Learn Linux 16: Networking




When it comes to networking, there is probably nothing that cannot be done with Linux. Linux is used to build all sorts of networking systems and appliances, including firewalls, routers, name servers, network-attached storage (NAS) boxes, and on and on. This chapter will introduce the following commands:

  • ping - Send an ICMP ECHO_REQUEST to network hosts
  • traceroute - Print the route packets trace to a network host
  • ip - Show/manipulate routing, devices, policy routing, and tunnels
  • netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
  • ftp - Internet file transfer program
  • wget - Non-interactive network downloader
  • ssh - OpenSSH SSH client (remote login program)

Examining And Monitoring A Network

Even if you’re not the system administrator, it’s often helpful to examine the performance and operation of a network.


The most basic network command is ping. The ping command sends a special network packet called an ICMP ECHO_REQUEST to a specified host. Most network devices receiving this packet will reply to it, allowing the network connection to be verified. Let’s see whether we can reach google.com (one of our favorite sites).

[user@linux ~]$ ping google.com


The traceroute program (some systems use the similar tracepath program instead) lists all the “hops” network traffic takes to get from the local system to a specified host. For routers that provided identifying information, we see their hostnames, IP addresses, and performance data, which includes three samples of round-trip time from the local system to the router. For routers that do not provide identifying information (because of router configuration, network congestion, firewalls, etc.), we see asterisks as in the line for hop number 2. In cases where routing information is blocked, we can sometimes overcome this by adding either the -T or -I option to the traceroute command. Let’s see the route taken to reach google.com.

[user@linux ~]$ traceroute google.com


The ip program is a multipurpose network configuration tool that makes use of the full range of networking features available in modern Linux kernels. It replaces the earlier and now deprecated ifconfig program. With ip, we can examine a system’s network interfaces and routing table.

[user@linux ~]$ ip a


The netstat program is used to examine various network settings and statistics. Using the -ie option, we can examine the network interfaces in our system. Using the -r option will display the kernel’s network routing table.

[user@linux ~]$ netstat -ie
[user@linux ~]$ netstat -r

Transporting Files Over A Network

What good is a network unless we can move files across it? There are many programs that move data over networks. In this chapter we will cover two of them.


One of the true “classic” programs, ftp gets its name from the protocol it uses, the File Transfer Protocol. FTP was once the most widely used method of downloading files over the Internet. Most, if not all, web browsers support it, and you often see URIs starting with the protocol ftp://.

Before there were web browsers, there was the ftp program. ftp is used to communicate with FTP servers, machines that contain files that can be uploaded and downloaded over a network.

FTP (in its original form) is not secure because it sends account names and passwords in cleartext. This means they are not encrypted, and anyone sniffing the network can see them. Because of this, almost all FTP done over the Internet is done by anonymous FTP servers. An anonymous server allows anyone to log in using the login name “anonymous” and a meaningless password.

Typing help at the ftp> prompt will display a list of the supported commands.

lftp: A Better ftp

ftp is not the only command-line FTP client. In fact, there are many. One of the better (and more popular) ones is lftp by Alexander Lukyanov. It works much like the traditional ftp program but has many additional convenience features including multiple-protocol support (including HTTP), automatic retry on failed downloads, background processes, tab completion of path names, and many more.


Another popular command-line program for file downloading is wget. It is useful for downloading content from both web and FTP sites. Single files, multiple files, and even entire sites can be downloaded. Let’s download google.com.

[user@linux ~]$ wget https://www.google.com

Secure Communication With Remote Hosts

For many years, Unix-like operating systems have had the capability to be administered remotely via a network. In the early days, before the general adoption of the Internet, there were a couple of popular programs used to log in to remote hosts. These were the rlogin and telnet programs. These programs, however, suffer from the same fatal flaw that the ftp program does; they transmit all their communications (including login names and passwords) in cleartext. This makes them wholly inappropriate for use in the Internet Age.


To address this problem, a new protocol called Secure Shell (SSH) was developed. SSH solves the two basic problems of secure communication with a remote host.

  • It authenticates that the remote host is who it says it is (thus preventing so-called man-in-the-middle attacks).
  • It encrypts all of the communications between the local and remote hosts.

SSH consists of two parts. An SSH server runs on the remote host, listening for incoming connections, by default, on port 22, while an SSH client is used on the local system to communicate with the remote server.

Most Linux distributions ship an implementation of SSH called OpenSSH from the OpenBSD project. Some distributions include both the client and the server packages by default (for example, Red Hat), while others (such as Ubuntu) supply only the client. To enable a system to receive remote connections, it must have the OpenSSH-server package installed, configured, and running, and (if the system either is running or is behind a firewall) it must allow incoming network connections on TCP port 22.

The SSH client program used to connect to remote SSH servers is called, appropriately enough, ssh.

[user@linux ~]$ ssh remote-computer

scp And sftp

The OpenSSH package also includes two programs that can make use of an SSH-encrypted tunnel to copy files across the network. The first, scp (secure copy), is used much like the familiar cp program to copy files. The most notable difference is that the source or destination pathnames may be preceded with the name of a remote host, followed by a colon character. For example, if we wanted to copy a document named document.txt from our home directory on the remote system, remote-computer, to the current working directory on our local system, we could do this:

[user@linux ~]$ scp remote-computer:document.txt .

The second SSH file-copying program is sftp, which, as its name implies, is a secure replacement for the ftp program. sftp works much like the original ftp program that we used earlier; however, instead of transmitting everything in cleartext, it uses an SSH encrypted tunnel. sftp has an important advantage over conventional ftp in that it does not require an FTP server to be running on the remote host. It requires only the SSH server. This means that any remote machine that can connect with the SSH client can also be used as an FTP-like server. Here is a sample session.

[user@linux ~]$ sftp remote-computer
Connecting to remote-computer...
user@remote-computer's password:
sftp> ls
sftp> lcd Desktop
sftp> get ubuntu-8.04-desktop-i386.iso
Fetching /home/user/ubuntu-8.04-desktop-i386.iso to ubuntu-8.04-desktop-i386.iso
/home/user/ubuntu-8.04-desktop-i386.iso 100% 699MB 7.4MB/s 01:35
sftp> bye


In this chapter, we surveyed the field of networking tools found on most Linux systems. Since Linux is so widely used in servers and networking appliances, there are many more that can be added by installing additional software. But even with the basic set of tools, it is possible to perform many useful network-related tasks.