Skip to content
On this page

Networking

The way computers talk to one another.

Every computer on a network has it's own address. IP address -- Internet Protocol

There are ip address ranges that are designated for internal (private) networks.

192.168.1.x is a common one.

Documenting

What's a good layout for ip assignments? Example documentation

Just use /etc/hosts and keep it around in your configurations repo (e.g. ~/alpha/system/hosts)

Interface Configuration

You need to know a few details about your local network before you configure a static ip.

Network IP range (TODO: network class, CIDR notation) Available IP Gateway DNS

Often it's pretty straightforward to use a GUI.

If you want to configure an interface via a CLI, it's necessary to know where the OS stores the configuration settings. This varies from OS to OS.

Prerequisites (Pi)

On a Raspberry Pi, disable cloud config: To disable cloud-init's network configuration capabilities, write a file /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:

network: {config: disabled}

NetworkManager

NetworkManager is the system... well... umm.. managing the network.

https://networkmanager.dev/docs/admins/ NetworkManager for administrators https://en.wikipedia.org/wiki/NetworkManager NetworkManager - Wikipedia https://www.networkmanager.dev/ NetworkManager https://www.networkmanager.dev/docs/ Documentation

It has a cli: nmcli that can be used to modify the network configuration.

This is what allows you to enable wifi on a machine with only a CLI.

https://networkmanager.dev/docs/api/latest/nmcli.html nmcli: NetworkManager Reference Manual

https://www.tecmint.com/nmcli-configure-network-connection/ How to Configure Network Connection Using 'nmcli' Tool https://www.makeuseof.com/configure-static-ip-address-settings-ubuntu-22-04/ How to Configure Static IP Address on Ubuntu 22.04 LTS https://www.makeuseof.com/connect-to-wifi-with-nmcli/ How to Connect to Wi-Fi Through the Linux Terminal With Nmcli

Interfaces

It is very convenient for seeing the status of the network. Dare I say better than ip address?

nmcli

An alternative way to find the interface in use:

ip address

Use the name that comes after the number, for example:

2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000

eno1 would be the adapter name.

Don't assume eth0 will just work.

Netplan

https://netplan.io/ Canonical Netplan

Netplan configuration files are located in /etc/netplan

When editing yaml files, it's easy to make syntax errors. To detect them, you'll want a linter:

sudo apt install yamllint

yamllint /etc/netplan/01-netplan.yaml

https://unix.stackexchange.com/questions/681220/netplan-generate-gateway4-has-been-deprecated-use-default-routes-instead

Create a new netplan configuration.

cd /etc/netplan
sudo vi 02-main-nic.yaml

add a section like:

network:
  ethernets:
    eno1:
      dhcp4: false
      addresses: [192.168.1.234/24]
      routes:
        - to: default
          via: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8, 4.2.2.2]

To apply the configuration and have changes take effect, run:

sudo netplan apply 

adapted via

https://netplan.io/examples/ Netplan | Backend-agnostic network configuration in YAML

Troubleshooting

Ping the gateway. If that doesn't work, the configuration is incorrect. Check your settings, your network addresses, etc (is it on a different subnet?)

ping 192.168.1.1

Copy SSH keys to the new machine

GUI

https://www.google.com/search?q=ubuntu+gnome+3+change+IPs
ubuntu gnome 3 change IP - Google Search
https://www.lifewire.com/how-to-configure-networking-in-gnome-4682592
How to Configure Networking in GNOME

Configure a firewall

Security, Ports, Firewalls

Common Ports

By convention, common services utilize specific ports to publish and connect to the service. Some examples include:

SSH 22 DNS servers 53 tcp potential trojan (probably dns) ipps 631 Internet Printing Protocol over HTTPS

Firewall

Firewalls block external traffic from entering internal networks and hosts.

Ubuntu uses ufw. ufw is disabled by default. Enable this first on a new host machine! ๐Ÿ˜ƒ

sudo ufw enable

Then allow the ports that you want to be accessible on your local network

sudo ufw allow 22

https://ubuntu.com/server/docs/security-firewall

iptables

See what netfilter rules have been applied with iptables tool

iptables -xvn -L

netstat

On a linux machine you can install netstat to see what ports are currently open:

sudo apt install net-tools

netstat -plan 

netstat -pan | egrep " LISTEN "
    
netstat -tulnp

t โ€“ Show TCP u โ€“ Show UDP l โ€“ Show only listening processes (netstat can show both listening and all established connections, i.e. as a client too) n โ€“ Do not resolve network IP address names or port numbers p โ€“ Show the process name that is listening on the port

Similar to netstat, but the focus is on processes:

`` ss -nutlp

lsof -i


via: 
https://www.thegeekdiary.com/centos-rhel-how-to-find-if-a-network-port-is-open-or-not/

### nmap
    
To scan open ports from another (external) machine that's on the same network

nmap [ip of machine to scan]




## DNS

To resolve a name associated with an IP address, try nslookup:

nslookup 129.79.5.100


To go the other way and find the IP of a configured domain name, `dig` can help:

dig +short unix.stackexchange.com


Don't forget!
You can always add the host & ip to your `/etc/hosts` file and then it will resolve and you can test the service before the dns entries propagate! :)


## Traceroute

sudo apt install inetutils-traceroute




## Traffic Analysis

### Wireshark

To see what is happening on a network, use wireshark

https://www.wireshark.org/
Wireshark ยท Go Deep.

    sudo apt install wireshark

https://jvns.ca/blog/2018/06/19/what-i-use-wireshark-for/

To see statistics on TCP connection duration:

'Statistics' -> 'Conversations'

### Other tools

https://www.reddit.com/r/networking/comments/78mtfj/looking_for_an_open_source_network_traffic/  
Looking for an open source Network Traffic Analyzer : networking  

https://github.com/robcowart/elastiflow  
GitHub - robcowart/elastiflow: Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack  
http://pmacct.net/  
pmacct project: IP accounting iconoclasm  
https://gitlab.com/thart/flowanalyzer  
Manito Networks / flowanalyzer ยท GitLab  
https://www.ntop.org/  
ntop โ€“ High Performance Network Monitoring Solutions based on Open Source and Commodity Hardware.