The ip command allows you to show and manipulate interfaces, devices , routing, and tunnels.

To show all ip connections :- ip a

a reffers for address.

To see manual page of ip command :- man ip

we can see in above image, ip options and lets discuss some like
option -4 ==> ipv4 ip’s are shown
option -6 ==> ipv6 ip’s are shown
option -h ==> human readable
option -j ==> json format

coming to interfaces . We can get all network interfaces using “ip a” so, in above image there are
tow interfaces are available for system. One is loopback which address is 127.0.0.1 and /8 means
subnet mask. Second is wireless network wifi so, address is 192.168.0.105 and /24 is subnet mask.
We can see mac address for each interface. So, we know a physical device has one unique address.
Coming to layer 2 data link layer which mac address resolution. Layer 3 is network ip address’s .
so, an ip address may be applied by a person or obtained by DHCP server . Which is called as a
logical address [layer3]. We can change the address but we cant change the MAC address which is
perament for device[interface]. So, ip address is like ephermal. We dont know it may be changed
every time when we connect to new network .[like new wifi in public places.].

we can see routes also using :- ip r

r means routes
so, coming to 3rd line :- dev means device so, in a network packet from sorce 192.168.0.105 [system
itself] to destination any ip in this subnet [192.168.0.0/24] then pakcet should route through the
device wlp0s20f3 wifi interface.
So, if system wants to communicate with any other ip like internet then it would use default one
route. To destination of 0.0.0.0/0 then route through the device wifi wlp0s20f3 via default network
gateway ip wihch is 192.168.0.1 .

we can see the list of all interfaces through command :- ip link show.

So, link/loopback and link/ether . And according mac address to their respective interfaces.

mtu means maximum transmission unit is set as 1500 frames.

State is UP/ Down
In mac address first 3octets [mac is in hexa decimals] represents for organisation /manufacture.

so, if we do install docker in system then we would get a logical interface. ”docker0” .
So, a system may have multiple network interfaces.
In system if port is establised then for each port one interface would be created.

By using command :- “ip address “ we can get all network interfaces with including ip address’s
ipv4, ipv6, and subnet and mac address’s. Notice in first image.

To get interfaces info as breif info then command:- “ip -br -c a” so, -c is color highlight.
We can get sort the output as we want. By using grep and sort. So, by one line data also we can get
info .

We can get output as json format also into a file. We cant able to understand the json format so, we
do use the option as -p to get in human readable as json.
By using command to install usefull network tools in linux:- “sudo apt install net-tools”

One can use a variety of network tools to perform tasks such as

obtaining information about other systems on your network, accessing
other systems, and communicating directly with other users. Network
information can be obtained using utilities such as ping, finger,
traceroute, host, dig, nslookup etc. These are useful for smaller
networks and enable to access remote systems directly to copy files or
execute the command.
ping
The ping command is used to check if a remote system is running or
up. In short this command is used to detect whether a system is
connected to the network or not.

host
This command is used to obtain network address information about a
remote system connected to your network. This information usually
consists of system’s IP address, domain name address and sometimes
mail server also.

traceroute
This command is used to track the sequence of computer networks.
You can track to check the route through which you are connected to a
host. mtr or xmtr tools can also be used to perform
both ping and traces. Options are available for specifying parameters
like the type of service (-t) or the source host (-s).
netstat
This command is used to check the status of ports whether they are
open, closed, waiting, and masquerade connections. Network Statistic
(netstat) command displays connection information, routing table
information, etc.

tracepath
tracepath performs a very similar function to that of traceroute
command. The main difference between this command is that
tracepath doesn’t take complicated options. This command doesn’t
require root privileges.

dig
dig(Domain Information Groper) query DNS-related information like a
record, cname, mxrecord etc. This command is used to solve DNS
related queries.
hostname
This command is used to see the hostname of your computer. You can
change hostname permanently in etc/sysconfig/network. After
changing the hostname you need to reboot the computer.

route
The route command is used to display or modify the routing table. To
add a gateway use (-n).

nslookup
You can use nslookup(name server lookup) command to find out DNS
related queries or testing and troubleshoot DNS server.
we can do manuplate the routes in linux:-
so, if we do delete the default route then if any packets have destination as to internet then packer
may drop on system itself. Because no routes are defined.
So, 10.0.2.1 is gateway for local network[cidr] . So, command we did defined the device which
means as which device[eth0 or wifi or any other links] should it use.

by using option “-n” while displaying the routes in system. -n means it would show only ip
address’s instead of domain names.
Linux IP forwarding – How to
Disable/Enable using
net.ipv4.ip_forward
It may be necessary to configure Linux IP forwarding on a Linux
system in certain scenarios. If the Linux server is acting as a firewall,
router, or NAT device, it will need to be capable of forwarding packets
that are meant for other destinations (other than itself). Linux uses
the net.ipv4.ip_forward kernel variable to toggle this setting on or off.

Conversely, IP forwarding should usually be turned off if you’re not

using one of the aforementioned configurations. You typically don’t
want your system wasting bandwidth or resources to forward packets
elsewhere, unless it’s been designed to do that job. Using
the net.ipv4.ip_forward kernel setting to control IP forwarding will
ensure that you have full control over your packets. This setting will
override all other firewall and software settings.

Most systems will be able to use the sysctl command, which can apply
kernel variables. Therefore, you can use the following sysctl
command to check whether IP forwarding is enabled or disabled.
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0

In the example above, the net.ipv4.ip_forward kernel setting is 0. That

means it’s off. If it were set to 1, that would mean it’s enabled.
This setting can also be viewed inside
the /proc/sys/net/ipv4/ip_forward file on systems with systemd or any
other init system.
# cat /proc/sys/net/ipv4/ip_forward
0

Enable or disable IP forwarding

You can use the following sysctl command to enable or disable Linux
IP forwarding on your system.
# sysctl -w net.ipv4.ip_forward=0
OR
# sysctl -w net.ipv4.ip_forward=1

You can also change the setting inside /proc/sys/net/ipv4/ip_forward to

turn the setting on or off.
# echo 0 > /proc/sys/net/ipv4/ip_forward
OR
# echo 1 > /proc/sys/net/ipv4/ip_forward

but what about ipv6 ip forward?

Using either method above will not make the change persistent. To
make sure the new setting survives a reboot, you need to edit
the /etc/sysctl.conf file.
# sudo nano /etc/sysctl.conf
Add one of the following lines to the bottom of the file, depending on
whether you’d like Linux IP forwarding to be off or on, respectively.
Then, save your changes to this file. The setting will be permanent
across reboots. The net.ipv4.ip_forward setting controls whether IP
forwarding is turned on or off for IPv4.
net.ipv4.ip_forward = 0
OR
net.ipv4.ip_forward = 1

After editing the file, you can run the following command to make the
changes take effect right away.
# sysctl -p

Troubleshooting
Note that the sysctl command if the service isn’t currently running.
Check the status of sysctl with this command.
$ systemctl status sysctl

The service should say that it’s active. If not, start the service with this
command:
$ sudo systemctl start sysctl

If you have successfully enabled the Linux IP forwarding (verified by

checking the kernel variable after reboot), but you’re still not receiving
traffic on destination systems, check the FORWARD rules of iptables.
# iptables -L -v -n
...
Chain FORWARD (policy ACCEPT 667 packets, 16724 bytes)
pkts bytes target prot opt in out source
destination

Your FORWARD chain should either be set to ACCEPT, or have rules

listed that allow certain connections. You can see if traffic is reaching
the FORWARD chain of iptables by checking the amount of packets
and bytes that have hit the chain. If there aren’t any, then you may
have some higher rules in your chain that are blocking traffic.

====

Firewall:-
IPTables:-

we can run only either one which is iptables or firewalld.

Mask means its not run by mistake by any chance of any program or
user.

So disable the firewalld if it is running in your system.

So, once we installed iptables then we may get some default rules . So, we would flush the default
rules and write our own rules for incoming, forwarding, outgoing chains.
We are writing the rule to apply for packet which based on chains either incoming , forwarding ,
outgoing.
most of the times we would use filter table which si common one. So, chains are inspect the packets
[traffic] at various points[incoming, forward, out] .

Coming NAT:-
SNAT[sourceNAT]:-
changing the private ip to public ip because packet would need to go to internet.which is called
changing source private address. [source network address translation]. Its like proxy server.

DNAT:-
its means reverse proxy.

network namespaces in linux

interface modes? Groups? Qlen?