It is almost inconceivable to run a computer in this age without being connected to a network. E-mail, Web browsing, and file sharing are all as expected as printing and viewing information on a screen.
Fortunately, Linux was made for the network from the very beginning. In fact, networking is one of the things that Linux does best. Linux supports the popular networking protocols such as TCP/IP and SMB (NetBIOS). Linux also has sophisticated tools for monitoring and filtering network traffic. Services such as FTP, Windows file and print sharing, and Web serving are available. Linux even provides facilities for centralized directory services, Virtual Private Networking (VPN), and remote procedure calls.
Linux can work with any network hardware for which it has a driver. Linux drivers are compiled into the kernel, either monolithically or as loadable modules. Many popular network cards are supported by default in the Linux kernel. When selecting network hardware, it is always good to use a device listed on the "Hardware Compatibility List" (see Resources for links). Use the most up-to-date version for your Linux distribution.
Generally, if you are using compatible network hardware, your card will
be automatically recognized when you install the system. You can check the
network hardware found on your system by using the
ifconfig command. By default,
ifconfig shows you active network devices. You see
all network devices by adding the
Listing 1. Using ifconfig
refname: ifconfig-a [root@cmw-t30 root]# ifconfig -a eth0 Link encap:Ethernet HWaddr 00:09:6B:60:8B:1E inet addr:22.214.171.124 Bcast:126.96.36.199 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:47255 errors:0 dropped:0 overruns:0 frame:0 TX packets:32949 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:22140365 (21.1 Mb) TX bytes:13519623 (12.8 Mb) Interrupt:11 Base address:0xf000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1308081 errors:0 dropped:0 overruns:0 frame:0 TX packets:1308081 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:183376967 (174.8 Mb) TX bytes:183376967 (174.8 Mb)
In the listing above, there is only one network card in the system,
identified as eth0. The
lo adapter is a loopback, used by Linux to
talk to itself. We'll look more at the
Network device names
When they are configured, Linux network devices are given aliases, which consist of a descriptive abbreviation and a number. The first device of a type is numbered 0, and the others are numbered 1, 2, 3, etc. The following naming conventions are used. The information is taken from the Linux Network Administrator's Guide (see the Resources section at the end of this article for links).
- eth0, eth1 ...
These are the Ethernet card interfaces. They are used for most Ethernet cards, including many of the parallel port Ethernet cards.
- tr0, tr1 ...
These are the Token Ring card interfaces. They are used for most Token Ring cards, including non-IBM manufactured cards.
- s10, s11 ...
These are the SLIP interfaces. SLIP interfaces are associated with serial lines in the order in which they are allocated for SLIP.
- ppp0, ppp1 ...
These are the PPP interfaces. Just like SLIP interfaces, a PPP interface is associated with a serial line once it is converted to PPP mode.
- plip0. plip1 ...
These are the PLIP interfaces. PLIP transports IP datagrams over parallel lines. The interfaces are allocated by the PLIP driver at system boot time and are mapped onto parallel ports. In the 2.0.x kernels, there is a direct relationship between the device name and the I/O port of the parallel port, but in later kernels, the device names are allocated sequentially, just as for SLIP and PPP devices.
- ax0, ax1 ...
These are the AX.25 interfaces. AX.25 is the primary protocol used by amateur radio operators. AX.25 interfaces are allocated and mapped in a similar fashion to SLIP devices.
There are many other types of interfaces available for other network drivers. We've listed only the most common ones.
Since Ethernet is the most common configuration, we will focus on that. For more information about other kinds of connections, see the Resources at the end of this article.
When you installed your distribution of Linux, the networking was configured. You probably already have an active eth0 from that initial configuration. This configuration is probably adequate for your use right now, but you may need to make changes over time. We will cover different configuration items related to IP networking and the files and tools for working with them.
Webmin offers a good set of network configuration tools under Networking, Network Configuration. You can configure individual interfaces and adjust their current settings or their saved settings. Also the Routing and Gateways, DNS Client settings, and local host addresses can be configured. Once all of the configurations have been edited, you can apply them by clicking Apply Configuration. Rebooting the system is not necessary.
Each distribution has its own tools for configuring network settings. You should consult your particular distribution's documentation to see what it uses. Each tool provides essentially the same configuration options as the Webmin tool. Some of them may provide options specific to the distribution.
Figure 1. Red Hat 8.x and 9.x use the redhat-config-network tool
Figure 2. SuSE and United Linux use the YAST tool
Manual configuration is also possible, but it is a very deep subject. Please refer to your distribution documentation and the Resources at the end of this article for information about manual network configuration.
Tools to analyze and monitor
Linux comes with many tools to monitor networking tasks.
We used the
ifconfig command above to see the
status of the ethernet card. However,
can configure devices as well as report on them. Suppose you want to set
up a temporary network configuration for testing. You could edit the
configuration through the distribution tool, but you would need to note
all of the settings to put it back when you're done. By using
ifconfig, we can configure the card quickly without
touching the saved settings:
ipconfig eth0 192.168.13.13 netmask 255.255.255.0 up
The command above will set eth0 to the address 192.168.13.13 with a Class C IP address and make sure that it is up.
ipconfig eth0 down
The command above will shut down the eth0 device. See the
info ifconfig page for full details on using
To activate and deactivate network devices using their saved configurations, use
# Bring up eth0 using the saved configuration
# Shut down eth0
netstat console command to print
network connections, routing tables, interface statistics, masquerade
connections, and multicast memberships.
netstat has several command line switches to control
its function. Here are some of the common ones:
Printing network status
|Shows the PID and name of the program to which each socket belongs|
|Shows both listening and non-listening sockets|
|Shows TCP connections|
|Shows UDP connections|
|Displays additional information; use this option twice for maximum detail|
Here's an example of
Listing 2. Using netstat
[root@cmw-t30 root]# netstat -tp Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:29000 *:* LISTEN 2389/attvpnctl tcp 0 0 *:10000 *:* LISTEN 5945/perl tcp 0 0 *:x11 *:* LISTEN 1120/X tcp 0 0 *:ftp *:* LISTEN 724/xinetd tcp 0 0 *:ssh *:* LISTEN 710/sshd tcp 0 0 *:ipp *:* LISTEN 797/cupsd tcp 0 0 *:505 *:* LISTEN 1043/rcd tcp 0 0 localhost.localdoma:ipp localhost.localdo:32772 ESTABLISHED 797/cupsd tcp 0 0 sig-9-65-39-140.m:44916 sdoprods2.austin.i:1352 TIME_WAIT - tcp 0 0 10.100.100.101:33020 188.8.131.52:5190 ESTABLISHED 1433/gaim tcp 0 0 localhost.localdo:44954 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 localhost.localdo:44955 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 localhost.localdo:44897 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 localhost.localdo:44902 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 localhost.localdo:44903 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 localhost.localdo:44900 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 localhost.localdo:44901 localhost.localdoma:ipp TIME_WAIT - tcp 0 0 10.100.100.101:44888 cs9336-61.austin.r:pop3 TIME_WAIT - tcp 0 0 localhost.localdo:32772 localhost.localdoma:ipp ESTABLISHED 1246/gnome-cups-man tcp 1 0 localhost.localdo:32774 localhost.localdoma:ipp CLOSE_WAIT 1246/gnome-cups-man tcp 0 0 10.100.100.101:33019 cs46.msg.sc5.yahoo:5050 ESTABLISHED 1433/gaim tcp 0 0 sig-9-65-39-140.m:35061 d03nm119.boulder.i:1352 CLOSE_WAIT 1720/wineserver tcp 0 0 10.100.100.101:33021 184.108.40.206:5190 ESTABLISHED 1433/gaim
netstat most often to view connections
that are in the LISTEN or ESTABLISHED states. LISTEN are the services on
your system that are accepting connections from other machines.
ESTABLISHED are the active connections between your machine and others.
Make sure you know all of the LISTEN programs that are running. If you
see something you don't recognize, it could be a security concern.
netstat has many options. Type
info netstat at the command line for details.
route console command lets you show
and manipulate the IP routing table.
Listing 3. Using route
[root@cmw-t30 plugins]# route|grep -v ipsec Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 220.127.116.11 10.100.100.1 255.255.255.255 UGH 0 0 0 eth1 10.100.100.0 * 255.255.255.0 U 0 0 0 eth1 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 10.100.100.1 0.0.0.0 UG 0 0 0 eth1
route with no switches will show the
current routing table. You can make very elaborate changes to the routing
route add default gw 10.10.10.1
The above command adds a default route (which will be used if no other route matches). All packets using this route will be gatewayed through "10.10.10.1". The device that will actually be used for that route depends on how we can reach "10.10.10.1" -- the static route to "10.10.10.1" will have to be set up before.
route add -net 18.104.22.168 netmask 255.255.255.0 dev eth0
The above command adds a route to the network 192.56.76.x via "eth0." The Class C netmask modifier is not really necessary here because 192.* is a Class C IP address. The word "dev" can be omitted here.
Routing is a very deep subject. Full information about the
route options is available with
Linux was designed for networking from the start. It has built into it
sophisticated functions that were previously found only on high-end
enterprise offerings. However, even
with all of this power, configuration of Linux networking is no
more complex than configuration in Windows. Tools such as Webmin,
redhat-config-network, and YAST allow graphical configuration. Tools such
route allow viewing and modification of network
parameters from the console or scripts. Tools such as
netstat allow viewing of individual network
connections and show their relationships to running processes.
- Check out the other parts in the Windows-to-Linux roadmap series (developerWorks, November 2003).
- The online Linux Network Administrator's Guide, Second Edition is a single reference for network administration in a Linux environment. Beginners and experienced users alike will find the information on nearly all important administration activities required to manage a Linux network configuration.
- The Linux Ethernet HOWTO has information about which ethernet devices can be used for Linux, and how to set them up (with a focus on the hardware and low-level driver aspect of the ethernet cards).
- The Linux Documentation Project also has a list of HOWTOs by category to help you find relevant documentation easily.
- Hardware Control Lists include the Red Hat Hardware search page, the SuSE Linux Component DataBase, and the UnitedLinux Certified and Compatible Hardware.
- System security is a vast and complex topic, but in an interconnected world, it affects everyone. Luckily, it is never too early nor too late to get started with it. The documents Adding Security to Common Linux Distributions and Strategies for Keeping a Secure Server (which is the twelfth chapter from the earlier referenced Linux Administration Made Easy guide) will help you to do just that.
- The IBM developerWorks article "Linux hardware stability guide" shows you how to diagnose and fix many potential hardware troubles.
- Learn more about networking in the IBM developerWorks articles "Sharing computers on a Linux (or heterogeneous) network" and "Setting up a Local Area Network".
- Emulate Cisco behavior by following the IBM developerWorks article "Build a network router on Linux".
- Employ better security -- the IBM developerWorks article "Connect securely with ssh" shows you how.
- Another great resource for those transitioning from Windows to Linux is the Technical FAQ for Linux users.
- For getting started with IBM software on Linux, there's no better resource than the Speed-start your Linux app page. You'll find installation tips and links to resources for DB2, Lotus Domino, WebSphere Application Server, WebSphere Studio, and more. You can also sign up to receive a Linux Software Evaluation Kit, containing trial software and training resources.
- Find more resources for Linux developers in the developerWorks Linux zone.
Dig deeper into Linux on developerWorks
Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.
Experiment with new directions in software development.
Software development in the cloud. Register today to create a project.
Evaluate IBM software and solutions, and transform challenges into opportunities.