Project name

Logged in as Username

Some Linux Network Commands and Files

tested on Red Hat/Centos v5,v6

This page is simply some tests and research into Networking commands on Linux. It is strictly for entertainment purposes. We do not warrant or guarantee the accuracy or completeness of the information contained herein, and shall have no liability whatsoever arising out of, its use.

Some network/network analysis commands
   • ifconfig - view and change the configuration of the network interfaces
   • ip - view and change the configuration of the network interfaces
   • ifup,ifdown - bring up, take down network interface
   • netstat - displays network connections
   • dhclient configuring one or more network interfaces
   • ping command sends packets of information to the user-defined source
   • dig interrogating Domain Name System (DNS)
   • nslookup querying the Domain Name System (DNS)to obtain domain name
   • traceroute displays the list of the routers that packet travels through to get to a remote host
   • nmap - port scanning
   • iptables - firewall utility built for Linux operating systems
   • system-config-network command

Some network Configuration files
   • hosts file
   • Interface configuration files (ifcfg)
   • resolv.conf file
   • /etc/sysconfig/network - routing and host information file





Some network analysis commands



ifconfig - view and change the configuration of the network interfaces

ifconfig stands for "interface configuration". It permits you to view and change the configuration of the network interfaces on your system, including active network interfaces on the system. (example: ethernet, loopback, wireless). Note that ifconfig command is officially deprecated on most versions of Linux and replaced by the ip command. This of course, does not stop everyone from still using it.

Running ifconfig with no options will display the configuration of all active interfaces.

# ifconfig

If ifconfig it did not comes installed with your Linux distribution, add it with

yum install net-tools

show all interfaces

# ifconfig -a

output: 
eth0      Link encap:Ethernet  HWaddr 00:1C:C4:66:49:A4
          inet addr: 192.168.1.5  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::21c:c4ff:fe66:49a4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5671 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6118 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:962881 (940.3 KiB)  TX bytes:686627 (670.5 KiB)
          Interrupt:225 Memory:f0800000-f0810000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:316 errors:0 dropped:0 overruns:0 frame:0
          TX packets:316 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:15960 (15.5 KiB)  TX bytes:15960 (15.5 KiB)

sit0      Link encap:IPv6-in-IPv4
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Some importants things to notice in above listing

  • eth0 is the first ethernet interface (ethernet card) and it is "enabled".
  • note in Centos 7 and VMWare, we now see device names line enp63s0 or ens33 replacing eth0 as default network interface. The en seemd to stand for ethernet.
  • lo is the loopback interface, always 127.0.0.1
  • Internet address: 192.168.1.5
  • Broadcast address: 192.168.1.255
  • Network Mask: 255.255.255.0

You should have at least a loopback address and an ithernet device. You may have other devices listed as well.


to enable a disabled network interface

> ifconfig eth0 up
or
> ifup eth0

to disable a enabled network interface

> ifconfig eth0 down
or 
> ifdown eth0

change maximum transmission units (MTU). This assumes that your network card and network switches can support it.

> ifconfig eth0 mtu 2500

Configure the network interface wlan1 to use the static IP address 122.140.201.66.

> ifconfig wlan1 122.140.201.66


Bring up, take down network interface

ifup brings a network interface up, making it available to transmit and receive data.

examples:

# ifup eth0
# ifup enp63s0

ifdown takes a network interface down, placing it in a state where it cannot transmit or receive data.



netstat - displays network connections

Netstat (network statistics) is a command-line tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics. 

# netstat | more
extract from respone: 
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0     52 192.168.1.5:ssh             999.999.999.999::61648       ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ]         DGRAM                    1338   @/org/kernel/udev/udevd
unix  2      [ ]         DGRAM                    6575   @/org/freedesktop/hal/udev_event
unix  16     [ ]         DGRAM                    5870   /dev/log
unix  2      [ ]         DGRAM                    995552
...

note: Local Address is the IP address of the Linux server
The "Foreign Address" is your Static IP address.

netstat - show routing table only
The routing table stores the routes used to get to particular network destinations. 
# netstat -rn
Output - 
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0 eth0

Here 192.168.1.254 the gateway, in this case is the IP of my wirelesss router.

The second column of netstat's output shows the gateway that the routing entry is pointing to. If no gateway is used, an asterisk is printed instead. Column three shows the 'generality' of the route. When given an IP-address to find a suitable route for, the kernel goes through all routing table entries, taking the bitwise AND of the address and the genmask before comparing it to the target of the route.

The fourth column displays various flags that describe the route:

G - The route uses a gateway.
U - The interface to be used is up.
H - Only a single host can be reached through the route. For example, this is the case for the loopback entry 127.0.0.1.
D - This is set if the table entry has been generated by an ICMP redirect message (see section 3.5).
M - This is set if the table entry was modified by an ICMP redi- rect message.

Some netstat switches:

a = all sockets
c = update continuously
e = extend, additional details
n = numeric - don't resolve names, shows port nmber
o = shows process id (PID) 
p = program - display PID/Program name for sockets
l = display listening server sockets
r = routing tables
s = statistics
t = tcp
v = verbose

Examples:

List all ports

netstat -a

Show all listening tcp ports showing port number

> netstat -ltn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:9390                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:5672                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:56008               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN
tcp        0      0 :::42732                    :::*                        LISTEN
tcp        0      0 :::111                      :::*                        LISTEN
tcp        0      0 :::80                       :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 ::1:631                     :::*                        LISTEN

Some processes you may find running

  • openvasmd - manager daemon of the Open Vulnerability Assessment System (OpenVAS)
  • rpcbind - The rpcbind utility maps Remote Procedure calls (RPC) services to the ports on which they listen.
  • vsftpd - is an FTP server. vsftpd stads for very secure FTP daemon
  • sshd - Secure Shell is a encrypted network protocol to allow remote login and other network services to operate securely over an unsecured network.
  • cupsd - scheduler
  • qpidd - AMQP message broker daemon that stores, routes and forwards messages using the Advanced Message Queueing Protocol (AMQP).
  • rpc.statd - Network Status Monitor protocol (or NSM for short) is used to notify NFS peers of reboots.
  • mysqld - mysql database service
  • httpd - http service

List all ports

netstat -a

List all tcp ports

netstat -at

List all udp ports

netstat -au

List all sockets which are in listening state

netstat -l
Lists all listening ports 
netstat -tlnp

All open ports 

netstat -plnt

statistics 

netstat -anpe

See what is listening to port 80

> netstat -lnp | grep 80
tcp        0      0 :::80                       :::*                        LIST                              EN      5484/httpd
where:
l = display listening server sockets
n = numeric - don't resolve names, shows port nmber
p = program - display PID/Program name for sockets

see some statistics

>  netstat -s

Ip:
    3505517 total packets received
    189 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    3353729 incoming packets delivered
    3441781 requests sent out
    6 dropped because of missing route
Icmp:
    80 ICMP messages received
    0 input ICMP message failed.
    ICMP input histogram:
        destination unreachable: 76
        echo replies: 4
    444 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
        destination unreachable: 440
        echo request: 4
IcmpMsg:
        InType0: 4
        InType3: 76
        OutType3: 440
        OutType8: 4
Tcp:
    875 active connections openings
    176235 passive connection openings
    1305 failed connection attempts
    4162 connection resets received
    1 connections established
    3177924 segments received
    3193518 segments send out
    71896 segments retransmited
    0 bad segments received.
    28590 resets sent
Udp:
    175920 packets received
    20 packets to unknown port received.
    0 packet receive errors
    176145 packets sent
UdpLite:
TcpExt:
    14061 invalid SYN cookies received
    1298 resets received for embryonic SYN_RECV sockets
    36 ICMP packets dropped because they were out-of-window
    40131 TCP sockets finished time wait in fast timer
    370843 delayed acks sent
    70 delayed acks further delayed because of locked socket
    Quick ack mode was activated 12684 times
    169906 packets directly queued to recvmsg prequeue.
    3686 packets directly received from backlog
    61938105 packets directly received from prequeue
    986573 packets header predicted
    47052 packets header predicted and directly queued to user
    523770 acknowledgments not containing data received
    816143 predicted acknowledgments
    6422 times recovered from packet loss due to SACK data
    TCPDSACKUndo: 343
    5787 congestion windows recovered after partial ack
    12519 TCP data loss events
    TCPLostRetransmit: 1409
    3577 timeouts after SACK recovery
    552 timeouts in loss state
    15818 fast retransmits
    1338 forward retransmits
    5096 retransmits in slow start
    35982 other TCP timeouts
    1313 sack retransmits failed
    13156 DSACKs sent for old packets
    22 DSACKs sent for out of order packets
    16358 DSACKs received
    78 DSACKs for out of order packets received
    625 connections reset due to unexpected data
    136 connections reset due to early user close
    502 connections aborted due to timeout
    TCPDSACKIgnoredOld: 5920
    TCPDSACKIgnoredNoUndo: 2330
    TCPSpuriousRTOs: 63
    TCPSackShifted: 9984
    TCPSackMerged: 25336
    TCPSackShiftFallback: 20200
IpExt:
    InBcastPkts: 151202
    InOctets: 730998212
    OutOctets: 917606745
    InBcastOctets: 22741553
[root@localhost ~]#
 
 
 

ip - view and change the configuration of the network interfaces

The ip command is the updated version of ifconfig as ifconfig is officialy deprecated, although still widely used. The ip command provides the ability find out which interfaces are configured on the system, query the status of a IP interface, configure the local loop-back, Ethernet and other IP, interfaces, mark the interface as up or down, configure and modify default and static routing, configure tunnel over IP, configure ARP or NDISC cache entry, and assign IP address, routes, subnet and other IP information to IP interfaces.

The ip command can be applied with several "objects" including:

ObjectAbbreviated formPurpose
linklNetwork device.
addressa
addr		Protocol (IP or IPv6) address on a device.
addrlabeladdrlLabel configuration for protocol address selection.
neighbourn
neigh		ARP or NDISC cache entry.
routerRouting table entry.
ruleruRule in routing policy database.
maddressm
maddr		Multicast address.
mroutemrMulticast routing cache entry.
tunneltTunnel over IP.
xfrmxFramework for IPsec protocol.


Examples:

link: Manage and display the state of all network interfaces 

> ip link show
1: lo:  mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:1c:c4:66:49:a4 brd ff:ff:ff:ff:ff:ff

Display IP Addresses and property information. addr is abbreviatrion of address. You can also appreviate with a.

> ip addr show
1: lo:  mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:1c:c4:66:49:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.5/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::21c:c4ff:fe66:49a4/64 scope link
       valid_lft forever preferred_lft forever

To see IPv4 information:

ip -4 addr

To see IPv4 information:

ip -6 addr

See information regarding a specific interface? You can list information for a wireless connection with the command:

ip addr show wlan0

You can even get more specific with this command. If you only want to view IPv4 on the wlan0 interface, issue the command:

ip -4 addr show wlan0

You can even list only the running interface using:

ip link ls up

Modifying an Interface:

Suppose you wanted to assign a specific address to the first ethernet interface, eth0. With the ifconfig command, that would look like:

ifconfig eth0 192.1.1.1

With the ip command, this now looks like:

ip addr add 192.1.1.1 dev eth0

Note that this is only a temporary change in configuration. Bringing down and up the network will cause configuration to revert back to original configuration

You could shorten this a bit with:

ip addr add 192.1.1.1/24 dev eth0

We can see that we have added address 192.1.1.1 to eth0

> ip address  show
1: lo:  mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:1c:c4:66:49:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.5/24 brd 192.168.1.255 scope global eth0
    inet 192.1.1.1/24 scope global eth0
    inet6 fe80::21c:c4ff:fe66:49a4/64 scope link
       valid_lft forever preferred_lft forever

What about deleting an address from an interface? With the ip command, you can do that as well. For example, to delete the address just assigned to eth0, issue the following command:

ip addr del 192.168.1.101/24 dev eth0

Another crucial aspect of the ip command is the ability to bring up/down an interface. To bring eth0 down, issue:

ip link set dev eth0 down

To bring eth0 back up, use:

ip link set dev eth0 up

With the ip command, you can also add and delete default gateways. This is handled like so:

ip route add default via 192.168.1.254

If you want to get really detailed on your interfaces, you can edit the transmit queue. You can set the transmit queue to a low value for slower interfaces and a higher value for faster interfaces. To do this, the command would look like:

ip link set txqueuelen 10000 dev eth0

The above command would set a high transmit queue. You can play around with this value to find what works best for your hardware.

You can also set the Maximum Transmission Unit (MTU) of your network interface with the command:

ip link set mtu 9000 dev eth0

Once you’ve made the changes, use ip a list eth0 to verify the changes have gone into effect.


Managing the Routing Table

With the ip command you can also manage the system’s routing tables. This is a very powerful element of the ip command, and you should use it with caution.

Suppose you want to view all routing tables. To do this, you would issue the command:

>ip r
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.5
default via 192.168.1.254 dev eth0

Now, say you want to route all traffic via the 192.168.1.254 gateway connected via eth0 network interface: To do that, issue the command:

ip route add 192.168.1.0/24 dev eth0

To delete that same route, issue:

ip route del 192.168.1.0/24 dev eth0



dhclient

dhclient, provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.

Used by utself, dhclient releases and renews your ip address.

dhclient


ping

The ping command sends packets of information to the user-defined source. If the packets are received, the destination device sends packets back. ping can be used to ensure that a network connection can be established and to determine timing information as to the speed of the connection.

Ping is useful to test to see if server you are logged into or remote server is connected to the internet.

The ping method does not guarantee that all systems connected to the LAN will be found. This is because some computers may be configured NOT to reply to broadcast queries. Google.com site is kind enough to allow us to use ping.

# ping google.com
PING google.com (74.125.226.142) 56(84) bytes of data.
64 bytes from yyz08s14-in-f14.1e100.net (74.125.226.142): icmp_seq=1 ttl=58 time=17.3 ms
64 bytes from yyz08s14-in-f14.1e100.net (74.125.226.142): icmp_seq=2 ttl=58 time=16.2 ms
64 bytes from yyz08s14-in-f14.1e100.net (74.125.226.142): icmp_seq=3 ttl=58 time=15.9 ms
64 bytes from yyz08s14-in-f14.1e100.net (74.125.226.142): icmp_seq=4 ttl=58 time=15.4 ms
Control-C to exit

What can I learn from the above?

  • remote network is up.
  • my gateway is working
  • time that packets get to me.
  • nameserver is working
  • remote server ip address


nslookup

nslookup is a network administration command-line tool available used for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.

> nslookup redhat.com
Server:         192.168.1.254
Address:        192.168.1.254#53

Non-authoritative answer:
Name:   redhat.com
Address: 209.132.183.105


dig

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output.

Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf.

example: 
> dig redhat.com

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> redhat.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31303
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;redhat.com.                    IN      A

;; ANSWER SECTION:
redhat.com.             60      IN      A       209.132.183.105

;; AUTHORITY SECTION:
redhat.com.             600     IN      NS      ns3.redhat.com.
redhat.com.             600     IN      NS      ns1.redhat.com.
redhat.com.             600     IN      NS      ns4.redhat.com.
redhat.com.             600     IN      NS      ns2.redhat.com.

;; ADDITIONAL SECTION:
ns1.redhat.com.         146     IN      A       209.132.186.218
ns2.redhat.com.         146     IN      A       209.132.183.2
ns3.redhat.com.         146     IN      A       209.132.176.100
ns4.redhat.com.         146     IN      A       209.132.188.218

;; Query time: 294 msec
;; SERVER: 206.248.154.170#53(206.248.154.170)
;; WHEN: Sun Jun 14 18:01:16 2015
;; MSG SIZE  rcvd: 180

The dig command output has the following sections:

  • Header: This displays the dig command version number, the global options used by the dig command, and few additional header information.
  • QUESTION SECTION: This displays the question it asked the DNS. i.e This is your input. Since we said ‘dig redhat.com’, and the default type dig command uses is A record, it indicates in this section that we asked for the A record of the redhat.com website
  • ANSWER SECTION: This displays the answer it receives from the DNS. i.e This is your output. This displays the A record of redhat.com
  • AUTHORITY SECTION: This displays the DNS name server that has the authority to respond to this query. Basically this displays available name servers of redhat.com
  • ADDITIONAL SECTION: This displays the ip address of the name servers listed in the AUTHORITY SECTION. Stats section at the bottom displays few dig command statistics including how much time it took to execute this query


Traceroute

Traceroute displays the list of the routers that packet travels through to get to a remote host. Using this command you can see how packets travel through the network and where it may fail or slow down. Using this information you can determine the computer, router, switch or other network device that possibly causing network issues or failures.

# traceroute google.com

traceroute to google.com (74.125.226.133), 30 hops max, 60 byte packets
 1  192.168.1.254 (192.168.1.254)  1.307 ms  1.349 ms  1.698 ms
 2  206.248.154.104 (206.248.154.104)  19.611 ms  20.715 ms  22.417 ms
 3  72.14.212.134 (72.14.212.134)  28.774 ms  30.709 ms  31.659 ms
 4  209.85.255.232 (209.85.255.232)  33.155 ms  34.592 ms  36.039 ms
 5  209.85.250.7 (209.85.250.7)  38.044 ms  16.701 ms  16.682 ms
 6  yyz08s14-in-f5.1e100.net (74.125.226.133)  18.592 ms  19.669 ms  21.080 ms


nmap

The nmap command line utility is used for port scanning and finding out all the ways a computer communicates with other computers on a network. You can find open ports on a server or computer and find what services are using those ports. It can even determine what operating system is running on the server and more.

Example: 
> nmap scanme.nmap.org

Starting Nmap 6.47 ( http://nmap.org ) at 2016-04-17 18:46 EDT
Nmap scan report for scanme.nmap.org (45.33.32.156)
Host is up (0.077s latency).
Not shown: 996 closed ports
PORT      STATE SERVICE
22/tcp    open  ssh
80/tcp    open  http
9929/tcp  open  nping-echo
31337/tcp open  Elite

Nmap done: 1 IP address (1 host up) scanned in 5.71 seconds

Enable/disable network interface

# ifconfig eth0 up
# ifconfig eth0 down


iptables

iptables is a command-line firewall utility that uses policy chains to allow or block traffic. When a connection tries to establish itself on your system, iptables looks for a rule in its list to match it to. If it doesn’t find one, it resorts to the default action.



The system-config-network command

You may want to run system-config-network command directly or from the setup command to help configure network.

 
# system-config-network
or 
# setup


Some Network Configuration Files


hosts file

The main purpose of this file is to resolve hostnames that cannot be resolved any other way. It can also be used to resolve hostnames on small networks with no DNS server. It is also useful in development to make your workstation believe that a certain hostname points to a test or development server instance of that hostname instead of the production (current live) instance. Regardless of the type of network the computer is on, this file should contain a line specifying the IP address of the loopback device (127.0.0.1) as localhost.localdomain.

Restart the network service to see result of changes here.

# vi /etc/hosts
example: 
127.0.0.1              localhost.localdomain localhost
192.168.113.142        blog.mysite.com




 

Interface configuration files

Interface configuration files control the software interfaces for individual network devices. As the system boots, it uses these files to determine what interfaces to bring up and how to configure them. These files are usually named ifcfg-<name>, where <name> refers to the name of the device that the configuration file controls. One of the most common interface files is ifcfg-eth0, which controls the first Ethernet network interface card or NIC in the system. In a system with multiple NICs, there are multiple ifcfg-eth<X> files (where <X> is a unique number corresponding to a specific interface). Because each device has its own configuration file, an administrator can control how each interface functions individually. 


# vi /etc/sysconfig/network-scripts/ifcfg-eth0

sample dynamic (dhcp) 

DEVICE=eth0 
BOOTPROTO=dhcp
HWADDR=00:1C:C4:66:49:A4
ONBOOT=yes

sample static (static IP)

DEVICE=eth0 
BOOTPROTO=static
HWADDR="00:1C:C4:66:49:A4"
IPADDR=10.0.1.27 
NETMASK=255.255.255.0 
ONBOOT=yes

Below is a listing of the configurable parameters in an Ethernet interface configuration file. Only BOOTPROTO and DEVICE are mandatory.

  • BOOTPROTO=<protocol>, where <protocol> is one of the following:
    • none — No boot-time protocol should be used.
    • bootp — The BOOTP protocol should be used.
    • dhcp — The DHCP protocol should be used. System will look for a DHCP server to obtain a dynamic IP address
    • static — This is deprecated. Use none instead.

  • BROADCAST=<address>, where <address> is the broadcast address. This directive is deprecated.

  • DEVICE=<name>, where <name> is the name of the physical device (except for dynamically-allocated PPP devices where it is the logical name).

  • DHCP_HOSTNAME — Only use this option if the DHCP server requires the client to specify a hostname before receiving an IP address. (The DHCP server daemon in Red Hat Enterprise Linux does not support this feature.)

  • DNS{1,2}=<address>, where <address> is a name server address to be placed in /etc/resolv.conf if the PEERDNS directive is set to yes.

    • PEERDNS="yes"
DNS1=8.8.8.8
DNS2=8.8.4.4

  • HWADDR=<MAC-address>, where <MAC-address> is the hardware address of the Ethernet device in the form AA:BB:CC:DD:EE:FF. This directive is useful for machines with multiple NICs to ensure that the interfaces are assigned the correct device names regardless of the configured load order for each NIC's module. This directive should not be used in conjunction with MACADDR.

  • IPADDR=<address>, where <address> is the IP address.

  • MACADDR=<MAC-address>, where <MAC-address> is the hardware address of the Ethernet device in the form AA:BB:CC:DD:EE:FF. This directive is used to assign a MAC address to an interface, overriding the one assigned to the physical NIC. This directive should not be used in conjunction with HWADDR.

  • MASTER=<bond-interface>,where <bond-interface> is the channel bonding interface to which the interface the Ethernet interface is linked. This directive is used in conjunction with the SLAVE directive.

  • NETMASK=<mask>, where <mask> is the netmask value.

  • NETWORK=<address>, where <address> is the network address. This directive is deprecated.

  • ONBOOT=<answer>, where <answer> is one of the following:
    • yes — This device should be activated at boot-time.
    • no — This device should not be activated at boot-time.

  • PEERDNS=<answer>, where <answer> is one of the following:
    • yes — Modify /etc/resolv.conf if the DNS directive is set. If using DHCP, then yes is the default.
    • no — Do not modify /etc/resolv.conf.

  • SLAVE=<bond-interface>,where <bond-interface> Used eith MASTER:
    • yes — This device is controlled by the channel bonding interface specified in the MASTER directive.
    • no — This device is not controlled by the channel bonding interface specified in the MASTER directive.

  • SRCADDR=<address>, where <address> is the specified source IP address for outgoing packets.

  • USERCTL=<answer>, where <answer> is one of the following:
    • yes — Non-root users are allowed to control this device.
    • no — Non-root users are not allowed to control this device.



resolv.conf file

This file specifies the IP addresses of DNS servers and the search domain. This file defines server responsible for name resolution. You can have multiple entries here.

vi /etc/resolv.conf
example: 
search localdomain
# here 192.168.1.254 is the IP address of my Netgear Router. 
# I think originally it was 192.168.0.1.
nameserver 192.168.1.254



Routing and host information file

This file specifies routing and host information for all network interfaces. This is the system's global network configuration file. It contains the default route and hostname. Configurations in /etc/sysconfig/network-scripts/ directory may override values here. In an initial installation this file may be empty and all values are optional.

vi /etc/sysconfig/network
example: 
# Networking should be configured 
NETWORKING=yes
NETWORKING_IPV6=yes

# if you have a hostname (eg: mysite.com), then put the Fully Qualified Domain Name (FQDN) here, 
#  otherwise use your localhost.localdomain
HOSTNAME=blog.mysite.com

# the IP address of the network's gateway. 
GATEWAY=1.1.1.1

# Configure this option if you have multiple interfaces on the same subnet, and require one of 
# those interfaces to be the preferred route to the default gateway. 
GATEWAYDEV=ems33
to see your hostname, use Linux command 
hostname

Excercise 1: Set up networking with static IP using the following parameters:

IP address: 192.168.0.100 
Netmask: 255.255.255.0 
Hostname: node01.myblog.com 
Domain name: myblog.com 
Gateway: 192.168.0.1 
DNS Server 1: 8.8.8.8 
DNS Server 2: 4.4.4.4

in /etc/sysconfig/network-scripts/ifcfg-XXXX, where XXXX is your interface name, add or edit the following values:

BOOTPROTO=static
NETWORKING=yes
DNS1=8.8.8.8
DNS2=4.4.4.4
GATEWAY=192.168.0.1
HOSTNAME=blog.mysite.con
IPADDR=192.68.0.100
NETMASK=255.255.255.0

We could have put hostname in /etc/hostname

HOSTNAME=blog.mysite.con

in /etc/resolv.conf

nameserver 8.8.8.8  
nameserver 4.4.4.4

restart network

systemctl restart network