🐧Unlocking the power of Configuring Linux Network Interface

1. Introduction

💻Ever wondered how our computers talk to others over the internet? That's the magic of networking! In Linux, the land of powerful commands, we have a toolbox filled with utilities to manage and troubleshoot our network connections. This comprehensive blog will break down some essential tools to make us networking pro!

The command-line interface (CLI) is our primary playground for Linux networking tasks. Fear not - with an understanding of these commands, we will navigate the network like experienced navigators!

2. Basic Networking Commands

2.1 Unveiling the Network ifconfig/ip 🔑 Inspecting Network Interfaces

Understanding network configuration is crucial for troubleshooting connectivity issues and optimizing network performance. Linux offers two prominent tools for network interface management: ifconfig (a legacy tool) and ip (the modern alternative).

These commands reveal details about network interfaces and allow configuration (especially ip).

• Use case: View interface details, configure IP addresses.

• Example: ifconfig eth0 (or ip addr show for more).

💻Creating a dummy network interface

Sometimes a virtual network interface has to be created for testing or developing new features. Let’s start by creating a dummy network interface with the ip link add command:

[root@alpha1 ~]# ip link add dummyinterface type dummy

This command creates a dummy network interface named "dummyinterface".

💻Viewing network interface information

We can use the ip addr show command or the ifconfig command to view information about all network interfaces on the system. This command displays detailed information about all network connections, including their IP addresses, MAC addresses, and status. Here is an example:

[root@alpha1 ~]# ip addr show
[root@alpha1 ~]# ifconfig dummyinterface

Here we can see interface is still in Down state, lets work on that.

💻Bringing up and down the network interface

We can bring the network interface up or down using the ifconfig command. For example, to bring up the "dummyinterface", we'll use,

[root@alpha1 ~]# ifconfig dummyinterface up

The output will not contain the "UP" flag when the interface is down.Now, we can see flag - UP.

To bring that down, we'll use,

[root@alpha1 ~]# ifconfig dummyinterface up

💻Assigning an IP address to a network interface - ifconfig

We can assign an IP address to a network interface using the ifconfig command. For example, to assign the IP address "192.168.1.111" to a "dummyinterface" with a netmask of "255.255.255.0".

[root@alpha1 ~]# ifconfig dummyinterface 192.168.1.111 netmask 255.255.255.0

💻Assigning an IP address to a network interface - ip

We can assign IP addresses to it using the ip addr add command followed by the IP address and network interface name.

[root@alpha1 ~]# ip addr add 192.168.2.10/24 dev dummyinterface2
[root@alpha1 ~]# ip addr show dummyinterface2
9: dummyinterface2: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether fa:9f:04:0a:2c:0e brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.10/24 scope global dummyinterface2
       valid_lft forever preferred_lft forever

💻Routes - Configuring , Verifying and Deleting

• To route traffic between networks, we need to configure routing tables. We can add routes using the ip route add command.

• Added route: Established a connection to the 10.0.0.0/24 network via 192.168.2.1 using dummyinterface2.

• Verified & Removed: Double-checked the route addition and then removed it from dummyinterface2.

• Down & Confirmed: Deactivated dummyinterface2 and confirmed it's down without an IP address.

[root@alpha1 ~]# ip route add 10.0.0.0/24 via 192.168.2.1 dev dummyinterface2
[root@alpha1 ~]# ip route show dev dummyinterface2
10.0.0.0/24 via 192.168.2.1
192.168.2.0/24 proto kernel scope link src 192.168.2.10
[root@alpha1 ~]# ip route delete 10.0.0.0/24
[root@alpha1 ~]# ip route show dev dummyinterface2
192.168.2.0/24 proto kernel scope link src 192.168.2.10
[root@alpha1 ~]# ip link set dummyinterface2 down
[root@alpha1 ~]# ip addr show dummyinterface2
9: dummyinterface2: <BROADCAST,NOARP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether fa:9f:04:0a:2c:0e brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.10/24 scope global dummyinterface2
       valid_lft forever preferred_lft forever

Also we can add default gateway as per need, In simpler terms, imagine where your internet traffic goes on Linux? The command ip route add default via <gateway_IP> sets the default route, like a GPS for data packets, telling them where to go if they don't have a specific address.Just replace <gateway_IP> with the actual IP address of your router or gateway.

ip route add default via <gateway_ip_address>

💻 Configuring the VLAN Interface

Think of a physical network as a highway. Now, imagine creating dedicated lanes for different departments or types of traffic. That's the magic of VLANs. They're like virtual highways within the physical network, separating devices and their data for better control.

Benefits of VLANs:

• Security: VLANs act as walls, preventing unauthorized access between different segments. For example, a finance department's VLAN wouldn't be accessible from a marketing department's VLAN, keeping sensitive data secure.

• Performance: By segmenting traffic, VLANs reduce congestion on the main network, just like dedicated lanes on a highway. This leads to smoother network performance for everyone.

• Management: VLANs help organize our network by grouping devices with similar needs. This simplifies configuration and management tasks.

🔗Creating a VLAN Interface

1. Command: We'll use the ip link add command with the link and type vlan options to create a VLAN interface.

   • Example:

       ip link add link testinterface type vlan id 100
     

     This command creates a VLAN interface named vlan1 with ID 100 on the existing physical interface testinterface.

2. Verifying Creation:

   • Use the ip addr show type vlan or ip link show type vlan commands to list all VLAN interfaces.

   • For more detailed information, use ip -d link show type vlan.

🔗Configuring a VLAN Interface

1. Assigning an IP Address (Optional):

   • Assign an IP address to the VLAN interface using the ip addr add command with the dev option.

   • Example:

       ip addr add 192.168.100.2/24 dev vlan1
     

     This command assigns the IP address 192.168.100.2 with a subnet mask of /24 to the vlan1 interface.

2. Bringing Interfaces Up (Optional):

   • Use the ip link set command with the interface name to activate both the physical (testinterface) and VLAN (vlan1) interfaces if required.

🔗Verifying Interface Status

Use the ip addr show command with the interface name (e.g., testinterface or vlan1) to view details like IP address and interface status (UP or DOWN).

🔗Bringing Interfaces Down (Optional)

Use the ip link set command with the interface name to bring down both interfaces when you're finished.

🔗Deleting the VLAN Interface

1. Remove IP Address (if assigned):

    ip addr del 192.168.100.2/24 dev vlan1
   

2. Delete VLAN Interface:

    ip link del vlan1
   

# creating a VLAN interface with ID 100 on the testinterface 
[root@alpha1 ~]# ip link add link testinterface type vlan id 100

# show and lets verify details of VLAN interfaces if it's created, we can see 
# vlan1@testinterface created successfuly
[root@alpha1 ~]# ip addr show type vlan
8: vlan1@testinterface: <BROADCAST,NOARP,M-DOWN> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff

# Show details of VLAN interfaces of type vlan
[root@alpha1 ~]# ip link show type vlan
8: vlan1@testinterface: <BROADCAST,NOARP,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff

# Show verbose details of VLAN interfaces of type vlan
[root@alpha1 ~]# ip -d link show type vlan
8: vlan1@testinterface: <BROADCAST,NOARP,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535
    vlan protocol 802.1Q id 100 <REORDER_HDR> addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

# Add an IP address to vlan1
[root@alpha1 ~]# ip addr add 192.168.100.2/24 dev vlan1

[root@alpha1 ~]# ip addr show dev vlan1
8: vlan1@testinterface: <BROADCAST,NOARP,M-DOWN> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.2/24 scope global vlan1
       valid_lft forever preferred_lft forever

# Bring up testinterface and vlan1
[root@alpha1 ~]# ip link set testinterface up
[root@alpha1 ~]# ip link set vlan1 up

# verify details of testinterface and vlan1
[root@alpha1 ~]# ip addr show dev testinterface && ip addr show dev vlan1
7: testinterface: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff
    inet 192.168.5.20/24 scope global testinterface
       valid_lft forever preferred_lft forever
    inet6 fe80::58d4:26ff:fe0f:294d/64 scope link
       valid_lft forever preferred_lft forever
8: vlan1@testinterface: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.2/24 scope global vlan1
       valid_lft forever preferred_lft forever
    inet6 fe80::58d4:26ff:fe0f:294d/64 scope link

# Bring down vlan1 and testinterface
[root@alpha1 ~]# ip link set vlan1 down | ip link set testinterface down
[root@alpha1 ~]# ip addr show dev testinterface && ip addr show dev vlan1
7: testinterface: <BROADCAST,NOARP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff
    inet 192.168.5.20/24 scope global testinterface
       valid_lft forever preferred_lft forever
8: vlan1@testinterface: <BROADCAST,NOARP,M-DOWN> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.2/24 scope global vlan1
       valid_lft forever preferred_lft forever

# Remove IP address from vlan1
[root@alpha1 ~]# ip addr del 192.168.100.2/24 dev vlan1
[root@alpha1 ~]# ip addr show dev vlan1
8: vlan1@testinterface: <BROADCAST,NOARP,M-DOWN> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 5a:d4:26:0f:29:4d brd ff:ff:ff:ff:ff:ff

# Delete vlan1 interface
[root@alpha1 ~]# ip link del vlan1

# Show details of vlan1 (to confirm deletion)
[root@alpha1 ~]# ip addr show vlan1
Device "vlan1" does not exist.

We can also configure additional settings on the VLAN interface using commands like ip link set vlan1 mtu 1400 (to change the maximum transmission unit).

💻 2.2 Navigating the Wireless World: A Guide to iwconfig, iw, and nmcli

Managing Wi-Fi on Linux can be daunting, but fear not! Here's a breakdown of 3 essential tools:

🔗iwconfig (Legacy Warrior)

1. A veteran tool for viewing and configuring basic Wi-Fi settings. However, it's potentially outdated and less user-friendly.

   • View Wireless Interface Information:

     • iwconfig: Displays basic information about wireless interfaces, including the network name (ESSID), MAC address, mode, frequency, and signal quality.

   • Set Wireless Parameters:

     • iwconfig [interface] mode [mode]: Sets the mode of the wireless interface (e.g., Managed, Ad-Hoc, Master).

     • iwconfig [interface] essid [ESSID]: Sets the ESSID (network name) of the wireless network.

     • iwconfig [interface] channel [channel]: Sets the operating frequency or channel of the wireless interface.

     • iwconfig [interface] key [key]: Sets the encryption key for the wireless interface.

   • Adjust Power Management:

     • iwconfig [interface] power [on/off]: Enables or disables power management for the wireless interface.

   • Set Transmission Bit Rate:

     • iwconfig [interface] rate [bitrate]: Sets the transmission bit rate for the wireless interface.

   • Enable/Disable Wireless Extensions:

     • iwconfig [interface] txpower [value]: Sets the transmit power level of the wireless interface.

     • iwconfig [interface] mode monitor: Sets the interface to monitor mode for packet sniffing.

   • Miscellaneous:

     • iwconfig --help: Displays a help message with available options.

     • iwconfig [interface] up/down: Brings the wireless interface up or down.

     • iwconfig [interface] retry [limit]: Sets the maximum number of retransmissions.

🔗iw (New Sheriff)

The modern successor to iwconfig. It offers a cleaner interface, more features, and handles most tasks iwconfig could do.

• Uses/Description:

  • View Wireless Interface Information:

    • iw dev [interface] link: Displays detailed information about the wireless link status.

    • iw dev [interface] scan: Initiates a scan for available wireless networks.

  • Set Wireless Parameters:

    • iw dev [interface] set type [type]: Sets the wireless interface type (e.g., managed, monitor).

    • iw dev [interface] connect [SSID]: Connects to a specific wireless network.

    • iw dev [interface] set freq [frequency] [HT20|HT40+|HT40-] [center_freq1] [center_freq2]: Sets the operating frequency or channel width.

    • iw dev [interface] set power_save on/off: Enables or disables power saving mode.

  • Manage Wireless Security:

    • iw dev [interface] set key [key]: Sets the encryption key for the wireless interface.

    • iw dev [interface] set psk [password]: Sets the Pre-Shared Key (PSK) for WPA/WPA2 authentication.

  • Miscellaneous:

    • iw help: Displays a list of available commands and options.

    • iw dev [interface] disconnect: Disconnects from the current wireless network.

    • iw dev [interface] set bitrates [bitrates]: Sets the supported bitrates for the wireless interface.

🔗nmcli (NetworkManager Champion)

Most Linux systems come with NetworkManager, a service that simplifies Wi-Fi management. nmcli, its command-line tool, lets you connect/disconnect to networks and view details easily.

• View Network Interface Information:

  • nmcli device show: Displays detailed information about all network devices.

• Manage Wireless Connections:

  • nmcli connection show: Lists all network connections, including wireless ones.

  • nmcli connection up [connection name]: Activates a specific network connection.

  • nmcli connection down [connection name]: Deactivates a specific network connection.

  • nmcli device wifi list: Lists available wireless networks.

  • nmcli device wifi connect [SSID] password [password]: Connects to a specific wireless network with the given SSID and password.

• Set Wireless Parameters:

  • nmcli device wifi rescan: Initiates a rescan for available wireless networks.

  • nmcli device wifi connect [SSID]: Initiates connection to a specific wireless network by SSID.

  • nmcli device wifi hotspot [SSID] password [password]: Creates a Wi-Fi hotspot with the specified SSID and password.

• Manage Wireless Security:

  • nmcli connection modify [connection name] wifi-sec.key-mgmt wpa-psk: Sets the key management mode for WPA-PSK.

  • nmcli connection modify [connection name] wifi-sec.psk [password]: Sets the Pre-Shared Key (PSK) for a wireless network connection.

• Miscellaneous:

  • nmcli networking on/off: Enables or disables networking.

  • nmcli radio wifi on/off: Enables or disables Wi-Fi radio.

  • nmcli general permissions: Displays the permissions for nmcli operations.

  • nmcli connection reload: Reloads network connections from disk.

# Set the mode of wireless interface wlan0 to Managed
iwconfig wlan0 mode Managed

# Set the ESSID (network name) of wlan0 to "MyNetwork"
iwconfig wlan0 essid "MyNetwork"

# Set the operating channel of wlan0 to channel 11
iwconfig wlan0 channel 11

# Set the encryption key for wlan0 to "mypassword"
iwconfig wlan0 key s:mypassword

# Enable power management for wlan0
iwconfig wlan0 power on

# Set the transmission bit rate of wlan0 to 54 Mbps
iwconfig wlan0 rate 54M

# Display help message for iwconfig command
iwconfig --help

# Display detailed information about the wireless link status of wlan0
iw dev wlan0 link

# Initiate a scan for available wireless networks with wlan0
iw dev wlan0 scan

# Set the type of wlan0 to managed mode
iw dev wlan0 set type managed

# Connect to the wireless network "MyNetwork" with wlan0
iw dev wlan0 connect MyNetwork

# Set the operating frequency of wlan0 to 2412 MHz
iw dev wlan0 set freq 2412

# Disable power saving mode for wlan0
iw dev wlan0 set power_save off

# Display help message for iw command
iw help

# Display detailed information about all network devices
nmcli device show

# List all network connections
nmcli connection show

# Activate the network connection named "MyConnection"
nmcli connection up MyConnection

# Deactivate the network connection named "MyConnection"
nmcli connection down MyConnection

# List available wireless networks
nmcli device wifi list

# Connect to the wireless network "MyNetwork" with password "mypassword"
nmcli device wifi connect MyNetwork password mypassword

# Initiate a rescan for available wireless networks
nmcli device wifi rescan

# Set the key management mode for WPA-PSK for connection "MyConnection"
nmcli connection modify MyConnection wifi-sec.key-mgmt wpa-psk

# Set the Pre-Shared Key (PSK) for connection "MyConnection" to "mypassword"
nmcli connection modify MyConnection wifi-sec.psk mypassword

# Enable or disable networking
nmcli networking on/off

# Enable or disable Wi-Fi radio
nmcli radio wifi on/off

Choosing the right tool :

• Basic tasks/older systems: iwconfig (if available)

• Most users: iw (recommended)

• Beginner-friendly: nmcli

3. Summary

🐧Thank you for joining me on this journey through Linux Networking Management. I truly appreciate your passion and dedication to learning. Keep exploring, stay curious, and happy coding!