Managing Network Connections Connecting to a network from Linux is often as easy as attaching your computer’s network inter- face card to your ISP’s hardware (such as a DSL or cable modem) and rebooting. However, if your network interface doesn’t come up or requires some manual setup, there are many commands available for configuring network interfaces, checking network connections, and setting up special routing. This chapter covers many useful commands for configuring and working with your network interface cards (NICs), such as ethtool , mii- tool , and ifconfig . More specifically, it covers ways of configuring wired Ethernet, wireless Ethernet, and modem network hardware. With your hardware connected and network interfaces in place, the chapter describes commands such as netstat , dig , ip , and ping for getting informa- tion about your network. Configuring Networks from the GUI When you first install Ubuntu, the installer lets you configure any wired Ethernet cards attached to your computer, with the use of a DHCP server detected on your network. Alternatively, you can set a static IP address, along with your hostname and IP addresses for your gateway machine and name servers. After installation, there are also graphical tools for configuring your network interfaces. IN THIS CHAPTER Using ethtool and mii- tool to work with net- work interface cards Getting network statistics with netstat Starting network devices with service, chkconfig, ifup, and ifdown Viewing Ethernet information with ifconfig and ip Managing wireless cards with iwconfig Configuring modems with wvdialconf, stty, and minicom Checking DNS name resolution with dig, host, and hostname Checking connectivity with ping and arp Tracing connections with traceroute, route, and ip Watching the network with netstat, tcpdump, and nmap 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 211 The Network Configuration window (select System ➪ Administration ➪ Network from the GNOME desktop) offers a GUI for configuring your network interface, network hardware, DNS servers, host list, and even IPsec virtual private networks. You can con- figure both dynamic (DHCP, bootp) and static IP addresses. You can even set up static network routes. In some cases, however, your network interfaces may not be working. Likewise, there may be ways you want to work with your network interfaces that are not supported from the GUI. For those cases, the following sections describe how to work with your network interfaces from the command line. Managing Network Interface Cards If the network hardware on your computer didn’t immediately come up and let you connect to the Internet, there are some steps you should go through to troubleshoot the problem: ❑ Verify that your network interface card (NIC) is properly installed and that the cable is connected to your network (ISP’s CPE, switch, and so on). ❑ After the cable is connected, make sure you have a link with no speed or duplex mismatches. ❑ If all else fails, consider replacing your NIC with known-good spare to isolate a hardware failure. To check your link from Linux, and to set speed and duplex, there are two commands you can use: the older mii-tool (net-tools package) and the newer ethtool (ethtool package). Use ethtool unless you have a very old NIC and NIC driver that is not com- patible with the ethtool command. To view the syntax of the ethtool command, type the following: $ ethtool -h | less View options to the ethtool command The ethtool command outputs its built-in help to stderr. To be able to page through that help with less , we redirect stderr to stdout. To display settings for a specific Ethernet card, add the interface name to the command. For example, to view card information for eth0, type: $ sudo ethtool eth0 See settings for NIC at eth0 Settings for eth0: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Chapter 11: Managing Network Connections 212 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 212 Advertised auto-negotiation: Yes Speed: 100Mb/s Duplex: Full Port: MII PHYAD: 1 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: g Current message level: 0x00000007 (7) Link detected: yes You will need root permissions to acquire information about the Ethernet interface, hence the use of the sudo command in the previous example. To find out about the driver being used for a particular network card, use the -i option: $ sudo ethtool -i eth0 Display driver information for NIC driver: e1000 version: 7.3.15-k2-NAPI firmware-version: 0.5-7 bus-info: 0000:04:00.0 Use the -S option to display detailed statistics for a NIC: $ sudo ethtool -S eth0 Show statistics for NIC at eth0 NIC statistics: rx_packets: 1326384 tx_packets: 773046 rx_bytes: 1109944723 tx_bytes: 432773480 rx_errors: 5 tx_errors: 2 rx_dropped: 0 tx_dropped: 0 multicast: 0 collisions: 0 rx_length_errors: 0 rx_over_errors: 0 rx_crc_errors: 5 rx_frame_errors: 0 rx_fifo_errors: 0 rx_missed_errors: 0 tx_aborted_errors: 0 tx_carrier_errors: 2 . The ethtool command can be used to change NIC settings as well as display them. To turn off auto-negotiation and hard-set the NIC to 100 Mpbs, full duplex, type this: $ sudo ethtool -s eth0 speed 100 duplex full autoneg off Change NIC settings 213 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 213 To turn off auto-negotiation and hard-set the speed to 10 Mpbs, half-duplex, type this: $ sudo ethtool -s eth0 speed 10 duplex half autoneg off Change NIC settings The changes just made to your NIC settings are good for the current session. When you reboot, however, those setting will be lost. To make these settings stick at the next reboot or network restart, you need to create a new script to get executed at boot time. The fol- lowing steps describe how to do this. 1. Choose a name for your new script, such as eth_options , and then create the script in the /etc/init.d directory: $ sudo vi /etc/init.d/eth_options 2. Insert the following text into this new script: #!/bin/sh ETHTOOL=”/usr/sbin/ethtool” ETHTOOL_OPTS=”speed 10 duplex half autoneg off” DEV=”eth0” case “$1” in start) echo -n “Setting $DEV options to $ETHTOOL_OPTS .”; $ETHTOOL -s $DEV $ETHTOOL_OPTS; echo “ done.”;; stop) ;; esac exit 0 3. The specific settings you desire should be placed into the variable ETHTOOL_OPTS . For example: ETHTOOL_OPTS=”speed 10 duplex half autoneg off” You can also change the DEV variable, which points to the first Ethernet interface, eth0 . 4. Next, you need to set up the script as an executable file: $ sudo chmod +x /etc/init.d/eth_options 5. Then, set up the symbolic links to run your new script under the different run levels: $ sudo update-rc.d eth_options defaults Adding system startup for /etc/init.d/eth_options . /etc/rc0.d/K20eth_options -> /init.d/eth_options /etc/rc1.d/K20eth_options -> /init.d/eth_options /etc/rc6.d/K20eth_options -> /init.d/eth_options /etc/rc2.d/S20eth_options -> /init.d/eth_options /etc/rc3.d/S20eth_options -> /init.d/eth_options /etc/rc4.d/S20eth_options -> /init.d/eth_options /etc/rc5.d/S20eth_options -> /init.d/eth_options 214 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 214 You can run your script with the following command: $ sudo /etc/init.d/eth_options start NOTE You can find tips similar to this at the nixCraft site, www.cyberciti .biz/tips/ . As mentioned earlier, ethtool may not work on some older NICs. So if you have an older NIC, try using mii-tool as follows: $ sudo mii-tool Show negotiated speed and link status of old NIC eth0: negotiated 100baseTx-FD flow-control, link ok This example was taken from the same machine as the examples above, with the NIC auto-negotiating at 1000 Mbps, full-duplex. The mii-tool command is mis-reading the speed setting. This is why we recommend using mii-tool only as a last resort if ethtool doesn’t work with your old NIC. To display mii-tool output with more verbosity, use the -v option: $ sudo mii-tool -v Show verbose output of settings for old NIC eth0: negotiated 100baseTx-FD flow-control, link ok product info: vendor 00:50:43, model 12 rev 2 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control In the example just shown, you can see that each mode (100baseTx and 10baseT) supports both half-duplex (HD) and full duplex (FD). To disable auto-negotiation and force a particular setting, use the -F option as follows: $ sudo mii-tool -F 10baseT-FD eth0 Force speed/duplex to 10baseT-FD If you change your mind and later want to re-enable auto-negotiation, use the -r option: $ sudo mii-tool -r eth0 Re-enable auto-negotiation for an old NIC restarting autonegotiation . mii-tool does not provide a capability to save settings like ethtool does, so you have to run it after every reboot. This can be done by adding it at the end of /etc/rc.local . The netstat command provides another way to get network interface statistics: $ netstat -i Get network interface statistics for eth0 Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 1757208 6 0 0 996834 4 0 0 BMRU 215 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 215 Use the -c option to get netstat to refresh network interface statistics every second: $ netstat -ic Refresh network statistics every second You can get cleaner (screen-oriented) refreshed output from netstat by combining it with the watch command as follows: $ watch netstat -i Refresh network statistics (screen oriented) Every 2.0s: netstat -i Wed Aug 22 01:55:48 2007 Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 1757208 6 0 0 996834 4 0 0 BMRU As the output indicates, the netstat statistics are updated every 2.0 seconds. Managing Network Connections Starting and stopping the network interfaces for your wired Ethernet connections to your LAN or the Internet is usually handled automatically at the time you boot and shut down your Ubuntu system. However, you can use the commands in /etc/init.d to start and stop your network interfaces any time you want or update-rc.d to config- ure whether your network starts automatically. The ifconfig and ip commands can also be used to configure, activate, and deacti- vate interfaces. However, on Ubuntu and other Debian derivatives, the commands in the /etc/init.d directory provide simpler tools to start and stop network interfaces. Therefore, in most cases, you should only use ifconfig and ip commands to gather information about your Ethernet interfaces and NICs (as shown later in this section). Starting and Stopping Ethernet Connections The reason that your wired Ethernet interfaces just come up in many cases when you boot Ubuntu is that the network service is set to be on when the system enters the com- mon boot run levels (run levels 3 and 5). There is a set of underlying configuration files and scripts that make that happen and a few simple commands that let you control it. For Ubuntu, control scripts and configuration files are located in the /etc/network/ directory. NICs are configured by editing /etc/network//interfaces . The file looks like the following: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp 216 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 216 auto eth1 iface eth1 inet dhcp auto eth2 iface eth2 inet dhcp auto ath0 iface ath0 inet dhcp auto wlan0 iface wlan0 inet dhcp To get more information on this file, type the following: $ less /usr/share/doc/network-manager/README.Debian If you change the interfaces file, you need to run the following command: $ sudo /etc/dbus-1/event.d/25NetworkManager restart The script that starts the configured network-scripts files is /etc/init.d/network . As with other Linux services, you can start and stop the network service using the /etc/init.d/networking command. To take all NICs offline then bring them back online, allowing any change to the network scripts to take effect, type the following: $ sudo /etc/init.d/networking restart Shutdown and bring up network interfaces * Reconfiguring network interfaces . There is already a pid file /var/run/dhclient.eth0.pid with pid 9242 killed old client process, removed PID file Internet Systems Consortium DHCP Client V3.0.4 Copyright 2004-2006 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ Listening on LPF/eth0/00:19:d1:5a:a9:e2 Sending on LPF/eth0/00:19:d1:5a:a9:e2 Sending on Socket/fallback DHCPRELEASE on eth0 to 192.168.1.1 port 67 There is already a pid file /var/run/dhclient.eth0.pid with pid 134993416 Internet Systems Consortium DHCP Client V3.0.4 Copyright 2004-2006 Internet Systems Consortium. . [ OK ] You may see errors for extra interfaces defined but not available on your system, such as wireless interfaces. You can ignore any error that refers to a networking device you have not installed. 217 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 217 Use the start and stop options to start and stop your network interfaces, respectively: $ sudo /etc/init.d/networking stop Shutdown network interfaces $ sudo /etc/init.d/networking start Bring up network interfaces To check the status of your network interfaces, type the following: $ ifconfig Check network interface status eth0 Link encap:Ethernet HWaddr 00:19:D1:5A:A9:E2 inet addr:192.168.1.106 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::219:d1ff:fe5a:a9e2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1492 Metric:1 RX packets:14442 errors:0 dropped:0 overruns:0 frame:0 TX packets:13080 errors:0 dropped:0 overruns:0 carrier:0 collisions:434 txqueuelen:1000 RX bytes:3732823 (3.5 MiB) TX bytes:1142020 (1.0 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:35 errors:0 dropped:0 overruns:0 frame:0 TX packets:35 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2121 (2.0 KiB) TX bytes:2121 (2.0 KiB) If you have multiple network interfaces, you may want to just bring one interface up or down. To do that, use the ifup and ifdown commands: $ sudo ifdown eth0 Take the eth0 network interface offline $ sudo ifup eth0 Bring the eth0 network interface online When your network interfaces are up, there are tools you can use to view information about those interfaces and associated NICs. Viewing Ethernet Connection Information To view the media access control (MAC) address for your NIC and IP address for your TCP/IP connections, you can use the ifconfig command. The following command line shows the address information and status of your eth0 Ethernet interface: $ ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:D0:B7:79:A5:35 inet addr:10.0.0.155 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::2d0:b7ff:fe79:a535/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1413382 errors:6 dropped:0 overruns:0 frame:6 TX packets:834839 errors:4 dropped:0 overruns:0 carrier:4 collisions:0 txqueuelen:1000 RX bytes:1141608691 (1.0 GiB) TX bytes:470961026 (449.1 MiB) 218 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 218 In this example, the eth0 interface is the first Ethernet interface on the computer. The MAC address (HWaddr) of the NIC is 00:D0:B7:79:A5:35. You can see eth0’s IP address (10.0.0.155), broadcast address (10.0.0.255), and subnet mask (255.255.255.0). Other information includes the number of packets received and transmitted, as well as problems (errors, dropped packets, and overruns) that occurred on the interface. To get information on both active and inactive NICs, use the -a option: $ ifconfig -a Instead of using ifconfig (and several other commands described in this chapter), you can use the newer ip command. The ip command was made to show informa- tion about your network interfaces, as well as changing settings for network devices, routing, and IP tunnels. Here the ip command is used to show information about the eth0 interface: $ ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:d0:b7:79:a5:35 brd ff:ff:ff:ff:ff:ff inet 10.0.0.155/24 brd 10.0.0.255 scope global eth0 inet6 fe80::2d0:b7ff:fe79:a535/64 scope link valid_lft forever preferred_lft forever The ip command allows for shorthand syntax. If you’re familiar with the Cisco IOS command line interface, the ip command works the same way. For example, instead of typing ip addr show , you could type the following to see information on all interfaces: $ ip a The ip command can operate on multiple network components, known as objects. One of these objects is addr , which allows ip to configure network addresses. We will cover other objects of the ip command below. To see how the ip command is used, use the help option. Along with the help option, you can identify an ip object to get information on using that object: $ ip help View ip usage statement Usage: ip [ OPTIONS ] OBJECT { COMMAND | help } ip [ -force ] [-batch filename where OBJECT := { link | addr | route | rule | neigh | ntable | tunnel| maddr | mroute | monitor | xfrm } OPTIONS := { -V[ersion] | -s[tatistics] | -r[esolve] | -f[amily] { inet | inet6 | ipx | dnet | link } | -o[neline] | -t[imestamp] } $ ip addr help View help for the addr object $ ip route help View help for the route object $ ip tunnel help View help for the tunnel object 219 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 219 Understanding subnetwork masks can be confusing if you’re not used to them. You may find ipcalc (from the ipcalc package) useful to calculate a host computer’s netmask from its CIDR IP address: $ ipcalc -bmn 192.168.1.100/27 Address: 192.168.1.100 Netmask: 255.255.255.224 = 27 Wildcard: 0.0.0.31 => Network: 192.168.1.96/27 HostMin: 192.168.1.97 HostMax: 192.168.1.126 Broadcast: 192.168.1.127 Hosts/Net: 30 Class C, Private Internet In the example just shown, the netmask (which indicates which part of an IP address represents the network and which represents the host) is 255.255.255.224. That was derived from the /27 value at the end of the IP address 192.168.1.100. Using Wireless Connections Setting up wireless connections in Linux has been tricky in the past, primarily due to the fact that open source drivers have not been available for the vast majority of wire- less LAN cards on the market. More recent releases of Ubuntu have shown a marked improvement. Wireless configuration is an area where we would suggest you use the GUI tools (in particular, the Network Configuration window described earlier in this chapter, or Network Manager) to do basic configuration. You may need to add wireless tools packages to get this to work, such as wireless-tools and bcm43xx-fwcutter packages, which are available from the Ubuntu repositories. Likewise, you may need firmware that is available in the following packages: ipw2100-source, ipw2200-firmware, and zd1211-firmware packages. If you are not able to configure your wireless LAN card using the Network Configura - tion window, you might be able to get your wireless card working using drivers and tools available from Atheros ( www.atheros.com ), the MadWifi ( www.madwifi.org ) project, or the Ndiswrapper project ( ndiswrapper.sourceforge.net ). Many pack- ages of software from those projects are available from the standard Ubuntu reposito- ries, described in Chapter 2. If you need help determining exactly what wireless card you have, type the following: $ lspci | grep -i wireless Search for wireless PCI cards 01:09.0 Network controller: Broadcom Corporation BCM4306 802.11b/g Wireless LAN Controller (rev 03) 220 Chapter 11: Managing Network Connections 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 220 [...]... encryption key to 1234-5555-66 The essid is sometimes called the Network Name or Domain ID Use it as the common name to identify your wireless network Setting the channel lets your wireless LAN operate on that specific channel 221 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 222 Chapter 11: Managing Network Connections With Ad-Hoc mode, the network is composed of only interconnected clients with no central... example: server1.example.com 226 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 227 Chapter 11: Managing Network Connections Troubleshooting Network Problems Troubleshooting networks is generally done from the bottom layer up As discussed at beginning of the chapter the first step is to make sure that the physical network layer components (cables, NICs, and so on) are connected and working Next, check that... the /etc /network/ interfaces file and place the information about the new route in that file For example, to add the route added with the ip command above, add the following lines to /etc /network/ interfaces: iface eth0 inet static address 192.168.0.0 netmask 255.255.255.0 gateway 10.0.0.100 Displaying netstat Connections and Statistics The tools above cover network troubleshooting mostly at the network. .. as follows: $ sudo netstat -uanp View active UDP connections Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 0.0.0.0:631 0.0.0.0:* 2039/cupsd udp 0 0 192.168.122.1:123 0.0.0.0:* 2067/ntpd 231 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 232 Chapter 11: Managing Network Connections To narrow your output from netstat... 233 Chapter 11: Managing Network Connections the machine you are scanning The -p 100-200 option tells nmap to scan only ports 100 through 200: $ sudo nmap -vv -P0 -O -p 100-200 10.0.0.1 No ping, OS fingerprint, ports 100-200 The nmap command has a lot more options for advanced usage Refer to the nmap man page (man nmap) for further information Summary Nearly every aspect of the network connections from... modem are your only way to get on the Internet Linux offers both graphical and command line tools for configuring and communicating with modems As with other network connections in Ubuntu, dial-up modem connections can be configured using the Network Configuration window Most external serial modems will work with Linux without any special configuration Most hardware PCI modems will also work However,... list of all TCP connections, including which process is handling the connection: $ sudo netstat -tanp View active TCP connections Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2039/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2088/sendmail You can also view active UDP connections as...82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 221 Chapter 11: Managing Network Connections Assuming that your wireless card is up and running, there are some useful commands in the wireless-tools package you can use to view and change settings for your wireless cards In particular, the iwconfig command can help you work a with your wireless LAN interfaces The following scans your network interfaces for supported wireless... 228 Chapter 11: Managing Network Connections PING 10.0.0.1 (10.0.0.1) from 10.0.0.155 : 56(84) bytes of data $ ping -s 1500 10.0.0.1 Set packet size to 1500 bytes PING 10.0.0.1 (10.0.0.1) 1500(1528) bytes of data Use the ping flood option with caution By default, ping sends small packets (56 bytes) Large packets (such as the 1500-byte setting just shown) are good to make faulty NICs or connections stand... dev eth0 lladdr 00:0b:6a:02:ec:98 REACHABLE # ip nei del 10.0.0.50 dev eth0 # ip n add 10.0.0.51 lladdr 00:0B:6A:02:EC:95 dev eth0 228 82935c11.qxd:Toolbox 10/29/07 1:16 PM Page 229 Chapter 11: Managing Network Connections To query a subnet to see if an IP is already in use, and to find the MAC address of the device using it, use the arping command The arping command is used by ifup to avoid IP conflicts . Managing Network Connections Connecting to a network from Linux is often as easy as attaching your computer’s network inter- face card. updated every 2.0 seconds. Managing Network Connections Starting and stopping the network interfaces for your wired Ethernet connections to your LAN or