Windows-to-Linux roadmap: Part 7. Networking

A quick guide to Linux networking

IBM e-business architect Chris Walden is your guide through a nine-part developerWorks series on moving your operational skills from a Windows to a Linux environment. He covers everything from logging to networking, and from the command-line to help systems -- even compiling packages from available source code. In this part, we explore networking, which is one of the things that Linux does best.

Chris Walden, e-business Architect, IBM

Chris Walden is an e-business Architect for IBM Developer Relations Technical Consulting in Austin, Texas, providing education, enablement, and consulting to IBM Business Partners. He is the official Linux fanatic on his hallway and does his best to spread the good news to all who will hear it. In addition to his architect duties, he manages the area's all-Linux infrastructure servers, which include file, print, and other application services in a mixed-platform user environment. Chris has ten years of experience in the computer industry ranging from field support to Web application development and consulting.



11 November 2003

Also available in Russian Japanese

It is almost inconceivable to run a computer in this age without being connected to a network. E-mail, Web browsing, and file sharing are all as expected as printing and viewing information on a screen.

Fortunately, Linux was made for the network from the very beginning. In fact, networking is one of the things that Linux does best. Linux supports the popular networking protocols such as TCP/IP and SMB (NetBIOS). Linux also has sophisticated tools for monitoring and filtering network traffic. Services such as FTP, Windows file and print sharing, and Web serving are available. Linux even provides facilities for centralized directory services, Virtual Private Networking (VPN), and remote procedure calls.

Network hardware

Linux can work with any network hardware for which it has a driver. Linux drivers are compiled into the kernel, either monolithically or as loadable modules. Many popular network cards are supported by default in the Linux kernel. When selecting network hardware, it is always good to use a device listed on the "Hardware Compatibility List" (see Resources for links). Use the most up-to-date version for your Linux distribution.

Generally, if you are using compatible network hardware, your card will be automatically recognized when you install the system. You can check the network hardware found on your system by using the ifconfig command. By default, ifconfig shows you active network devices. You see all network devices by adding the -a switch:

Listing 1. Using ifconfig
refname: ifconfig-a

[root@cmw-t30 root]#  ifconfig -a 
eth0      Link encap:Ethernet  HWaddr 00:09:6B:60:8B:1E
          inet addr:9.41.209.160  Bcast:9.41.209.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:47255 errors:0 dropped:0 overruns:0 frame:0
          TX packets:32949 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:22140365 (21.1 Mb)  TX bytes:13519623 (12.8 Mb)
          Interrupt:11 Base address:0xf000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1308081 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1308081 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:183376967 (174.8 Mb)  TX bytes:183376967 (174.8 Mb)

In the listing above, there is only one network card in the system, identified as eth0. The lo adapter is a loopback, used by Linux to talk to itself. We'll look more at the ifconfig command later.

Network device names

When they are configured, Linux network devices are given aliases, which consist of a descriptive abbreviation and a number. The first device of a type is numbered 0, and the others are numbered 1, 2, 3, etc. The following naming conventions are used. The information is taken from the Linux Network Administrator's Guide (see the Resources section at the end of this article for links).

  • eth0, eth1 ...
    These are the Ethernet card interfaces. They are used for most Ethernet cards, including many of the parallel port Ethernet cards.
  • tr0, tr1 ...
    These are the Token Ring card interfaces. They are used for most Token Ring cards, including non-IBM manufactured cards.
  • s10, s11 ...
    These are the SLIP interfaces. SLIP interfaces are associated with serial lines in the order in which they are allocated for SLIP.
  • ppp0, ppp1 ...
    These are the PPP interfaces. Just like SLIP interfaces, a PPP interface is associated with a serial line once it is converted to PPP mode.
  • plip0. plip1 ...
    These are the PLIP interfaces. PLIP transports IP datagrams over parallel lines. The interfaces are allocated by the PLIP driver at system boot time and are mapped onto parallel ports. In the 2.0.x kernels, there is a direct relationship between the device name and the I/O port of the parallel port, but in later kernels, the device names are allocated sequentially, just as for SLIP and PPP devices.
  • ax0, ax1 ...
    These are the AX.25 interfaces. AX.25 is the primary protocol used by amateur radio operators. AX.25 interfaces are allocated and mapped in a similar fashion to SLIP devices.

There are many other types of interfaces available for other network drivers. We've listed only the most common ones.

Since Ethernet is the most common configuration, we will focus on that. For more information about other kinds of connections, see the Resources at the end of this article.


Network configuration

When you installed your distribution of Linux, the networking was configured. You probably already have an active eth0 from that initial configuration. This configuration is probably adequate for your use right now, but you may need to make changes over time. We will cover different configuration items related to IP networking and the files and tools for working with them.

Webmin

Webmin offers a good set of network configuration tools under Networking, Network Configuration. You can configure individual interfaces and adjust their current settings or their saved settings. Also the Routing and Gateways, DNS Client settings, and local host addresses can be configured. Once all of the configurations have been edited, you can apply them by clicking Apply Configuration. Rebooting the system is not necessary.

Localhost

The local host addresses are contained in /etc/hosts. This file is equivalent to the C:\winnt\system32\drivers\etc\hosts file. Entries show aliases for IP addresses and are used to assign names without having to consult a DNS.

127.0.0.1 localhost.localdomain localhost
10.10.10.10 cmw-t30

Distribution tools

Each distribution has its own tools for configuring network settings. You should consult your particular distribution's documentation to see what it uses. Each tool provides essentially the same configuration options as the Webmin tool. Some of them may provide options specific to the distribution.

Figure 1. Red Hat 8.x and 9.x use the redhat-config-network tool
Figure 1. Red Hat 8.x and 9.x use the redhat-config-network tool
Figure 2. SuSE and United Linux use the YAST tool
Figure 2. SuSE and United Linux use the YAST tool

Manual configuration is also possible, but it is a very deep subject. Please refer to your distribution documentation and the Resources at the end of this article for information about manual network configuration.


Tools to analyze and monitor

Linux comes with many tools to monitor networking tasks.

ifconfig
We used the ifconfig command above to see the status of the ethernet card. However, ifconfig can configure devices as well as report on them. Suppose you want to set up a temporary network configuration for testing. You could edit the configuration through the distribution tool, but you would need to note all of the settings to put it back when you're done. By using ifconfig, we can configure the card quickly without touching the saved settings:

ipconfig eth0 192.168.13.13 netmask 255.255.255.0 up

The command above will set eth0 to the address 192.168.13.13 with a Class C IP address and make sure that it is up.

ipconfig eth0 down

The command above will shut down the eth0 device. See the info ifconfig page for full details on using ifconfig.

ifup/ifdown
To activate and deactivate network devices using their saved configurations, use ifup and ifdown, respectively.

# Bring up eth0 using the saved configuration
ifup eth0

# Shut down eth0
ifdown eth0

netstat
Use the netstat console command to print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. netstat has several command line switches to control its function. Here are some of the common ones:

Printing network status
SwitchFunction
netstat -pShows the PID and name of the program to which each socket belongs
netstat -aShows both listening and non-listening sockets
netstat -tShows TCP connections
netstat -uShows UDP connections
netstat -eDisplays additional information; use this option twice for maximum detail

Here's an example of netstat -tp:

Listing 2. Using netstat
[root@cmw-t30 root]# netstat -tp
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
PID/Program name
tcp        0      0 localhost.localdo:29000 *:*                     LISTEN
2389/attvpnctl
tcp        0      0 *:10000                 *:*                     LISTEN
5945/perl
tcp        0      0 *:x11                   *:*                     LISTEN
1120/X
tcp        0      0 *:ftp                   *:*                     LISTEN
724/xinetd
tcp        0      0 *:ssh                   *:*                     LISTEN
710/sshd
tcp        0      0 *:ipp                   *:*                     LISTEN
797/cupsd
tcp        0      0 *:505                   *:*                     LISTEN
1043/rcd
tcp        0      0 localhost.localdoma:ipp localhost.localdo:32772 ESTABLISHED
797/cupsd
tcp        0      0 sig-9-65-39-140.m:44916 sdoprods2.austin.i:1352 TIME_WAIT
-
tcp        0      0 10.100.100.101:33020    64.12.29.100:5190       ESTABLISHED
1433/gaim
tcp        0      0 localhost.localdo:44954 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 localhost.localdo:44955 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 localhost.localdo:44897 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 localhost.localdo:44902 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 localhost.localdo:44903 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 localhost.localdo:44900 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 localhost.localdo:44901 localhost.localdoma:ipp TIME_WAIT
-
tcp        0      0 10.100.100.101:44888    cs9336-61.austin.r:pop3 TIME_WAIT
-
tcp        0      0 localhost.localdo:32772 localhost.localdoma:ipp ESTABLISHED
1246/gnome-cups-man
tcp        1      0 localhost.localdo:32774 localhost.localdoma:ipp CLOSE_WAIT
1246/gnome-cups-man
tcp        0      0 10.100.100.101:33019    cs46.msg.sc5.yahoo:5050 ESTABLISHED
1433/gaim
tcp        0      0 sig-9-65-39-140.m:35061 d03nm119.boulder.i:1352 CLOSE_WAIT
1720/wineserver
tcp        0      0 10.100.100.101:33021    64.12.30.4:5190         ESTABLISHED
1433/gaim

I use netstat most often to view connections that are in the LISTEN or ESTABLISHED states. LISTEN are the services on your system that are accepting connections from other machines. ESTABLISHED are the active connections between your machine and others. Make sure you know all of the LISTEN programs that are running. If you see something you don't recognize, it could be a security concern. netstat has many options. Type info netstat at the command line for details.

route
The route console command lets you show and manipulate the IP routing table.

Listing 3. Using route
[root@cmw-t30 plugins]# route|grep -v ipsec
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
204.146.24.42   10.100.100.1    255.255.255.255 UGH   0      0        0 eth1
10.100.100.0    *               255.255.255.0   U     0      0        0 eth1
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         10.100.100.1    0.0.0.0         UG    0      0        0 eth1

Running route with no switches will show the current routing table. You can make very elaborate changes to the routing table using route.

route add default gw 10.10.10.1

The above command adds a default route (which will be used if no other route matches). All packets using this route will be gatewayed through "10.10.10.1". The device that will actually be used for that route depends on how we can reach "10.10.10.1" -- the static route to "10.10.10.1" will have to be set up before.

route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0

The above command adds a route to the network 192.56.76.x via "eth0." The Class C netmask modifier is not really necessary here because 192.* is a Class C IP address. The word "dev" can be omitted here.

Routing is a very deep subject. Full information about the route options is available with info route.


Summary

Linux was designed for networking from the start. It has built into it sophisticated functions that were previously found only on high-end enterprise offerings. However, even with all of this power, configuration of Linux networking is no more complex than configuration in Windows. Tools such as Webmin, redhat-config-network, and YAST allow graphical configuration. Tools such as ifconfig and route allow viewing and modification of network parameters from the console or scripts. Tools such as netstat allow viewing of individual network connections and show their relationships to running processes.

Resources

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Linux on developerWorks


static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Linux
ArticleID=11355
ArticleTitle=Windows-to-Linux roadmap: Part 7. Networking
publish-date=11112003