Skip to content
On this page


The way computers talk to one another.

Every computer on a network has it's own address. IP address -- Internet Protocol

There are ip address ranges that are designated for internal (private) networks.

192.168.1.x is a common one.


What's a good layout for ip assignments? Example documentation

Just use /etc/hosts and keep it around in your configurations repo (e.g. ~/alpha/system/hosts)

Interface Configuration

You need to know a few details about your local network before you configure a static ip.

Network IP range (TODO: network class, CIDR notation) Available IP Gateway DNS

Often it's pretty straightforward to use a GUI.

If you want to configure an interface via a CLI, it's necessary to know where the OS stores the configuration settings. This varies from OS to OS.

Prerequisites (Pi)

On a Raspberry Pi, disable cloud config: To disable cloud-init's network configuration capabilities, write a file /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:

network: {config: disabled}


NetworkManager is the system... well... umm.. managing the network. NetworkManager for administrators NetworkManager - Wikipedia NetworkManager Documentation

It has a cli: nmcli that can be used to modify the network configuration.

This is what allows you to enable wifi on a machine with only a CLI. nmcli: NetworkManager Reference Manual How to Configure Network Connection Using 'nmcli' Tool How to Configure Static IP Address on Ubuntu 22.04 LTS How to Connect to Wi-Fi Through the Linux Terminal With Nmcli


It is very convenient for seeing the status of the network. Dare I say better than ip address?


An alternative way to find the interface in use:

ip address

Use the name that comes after the number, for example:

2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000

eno1 would be the adapter name.

Don't assume eth0 will just work.

Netplan Canonical Netplan

Netplan configuration files are located in /etc/netplan

When editing yaml files, it's easy to make syntax errors. To detect them, you'll want a linter:

sudo apt install yamllint

yamllint /etc/netplan/01-netplan.yaml

Create a new netplan configuration.

cd /etc/netplan
sudo vi 02-main-nic.yaml

add a section like:

      dhcp4: false
      addresses: []
        - to: default
        addresses: [,]

To apply the configuration and have changes take effect, run:

sudo netplan apply 

adapted via Netplan | Backend-agnostic network configuration in YAML


Ping the gateway. If that doesn't work, the configuration is incorrect. Check your settings, your network addresses, etc (is it on a different subnet?)


Copy SSH keys to the new machine

ubuntu gnome 3 change IP - Google Search
How to Configure Networking in GNOME

Configure a firewall

Security, Ports, Firewalls

Common Ports

By convention, common services utilize specific ports to publish and connect to the service. Some examples include:

SSH 22 DNS servers 53 tcp potential trojan (probably dns) ipps 631 Internet Printing Protocol over HTTPS


Firewalls block external traffic from entering internal networks and hosts.

Ubuntu uses ufw. ufw is disabled by default. Enable this first on a new host machine! ๐Ÿ˜ƒ

sudo ufw enable

Then allow the ports that you want to be accessible on your local network

sudo ufw allow 22


See what netfilter rules have been applied with iptables tool

iptables -xvn -L


On a linux machine you can install netstat to see what ports are currently open:

sudo apt install net-tools

netstat -plan 

netstat -pan | egrep " LISTEN "
netstat -tulnp

t โ€“ Show TCP u โ€“ Show UDP l โ€“ Show only listening processes (netstat can show both listening and all established connections, i.e. as a client too) n โ€“ Do not resolve network IP address names or port numbers p โ€“ Show the process name that is listening on the port

Similar to netstat, but the focus is on processes:

`` ss -nutlp

lsof -i


### nmap
To scan open ports from another (external) machine that's on the same network

nmap [ip of machine to scan]

## DNS

To resolve a name associated with an IP address, try nslookup:


To go the other way and find the IP of a configured domain name, `dig` can help:

dig +short

Don't forget!
You can always add the host & ip to your `/etc/hosts` file and then it will resolve and you can test the service before the dns entries propagate! :)

## Traceroute

sudo apt install inetutils-traceroute

## Traffic Analysis

### Wireshark

To see what is happening on a network, use wireshark
Wireshark ยท Go Deep.

    sudo apt install wireshark

To see statistics on TCP connection duration:

'Statistics' -> 'Conversations'

### Other tools  
Looking for an open source Network Traffic Analyzer : networking  
GitHub - robcowart/elastiflow: Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack  
pmacct project: IP accounting iconoclasm  
Manito Networks / flowanalyzer ยท GitLab  
ntop โ€“ High Performance Network Monitoring Solutions based on Open Source and Commodity Hardware.