In Part-6 of the Learning Linux blog series, we learned how to configure and maintain Linux Systems.
In part 7, We will understand and manage the basic networking features.
- Configure networking and hostname resolution statically or dynamically
ip link show (Show the list of IP Interfaces),
IP address show (Show the IP addresses)
ip route show (Shows the routing table),
cat /etc/resolve.conf (show the DNS server IP Address)
NetworkManager: NetworkManager is a daemon that sits on top of libudev and other Linux kernel interfaces and provides a high-level interface for the configuration of the network interfaces.
Configure Network Interface:
sudo nmtui (Step1 - Launch GUI version of NM, Modify the IP as you like),
sudo nmcli device reapply ensps03(Step2 - enforce the changes forcefully),
sudo vi /etc/sysconfig/network-scripts/adaptername (Use this for CentOS 7 and earlier)
Host resolution: Host file
Sudo vi /etc/hosts (Use this file for manually putting host entry for hostname resolution locally)
- Configure network services to start automatically at boot
sudo systemctl status NetworkManager.service(Confirm if the NM Service is already installed)
Starting Network service at the boot time:
sudo nmcli connection modify ens0ps3 autoconnect yes (Set to start network adapter at boot time),
- Start, stop, and check the status of network services
ss and netstat: ss or netstat is used to dump socket statistics. ss is faster and provides more detailed information, making it the preferred choice for network analysis and troubleshooting in Linux. However, netstat is more widely available and provides a more comprehensive output. In conclusion, both ss and netstat are valuable tools for network analysis and troubleshooting.
sudo ss -ltunp
- Implement packet filtering
firewall-cmd --get-default-zone (show the default zones details)
firewall-cmd --list-all (list all ports or service details),
sudo firewall-cmd --info-service=cockpit (show the port for allowed service),
sudo firewall-cmd --remove-service=http (remove service),
sudo firewall-cmd --remove-port=80/tcp (remove port),
sudo firewall-cmd --add-source/--remove-source=10.11.12.0/24 --zone=trusted (Add or remove source network in trusted zone),
sudo firewall-cmd --get-active-zones (list all active zones)
Make the firewall changes permanent:
1st: sudo firewall-cmd --add-port=80/http (Allow port 80 on dynamic for current session),
sudo firewall-cmd --runetime-to-permanent (save the conf changes permanently),
2nd: sudo firewall-cmd --add-port=80/http --permanent (does not make active for the current session but makes permanent)
- Statically route IP traffic
sudo ip route add 192.168.0.0/24 vi 10.0.0.100 (adding route to move traffic for target network via gw),
sudo ip route add 192.168.0.0/24 vi 10.0.0.100 dev enp0s3 (adding route to move traffic for target network via gw using device enp0s3),
sudo ip route del 192.168.0.0/24(delete route),
sudo ip route add default via 10.0.0.100 (set gw for all traffic),
Add route permanently using Network Manager:
nmcli connection show(show the nm device interface),
sudo nmcli connection modify enp0s3 +ipv4.routes "192.168.0.0/24 10.0.0.100" ( Add the route - step1)
sudo nmcli device reapply enp0s3 (apply the settings - step2)
sudo ip route show (Confirm the change in the routing table)
Remove ip route:
sudo nmcli connection modify enp0s3 -ipv4.routes "192.168.0.0/24 10.0.0.100", (step1)
sudo nmcli device reapply enp0s3 (then re-apply the settings)
GUI Method: sudo nmtui,
sudo nmcli device reapply enp0s3(then re-apply the settings)
- Configure time service clients
chrony daemon (Daemon for sync clock), timedatact,
Setup the time & zone:
sudo timedatectl list-timezones (show all zones),
sudo timedatactl set-timezone America/New_York ( Set time zone to America/New_York)
• Configure chronyd service:
sudo yum install chrony, (Step1 - Intall chrony daemon if not present)
sudo systemctl start chronyd.service, (Step2 - Start the Chrony Daemon)
sudo timedatactl set-ntp true (Enable the NTP)
Note: Use the Linux manual using "man <command)" or "command --help" to access the command documentation for more detail.
#> echo "Thank you :)"
