15 Essential Network Commands for Developers/Sysadmins/DevOps: Examples and Uses
Jeff Shomali
Posted on January 4, 2023
- ping
- traceroute
- telnet
- nslookup:
- netstat
- arp
- route
- dig
- tcpdump
- ifconfig
- nmap
- ss
- iwconfig
- wpa_cli
- iptables
As a developer, it's important to be comfortable using various network commands to troubleshoot and debug issues that may arise in your projects. In this blog post, we'll go over some of the most commonly used network commands and provide examples of how they can be used.
ping
This command is used to test the connectivity between two devices on a network. It works by sending an ICMP (Internet Control Message Protocol) echo request to the specified destination, and then waits for a response. Here's an example of how to use ping:
ping google.com
This command will send ping requests to google.com and display the results, including the time it took for each request to be sent and received.
traceroute
This command is used to trace the route that network packets take from the source to the destination. It can be helpful for identifying issues with routing, as well as for understanding the path that packets take through the network. Here's an example of how to use traceroute:
traceroute google.com
This command will trace the route to google.com and display the results, including the hostname and IP address of each hop along the way.
telnet
This command is used to establish a connection to a remote device using the Telnet protocol. It can be used to test connectivity to a specific port on a remote device, or to connect to a device's command line interface (CLI) for further troubleshooting. Here's an example of how to use telnet:
telnet google.com 80
This command will attempt to establish a Telnet connection to google.com on port 80 (the default HTTP port). If the connection is successful, you'll be able to send HTTP requests to the server and see the responses.
nslookup:
This command is used to query the Domain Name System (DNS) to resolve hostnames to IP addresses, or vice versa. It can be useful for verifying that DNS records are correct, or for finding the IP address of a specific hostname. Here's an example of how to use nslookup:
nslookup google.com
This command will look up the IP address for google.com and display the results. You can also use nslookup to perform a reverse lookup, by specifying an IP address instead of a hostname:
nslookup 8.8.8.8
This command will look up the hostname for the IP address 8.8.8.8 (which happens to be a Google DNS server).
netstat
This command is used to display information about network connections on a device. It can be used to see what ports are open, what connections are established, and what protocols are being used. Here's an example of how to use netstat:
netstat -an
This command will display all active network connections on the device, including the protocol (TCP or UDP), the local and remote address and port, and the status of the connection. You can use various flags to filter the results or display additional information.
arp
This command is used to view and modify the Address Resolution Protocol (ARP) cache on a device. ARP is used to map IP addresses to physical (MAC) addresses on a network. Here's an example of how to use arp:
arp -a
This command will display the ARP cache for the device, showing the IP and MAC addresses of all known devices on the network. You can use various flags to add, delete, or modify entries in the ARP cache.
route
This command is used to view and modify the routing table on a device. The routing table specifies the next hop for packets based on their destination address. Here's an example of how to use route:
route -n
This command will display the routing table for the device, showing the destination, gateway, and other information for each route. You can use various flags to add, delete, or modify routes in the routing table.
dig
This command is used to query DNS servers for information about domain names. It can be used to perform a variety of DNS lookups, such as A record lookups (to resolve hostnames to IP addresses), MX record lookups (to find mail servers for a domain), and more. Here's an example of how to use dig:
dig google.com A
This command will perform an A record lookup for google.com and display the results, including the IP addresses associated with the hostname.
tcpdump
This command is used to capture and analyze network traffic on a device. It can be helpful for troubleshooting issues with network communication, as well as for understanding how network protocols work. Here's an example of how to use tcpdump:
tcpdump -i eth0 -s 0 -w capture.pcap
This command will capture all traffic on the eth0 interface and save it to a file called capture.pcap. The -s
0 flag specifies that the entire packet should be captured (up to the maximum size), and the -w
flag specifies the output file. You can use various flags to filter the traffic or display it in different ways.
ifconfig
This command used to configure network interfaces on Unix-like systems. It can be used to view and set the IP address, network mask, and other network settings for a device. Here's an example of how to use ifconfig:
ifconfig eth0 192.168.1.10 netmask 255.255.255.0
This command will set the IP address of the eth0
interface to 192.168.1.10
and the network mask to 255.255.255.0
. These values will be used by the device to determine which IP addresses are on the same network and which require routing through a gateway.
You can also use ifconfig to view the current settings for a network interface. For example:
ifconfig eth0
This command will display the current IP address, network mask, and other settings for the eth0 interface.
Note that ifconfig has been deprecated in some systems and replaced by the ip command. However, it is still widely used and supported.
nmap
This command is used to scan networks for open ports and other information about networked devices. It can be used for a variety of purposes, such as network security analysis, vulnerability assessment, and more. Here's an example of how to use nmap:
nmap -sT google.com
This command will perform a TCP SYN scan of google.com, which attempts to connect to all specified ports to determine which ones are open. You can use various flags to customize the scan, such as specifying the ports to scan or the type of scan to perform.
ss
This command is used to display information about network sockets on a device. It can be used to see what connections are established, what protocols are being used, and more. Here's an example of how to use ss:
ss -t -a
This command will display all TCP sockets on the device, showing the local and remote address and port, as well as the state of the connection. You can use various flags to filter the results or display additional information.
iwconfig
This command is used to configure wireless interfaces on Linux systems. It can be used to view and set the SSID, frequency, and other wireless settings for a device. Here's an example of how to use iwconfig:
iwconfig wlan0
This command will display the current wireless settings for the wlan0 interface. You can use various flags to set different values, such as the SSID or the frequency.
wpa_cli
This command is used to manage and control the wpa_supplicant daemon, which is used to connect to wireless networks on Linux systems. It can be used to scan for available networks, connect to a specific network, and more. Here's an example of how to use wpa_cli:
wpa_cli scan
This command will scan for available wireless networks and display the results. You can then use the wpa_cli command to connect to a specific network by specifying the SSID and passphrase.
iptables
This command is used to configure the Linux kernel's built-in firewall. It can be used to specify rules for how packets should be filtered based on various criteria, such as the source or destination address, the protocol, and more. Here's an example of how to use iptables:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
This command will add a rule to the firewall that allows incoming TCP packets on port 80 (the default HTTP port). The -A INPUT
flag specifies that the rule should be added to the INPUT chain (for incoming packets), and the -j ACCEPT
flag specifies that the packets should be accepted and allowed through the firewall.
These are just a few examples of the many network commands that are available for developers to use. Whether you're working on a server, a network device, or a client application, being familiar with these and other network commands can be an invaluable tool for debugging and troubleshooting issues.
Posted on January 4, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.
Related
January 4, 2023