Linux Networking Basics: Commands and Tools You Need to Know

By · · Updated

Get started with Linux networking by learning key commands and tools, from ifconfig and ip to ping, ss, and firewall basics every sysadmin needs.

Networking is one of the most practical Linux skills. Whether you’re bringing up a fresh server, debugging a flaky Wi-Fi card, or proving a firewall rule isn’t the culprit, Linux gives you a powerful toolkit that works across distros. This guide hits the essentials and shows how they fit together so you can diagnose, secure, and optimize fast.

If you’re brand new to the terminal, warm up with the Linux Basic Commands primer first. For deeper architectural context, keep Understanding the Linux Kernel and Transparent OS Concepts handy while you learn—networking behavior is inseparable from how the kernel schedules, allocates memory, and talks to devices.

1. From ifconfig to ip

ifconfig still ships on many systems, but it’s considered legacy. The modern replacement is ip from the iproute2 suite, which unifies address, link, and route management behind one coherent interface. 

# show all interfaces (legacy)
ifconfig -a

# modern view
ip addr show
ip link show

# bring an interface up/down
sudo ip link set eth0 up
sudo ip link set eth0 down

# add/remove an address
sudo ip addr add 192.168.10.20/24 dev eth0
sudo ip addr del 192.168.10.20/24 dev eth0

Adopt ip early—new tooling, docs, and certs assume it. When you need to confirm what the kernel expects at this layer, the official networking docs are the north star.

2. Testing Connectivity the Right Way

Start simple, then go deeper. Prove name resolution, reachability, and path. Graduate to sockets and ports only after basic checks pass. 

# 1) DNS + ICMP reachability
ping -c 4 example.com

# 2) Path discovery (routers along the way)
traceroute example.com   # or: tracepath example.com

# 3) Local sockets (modern replacement for netstat)
ss -tuln                  # listening sockets
ss -tan                   # established TCP

If ping fails but ss shows a healthy service on localhost, you’re looking at a routing, firewall, or upstream issue rather than a dead daemon. For a concise field guide to these commands in practice, Red Hat’s enable-sysadmin writeup is a solid refresher you can hand juniors without hesitation. See 7 Linux networking commands every sysadmin should know.

When you need distro-agnostic, nuts-and-bolts configuration advice, the Arch Wiki’s Network configuration page remains a gold standard for pragmatic troubleshooting.

3. Routes, Gateways, and DNS

If a host resolves but won’t connect, check routing. The kernel’s routing table decides where packets go; a single wrong default gateway or missing subnet route will blackhole traffic. 

# view routes
ip route show

# set a default gateway (example)
sudo ip route add default via 192.168.10.1

# per-subnet static route
sudo ip route add 10.20.0.0/16 via 192.168.10.254

DNS problems masquerade as networking failures. Verify the resolver your system is using and whether queries succeed. On many modern Ubuntu servers, Netplan + systemd-resolved manage interfaces and resolvers through YAML. See Ubuntu’s official overview: Configuring networks.

4. Firewall Basics Without the Drama

The Linux kernel enforces packet filtering through Netfilter; historically you used iptables directly, while many distros now expose friendlier front-ends. On Ubuntu, ufw is common; RHEL derivatives often use firewalld. 

# show rules (iptables)
sudo iptables -L -v -n

# uncomplicated firewall (ufw)
sudo ufw enable
sudo ufw allow 22/tcp
sudo ufw status numbered

# firewalld quick taste
sudo firewall-cmd --add-service=ssh --permanent
sudo firewall-cmd --reload

Rule of thumb: test from the outside. If a service binds to 0.0.0.0:443 and ss confirms it, but you can’t reach it externally, a firewall or upstream load balancer is almost always in the way. Before you open ports broadly, revisit Linux access control fundamentals in File Permissions to avoid confusing file ACL issues with network ACL issues.

5. See the Traffic: tcpdump and iftop

When logs lie, packets tell the truth. Packet capture confirms whether traffic arrives, what it contains, and who initiates it. Bandwidth monitors help you spot noisy neighbors fast. 

# capture HTTP on eth0 (press Ctrl+C to stop)
sudo tcpdump -i eth0 -n port 80

# real-time bandwidth by connection
sudo iftop -i eth0

Captures are especially helpful with TLS offload, hair-pin NAT, or asymmetric routing. If captures local to the app server show no SYNs, you know the break is upstream. To keep an eye on the bigger picture—CPU steal, IRQ pressure, and memory reclaim that can tank networking—bookmark System Monitoring in Linux.

6. Services and Persistent Configuration

Commands are great for live fixes, but production needs persistence. On Debian/Ubuntu, Netplan renders configuration to backends like NetworkManager or systemd-networkd. On RHEL, NetworkManager dominates. Whichever stack you adopt, standardize on one method per fleet to avoid configuration drift. 

# example Netplan YAML (Ubuntu)
network:
  version: 2
  ethernets:
    eth0:
      addresses:
        - 192.168.10.20/24
      gateway4: 192.168.10.1
      nameservers:
        addresses: [1.1.1.1, 9.9.9.9]

Validate configs before rollout, then restart only the affected networking units to minimize downtime. If you’re building a lab to practice safely, give yourself clean scaffolding using the habits in Linux Basic Commands and revisit Understanding the Linux Kernel to map what your services expect from the OS.

7. When You’re Ready: VLANs, Bridges, and Tuning

Linux lets you get advanced quickly: VLAN tagging for multi-tenant networks, bridges for virtualization stacks, and QoS or congestion control tuning for specific workloads. When it’s time to tune rather than merely fix, go to source material. The kernel’s networking docs cover device drivers, diagnostics, and APIs in depth, and man pages explain how user-space interacts with sockets and TCP. See the kernel networking docs and the tcp(7) man page.

One caution: tuning without measurement is cargo cult. Capture, graph, and only then change parameters. That’s how you avoid making things worse. If you want to think more holistically about how the OS “breathes” under load, read Transparent OS Concepts—it’ll sharpen your intuition for where networking actually bottlenecks.

8. Quick Checklist for Fast Fixes

  • Confirm link + address: ip link, ip addr.
  • Prove DNS + path: ping, traceroute/tracepath.
  • Check local sockets: ss -tuln (replace netstat).
  • Validate routes: ip route (look for wrong defaults).
  • Test from outside; then inspect packets: tcpdump.
  • Firewall last: ufw / firewalld with narrow, documented rules.

Want to go deeper with live practice? Keep a terminal open on System Monitoring in Linux while you test changes—you’ll spot resource pressure that masquerades as “networking problems.”

Spot an error or a better angle? Tell me and I’ll update the piece. I’ll credit you by name—or keep it anonymous if you prefer. Accuracy > ego.

Portrait of Mason Goulding

Mason Goulding · Founder, Maelstrom Web Services

Builder of fast, hand-coded static sites with SEO baked in. Stack: Eleventy · Vanilla JS · Netlify · Figma

With 10 years of writing expertise and currently pursuing advanced studies in computer science and mathematics, Mason blends human behavior insights with technical execution. His Master’s research at CSU–Sacramento examined how COVID-19 shaped social interactions in academic spaces — see his thesis on Relational Interactions in Digital Spaces During the COVID-19 Pandemic . He applies his unique background and skills to create successful builds for California SMBs.

Every build follows Google’s E-E-A-T standards: scalable, accessible, and future-proof.

Start Your Project See Our Work