Cyber Month Deal - up to 36% OFF

Top 20 Linux Network Commands (With Examples)

Published on Nov 8, 2024 Updated on Nov 8, 2024

When managing Linux systems, you will occasionally encounter issues that hinder you from accessing devices and resources on a network. Other times, you will need to retrieve crucial network-related data, such as IP addresses and DNS information, and perform other tasks over the network.

We've compiled a list of the top 20 network command-line tools and utilities that any Linux user or administrator should be familiar with for network troubleshooting and diagnostics. These commands work consistently across most Linux distributions, and you can follow along regardless of your Linux distribution.

Deploy and scale your projects with Cherry Servers' cost-effective dedicated or virtual servers. Enjoy seamless scaling, pay-as-you-go pricing, and 24/7 expert support—all within a hassle-free cloud environment.

ip command

The ip command is one of the most basic and helpful network commands in Linux. The command typically displays the status of network interfaces and IP addresses assigned to your system. It succeeds the good old ifconfig command which is now deprecated.

To display the IP addresses on your system, run the command:

ip a

OR

ip addr

ip-address-command In this example, we have the first interface labeled lo, also popularly known as the loopback address or localhost. It always bears the IP of 127.0.0.1 and never deviates from it. It is primarily used for diagnostics.

The second interface ( enp0s3 ) is the system’s physical interface with an IP of 192.169.2.105. Your physical network interface might have a different label, such as eth0`and acquire an IP address based on your LAN’s subnet.

ping command

The ping command checks the availability of remote hosts by sending an ICMP echo request awaiting a reply. When a remote target receives the request, it acknowledges it and replies by sending back an echo packet.

The command takes the syntax:

ping ip-address or domain

For example:

ping 192.168.2.105 -c 4

ping-command-ip-address

The -c option indicates that we have sent 4 echo packets to the remote node. If the remote host is unavailable, for whatever reason, a Destination Host Unreachable notification will be displayed.

ping-command-host-unreachable

In this example, the ping command tests the availability of a system using its domain name:

ping cherryservers.com  -c 4

ping-command-domain-name

hostname command

The hostname command displays the hostname of a server. Without any command-line arguments, it shows your server’s hostname.

hostname

hostname-command The -I flag, displays the IP addresses of active network interfaces.

hostname -I

hostname-command-check-ip-address

ss command

An abbreviation for "Socket Statistics", the ss command is a utility that displays UNIX socket connections. The command is an improved version of the old netstat command. It offers valuable insights into open ports, listening TCP and UDP sockets, active connections, routing tables, process statistics, and more.

Here’s an example of the command usage with a few options.

sudo ss -nltu

ss-command-check-open-ports

In this command:

The n option displays numerical addresses. The l option displays listening sockets. The t flag includes TCP sockets The u option includes UDP sockets Check the man pages for more command-line options and usage.

man ss

netstat command

A portmanteau for 'network statistics', the netstat command is a valuable tool for displaying valuable network-related statistics. Although replaced by the ss command, the command-line utility still serves a useful role in displaying listening sockets ( TCP and UDP ) and open ports and port statistics.

The following example displays all listening TCP ports, process name, and their PIDs.

sudo netstat -antpl

In the command syntax:

The a option displays both listening and non-listening sockets The n displays numerical addresses The t flag specifies TCP sockets only The p flag includes the process name and corresponding PIDs The l flag shows only listening sockets.

netstat-command-check-open-ports

traceroute command

The traceroute command keenly traces the path taken by data packets as they traverse from one router to another, a sequence known as hops. Loss of packets in a hop indicates that remediation measures should be taken to address packet loss and connection issues.

The traceroute command takes the following syntax.

traceroute ip-address

The following example probes the flow of data packets to Google’s DNS ( 8.8.8.8).

traceroute 8.8.8.8

traceroute-command

mtr command

Short for My Traceroute, the mtr command combines the functionality of traceroute and ping. It checks for the accessibility of a host target while also probing the path taken by data packets to the destination.

mtr google.com

mtr-command

dig command

The dig command is a shorthand for Domain Information Groper. It's a DNS lookup network utility primarily used for verifying and diagnosing DNS issues. The dig command replaces the older nslookup and host commands.

The command can return the following DNS records:

A record: Maps a hostname directly to an IP address.

MX record: Mail Exchange record. Specifies the email server for the domain.

SIG: Signature record for encryption protocols.

For instance, to perform a DNS lookup for cherrryservers.com, run the command:

dig cherryservers.com

Pay close attention to the ANSWER SECTION.

The first column indicates the domain name of the server The second column is the TTL (Time to Live), in this case 30. The third column indicates the query class. Here, the directive IN is short for the internet. The fourth column shows the query type, in this case, the A record. The last column shows the IP address that maps to the domain name.

dig-command-domain-name To display the ANSWER section only, run the command:

dig cherryservers.com +noall +answer

dig-command-domain-A-record-information

To query the IP address that maps to the domain name and omit other details, use the +short flag.

dig cherryservers.com +short

dig-command-show-ip-address

Notably, the dig command is quite verbose and includes a lot of comments. To reduce the verbosity, include the +nocomments option.

dig cherryservers.com +nocomments

dig-command-verbose-output To query the MX record, use the MX flag.

dig cherryservers.com MX

dig-command-show-mail-server-information

nslookup command

A shorthand for ‘Name Server Lookup, the nslookup is another useful tool for performing DNS lookups. The command probes a DNS server for information such as the IP address, domain name mapping, and other DNS records. Despite being replaced by the dig command, the nslookup utility is a handy network diagnostic tool for troubleshooting DNS-related issues.

The following command performs a DNS lookup for the domain cherryservers.com.

nslookup cherryservers.com 

nslookup-command-forward-lookup

You can specify the type of record using the type= option and specify the record type. For example, to view the MX record for the domain, run the command:

nslookup -type=mx cherryservers.com 

nslookup-command-mail-server-lookup

To check the Name Server (ns) records - which maps a domain to a group of nameservers - use the ns argument.

nslookup -type=ns google.com

nslookup-command-name-server-lookup

For mail server information, pass the mx argument.

nslookup -type=mx google.com

nslookup-command-mail-server-lookup

host command

The host command is a user-friendly DNS lookup tool that displays a domain’s IP and mail server(if one exists). To display a registered domain’s information, simply provide the domain name as the argument as shown.

host domain

host-command-mail-server-lookup

whois command

The whois command is a protocol for performing domain lookups by querying a distributed database system. The protocol returns information about the domain, such as domain ownership, registration date, business contact information, etc.

To run the command, provide the domain name after the whois directive.

whois domain

whois-command

wget command

The wget command downloads files from the internet using the resource's URL. The tool takes the following syntax:

wget [options] [URL]

The example shown downloads Wordpress' installation zip file called latest.zip.

wget https://wordpress.org/latest.zip

wget-command-download-file

The uppercase -O option saves the file to be downloaded under a different name. Here, we save the file as wordpress.zip.

wget -O wordpress.zip https://wordpress.org/latest.zip

wget-command-save-file-with-different-name

The '- P' option specifies a different directory for saving the file. Here, we save the file in the /tmp folder.

wget -P /tmp  https://wordpress.org/latest.zip

wget-command-save-file-in-another-directory

You can download multiple files sequentially by saving file URLs in a text file and passing the -i option to the wget command. In this example, the sample_file.txt file contains the following links.

https://www.python.org/ftp/python/3.13.0/Python-3.13.0.tgz
https://wordpress.org/latest.zip

To download the files, pass the -i option as shown.

wget -i sample_file.txt

wget-command-download-multiple-files

cURL command

cuRL ( client URL ) is a networking CLI tool that transfers data to and from a server or host system by specifying the server’s URL. It supports a range of protocols including HTTP, HTTPS, and FTP.

The command uses the following syntax:

curl [options] [URL]

Without any command-line options, the curl command fetches the contents of a webpage. The following command prints the contents of the example.com HTML page to stdout.

curl example.com

curl-command-display-html-content

To download a resource, for example, the WordPress compressed file, run the following command. The -O option includes a download progress meter that measures download speed, data transfer rate, total time spent, and remaining download time.

curl -O https://wordpress.org/latest.zip

curl-command-download-file

To save the file under a different name pass the lowercase o switch. This example saves the file as wordpress.zip.

curl -o wordpress.zip https://wordpress.org/latest.zip

curl-command-download-file-under-different-name

The I option lets you retrieve the HTTP headers of a file.

curl-command-display-http-headers

ssh command

The ssh command is used to connect to a remote host securely over a TCP/IP network. The command uses the following syntax:

ssh username@ip- address

Where: username is the user on the remote host

ip-address represents the IP of the remote host. Additionally, a registered domain name can be provided instead.

For example:

ssh  root@5.199.168.47

ssh-command

By default, SSH listens on port 22. If not the case, the -p flag lets you specify the port number during connection. In this example, SSH on the remote host listens on port 5422. To connect to the host, we will run the command:

ssh -p 5422  root@5.199.168.47

scp command

The scp ( Secure Copy ) is a command-line tool that leverages SSH’s strong encryption algorithms to copy files securely over a network.

Here’s the syntax:

scp filename username@hostname_or_IP:/remote/path/

The following command copies a file sample_file.txt to a remote server in the /home/cherry path which is the remote user’s home directory.

scp sample_file.txt  root@5.199.168.47:/home/cherry

scp-command-copy-file-to-remote-server

To copy a directory, use the -r for recursive copying. This copies the directory and its entire contents to the remote server. Here, we are copying a directory named data to the remote server.

scp -r data root@5.199.168.47:/home/cherry

scp-command-copy-directory-to-remote-server

Conversely, you can copy files/directories from the remote server to the local system.

scp username@hostname_or_IP:/remote/file/ /local/path

The command shown copies file1.txt from the remote host to the local machine’s home directory specified by the $HOME environment variable.

scp root@5.199.168.47:/home/cherry/file1.txt  $HOME

scp-command-copy-file-from-remote-server-to-local-machine

Nmap command

Network Mapper, or Nmap for short, is a flexible and open-source utility mainly used for network scanning and reconnaissance. It is used to perform vulnerability assessments on host systems.

In this example, nmap scans for all the hosts in the 192.168.2.0/24 subnet.

nmap 192.168.2.0/24

nmap-command-scan-entire-subnet

To reveal more detailed or intricate information such as service versions pass the -A switch.

nmap -A 192.168.2.0/24

nmap-command-show-detailed-output

To scan a single host provide its IP address.

nmap -A 192.168.2.1

nmap-command-scan-single-host

arp command

The arp command manages the ARP cache on your system. It is used to display or modify ARP cache information. The ARP cache is simply a table that provides a mapping of IP addresses to their MAC addresses in the network. In addition to displaying the entries, you can modify and delete them from the cache.

To display the entries, run:

arp

arp-command

To display the mapping of a single host, pass the -D switch followed by its IP address.

arp -D 192.168.2.103

arp-command-scan-single-host

nmcli command

The nmcli is a versatile CLI tool for displaying, modifying activating, and deleting network connections. Without command flags, the nmcli provides a detailed summary of all network interfaces.

nmcli

This provides interface details, including the hardware model, Mac address, MTU, routes, and IP addresses.

nmcli-commandt

You can display a specific interface connection using the nmcli device show command as shown.

nmcli device show enp0s3

nmcli-device-show-commandt

To show the status of all the connections, run:

nmcli connection show

nmcli-connection-show-commandt

iftop command

Short for Interface TOP, iftop is a command-line tool for monitoring bandwidth usage on a specific network interface. Run it as a sudo user or root to monitor all traffic flowing through the interface.

By default, iftop is not installed. You can install it by running:

On Ubuntu / Debian systems

sudo  apt install iftop -y

On RHEL / Fedora

sudo  dnf  install iftop -y

iftop-commandt

bmon command

The bmon command is a revamped alternative to iftop. it displays bandwidth statistics in an intuitive and human-readable format.

Bmon is not installed out of the box, and you can do so by running:

On Ubuntu / Debian systems

sudo apt install bmon -y

On RHEL / Fedora

sudo dnf  install bmon -y

To launch it and start monitoring bandwidth, simply run the command:

bmon

bmon-commandt

Conclusion

While not an exhaustive list of all the network commands, this round-up has offered a summary of some nifty commands you can leverage to troubleshoot network faults, monitor bandwidth, and retrieve salient information about network devices and registered domains.

Cloud VPS - Cheaper Each Month

Start with $9.99 and pay $0.5 less until your price reaches $6 / month.

Share this article

Related Articles

Published on Jun 7, 2021 Updated on Jun 29, 2022

AlmaLinux Review: a CentOS Clone Supported by CloudLinux

AlmaLinux is an open-source Linux distribution focused on long-term stability, that is a 1:1 binary compatible fork of Red Hat Enterprise Linux (RHEL)

Read More
Published on Sep 14, 2021 Updated on Jun 29, 2022

Debian 11 "bullseye" Review: What‘s New?

Debian 11 “bullseye” was released on 14th of August 2021. This release contains over 11294 new packages out of 59551 packages overall in its repositories.

Read More
Published on May 31, 2022 Updated on May 5, 2023

A Complete Guide to Linux Bash History

Learn how to work with Bash history to become more efficient with any modern *nix operating system.

Read More
We use cookies to ensure seamless user experience for our website. Required cookies - technical, functional and analytical - are set automatically. Please accept the use of targeted cookies to ensure the best marketing experience for your user journey. You may revoke your consent at any time through our Cookie Policy.
build: d7d8ce6b7.830