Practice Exercise: Networking Configuration and Tools

Objectives

• Explore networking configuration on a Linux system.
• Learn how to use various networking tools to troubleshoot and manage network connections.

Scenario

As a Linux enthusiast, understanding networking configuration and tools is crucial for managing network connections and troubleshooting network issues. This exercise will help you practice key networking concepts and tools commonly used in Linux.

Tasks

Task 1: Display ARP Cache

• Use the arp command to display the ARP cache table.
• Identify the MAC addresses associated with IP addresses in the cache.

  [intern@intern-a1t-inf-lnx1 ~]$ arp
  Address                  HWtype  HWaddress           Flags Mask            Iface
  gw-li2013.linode.com     ether   00:00:0c:9f:f0:08   C                     eth0
  

Task 2: Trace Route to a Host

• Use the traceroute command to trace the route to a remote host, e.g., traceroute linux.org.
• Examine the list of hops between your system and the remote host.

  [intern@intern-a1t-inf-lnx1 ~]$ traceroute linux.org
  traceroute to linux.org (172.67.73.26), 30 hops max, 60 byte packets
   1  10.209.3.88 (10.209.3.88)  0.256 ms  0.241 ms  0.238 ms
   2  10.209.35.54 (10.209.35.54)  0.232 ms  0.227 ms  0.220 ms
   3  10.209.32.2 (10.209.32.2)  0.207 ms 10.209.32.1 (10.209.32.1)  3.817 ms  3.813 ms
   4  lo0-0.gw2.sin1.sg.linode.com (139.162.0.102)  0.537 ms lo0-0.gw1.sin1.sg.linode.com (139.162.0.101)  0.328 ms lo0-0.gw2.sin1.sg.linode.com (139.162.0.102)  0.300 ms
   5  ae25.r02.sin01.ien.netarch.akamai.com (23.56.138.24)  0.473 ms  0.455 ms  0.456 ms
   6  * * *
   7  93.186.133.94 (93.186.133.94)  0.716 ms cloudflare-ic-350354.ip.twelve99-cust.net (62.115.181.151)  1.270 ms 93.186.133.94 (93.186.133.94)  0.687 ms
   8  93.186.133.17 (93.186.133.17)  1.139 ms 93.186.133.93 (93.186.133.93)  1.223 ms *
   9  172.67.73.26 (172.67.73.26)  1.254 ms *  0.946 ms
  

Task 3: Check Listening Ports

• Use the netstat or ss command to display a list of listening ports on your system.
• Identify which services are listening on specific ports.
• Note any suspicious or unexpected ports.

  [intern@intern-a1t-inf-lnx1 ~]$ netstat -ln
  Active Internet connections (only servers)
  Proto Recv-Q Send-Q Local Address           Foreign Address         State
  tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN
  tcp        0      0 127.0.0.1:10248         0.0.0.0:*               LISTEN
  tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
  tcp6       0      0 :::37579                :::*                    LISTEN
  tcp6       0      0 :::10250                :::*                    LISTEN
  tcp6       0      0 :::22                   :::*                    LISTEN
  udp        0      0 127.0.0.53:53           0.0.0.0:*
  udp        0      0 192.168.64.2:68         0.0.0.0:*
  udp6       0      0 fe80::f0d0:95ff:fe0:546 :::*
  raw6       0      0 :::58                   :::*                    7
  Active UNIX domain sockets (only servers)
  Proto RefCnt Flags       Type       State         I-Node   Path
  unix  2      [ ACC ]     STREAM     LISTENING     145542   /run/user/1000/systemd/private
  unix  2      [ ACC ]     STREAM     LISTENING     145549   /run/user/1000/bus
  [intern@intern-a1t-inf-lnx1 ~]$ ss | head
  Netid State    Recv-Q Send-Q                   Local Address:Port      Peer Address:Port  Process
  u_dgr ESTAB    0      0                  /run/systemd/notify 17942                * 0
  u_dgr ESTAB    0      0         /run/systemd/journal/dev-log 17968                * 0
  u_dgr ESTAB    0      0          /run/systemd/journal/socket 17970                * 0
  u_str ESTAB    0      0                                    * 402629               * 402630
  u_str ESTAB    0      0                                    * 140675               * 140676
  u_dgr ESTAB    0      0                                    * 19657                * 19656
  u_str ESTAB    0      0                                    * 18285                * 18424
  u_str ESTAB    0      0          /run/dbus/system_bus_socket 20643                * 20320
  u_str ESTAB    0      0          /run/systemd/journal/stdout 20389                * 20382
  

Task 4: Test DNS Resolution

• Use the nslookup or dig command to test DNS resolution for a domain name, e.g., nslookup linuxfoundation.org.
• Observe the DNS server's response.

  [intern@intern-a1t-inf-lnx1 ~]$ nslookup linuxfoundation.org
  Server:     127.0.0.53
  Address:    127.0.0.53#53
  
  Non-authoritative answer:
  Name:   linuxfoundation.org
  Address: 3.13.31.214
  
  [intern@intern-a1t-inf-lnx1 ~]$ dig !$
  dig linuxfoundation.org
  
  ; <<>> DiG 9.11.36-RedHat-9.11.36-9.el8 <<>> linuxfoundation.org
  ;; global options: +cmd
  ;; Got answer:
  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44615
  ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
  
  ;; OPT PSEUDOSECTION:
  ; EDNS: version: 0, flags:; udp: 1232
  ;; QUESTION SECTION:
  ;linuxfoundation.org.       IN  A
  
  ;; ANSWER SECTION:
  linuxfoundation.org.    596 IN  A   3.13.31.214
  
  ;; Query time: 0 msec
  ;; SERVER: 139.162.10.8#53(139.162.10.8)
  ;; WHEN: Tue Oct 03 05:58:45 UTC 2023
  ;; MSG SIZE  rcvd: 64
  

Task 5: Configure a Static IP Address

• If you have a spare virtual machine or test system, try configuring a static IP address for one of its network interfaces.
• Use the ifconfig or ip command to set the IP address, subnet mask, and gateway.
• Check for your network interface
• In my case I'll be updating the network interface enp0s1

  [intern@intern-a1t-inf-lnx1 ~]$ ip a
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      inet 127.0.0.1/8 scope host lo
         valid_lft forever preferred_lft forever
      inet6 ::1/128 scope host
         valid_lft forever preferred_lft forever
  2: enp0s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
      link/ether f2:d0:95:0d:20:04 brd ff:ff:ff:ff:ff:ff
      inet 192.168.64.2/24 metric 100 brd 192.168.64.255 scope global dynamic enp0s1
         valid_lft 43805sec preferred_lft 43805sec
      inet6 fd76:221f:c594:440:f0d0:95ff:fe0d:2004/64 scope global dynamic mngtmpaddr noprefixroute
         valid_lft 2591899sec preferred_lft 604699sec
      inet6 fe80::f0d0:95ff:fe0d:2004/64 scope link
         valid_lft forever preferred_lft forever
  3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
      link/ether 02:42:d8:29:4d:a9 brd ff:ff:ff:ff:ff:ff
      inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
         valid_lft forever preferred_lft forever
  [intern@intern-a1t-inf-lnx1 ~]$ sudo ip addr add 192.168.64.3/24 dev enp0s1
  [sudo] password for intern:
  [intern@intern-a1t-inf-lnx1 ~]$ sudo ip link set enp0s1 up
  [intern@intern-a1t-inf-lnx1 ~]$ ip a show enp0s1
  2: enp0s1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
      link/ether f2:d0:95:0d:20:04 brd ff:ff:ff:ff:ff:ff
      inet 192.168.64.2/24 metric 100 brd 192.168.64.255 scope global dynamic enp0s1
         valid_lft 43601sec preferred_lft 43601sec
      inet 192.168.64.3/24 scope global secondary enp0s1
         valid_lft forever preferred_lft forever
      inet6 fd76:221f:c594:440:f0d0:95ff:fe0d:2004/64 scope global dynamic mngtmpaddr noprefixroute
         valid_lft 2591914sec preferred_lft 604714sec
      inet6 fe80::f0d0:95ff:fe0d:2004/64 scope link
         valid_lft forever preferred_lft forever
  

• Note that this changes won't persist between reboots

---

Conclusion

By completing these exercises, you've gained practical experience in networking configuration and troubleshooting using various Linux networking tools. These skills are essential for managing and maintaining network connections on Linux systems.