Network configuration and tools¶
Slides: http://www.cs.put.poznan.pl/ksiek/naps/tools/
GNU/Linux network interfaces¶
A network host is a computer or other device connected to a computer network. A network host may offer information resources, services, and applications to users or other nodes on the network.
A host running Linux can take on one of the following two roles in the network:
- computer – sends and receives network communication
- router – sends, receives, and forwards network communication,
Each host is connected to the network with at least one network adapter (a router is usually connected to two or more). It is a component of the host that connects it to the network physically (via some medium: coaxial cable, radio, twisted pair cable–TP). Also known as: network interface controller (NIC), network interface card, network adapter, LAN adapter, or physical network interface.

Each adapter is associated with specific local networking technology, e.g. Ethernet, FDDI, Token Ring, WLAN, RS232. The technbology specifies what medium is used for connectivity, what protocols and data formats are used to transfer information.
Each network adapter has an associated physical address, also known as a media access control address (MAC), or a hardware address (HWaddr). It is a unique address (usually) assigned by the manufacturer of the network adapter. It is used to communicate with devices within the local network on the low level (OSI Level 2: data link, TCP/IP link layer).
A MAC is a sequence of 6 bytes represented as six groups of two hexadecimal
digits spearated by colons (sometimes by hyphens). E.g.: 01:23:45:67:89:ab
.
Each network adapter is a single physical interface to the network. Each network adapter can also be one or more logical interfaces. A logical interface is used to connect to a logical (higher level) network, such as the Internet. In Linux each logical interface has an associated IP address. Furthermore, a singe network adapter can have several associated IP addresses and act as several logical interfaces.
Each interface (logical as well as physical) is identified by a name. There are two main naming conventions.
“Classical” convention indicating technology. Examples.
eth0
– a physical interface and a single logical interface, adapter no.0
in Ethernet technology.eth0:1
– a physical interface and a logical interface no.1
in Ethernet technology.
Typical device name prefixes:
lo
– loopbacketh
– ethernetwlan
,ath
,wifi
,radio
– wireless adaptersfirewire
,ib
– firewire, infinibanddummy
– dummy adapterbr
,tun
,tap
– (logical) tunnelsit
,tnl
,ppp
,vpn
,gre
– (logical) VPN adapter
Predictable Network Interface Names:
The classic naming scheme for network interfaces applied by the kernel is to simply assign names beginning with “eth0”, “eth1”, ... to all interfaces as they are probed by the drivers. As the driver probing is generally not predictable for modern technology this means that as soon as multiple network interfaces are available the assignment of the names “eth0”, “eth1” and so on is generally not fixed anymore and it might very well happen that “eth0” on one boot ends up being “eth1” on the next. This can have serious security implications, for example in firewall rules which are coded for certain naming schemes, and which are hence very sensitive to unpredictable changing names.
Starting with v197 systemd/udev will automatically assign predictable, stable network interface names for all local Ethernet, WLAN and WWAN interfaces. This is a departure from the traditional interface naming scheme (“eth0”, “eth1”, “wlan0”, ...), but should fix real problems. (from freedesktop.org)
Typical device names:
eno1
sls1
wwp2s0
wlx78e7d1ea46da
ip¶
The basic tool for network configuration is ip from the iproute2
package.
Help: ip [arguments] help
, eg.:
ip addr help
ip link help
Reading the help:
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
ip [ -force ] -batch filename
where OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |
tunnel | tuntap | maddr | mroute | mrule | monitor | xfrm |
netns | l2tp | tcp_metrics | token }
OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
-f[amily] { inet | inet6 | ipx | dnet | bridge | link } |
-4 | -6 | -I | -D | -B | -0 |
-l[oops] { maximum-addr-flush-attempts } |
-o[neline] | -t[imestamp] | -b[atch] [filename] |
-rc[vbuf] [size]}
Arguments for ip
can be shortened. However, we must be careful doing so,
because if there is ambiguity, the command will disambiguate arbitrarily. For
example, instead of ip link show
we can write ip l sh
, but ip l s
will not work, because it executes ip link set
.
Getting more help: man ip
(also works for other commands).
Network adapter configuration¶
Showing the status of the adapter (device)
ip link show
– all adaptersip link show dev eth0
– adapter namedeth0
Turning an adapter on and off:
ip link set dev eth0 up
ip link set dev eth0 down
Questions:
- What adapters are there on your host?
- Which of the adapters are physical links and which are logical?
- Which of the adapters are up and which are down?
- What are the MAC addresses of each of the adapters?
- What technology are the interfaces operating in?
Ethernet network adapter configuration¶
ethtool
is a different tool that gives us low level (physical layer)
information about the adapter.
Information about adapter component:
ethtool eth0
ethtool -S eth0
ethtool -i eth0
Questions:
- What is the device’s medium?
- Is the device connected to the medium?
- What is the maximum speed of the device?
- Does the device support duplex and auto MDI-X?
- How many bytes of information did the adapter send and receive?
- What is a packet? How many packets did the adapter send and receive?

Identify the physical component associated with the interface (by TP port connection):
ethtool -p eth0
Questions:
- Identify all of your network interfaces.
- Which socket on the patch panel are your network interfaces identified with?
- Try disconnecting the cable from the patch panel. Does
ethtool
show it is conencted? Reconnect it when you’re done.
IP address configuration¶
Show IP configuration of interfaces:
ip addr show
– all adaptersip addr show dev eth0
– adaptereth0
Assigning an IP address 10.0.0.1/25
to interface eth0
:
ip addr add dev eth0 10.0.0.1/25
Warning! IP mask must always be specified. If the IP mask is not specified,
it will be set to /32
(which is useless).
Removing an IP address from interface eth0
ip addr del dev eth0 10.0.0.1/25
Removing all addresses of adapter eth0
:
ip addr flush dev eth0
Questions:
- What IP address is your computer using on each interface?
- What is the loopback?
- Assign the address
192.168.1.1/24
to interfacep4p1
.- Assign another address
10.0.0.1/8
to interfacep4p1
. How many logical interfaces are there?- Remove the address
192.168.1.1/24
fromp4p1
.- Remove all addresses from
p4p1
.
The logistics of setting IP addresses¶
Within local networks, as well as within own subnetworks an administrator can assign IP addresses arbitrarily. This is done according to proper subnetting rules.
An administrator can assign IP addresses to hosts statically (manually setting IP addresses to individual hosts).
Another method is to assign addresses via the Dynamic Host Configuration Protocol (DHCP):
- a DHCP client asks a DHCP server for an IP address using a low level protocol (using MAC addresses),
- it broadcasts a request to locate a DHCP server,
- once it locates the server, it sends a request for an IP address assignment to the server,
- the server send back the IP address to the client.
Aa DHCP server can assign temporary addresses, with or without preference for repeated reassignment, and assign addresses statically.
Running a DHCP client:
dhclient
– all interfacesdhclient eth0
– interfaceeth0
Starting a DHCP server (may require configuration):
dhcpd
Questions:
- Remove one of your network adapters’ IP address and try obtaining a new one using a DHCP client. What address did you receive?
Looking at network trafic¶
Sometimes we want to see what’s going on in the network...
wireshark
Questions:
- Record some network trafic (keeping your network card in promiscuous mode).
- Why is the structure of messages nested?
- Record some network traffic while running DHCP client. Find the messages relating to DHCP in the log and trace the protocol.
Connecting computers together¶
Ethernet over twisted pair uses point-to-point connections. In order to connect many computers together we must use a network hub, a network switching hub (a switch), or a router.
Hub¶

Multiport signal regenerator. Every frame received by the hub on one port is retransmitted on all other ports.
This can lead to collisions. We say that all computers that are connected to a hub are in the same collision domain. Collisions need to be handled to prevent corruption of data (CSMA/CD protocol). This is very costly, so collisions are best avoided.
Switch¶

Multiport signal regenerator which selectively retransmits signal.
A switch has a table of MAC addresses. The switch learns MAC addresses by listening to messages passing through it (Transparent Bridging protocol) and uses this information to direct retrasmitions.
Switches prevent collisions, so two computers connected to a switch are in different collision domains. However, they are still connected on a local level and can communicate via MAC addresses: they are in the same broadcast domain.
Router¶

A host that can forward messages between networks.
Two computers connected to the same router are in different networks. They have different broadcast domains and different collision domains.
Is the other computer connected? (ICMP)
ping 150.254.130.130
– any interfaceping -I eth0 150.254.130.130
– specific interface
Questions:
Locate the number of you TP socket at the desk and locate the associated TP socket on the patch panel in the server room.
- Which switch is you host conencted to?
- Which port on the switch?
Connect interface
p4p2
to a different switch (shown by the lab TA).
- Discuss with your colleagues and assign everybody an IP address (in the same network).
- (Manually) assign an IP address to
p4p2
.- Try pinging your colleagues’ hosts.
- Observe the network traffic using
wireshark
.
Exercise¶
Subnet configuration:
- Given a network address of
10.10.0.0/16
create four equal subnets and assing addresses in each subnet to individual students.- Connect the hosts together using interface
p4p1
and a single free switch.- Configure the hosts to properly communicate within subnets.
- Check whether the hosts are communicating properly and resolve problems.
Other useful tools¶
net-tools
package:
- arp
- hostname
- ifconfig
- iptunnel
- netstat
- rarp
- route
iproute2
package (replaces net-tools
):
- ip
- ss
- tc
iputils
package:
- arping
- ping
- ping6
- tracepath
- tracepath6
- traceroute6
- traceroute
- mtr
Installing a package:
zypper install PACKAGE
(on OpenSUSE)apt-get install PACKAGE
(on Debian, Ubuntu, ...)