Common Linux Network Configuration Commands and Examples

1. Network Interfaces

1.1 Configuring IP Address

yum install net-tools
# Use ifconfig
ifconfig eth0 192.168.1.3 netmask 255.255.255.0
# Add ipv6 address
ifconfig eth1 add 240e:981:f200::100/64
# Add network card alias
ifconfig eth0:0 192.168.1.10
# Use ip command to add/remove an IP
ip addr add 192.168.1.4/24 dev eth0
ip addr del 192.168.1.4/24 dev eth0

The configured <span>IP</span> address will be lost after rebooting the machine, so it is generally recommended to write the network configuration into a file. For example, <span>Ubuntu</span> can write the network card configuration into <span>/etc/network/interfaces</span> (while <span>Redhat</span> and <span>CentOS</span> need to write it into <span>/etc/sysconfig/network-scripts/ifcfg-eth0</span>):

auto lo    iface lo inet loopback
auto eth0    iface eth0 inet static        address 192.168.1.3        netmask 255.255.255.0        gateway 192.168.1.1
auto eth1    iface eth1 inet dhcp

After modifying the network interface configuration file, you can execute the command <span>service network restart</span> to make the configuration take effect.

Command to get the IP address of a specified interface <span>ifconfig eth0 | grep 'inet ' | awk '{print $2}'</span>

1.2 Configuring VLAN

# To use VLAN tagging interfaces in CentOS 7 / RHEL 7 / CentOS 8 / RHEL 8 systems, the kernel module 8021q must be loaded
lsmod | grep -i 8021q
# Install and load the kernel module
apt-get install vlan
modprobe 8021q
# or
yum install -y vconfig
# Add VLAN
vconfig add eth0 100
ifconfig eth0.100 192.168.100.2 netmask 255.255.255.0
# Remove VLAN
vconfig rem eth0.100

# Use ip command to create VLAN
ip link add link eth0 name eth0.5 type vlan id 5
ip addr add 192.168.1.200/24 brd 192.168.1.255 dev eth0.5
ip link set dev eth0.5 up
# Remove VLAN interface
ip link set dev eth0.5 down
ip link delete eth0.5
# Example
vconfig add bond1 1200
ifconfig bond1.1200 120.31.144.210/24
ip a show bond1.1200

How to configure VLAN under Linux[1] How to use Ethernet cards with VLAN tagging in CentOS/RHEL systems

1.3 Configuring MAC Address

ifconfig eth0 down
ifconfig eth0 hw ether  1e:b0:01:8c:eb:3f
ifconfig eth0 up
ifconfig eth1 down
ip link set dev eth1 address 52:54:00:a1:b2:c3
ip link set dev eth1 up
ip link set link ens4f0 address 00:5e:82:1f:90:f0 ens4f0.1300 type macvlan

multiple MAC addresses on one physical network interface (linux)[2]

1.4 Configuring Network Card Promiscuous Mode

ifconfig eth0 promisc # Set the network card to promiscuous mode
ifconfig eth0 -promisc # Disable promiscuous mode
cat /sys/class/net/eth0/flags

To determine if a network interface is in promiscuous mode, we need to check if the <span>IFF_PROMISC</span> flag is set in this flag value. In Linux systems, <span>IFF_PROMISC</span> typically corresponds to the hexadecimal value <span>0x100</span>.

# Replace eth0 with the name of the network interface you want to query
INTERFACE="eth0"
# Read the contents of the flags file
FLAGS=$(cat /sys/class/net/${INTERFACE}/flags)
# Convert flags to decimal
FLAGS_DEC=$(( $FLAGS ))
# Check if the IFF_PROMISC flag (0x100) is set
if(( FLAGS_DEC & 0x100 )); then
    echo "${INTERFACE} is in promiscuous mode."
else
    echo "${INTERFACE} is not in promiscuous mode."
fi

1.5 Viewing Network Card PCI Information

lspci | grep net
lspci -v | grep Ethernet
lspci -s 81:00.0 -vv | grep Lnk

1.6 Bonding Interfaces

There are a total of 7 modes for bonding

<span>BOND_MODE_ROUNDROBIN</span> 0 (balance-rr mode) load balancing mode for network cards <span>BOND_MODE_ACTIVEBACKUP</span> 1 (active-backup mode) fault tolerance mode for network cards <span>BOND_MODE_XOR</span> 2 (balance-xor mode) requires switch support (uses source and destination MAC to hash and select link, ensuring traffic to a specific endpoint always goes out from the same interface) <span>BOND_MODE_BROADCAST</span> 3 (broadcast mode) <span>BOND_MODE_8023AD</span> 4 (IEEE 802.3ad dynamic link aggregation mode) requires switch support <span>BOND_MODE_TLB</span> 5 adaptive transmission load balancing mode <span>BOND_MODE_ALB</span> 6 network card virtualization method (receiving load balancing is achieved through ARP negotiation)

lsmod | grep bond
nmcli con add type bond con-name bond2 ifname bond2 mode active-backup ipv4.method manual ipv4.addresses 192.168.20.100/24 ipv4.gateway 192.168.20.1 ipv4.dns 192.168.20.1
nmcli connection add type bond-slave ifname ens4f0 master bond2
nmcli connection add type bond-slave ifname ens4f1 master bond2
nmcli connection up bond-slave-ens4f0
nmcli connection up bond-slave-ens4f1
nmcli connection up bond2
cat /proc/net/bonding/bond2
ifenslave -a
cat /proc/net/bonding/bond1 | grep -i mode /proc/net/bonding/bond1
cat /sys/class/net/bond0/bonding/mode
ip link show master bond1
ip link | grep bond0

Linux multi-network card bonding and network team[3] Link layer network card aggregation – based on Linux bonding[4]

1.7 Configuring Neighbor Table

[root@vm1 ~]# ip -6 nei
240e:981:f200::3e7 dev eth1 lladdr de:ad:00:00:00:01 STALE
240e:981:f200:2::1 dev eth1  FAILED
fe80::dcad:ff:fe00:1 dev eth1 lladdr de:ad:00:00:00:01 router STALE
[root@vm1 ~]#
[root@vm1 ~]# ip -6 nei add 240e:981:f200:2::1 dev eth1
RTNETLINK answers: File exists
[root@vm1 ~]# ip -6 nei del 240e:981:f200:2::1 dev eth1
[root@vm1 ~]# ip -6 nei add 240e:981:f200:2::1 dev eth1
RTNETLINK answers: Invalid argument
[root@vm1 ~]# ip -6 nei add 240e:981:f200:2::1 dev eth1 lladdr de:ad:00:00:00:01
RTNETLINK answers: File exists
[root@vm1 ~]# ip -6 nei 240e:981:f200::3e7 dev eth1 lladdr de:ad:00:00:00:01 STALE
240e:981:f200:2::1 dev eth1 lladdr de:ad:00:00:00:01 PERMANENT
fe80::dcad:ff:fe00:1 dev eth1 lladdr de:ad:00:00:00:01 router STALE
[root@vm1 ~]#

For ipv4, it is the ARP table:

arp -n
arp -s 10.1.2.3 aa:bb:cc:11:22:33
arp -i eth1 -s 10.1.2.3 aa:bb:cc:11:22:33
arp -d 10.1.2.3

2. Routing

2.1 Querying the Routing Table

route -n
route -6 -n     # for ipv6
ip -6 route show
ip route list
netstat -nr
netstat -nr -6
ip route get 192.168.0.2

Explanation of the output items of the route command

Output Item Description
Destination Target subnet or host
Gateway Gateway address, <span>*</span> indicates that the target is on the local network and does not require routing
Genmask Network mask
Flags Flags. Some possible flags are as follows:
U — Route is active
H — Target is a host
G — Route points to a gateway
R — Recover dynamically generated routing table entries
D — Dynamically installed by the routing daemon
M — Modified by the routing daemon
! — Deny route
Metric Route distance, the number of hops required to reach the specified network (not used in the Linux kernel)
Ref Route entry reference count (not used in the Linux kernel)
Use Number of times this route entry has been looked up by the routing software
Iface The output interface corresponding to this routing table entry

2.2 Configuring Routes

# Use route command to add default route
route add default gw 192.168.1.1
# You can also use ip command
ip route add default via 192.168.1.1
ip ro add default via 11.0.102.254 dev eth0 metric 101
ip -6 route add default via fd51:192:168:1::1 dev enp0s4
# Delete default route
ip route del default via 192.168.1.1
ip route del 0.0.0.0/0 dev eth1
# Add/Delete subnet route
ip route add 192.168.5.0/24 dev eth1
ip route del 192.168.5.0/24
ip route add 21.0.1.0/24 via 192.168.0.1

Configuring permanent routes and changing the default route in CentOS 7[5]

3. Statistics

3.1 Viewing Network Interface Statistics

netstat --interfaces=eth1
netstat -I=eth1
# all interfaces
netstat -i
cat /proc/net/dev | grep -e packets -e Receive -e vnet1
ifconfig eth0
watch -d -n1 netstat -s -u 
ip -s link show dev eth0
ethtool -S ens4f0 | grep -v ': 0' | grep port

3.2 Viewing Real-time Traffic Rate of Network Cards

yum install sysstat
sar -n DEV 12
sar -n DEV --iface=ens3f0 15
sar -n DEV --iface=eth1,eth2 110
# rxpck/s Number of packets received per second
# txpck/s Number of packets sent per second
# rxKB/s Amount of data received per second, in KBytes
cat /proc/net/dev
watch -n 1 -d 'ifconfig eth4 | grep -E "packets|bytes"'

4. Bridging

yum install bridge-utils
brctl show  [bridge]
brctl addbr bridge1
brctl addif bridge1 eth1
ip link show type bridge
# shows a list of learned MAC addresses for this bridge
brctl showmacs <bridge>
root@localhost:~# brctl showmacs virbr0
port no    mac addr        islocal?    ageing timer
8    52:54:00:48:bb:ba    no            16.396
52:54:00:51:a2:dd    no          5.31  # mac address not belonging to any local interface
5    52:54:00:6d:74:5b    no            15.041
1    52:54:00:d1:63:a9    yes         0.00  # mac address belonging to a local interface
7    52:54:00:e4:e0:d9    no            164.818
fe:54:00:48:bb:ba    yes           0.008
fe:54:00:48:bb:ba    yes           0.006
fe:54:00:51:a2:dd    yes           0.006
fe:54:00:51:a2:dd    yes           0.005
fe:54:00:6d:74:5b    yes           0.005
fe:54:00:6d:74:5b    yes           0.003
fe:54:00:75:90:08    yes           0.003
fe:54:00:75:90:08    yes           0.002
fe:54:00:ab:75:ea    yes           0.002
fe:54:00:ab:75:ea    yes           0.004
fe:54:00:b6:d4:d3    yes           0.004
fe:54:00:b6:d4:d3    yes           0.007
fe:54:00:e4:e0:d9    yes           0.007
fe:54:00:e4:e0:d9    yes           0.00
root@localhost:~#
# Prevent traffic bridged to the system from being filtered or processed by iptables rules (reduce performance loss)
echo 0>/proc/sys/net/bridge/bridge-nf-call-iptables

5. Network Namespaces

Network Namespace is a feature provided by the Linux kernel that allows various operations to be performed using the IP command.

Network Namespaces can achieve the segmentation and isolation of network-related resources. Processes running in a separate Network Namespace have their own network devices, routing tables, firewall rules, etc. It is an important feature for network virtualization, allowing the creation of multiple isolated network spaces, each with its own network stack information. Whether virtual machines or containers, they run as if they are in an independent network.

man ip-netns
ip netns add net1
ip netns list
ip netns exec net1 ip a
ip netns exec net1 ip r
ip netns exec net1 ifup lo
ip netns exec net1 route -n
ip netns exec net1 tcpdump -i net1-if6 -ennlv
ip netns exec net1 netstat -antpl

6. Reference Documents

man ip[6] ethtool promiscuous mode[7] How to bring bond0/eth0 interface UP[8] Several ways to view real-time network card traffic in Linux[9] Six methods to view network card traffic in Linux[10] Using network namespaces in Linux[11]

Links

<span>[1]</span> How to configure VLAN under Linux:https://blog.csdn.net/guyan1101/article/details/77932619<span>[2]</span> multiple MAC addresses on one physical network interface (linux):https://serverfault.com/questions/223601/multiple-mac-addresses-on-one-physical-network-interface-linux<span>[3]</span> Linux multi-network card bonding and network team:https://www.cnblogs.com/eddie1127/p/11385604.html<span>[4]</span> Link layer network card aggregation – based on Linux bonding:https://blog.csdn.net/dog250/article/details/6376698<span>[5]</span> Configuring permanent routes and changing the default route in CentOS 7:https://blog.csdn.net/fangwei1234/article/details/125165027<span>[6]</span> man ip:https://linux.die.net/man/8/ip<span>[7]</span> ethtool promiscuous mode:https://blog.csdn.net/jpmsdn/article/details/86469941<span>[8]</span> How to bring bond0/eth0 interface UP:https://stackoverflow.com/questions/33029708/how-to-bring-bond0-eth0-interface-up<span>[9]</span> Several ways to view real-time network card traffic in Linux:https://www.jianshu.com/p/b9e942f3682c<span>[10]</span> Six methods to view network card traffic in Linux:https://www.jb51.net/LINUXjishu/593625.html<span>[11]</span> Using network namespaces in Linux:https://blog.csdn.net/guotianqing/article/details/82356096

Related Articles:

  • Observing the packet send/receive rate of network interfaces using the sar command

  • nmcli device status shows unmanaged interface status on Ubuntu system

  • Traceroute command study notes

  • Using tcpdump for precise packet filtering in vxlan networks

  • How to use the mtr command to diagnose network latency issues

  • How to generate a specified number of random and non-repeating IP addresses

For more great articles, please follow ↓

Related posts

  1. TP-Link Wireless Router Setup Guide
  2. Developer’s Guide | Prerequisites for Using PetaLinux
  3. Hybrid Teaching Design Based on Lanmo Cloud Class Platform
  4. Easily Start a Side Hustle: Making Music with Linux
  5. How to Install Nutstore on Linux Mint
  6. Learn Linux File System and Common File Operations Easily!
  7. Deep Optimization of Linux File System: Revitalize Your Disk
  8. Installing Linux Operating System
  9. Time To Abandon 32-Bit Linux For 64-Bit
  10. Understanding the Read Command in Linux
  11. Linux System Common Commands Quick Reference Guide
  12. Complete Guide to Changing Ubuntu Sources
  13. Summary of Common Linux Commands (Part 1)
  14. Understanding Essential Systems for Machine Learning: Linux (With Common & Advanced Commands)
  15. Setting Up a Linux Firewall for Uncompromised Security
  16. Recommended Linux C++ Project: File Server + How to Quickly Get Started with Large C++ Projects
  17. Overview of Seven Major Desktop Environments on Linux
  18. Advanced File System Management in Linux
  19. Linux I/O Performance Optimization

Leave a Comment