PRACTICAL NO.

Use basic networking commands in Linux (ping, tracert, nslookup,

netstat, ARP, RARP, ip, ifconfig, dig, route )
1. ifconfig
Linux ifconfig stands for interface configurator. It is one of the most basic commands used in
network inspection.

ifconfig is used to initialize an interface, configure it with an IP address, and enable or disable
it. It is also used to display the route and the network interface.

Basic information displayed upon using ifconfig are:

1. IP address
2. MAC address
3. MTU(Maximum Transmission Unit)

• To get all the details using ifconfig

Syntax:

Ifconfig

Output:

This picture shows the IP address of 3 networks, Ethernet, local network, and WLAN.

• To get details of specific interface

Using this command, you can get details of a specific interface. This is shown below.

Commands:

ifconfig eth0
ifconfig lo
ifconfig wlan0
2. ip

This is the latest and updated version of ifconfig command.

Syntax:

1. ip a
2. ip addr

This command gives the details of all networks like ifconfig.

This command can also be used to get the details of a specific interface.

Commands to get details are:

Syntax:

ip a show eth0
ip a show lo
ip a show wlan0

3.traceroute

Linux traceroute is one of the most useful commands in networking. It is used to troubleshoot
the network. It detects the delay and determines the pathway to your target. It basically helps
in the following ways:

1. It provides the names and identifies every device on the path.

2. It follows the route to the destination
3. It determines where the network latency comes from and reports it.

traceroute <destination>

If you don't have the traceroute service installed in your system, you can install it using the
following command:

sudo apt-get install inetutils-traceroute

Example:

Command:

$ traceroute google.com

The output provides the following information:

 1. The specified hostname
2. Size of the packets
3. The maximum number of hops required.
4. The IP address.

4. ping

Linux ping is one of the most used network troubleshooting commands. It basically checks for
the network connectivity between two nodes.

ping stands for Packet INternet Groper.

The ping command sends the ICMP echo request to check the network connectivity.

It keeps executing until it is interrupted.

Use Ctrl+C Key to interrupt the execution.

Syntax:

ping <destination>

Example:

Command:

$ ping google.com
 5. netstat

Linux netstat command refers to the network statistics.

It provides statistical figures about different interfaces which include open sockets, routing
tables, and connection information.

Syntax:

netstat

Output:

Observe the output displaying all the open sockets.

Variations in netstat command

Below are few variations of the netstat command used.

1) To display the programs

Syntax:

netstat -a

This displays the programs associated with the open socket

2) To get the details of the ports

Syntax:

netstat -at

This gives detailed statistics of all the ports.

3) To get the information of the routing table

Syntax:

netstat -au

This gives information related to the routing table.

 6. dig

Linux dig command stands for Domain Information Groper. This command is used in DNS
lookup to query the DNS name server. It is also used to troubleshoot DNS related issues.

It is mainly used to verify DNS mappings, MX Records, host addresses, and all other DNS
records for a better understanding of the DNS topography.

This command is an improvised version of nslookup command.

Syntax:

dig <domainName>

Example:

$ dig google.com

Output:

dig command outputs the A records by default. If you want to specifically search for MX or
NS type, use the syntax below.

Command:

$ dig google.com MX

• To get all types of records at once, use the keyword ANY ass below:
Command:

$ dig google.com ANY

The dig command does the query on the servers listed in /etc/resolv.conf.

7. nslookup
Linux nslookup is also a command used for DNS related queries. It is the older version of dig.

Syntax:

nslookup <domainName>

Example:

nslookup google.com

Output:

As we see in the output above, it displays the record information relating to

google.com

8. route

Linux route command displays and manipulates the routing table existing for your system.

A router is basically used to find the best way to send the packets across to a destination.

Syntax:

Route
Output:

The above output displays all the existing routing table entries for the system. It says that if the
destination address is within the network range of 10.0.0.0 to 10.0.0.255, then the gateway is
*, which 0.0.0.0. This is a special address that indicates a non-existent destination.

The packets which lie outside this network range will be forwarded to the default gateway,
which is further routed.

• Displaying numerical IP address

You can use -n in the option in the syntax to display the output incomplete numerical form.

Syntax:

route -n

• To add a gateway

The packets that are not within the range are forwarded to the specific gateway. You can specify
the gateway address using the following command.

Syntax:

route add default gw <IP address>

• To get routing information

The kernel maintains all the routing cache information in a table for faster routing. To list the
routing cache information, use the following command,

Syntax:

route –Cn
 9. arp

Linux arp command stands for Address Resolution Protocol. It is used to view and add content
to the kernel's ARP table.

Syntax:

Arp

All the systems maintain a table of IP addresses and their corresponding MAC addresses. This
table is called the ARP Lookup table. When a destination is requested to connect through IP
address, your router will check for the MAC address in this table. If it is cached, the table will
not be used.

By default, arp displays the hostnames. You can get the IP addresses, by using :

Command:

$ arp –s