Networking is the circulatory system of modern IT infrastructure. Every service, application, and user interaction depends on network connectivity. When something goes wrong β a website is unreachable, DNS resolution fails, latency spikes, or packets are being dropped β you need to diagnose the problem quickly and accurately from the command line.
This comprehensive reference covers the essential Linux networking commands that every system administrator, DevOps engineer, and network troubleshooter needs to know in 2026. From basic connectivity testing to advanced packet analysis, these commands form the toolkit for diagnosing and resolving any network issue you will encounter.
Network Interface Configuration
Understanding and configuring network interfaces is the foundation of Linux networking. These commands show you what interfaces exist, how they are configured, and let you make changes.
ip β The Modern Network Swiss Army Knife
The ip command has replaced the older ifconfig command on all modern Linux distributions. It provides comprehensive control over network interfaces, addresses, routes, and tunnels.
ip addr show(orip a) β Display all network interfaces and their IP addresses. This is the first command you run when troubleshooting: it shows interface names, IPv4/IPv6 addresses, MAC addresses, and interface state (UP/DOWN)ip addr show eth0β Show details for a specific interfaceip link showβ Display interface link-layer information (MAC addresses, MTU, state)ip link set eth0 upβ Bring an interface upip link set eth0 downβ Take an interface downip addr add 192.168.1.100/24 dev eth0β Add an IP address to an interfaceip addr del 192.168.1.100/24 dev eth0β Remove an IP address from an interface
Understanding ip addr Output
| Field | Meaning | Example |
|---|---|---|
| state | Interface operational state | UP, DOWN, UNKNOWN |
| mtu | Maximum Transmission Unit (packet size) | 1500 (standard Ethernet) |
| inet | IPv4 address with subnet mask | 192.168.1.100/24 |
| inet6 | IPv6 address | fe80::1/64 |
| link/ether | MAC (hardware) address | 00:11:22:33:44:55 |
| scope | Address scope | global, link, host |
Routing and Gateway Commands
Routing determines how packets travel from your server to their destination. Misconfigured routing is one of the most common causes of connectivity issues.
ip route show(orip r) β Display the routing table. Shows the default gateway, directly connected networks, and any static routesip route get 8.8.8.8β Show which route a specific destination would use. Extremely useful for debugging routing decisionsip route add 10.0.0.0/8 via 192.168.1.1β Add a static routeip route del 10.0.0.0/8β Remove a static routeip route add default via 192.168.1.1β Set the default gatewaytraceroute destination(ortracepath) β Trace the path packets take to a destination, showing every router (hop) along the way. Essential for identifying where in the network a problem occursmtr destinationβ Combines traceroute and ping into a single real-time diagnostic tool. Shows packet loss and latency at each hop. This is the most powerful route diagnostic tool available
Connectivity Testing
These commands answer the most basic networking question: "Can I reach this destination?"
ping β The Universal Connectivity Test
ping 8.8.8.8β Test basic IP connectivity to Google's DNS. If this works, your internet connection is functionalping -c 5 192.168.1.1β Send exactly 5 ping packets (useful in scripts)ping -i 0.2 hostnameβ Ping every 0.2 seconds instead of the default 1 second (requires root)ping -s 1400 hostnameβ Send larger packets to test MTU issuesping6 ::1β Ping using IPv6
Interpreting Ping Output
| Metric | Good Value | Concerning Value | Meaning |
|---|---|---|---|
| Latency (ms) | < 50ms (local) | > 200ms | Round-trip time for each packet |
| Packet loss | 0% | > 1% | Percentage of packets that did not return |
| Jitter | < 5ms variance | > 30ms variance | Variation in latency between packets |
| TTL | 64 or 128 | Very low values | Time To Live β decrements at each hop |
curl and wget β HTTP Connectivity
curl -I https://example.comβ Fetch only HTTP headers (check if a web server responds)curl -o /dev/null -s -w "%{http_code}" https://example.comβ Get only the HTTP status code (useful in scripts)curl -v https://example.comβ Verbose mode showing TLS handshake, headers, and responsewget --spider https://example.comβ Check if a URL is reachable without downloading
DNS Diagnostics
DNS (Domain Name System) translates domain names to IP addresses. DNS failures are the cause of an enormous percentage of "the internet is broken" reports. These commands help you diagnose DNS issues quickly.
dig example.comβ Query DNS records with detailed output including TTL, record type, and response time. The most comprehensive DNS diagnostic tooldig +short example.comβ Show only the answer (just the IP address)dig example.com MXβ Query specific record types (MX for mail, AAAA for IPv6, TXT for SPF/DKIM)dig @8.8.8.8 example.comβ Query a specific DNS server (bypass your system resolver)dig +trace example.comβ Trace the full DNS resolution path from root servers to authoritative nameserversnslookup example.comβ Simpler DNS query tool (available on most systems including Windows)host example.comβ Quick DNS lookup with clean outputresolvectl statusβ Show systemd-resolved configuration (modern systems)
Common DNS Record Types
| Type | Purpose | Example Query |
|---|---|---|
| A | IPv4 address | dig example.com A |
| AAAA | IPv6 address | dig example.com AAAA |
| MX | Mail server | dig example.com MX |
| CNAME | Alias to another domain | dig www.example.com CNAME |
| TXT | Text records (SPF, DKIM, verification) | dig example.com TXT |
| NS | Nameservers | dig example.com NS |
| SOA | Start of Authority | dig example.com SOA |
| PTR | Reverse DNS (IP to hostname) | dig -x 8.8.8.8 |
Port and Connection Analysis
Understanding which ports are open, which services are listening, and who is connected is essential for both troubleshooting and security.
ss β Socket Statistics (Modern)
The ss command has replaced netstat on modern systems. It is faster and provides more detailed information.
ss -tulnβ Show all listening TCP and UDP ports with numeric addresses. This is the "what is my server exposing?" commandss -tunpβ Show established connections with process names (requires root for -p)ss -sβ Display socket statistics summary (total connections by state)ss state establishedβ Show only established connectionsss -tuln sport = :80β Filter for a specific portss -o state time-waitβ Show TIME_WAIT connections (useful for diagnosing connection exhaustion)
netstat β Legacy but Still Useful
netstat -tulnβ Equivalent toss -tuln(available on older systems)netstat -rnβ Display routing table (equivalent toip route show)netstat -sβ Protocol statistics (TCP retransmissions, errors, etc.)
Testing Port Connectivity
nc -zv hostname 443β Test if a specific port is open (netcat)nc -zv hostname 80-100β Scan a range of portstelnet hostname 25β Connect to a specific port (useful for testing SMTP, HTTP manually)nmap -sT hostnameβ Comprehensive port scan (more powerful than nc, must install separately)nmap -sV hostnameβ Detect service versions on open ports
Firewall Management
Firewalls control which traffic is allowed in and out of your server. Misconfigured firewalls are one of the top causes of "my service is running but nobody can connect."
FirewallD (RHEL/AlmaLinux/Rocky/Fedora)
firewall-cmd --stateβ Check if firewall is runningfirewall-cmd --list-allβ Show all rules for the default zonefirewall-cmd --permanent --add-port=8080/tcpβ Open a port permanentlyfirewall-cmd --permanent --add-service=httpsβ Allow a service by namefirewall-cmd --reloadβ Apply permanent changes
UFW (Ubuntu/Debian)
ufw status verboseβ Show all firewall rulesufw allow 443/tcpβ Allow incoming TCP on port 443ufw deny from 10.0.0.0/8β Block an IP rangeufw enable/ufw disableβ Toggle the firewall
iptables (Low-Level)
iptables -L -n -vβ List all rules with packet/byte countersiptables -A INPUT -p tcp --dport 80 -j ACCEPTβ Add an allow ruleiptables -A INPUT -s 10.0.0.0/8 -j DROPβ Block an IP range
Bandwidth and Traffic Monitoring
Monitoring network bandwidth helps identify bottlenecks, unusual traffic patterns, and potential security issues.
iftopβ Real-time bandwidth monitoring per connection (like top for network). Shows which connections are consuming the most bandwidthnethogsβ Group bandwidth usage by process (shows which application is using the network)vnstatβ Long-term traffic monitoring with hourly, daily, and monthly statisticsiperf3 -s(server) /iperf3 -c server-ip(client) β Measure network throughput between two hosts. Essential for validating bandwidth capacitytc qdisc showβ Show traffic control and queuing disciplines (advanced QoS)
Packet Capture and Analysis
When higher-level tools cannot identify the problem, packet capture lets you see exactly what is happening on the wire.
tcpdump -i eth0β Capture all packets on an interfacetcpdump -i eth0 port 80β Capture only HTTP traffictcpdump -i eth0 host 192.168.1.100β Capture traffic to/from a specific hosttcpdump -i eth0 -w capture.pcapβ Save capture to a file for later analysis (open in Wireshark)tcpdump -i eth0 -c 100β Capture exactly 100 packets then stoptcpdump -i eth0 'tcp[tcpflags] & tcp-syn != 0'β Capture only SYN packets (new connections)
Network Troubleshooting Workflow
When diagnosing network issues, follow this systematic approach:
- Check local interface:
ip addr showβ Is the interface up? Does it have an IP? - Test local connectivity:
ping gateway-ipβ Can you reach your default gateway? - Test internet connectivity:
ping 8.8.8.8β Can you reach the internet by IP? - Test DNS resolution:
dig example.comβ Is DNS working? - Check routing:
ip route get destination-ipβ Is traffic going the right way? - Check firewall:
firewall-cmd --list-alloriptables -L -nβ Is the firewall blocking traffic? - Check services:
ss -tulnβ Is the service actually listening? - Trace the path:
mtr destinationβ Where in the network is the problem? - Capture packets:
tcpdumpβ What is actually happening on the wire?
Quick Reference Table
| Task | Command |
|---|---|
| Show IP addresses | ip addr show |
| Show routing table | ip route show |
| Test connectivity | ping hostname |
| DNS lookup | dig hostname |
| Trace route | mtr hostname |
| Show listening ports | ss -tuln |
| Test port open | nc -zv host port |
| Firewall rules | firewall-cmd --list-all |
| Capture packets | tcpdump -i eth0 |
| Bandwidth monitoring | iftop |
Frequently Asked Questions
What is the difference between ip and ifconfig?
ip is the modern replacement for ifconfig. The ifconfig command is deprecated on most modern Linux distributions and may not be installed by default. Always use ip addr instead of ifconfig, ip route instead of route, and ss instead of netstat.
How do I find which process is using a specific port?
Run ss -tulnp | grep :PORT (replace PORT with the port number). The -p flag shows the process name and PID. You may need root/sudo to see process information for services running as other users.
How do I check if a remote port is open?
Use nc -zv hostname port for a quick test. For more thorough scanning, use nmap hostname. If nc reports "Connection refused," the port is closed but the host is reachable. If it times out, either the port is filtered by a firewall or the host is unreachable.
What does "Connection refused" mean vs "Connection timed out"?
"Connection refused" means the host received your connection request but no service is listening on that port β the host is reachable but the service is not running. "Connection timed out" means the host never responded β either it is down, unreachable, or a firewall is silently dropping packets.
How do I find my public IP address from the command line?
Run curl -s ifconfig.me or curl -s icanhazip.com. These services return your public-facing IP address. For finding your local/private IP, use ip addr show and look for inet addresses on your primary interface.
Related Resources
- Linux Networking Fundamentals β Complete networking eBook
- SSH Mastery: Secure Remote Administration β Remote administration over network
- How to Secure Your SSH Server in 5 Steps β Network service security
- Browse all 205+ free IT cheat sheets
