see interfaces named eth0 (first Ethernet card in
the machine), wlan0 (wireless interface), lo (loopback interface). The loopback interface is used to
represent your computer, it just loops you back to yourself. This is good for debugging or connecting
to servers running locally.

The status of interfaces, can be up or down, as you can guess if you wanted to "turn off" an
interface you can set it to go down. The fields you'll probably look at the most in the ifconfig output
is the HWaddr (MAC address of the interface), inet address (IPv4 address) and inet6 (IPv6
address). Of course you can see that the subnet mask and broadcast address are there as well. You
can also view interface information at /etc/network/interfaces.
To create an interface and bring it up

$ ifconfig eth0 [Link] netmask [Link] up

This assigns an IP address and netmask to the eth0 interface and also turns it up.
To bring up or down an interface
 $ ifup eth0
$ ifdown eth0

The ip command
The ip command also allows us to manipulate the networking stack of a system. Depending on the
distribution you are using it may be the preferred method of manipulating your network settings.
Here are some examples of its use:
To show interface information for all interfaces

$ ip link show

To show the statistics of an interface

$ ip -s link show eth0

To show ip addresses allocated to interfaces

$ ip address show

To bring interfaces up and down

$ ip link set eth0 up

$ ip link set eth0 down

To add an IP address to an interface

$ ip address add [Link]/24 dev eth0

IP Addresses
Find IP Address in Linux
Introduction
The IP addresses are a code name that is assigned to a system on a network. It operates as the
postal address which is providing network traffic is transferred to the correct system.
Prerequisites
o A Linux OS
o Access to a command line/terminal window
Find our IP address using Command Line
There are some different commands we can use for checking our IP address. We can begin by
opening a command line/terminal window to execute these commands.
1. With the hostname command
From the terminal window, we can check our IP address with the help of the following command:
1. hostname -I

Our system will show the internal IP address.

 2. With the ip addr Command
We can check our IP address by using a command, i.e., ip addr.
1. ip addr

Our system will scan our hardware and show the status of all the network adapters we have. Check
for the entry that tells ether/link. We should see any one of the below:
1. inet [Link]/24
2. inet6 fe80::a00:27ff:fe76:1e71/64
These entries will contain one for a wireless or WiFi adapter or wired or Ethernet adapter. Also, we
may have the entry for the virtual adapter. Only one entry will generally have the IP address listed
which is the one we will wish.
Important: The digit after the slash /64 -- and --/24 represents the network size. Also, it helps
with mapping and scanning the size of the network.
3. With the ifconfig Command
This method is used for finding our IP address associates applying the ifconfig command. Type the
following command in this command line:
1. ifconfig
The system will show every network connection like virtual, connected, and disconnected. Check for
the one labeled MULTICAST, RUNNING, BROADCAST, UP for finding our IP address. It lists
both IPv6 and IPv4 addresses.

Address Resolution
arp command manipulates the System’s ARP cache. It also allows a complete dump of the ARP
cache. ARP stands for Address Resolution Protocol. The primary function of this protocol is to
resolve the IP address of a system to its mac address, and hence it works between level 2(Data
link layer) and level 3(Network layer).
Syntax:
arp [-v] [-i if] [-H type] -a [hostname]
Example: Here we created two machines with name machine1 and machine2 with IP address
[Link] and [Link]
 Screenshot of hosts before adding
 Addition of host

 Hosts file after adding machines

 Now checking arp for all

Options:
 -v, –verbose: This option shows the verbose information.
 -n, –numeric: This option shows numerical addresses instead of symbolic host, port or
usernames.

 -H type, –hw-type type, -t type: This tells arp which class of entries it should check for.
Default value is ether. List of possible hardware types(which support ARP) are ash(Ash),
ether(Ethernet), ax25(AMPR AX.25), netrom (AMPR NET/ROM), rose (AMPR ROSE), arcnet
(ARCnet), dlci (Frame Relay DLCI), fddi (Fiber Distributed Data Interface), hippi (HIPPI),
irda (IrLAP), x25 (generic X.25), eui64 (Generic EUI-64).
 -a [hostname] –all: This option is used for showing entries of the specified host. If nothing is
passed all entries will be displayed.

 -d hostname, –delete hostname: Removes any entry for the specified host. If any host is
down, there is no need of keeping its entry in arp cache so this command is used to delete
those entries explicitly by the user.

 -D, –use-device: Use the given interface’s hardware address.

 -e: Shows the entries in default(Linux) Style.

 -i If, –device If: Select an interface. When dumping the ARP cache, only entries matching the
specified interface will be printed.
Note: This has to be different from the interface to which the IP datagrams will be routed.
 -s hostname hw_address: Manually create an ARP address mapping entry for the host
hostname with its mac address as hw_address.
 -f filename: Works same as -s but instead of giving the entries manually, it takes entry from
the file given as parameter.

Some useful flags are:

 -C: Complete entry.
 -M: Permanent entry.
 -P: Published entry.
Some useful file related to these data are:
 /proc/net/arp
 /etc/networks
 /etc/hosts/
 /etc/ethers

IP Routing
The IP/kernel routing table acts as a crucial map, determining how network packets are
forwarded between different hosts and networks. By utilizing the route command, Linux
administrators and users can establish static routes, enabling precise control over network
connectivity and optimizing data transmission. In this comprehensive guide, we will explore the
intricacies of the route command in Linux, unravel its functionalities, and delve into detailed
examples to gain a profound understanding of its usage.
Installing route Command
Many Linux distributions do not have route commands pre-installed. To install it use the following
commands as per your Linux distribution.
In case of Debian/Ubuntu
sudo apt-get install net-tools
In case of CentOS/RedHat
sudo dnf install net-tools
In case of Fedora OS
sudo dnf install net-tools
Working with route command
To display the IP/kernel routing table.
route

route
It displays the routing table entries.
To display routing table in full numeric form.
route -n

route -n
It is even useful when you have to determine why the route to nameserver has even vanished.
To add a default gateway.
sudo route add default gw [Link]

add default gateway

This assigns a gateway address to which all the packets that do not belong to the network are
forwarded.
Note: In this case the, we wish to choose [Link] as the default gateway. You may choose as
per your need.
To list kernel’s routing cache information.
route -Cn

route -Cn
To route the packets faster, Kernel maintains this routing cache information. The above command
will print the cache information. In this case, the cache information is maintained.
To reject routing to a particular host or network.
sudo route add -host [Link] reject
 reject routing
Now if you ping to the above-mentioned IP it will display ―Network is unreachable‖.
To get details of the kernel/IP routing table using ip command.
ip route

Details of IP routing table

This will give the details of the kernel/IP routing table and in this case, we have used IP
command.
To delete the default gateway.
route del default
 delete gateway
Caution:
This may lead to some malfunctioning of the internet. Keep a note of your default gateway before
proceeding with the command. This will remove the default gateway.

IP Networks
he ip command is a Linux networking tool for system and network administrators. IP stands for
Internet Protocol and as the name suggests, the tool is used for configuring network interfaces.
Older Linux distributions used the ifconfig command, which operates similarly.
However, ifconfig has a limited range of capabilities compared to the ip command.
How to Use the ip Command

ip [OPTION] OBJECT {COMMAND | help}

OBJECTS (or subcommands) that you will use most often include:
1. link (l) – used to display and modify network interfaces.
2. address (addr/a) – used to display and modify protocol addresses (IP, IPv6).
3. route (r) – used to display and alter the routing table.
4. neigh (n) – used to display and manipulate neighbor objects (ARP table).
There are many other objects and commands available. To see a full list type in the following
command:

ip help
Subnet
A subnet is a group of hosts with IP addresses that are similar in a certain way. These hosts usually
are in a proximate location from each other and you can easily send data to and from hosts on the
same subnet. Think about it as sending mail in the same zip code, it's a lot easier than sending mail
to a different state.

For example, all hosts with an IP address that starts with 123.45.67 would be on the same subnet.
My host has an IP of [Link] and Patty's has an IP of [Link]. The common numbers are my
network prefix and the 8 and 9 are our hosts, therefore my network is the same as Patty's. A
subnet is divided into a network prefix, such as [Link] and a subnet mask.

Subnet Masks
Subnet masks determine what part of your IP address is the network portion and what part is the
host portion.

A typical subnet mask can look something like this:

[Link]

The 255 portion is actually our mask. To make this a little easier to understand, remember how we
refer to each octet as 8 bits? In computer science a bit is denoted by a 0 or a 1 in binary form.
When binary numbers are used, 1 means on and 0 means off. So what does 8 0's or 1's equal?
Punch into Google "binary to decimal calculator" and convert 11111111 into a decimal form. What do
you get? 255! So an octet ranges from 0 to 255. So if we had a subnet mask of [Link], and
an IP address of [Link], how many hosts are on that subnet? We'll find out the answer to that
in our subnet math lesson.
Also when we talk about our subnet, we commonly denote it by the network prefix followed by the
subnet mask:

[Link]/[Link]
GATEWAY
A network gateway is a device that connects two networks together. In the context of Linux, a
gateway is often used to connect a local network to the Internet.
A gateway can be a hardware device, such as a router, or it can be a software program, such as a
proxy server.
By using a gateway, you can allow computers on your local network to access resources on the
Internet.
Methods to get network gateway in Linux
There are a few ways that you can check the gateway in Linux.
 use the ip route command. This command displays all of the information about your network
interfaces, including the gateway.
 use the route command. This command allows you to view and modify the routing table on your
system. To get the gateway, simply type ―route -n‖ into the terminal.
 use the netstat command. This command shows all active network connections and their status.
To get the network gateway, simply type ―netstat -rn‖ into the terminal.
Procedure to find network gateway in Linux
The procedure to check the network gateway in Linux is as follows:
 Open the terminal application.
 Type ip route command
 Press Enter to run the command.
 This command will display many information about your network interfaces, including the
gateway.

Find gateway ip with ip route command in Linux

The easiest way to find the gateway ip in Linux is using ip route command. Open the terminal and
type ―ip route‖ and press Enter. The gateway ip is typically listed under the ―default‖ section.
$ ip route
default via [Link] dev eth0 proto dhcp metric 100
[Link]/20 dev eth0 proto kernel scope link src [Link] metric 100

Routing Tables
This section describes the way to setup routing table as well as it explains the logic used to
prioritize interfaces.
The routing table is stored in the kernel which merely acts upon it. The route itself is set by the
user-space tools. There is no preference as any tool created for this reason will do. It can be either
a DHCP client, ip command or route command.
It is important to understand that NetworkManager changes the routing table whenever it creates
a new connection.
Routing table acts as a junction and is there to show where the different network subnets will be
routed to. An example of a routing table is shown below.
$ ip route \
default via [Link] dev wlp3s0 proto static metric 600 \
[Link]/24 dev wlp3s0 proto kernel scope link src [Link] metric 600 \
 [Link]/24 dev lxcbr0 proto kernel scope link src [Link] \
[Link]/16 dev docker0 scope link metric 1000 linkdown \
[Link]/16 dev docker0 proto kernel scope link src [Link] linkdown \
[Link]/24 dev virbr0 proto kernel scope link src [Link] linkdown
The first column is the subnet with the ―default‖ being a wildcard for everything else. The ―via‖
fragment points to the <Gateway> however when it is missing it indicates that that network is
connected directly and instead it describes a source address.
The metric field/column translates to the number of hops required to reach the destination and is
used to determine which route shall be preferred when there are more than one route available for
a specific destination. Since this value is related to the concept of distance, the lower it’s value is
the better.
The metric value can be set manually however when NetworkManager creates a connection the
following defaults are applied:
 Ethernet is preferred over WiFi
 WiFi is preferred over WWAN
Editing the routing tables
The routing table can be added or modified using the standard ip command which is available on
Ubuntu Core. You can find more information on its man page.
Separately it is possible to modify routing information per single connection using the nmcli tool.
The parameters such as: gateway, routes and metrics can be modified.
The following options are responsible:
[Link]:
[Link]:
[Link]-metric:

[Link]:
[Link]:
[Link]-metric:

metric linux
Maximum route metric on Linux
Ever wondered what is the maximum route metric value you can configure on Linux? man
interface and man ip state that route metric is a number, but don’t specify its range.

# ip route add [Link]/24 via [Link] metric 0

# ip route add [Link]/24 via [Link] metric 4294967295
# ip route add [Link]/24 via [Link] metric 4294967296
Error: argument "4294967296" is wrong: "metric" value is invalid

# ip route
[Link]/24 via [Link] dev eth0
[Link]/24 via [Link] dev eth0 metric 4294967295
ICMP Protocol
The ICMP stands for Internet Control Message Protocol. It is a network layer protocol. It is used
for error handling in the network layer, and it is primarily used on network devices such as routers.
As different types of errors can exist in the network layer, so ICMP can be used to report these
errors and to debug those errors.
For example, some sender wants to send the message to some destination, but the router couldn't
send the message to the destination. In this case, the router sends the message to the sender that
I could not send the message to that destination.
The IP protocol does not have any error-reporting or error-correcting mechanism, so it uses a
message to convey the information. For example, if someone sends the message to the destination,
the message is somehow stolen between the sender and the destination. If no one reports the error,
then the sender might think that the message has reached the destination. If someone in-between
reports the error, then the sender will resend the message very quickly.
Position of ICMP in the network layer
The ICMP resides in the IP layer, as shown in the below diagram.

Messages
The ICMP messages are usually divided into two categories:

o Error-reporting messages
The error-reporting message means that the router encounters a problem when it processes an IP
packet then it reports a message.
o Query messages
The query messages are those messages that help the host to get the specific information of
another host. For example, suppose there are a client and a server, and the client wants to know
whether the server is live or not, then it sends the ICMP message to the server.
ICMP Message Format
The message format has two things; one is a category that tells us which type of message it is. If
the message is of error type, the error message contains the type and the code. The type defines
the type of message while the code defines the subtype of the message.
The ICMP message contains the following fields:
o Type: It is an 8-bit field. It defines the ICMP message type. The values range from 0 to 127
are defined for ICMPv6, and the values from 128 to 255 are the informational messages.
o Code: It is an 8-bit field that defines the subtype of the ICMP message
o Checksum: It is a 16-bit field to detect whether the error exists in the message or not.
Resolving Host Names
In Linux networking, hostname resolution can be done through either the local /etc/hosts file,
which maps hostnames to IP addresses, or by using DNS, a distributed system for resolving
hostnames. Configure DNS servers and search domains in /etc/[Link]. We can customize the
lookup order in which /etc/hosts and DNS are used for hostname resolution
in /etc/[Link]. Domain names are hierarchical, with top-level domains at the highest level.
A search domain automatically appends a domain name to an unqualified hostname to simplify access
to local network resources. Record types like A, AAAA, and CNAME provide different information
for DNS lookups.

Linux networking — DNS