Linux provides a number of commands for examining network connections and sometimes creates new ones to expand functionality. Whether you’re managing a network at work or just watching out for your home systems, it’s important to understand your network connections–how you communicate with public systems and those on the local network. This article covers some of the most important commands available on Linux to help you get a clear understanding of your local network and how it reaches outside. While the links provided include important tips on using network commands, some include commands that have been deprecated in favor of newer commands. Some of the most important commands to know today include ip a, ip neigh, ping, tracepath, dig, tcpdump and whois. (If a command is deprecated, it doesn’t mean it doesn’t work or isn’t available. It means that the command has been replaced with a newer command that serves the same purpose and is likely better supported.) ip a The ip a command will provide information on your network interface. This includes your assigned IP address (even if assigned automatically) and the loopback address that is used when the system needs to communicate with itself, the benefit being that it remains stable where the assigned IP address may not always be the same. The ip a command has largely replaced the deprecated ifconfig command. It provides the same variety of data, but in a different format. The output below shows the loopback (lo) address (127.0.0.1) and the system’s assigned (enp0s25) address (192.168.0.7). $ ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s25: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:1d:09:77:9d:08 brd ff:ff:ff:ff:ff:ff inet 192.168.0.7/24 brd 192.168.0.255 scope global dynamic noprefixroute enp0s25 valid_lft 74857sec preferred_lft 74857sec inet6 fe80::bb32:464a:77a3:acd7/64 scope link noprefixroute valid_lft forever preferred_lft forever The ip link command provides similar information, but less of it. $ ip link 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: enp0s25: mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000 link/ether 00:1d:09:77:9d:08 brd ff:ff:ff:ff:ff:ff ip neigh $ arp -a _gateway (192.168.0.1) at 1c:64:99:ec:b1:97 [ether] on enp0s25 ? (192.168.0.6) at b0:c0:90:3f:10:15 [ether] on enp0s25 ? (192.168.0.4) at 74:e2:0c:da:27:53 [ether] on enp0s25 ? (192.168.0.18) at cc:3d:82:39:78:85 [ether] on enp0s25 ? (192.168.0.22) at on enp0s25 $ ip neigh 192.168.0.1 dev enp0s25 lladdr 1c:64:99:ec:b1:97 STALE 192.168.0.6 dev enp0s25 lladdr b0:c0:90:3f:10:15 REACHABLE 192.168.0.4 dev enp0s25 lladdr 74:e2:0c:da:27:53 REACHABLE 192.168.0.18 dev enp0s25 lladdr cc:3d:82:39:78:85 REACHABLE 192.168.0.22 dev enp0s25 FAILED fe80::1e64:99ff:feec:b197 dev enp0s25 lladdr 1c:64:99:ec:b1:97 router STALE The ip neigh command can provide even more detail about systems on your network including MAC address, and it supports removing IP addresses from your arp table. ping The ping command continues to be very useful by sending packets to another system to gather a response that shows that the system is up and reachable. $ ping www.networkworld.com PING idg.map.fastly.net (146.75.30.165) 56(84) bytes of data. 64 bytes from 146.75.30.165 (146.75.30.165): icmp_seq=1 ttl=57 time=49.2 ms 64 bytes from 146.75.30.165 (146.75.30.165): icmp_seq=2 ttl=57 time=32.4 ms 64 bytes from 146.75.30.165 (146.75.30.165): icmp_seq=3 ttl=57 time=125 ms 64 bytes from 146.75.30.165 (146.75.30.165): icmp_seq=4 ttl=57 time=75.9 ms --- idg.map.fastly.net ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3000ms rtt min/avg/max/mdev = 32.388/70.534/124.680/34.892 ms tracepath The tracepath command follows in the footsteps of the traceroute command. It allows you to see the route that a system takes to reach a remote system and is often used in troubleshooting connection problems. If you use tracepath to check your connection to your local router, the response should be short and quick. Remote systems usually require more time as tracepath moves between links and often descends into a series of “no reply” messages as routers along the way may not respond with details. The tracepath command defaults to a limit of 30 hops (connections between routers), but this can be increased using the -m options (e.g., tracepath -m 50). $ tracepath 192.168.0.1 1?: [LOCALHOST] pmtu 1500 1: _gateway 3.503ms reached 1: _gateway 2.558ms reached Resume: pmtu 1500 hops 1 back 1 $ tracepath world.std.com 1?: [LOCALHOST] pmtu 1500 1: _gateway 3.526ms 1: _gateway 4.212ms 2: _gateway 7.928ms pmtu 1492 2: 10.226.32.1 40.141ms 3: 10.17.1.29 50.127ms 4: 10.17.0.221 68.552ms 5: 10.17.0.226 45.820ms asymm 4 6: 10.25.0.137 54.701ms asymm 5 7: rest-b2-link.ip.twelve99.net 75.532ms asymm 6 8: rest-bb1-link.ip.twelve99.net 66.185ms asymm 9 9: ash-b2-link.ip.twelve99.net 73.287ms asymm 6 10: no reply 11: no reply 12: ae23.cs1.lga5.us.eth.zayo.com 81.707ms asymm 13 13: ae8.mpr3.bos2.us.zip.zayo.com 82.203ms asymm 10 14: 64.124.51.229.t495-rtr.towerstream.com 58.666ms asymm 12 15: 69.38.149.18 66.011ms asymm 13 16: 64.119.137.154 74.448ms asymm 14 17: world.std.com 112.248ms reached Resume: pmtu 1492 hops 17 back 14 nslookup and dig While the nslookup command is still well used, the dig command has largely replaced it and is considered a better choice. Here are some samples of the kind of output the dig command will provide: $ dig world.std.com ; > DiG 9.16.33-RH > world.std.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER tcpdump The tcpdump command can print out the headers of network packets as they reach your server or can be used with various filters to select just the packets you want to see. You can also save packets for later analysis. Acting as a sniffer, tcpdump can be a valuable troubleshooting tool. whois The whois command can find a lot of information about a domain. The output below is truncated but shows the kind of information you can expect to retrieve. $ whois networkworld.com | head -8 [Querying whois.verisign-grs.com] [Redirected to whois.markmonitor.com] [Querying whois.markmonitor.com] [whois.markmonitor.com] Domain Name: networkworld.com Registry Domain ID: 293248_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.markmonitor.com Registrar URL: http://www.markmonitor.com Testing upload and download speeds The speedtest tool, which you likely will have to install, can be used to calculate your upload and download speed. $ speedtest Retrieving speedtest.net configuration... Testing from Shentel Communications (204.111.9.197)... Retrieving speedtest.net server list... Selecting best server based on ping... Hosted by Lumos Fiber (Waynesboro, VA) [112.99 km]: 33.642 ms Testing download speed................................................................ Download: 6.87 Mbit/s Testing upload speed.................................................................. Upload: 1.38 Mbit/s Wrap-Up Linux provides a lot of very useful commands for checking network settings and testing connectivity. Related content how-to Compressing files using the zip command on Linux The zip command lets you compress files to preserve them or back them up, and you can require a password to extract the contents of a zip file. By Sandra Henry-Stocker May 13, 2024 4 mins Linux opinion NSA, FBI warn of email spoofing threat Email spoofing is acknowledged by experts as a very credible threat. By Sandra Henry-Stocker May 13, 2024 3 mins Linux how-to The logic of && and || on Linux These AND and OR equivalents can be used in scripts to determine next actions. By Sandra Henry-Stocker May 02, 2024 4 mins Linux how-to Using the apropos command on Linux By Sandra Henry-Stocker Apr 24, 2024 3 mins Linux PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe