Advanced Linux Network Commands for DevOps & SRE Engineers
Introduction
For DevOps engineers, SREs, and system administrators, network troubleshooting is a critical skill. Whether diagnosing connectivity issues, optimizing performance, securing networks, or debugging service failures, advanced Linux network commands provide deep visibility into network behaviour.
This guide covers 50 must-know advanced Linux networking commands, ensuring you can debug, optimize, and secure networks like a pro.
1. Basic Network Connectivity Checks and Configurations
1.1 Check if a Host is Reachable with ping
ping -c 5 google.com
- Use Case: Detect packet loss, measure round-trip time, and confirm host availability.
1.2 Verify DNS Resolution with nslookup
nslookup example.com
- Use Case: Check if a domain name resolves correctly.
1.3 Perform Advanced DNS Queries with dig
dig +short A example.com
dig -x 8.8.8.8
dig +trace example.com
- Use Case: Resolve IP addresses and perform reverse lookups. Third command traces full DNS resolution path
1.4 Perform DNS Lookup with host
host example.com
1.5 Important Network Configuration Files
# Custom IP Mapping
$ cat /etc/hosts
# DNS Resolver configuration containing list of Nameserver
$ cat /etc/resolv.conf
# Debian-based Network Interface Configuration
$cat /etc/network/interfaces
2. Network Interface and Routing Analysis using Linux Network Commands
2.1 View IP Addresses with ip addr
ip addr show
- Use Case: List network interfaces and their assigned IPs.
2.2 Check Routing Table with ip route
ip route show
- Use Case: Identify default gateways and active network routes.
2.3 Add a Static Route Manually
ip route add 192.168.2.0/24 via 192.168.1.1
- Use Case: Direct traffic through a specific gateway.
2.4 Identify Interface Statistics with ip -s link
ip -s link show eth0
- Use Case: Monitor Packet Flow or Detect packet loss, dropped packets, and interface errors.
3. Active Network Connections and Port Usage
3.1 List Open Ports with ss
ss -tulnp
- Use Case: Identify processes using network ports.
-t→ TCP connections-u→ UDP connections-l→ Listening ports-n→ No DNS resolution-p→ Show process using the connection
3.2 Find Network Services Running on Specific Ports
netstat -tulnp | grep :80
- Use Case: Detect applications bound to ports.
3.3 Show Established Network Connections
ss -tanp | grep ESTAB
3.4 List Open files and processes using Network Connections
lsof -i :803.5 Test Network Connection to specific port
$ telnet example.com 80
4. Packet Capture and Deep Traffic Inspection using Linux Network Commands
4.1 Capture Network Traffic with tcpdump
tcpdump -i eth0
- Use Case: Monitor live network packets.
4.2 Capture Packets from a Specific Host
tcpdump -i eth0 host 192.168.1.10
tcpdump -i eth0 'tcp[tcpflags] & tcp-syn != 0'
- Use Case: Filter packets from a given IP. Second command captures only TCP SYN packets.
4.3 Save Captured Packets to a File for Analysis
tcpdump -i eth0 -w capture.pcap
- Use Case: Analyze packets in Wireshark.
4.4 Read Captured Packet File
tcpdump -r capture.pcap
- Use Case: Analyze network traffic offline.
4.5 tsark CLI version of Wireshark for packet analysis
tshark -i eth04.6 ngrep Search for patterns in network traffic (Advance Linux Network Commands)
ngrep -d eth0 'GET'
ngrep -d eth0 -W byline 'GET' tcp port 80
ngrep -d eth0 'password|login' tcp- Use Case: Monitor HTTP requests in real time. In third example, ngrep filters network traffic for suspicious keywords
5. Performance and Latency Testing using Linux Network Commands
5.1 Measure Network Latency with mtr
mtr --report google.com
mtr --report-wide -c 100 google.com
- Use Case: Identify packet loss across network paths.
5.2 Test Network Bandwidth with iperf3
iperf3 -s # Run as server
iperf3 -c <server-IP> # Run client test
iperf3 -c <server-IP> -d # Measure bidirectional bandwidth
- Use Case: Measure network speed between two points.
5.3 Monitor Real-Time Bandwidth Usage with iftop
iftop -i eth0
- Use Case: Identify high-bandwidth consumers.
5.4 Monitor Real-Time Bandwidth Usage with bmon
$ bmon -p ens33
6. Web Service and HTTP Debugging using Linux Network Commands
6.1 Fetch HTTP Headers with curl
curl -I https://example.com
- Use Case: Check response codes and headers.
6.2 Test API Endpoints with curl
curl -SLIXGET https:example.com
curl -v telnet://example.com:443
curl -X GET https://api.example.com/data
curl -X POST -d "param=value" https://api.example.com/post
- Use Case: Debug web API requests.
6.3 Download a Web Page or Test website response, or even limit bandwidth usage while downloading with wget
wget https://example.com
wget --spider -S https://example.com
- Use Case: Fetch content from the web.
6.4 Limit bandwidth usage while downloading with wget
$ wget --limit-rate=500k https://example.com/largefile.iso
7. Firewall Troubleshooting
7.1 List Active Firewall Rules with iptables
iptables -L -v -n
- Use Case: Identify blocked ports and allowed traffic.
7.2 Allow HTTP Traffic on Port 80
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
- Use Case: Enable access to web services.
7.3 Block a specific IP address
iptables -A INPUT -s 192.168.1.100 -j DROP
7.4 Check/Update FirewallD Rules on RHEL/CentOS/Alma/Oracle/Rocky Linux
firewall-cmd --list-all
sudo firewall-cmd --add-port=443/tcp --permanent
sudo firewall-cmd --remove-port=8080/tcp --permanent
sudo firewall-cmd --reload
- Use Case: View/update firewall rules dynamically.
7.5 Check UFW Firewall on Debian/Ubuntu
sudo ufw status
sudo ufw enable
sudo ufw allow 22
sudo ufw deny 80
8. Detect Security Threats and Unauthorized Access using Linux Network Commands
8.1 Find Users Logged into the System
w
- Use Case: Check active user sessions.
8.2 View Failed Login Attempts
$ sudo lastb | head -20
- Use Case: Detect brute-force login attempts.
8.3 Monitor Suspicious Network Activity with lsof
lsof -i
- Use Case: Identify unauthorized open connections.
9. Log Analysis for Network Debugging using Linux Network Commands
9.1 Check System Logs for Network Errors
dmesg | grep -i network
dmesg | grep eth0- Use Case: Detect kernel-level network failures.
9.2 Monitor SSH Authentication Logs
$ tail -f /var/log/auth.log | grep "Failed password"
$ grep "Failed password" /var/log/auth.log
- Use Case: Track login attempts.
9.3 Check Network Application Logs/Patterns such as NGINX
$ awk '/pattern/ {print $1}' /var/log/nginx/access.log
$ grep -i "error" /var/log/syslog$ 9.4 Check systemd Logs
$ journalctl -u NetworkManager10. Advanced Network Debugging and Configuration Management using Linux Network Commands
10.1 Compare Current and Previous Routing Tables
diff -u <(ip route) <(cat /etc/network/interfaces)
- Use Case: Detect routing changes.
10.2 Monitor Interface Drops with ethtool
ethtool -S eth0 | grep drop
- Use Case: Identify packet loss.
10.3 Scan a Network for Open Ports with nmap (Fantastic Linux Network Commands)
nmap -Pn -p 80,443,22 192.168.1.0/24
nmap -sP 192.168.1.0/24- Use Case: Detect open services across a subnet.
10.4 Check current SELinux status
$ sestatus- These commands should return:
Enforcing→ SELinux is enabled and enforcing policies.Permissive→ SELinux is enabled but not enforcing (logs violations).Disabled→ SELinux is completely turned off.
10.5 Disable/Enable SELinux
sudo setenforce 0 # Temporarily (Until Reboot)
sudo setenforce 1 # Enable Enforcing mode without Reboot)10.6 Permanently Disable/Enable SELinux
# Disable Permanently:
$ sudo nano /etc/selinux/config
SELINUX=disabled
$ sudo reboot- SELinux Status:
Enforcing→ SELinux is enabled and enforcing policies.Permissive→ SELinux is enabled but not enforcing (logs violations).Disabled→ SELinux is completely turned off.
10.7 List SELinux Policies and Context
$ ls -Z /var/www/html # Check SELinux Policy Modules
$ ps -auxz | grep httpd # Check Process Security Context10.8 Allow a Service Though SELinux
$ sudo semanage port -a -t http_port_t -p tcp 8080-a→ Add a rule.-t http_port_t→ Apply the HTTP service context.-p tcp 8080→ Allow TCP traffic on port 8080.
11. Data Transfer over Network (scp, rsync & tar)
11.1 rsync synchronize files and directories between two locations, either locally or over a network
# Sync File Locally
$ rsync -av /source/directory/ /destination/directory/
# Sync files over SSH
$ rsync -avz -e ssh /source/directory/ /destination/directory/
# Delete Files in Destination That Don't Exist in Source
$ rsync -avz -e ssh /source/directory/ /destination/directory/
- Use Case: Backups, Remote Transfer, Data Migrations.
11.2 tar compress and extract archive files.
# Create a Tarball with gzip
$ tar -czvf archive.tar.gz /path/to/directory
# Extract a Compressed Tarball
$ tar -xzvf archive.tar.gz
# Extract a Compressed Tar Archive directly on the remote server (Not recommended for large datasets)
$ cat archive.tar.gz | ssh user@remote "tar -xzvf - -C /path/to/remote/directory/"
12. Miscellaneous Linux Network Commands
This commands can be useful while looking at various aspects of network:
- ncdu – checks what’s eating up your disk space
- watch – automatically refresh a command every few seconds
- diff – here comparing network settings/configurations
- nc – checks if a remote server is listening on a specific
- whois – Lookup domain Registration Information
- scp – Securely copy files between hosts
$ ncdu /
$ watch -n 5 'netstat -tulnp'
$ diff -u <(ip route) <(cat /etc/network/interfaces) | colordiff
$ nc example.com 80
$ nc -zv example.com 80
$ whois officialai.io
$ scp file.txt [email protected]:~ # Copy file to user's home directory at remoter serverIn addition to Linux Network Commands, Never Forget The One And Only:
And in the end no matter what world says about it, only command a true DevOps /SRE Engineer needs is:
$ man
- Use Case: Prints detail information, flags, options available for each single commands ever built in Linux.
Conclusion
These advanced Linux networking troubleshooting commands are essential for DevOps engineers, SREs, and network administrators. By mastering these tools, you can diagnose connectivity problems, optimize performance, detect security threats, and troubleshoot complex networking issues. Let’s sign off for now with this exclusive guide to troubleshoot, Debug, Diagnose, Optimize and Secure Applications and Infrastructures.
Key Takeaways for Linux Network Commands:
✅ Use ping, mtr, and traceroute for network diagnostics.
✅ Capture packets with tcpdump and ngrep for deep analysis.
✅ Monitor traffic with iftop and iperf3 for bandwidth optimization.
✅ Debug web services using curl, wget, and dig.
✅ Detect intrusions using iptables, lsof, and nmap.
💡 Want More Linux, DevOps & SRE Real-World Tips?
Subscribe to CICDTrail.com newsletter for more real-world insights, trends, tutorials and troubleshooting guides for DevOps, SREs and SDEs or reach out to me for collaboration, partnerships or sponsorships opportunities.
📩 Stay ahead with expert insights SDE, DevOps and SRE trends.
💼 Interested in collaborations, partnerships, or sponsorships? Let’s connect! 🚀
🔥🔗 Bonus: Additional High-Quality Resources for Advanced Linux Networking
Mastering advanced Linux networking commands requires continuous learning and hands-on practice. Here are some amazing and official resources to help you dive deeper into Linux networking, troubleshooting, and security.
📌 Official Links for Linux Network Commands, System Network Configuration & Performance Optimization
✔ Tuning Linux for High-Performance Networking
🔗 https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/performance_tuning_guide/networking
✔ Ubuntu Networking Guide
🔗 https://ubuntu.com/server/docs/network-configuration
✔ Oracle Linux Network Configuration Guide
🔗 https://docs.oracle.com/en/operating-systems/oracle-linux/9/network/index.html
✔ Red Hat Official Documentation (All Versions)
🔗 https://access.redhat.com/documentation/en-us/
