Table of Contents

1. Fundamental Networking Concepts
   • IP Addressing (IPv4/IPv6)
   • Subnetting and CIDR Notation
   • DNS and Name Resolution
   • DHCP
   • Network Interfaces
2. Configuring Linux Networking
   • Temporary Configuration with ip
   • Permanent Configuration (Netplan, NetworkManager)
   • Static vs. Dynamic IP Assignment
3. Troubleshooting Common Issues
   • Connectivity Problems
   • DNS Resolution Failures
   • Firewall Blockages
   • DHCP Lease Issues
4. Best Practices
5. Conclusion
6. References

Fundamental Networking Concepts

Before diving into configuration, let’s clarify key concepts that underpin Linux networking.

IP Addressing (IPv4/IPv6)

An IP address is a unique identifier for a device on a network. Linux supports both IPv4 (32-bit, e.g., 192.168.1.10) and IPv6 (128-bit, e.g., 2001:db8::1). Most networks still use IPv4, but IPv6 is increasingly adopted for larger address space.

Subnetting and CIDR Notation

Subnetting divides a network into smaller subnets for efficiency. CIDR (Classless Inter-Domain Routing) notation simplifies subnetting by appending a prefix length to the IP (e.g., 192.168.1.10/24). The prefix length (/24) indicates the subnet mask (255.255.255.0), defining which part of the IP is the network vs. host.

DNS and Name Resolution

DNS (Domain Name System) translates human-readable domain names (e.g., google.com) to IP addresses. Linux relies on:

• /etc/resolv.conf: Lists DNS servers (e.g., nameserver 8.8.8.8 for Google DNS).
• /etc/hosts: Local static mappings (e.g., 127.0.1.1 myserver).

DHCP

DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses, subnet masks, and DNS servers to devices. This is ideal for desktops or temporary systems. Servers often use static IPs for reliability.

Network Interfaces

Linux represents network connections as interfaces (physical or virtual). Common types:

• Physical: eth0 (Ethernet), wlan0 (Wi-Fi).
• Virtual: lo (loopback, 127.0.0.1), tun0 (VPN tunnels), docker0 (Docker bridge).

Configuring Linux Networking

Linux offers multiple tools to configure networks. We’ll cover temporary (session-specific) and permanent (persistent across reboots) methods.

Temporary Configuration with ip

The ip command (part of iproute2) is the modern replacement for deprecated tools like ifconfig. Use it to modify interfaces, IPs, and routes temporarily (changes reset after reboot).

Key ip Subcommands:

Example Workflow: Assign a Temporary Static IP

# Check interface names and status  
ip link show  

# Bring up the interface (if down)  
sudo ip link set eth0 up  

# Assign IP and subnet  
sudo ip addr add 192.168.1.10/24 dev eth0  

# Set default gateway  
sudo ip route add default via 192.168.1.1 dev eth0  

# Verify configuration  
ip addr show eth0  
ip route show  

Permanent Configuration

Permanent settings survive reboots. Linux distributions use different tools:

• Debian/Ubuntu: netplan (YAML-based, default since 18.04).
• RHEL/CentOS/Fedora: NetworkManager (via nmcli or nmtui).

1. Netplan (Debian/Ubuntu)

Netplan reads YAML config files in /etc/netplan/ (e.g., 01-netcfg.yaml).

Example: Static IP Configuration

# /etc/netplan/01-netcfg.yaml  
network:  
  version: 2  
  renderer: networkd  # Use systemd-networkd (not NetworkManager)  
  ethernets:  
    eth0:  # Interface name  
      dhcp4: no  # Disable DHCP  
      addresses: [192.168.1.10/24]  # Static IP/subnet  
      gateway4: 192.168.1.1  # Gateway  
      nameservers:  
        addresses: [8.8.8.8, 8.8.4.4]  # DNS servers  

Apply the config:

sudo netplan generate  # Validate syntax  
sudo netplan apply     # Apply changes  

2. NetworkManager (RHEL/CentOS/Fedora)

NetworkManager manages interfaces dynamically. Use nmcli (command-line) or nmtui (text UI) to configure it.

Example: Set Static IP with nmcli

# List active connections  
nmcli con show  

# Modify a connection (e.g., "Wired connection 1")  
sudo nmcli con mod "Wired connection 1" \  
  ipv4.addresses 192.168.1.10/24 \  
  ipv4.gateway 192.168.1.1 \  
  ipv4.dns "8.8.8.8,8.8.4.4" \  
  ipv4.method manual  # Set to "auto" for DHCP  

# Restart the connection  
sudo nmcli con up "Wired connection 1"  

# Verify  
nmcli con show "Wired connection 1" | grep ipv4  

Static vs. Dynamic IP Assignment

• Static IP: Manually set, ideal for servers (e.g., web servers, routers) to ensure consistent access.
• Dynamic IP: Assigned via DHCP, best for desktops, laptops, or temporary devices.

Troubleshooting Common Issues

When networking fails, follow this structured workflow to diagnose and fix problems.

1. Connectivity Problems

Symptom: Can’t ping internal/external IPs.

Steps to Fix:

• Check interface status: Ensure the interface is up:

  ip link show eth0  # Look for "UP" in the output  

  If down: sudo ip link set eth0 up.

• Verify IP/subnet: Confirm the IP and subnet mask are correct:

  ip addr show eth0  # Should show 192.168.1.10/24 (or similar)  

• Test gateway reachability: Ping the default gateway (e.g., 192.168.1.1):

  ping -c 3 192.168.1.1  

  If unreachable, check gateway configuration with ip route show.

• Test external connectivity: Ping a public IP (e.g., 8.8.8.8 for Google DNS):

  ping -c 3 8.8.8.8  

2. DNS Resolution Failures

Symptom: Can ping 8.8.8.8 but not google.com.

Steps to Fix:

• Check DNS servers: Verify /etc/resolv.conf has valid nameservers:

  cat /etc/resolv.conf  
  # Should show: nameserver 8.8.8.8 or similar  

  If empty, reconfigure DHCP or static DNS.

• Test DNS with dig/nslookup:

  dig google.com  # Check "ANSWER SECTION" for IP  
  nslookup google.com  

• Flush DNS cache (if using systemd-resolved):

  sudo systemctl restart systemd-resolved  

3. Firewall Blockages

Linux firewalls (e.g., ufw, iptables) may block traffic.

Check Firewall Status:

• UFW (Uncomplicated Firewall, Debian/Ubuntu):

  sudo ufw status  
  # Allow SSH temporarily: sudo ufw allow 22/tcp  

• iptables (raw firewall rules):

  sudo iptables -L  # List all rules  

4. DHCP Lease Issues

Symptom: DHCP client fails to get an IP.

Steps to Fix:

• Renew DHCP lease:

  sudo dhclient -r eth0  # Release lease  
  sudo dhclient eth0     # Request new lease  

• Check DHCP logs:

  journalctl -u dhclient  # For DHCP client logs  

5. Advanced Tools

• traceroute/mtr: Trace the path to a remote host (e.g., traceroute google.com).
• tcpdump: Capture network packets for deep debugging:

  sudo tcpdump -i eth0 port 80  # Capture HTTP traffic on eth0  

Best Practices

Follow these guidelines to maintain reliable, secure networking:

1. Use Static IPs for Servers: Avoid DHCP for critical services (e.g., databases, DNS servers).
2. Keep /etc/hosts Minimal: Only add essential local mappings to avoid conflicts.
3. Secure SSH: Restrict SSH access with AllowUsers in /etc/ssh/sshd_config and use SSH keys.
4. Enable Firewalls: Always run ufw or firewalld; allow only required ports (e.g., 22 for SSH, 80/443 for web).
5. Monitor Logs: Use journalctl or tools like rsyslog to track network-related errors (e.g., journalctl -u NetworkManager).
6. Backup Configs: Save copies of /etc/netplan/, /etc/network/interfaces, or nmcli exports.
7. Document Changes: Log IP assignments, DNS settings, and firewall rules for troubleshooting.

Conclusion

Linux networking is a foundational skill, blending conceptual knowledge with hands-on tooling. By mastering ip, Netplan, and troubleshooting workflows, you can configure robust networks and resolve issues efficiently. Remember to follow best practices like static IPs for servers, firewall hygiene, and log monitoring to ensure reliability and security.

References

• Linux ip Command Manual
• Netplan Documentation
• NetworkManager nmcli Guide
• UFW Firewall Guide
• DNS Troubleshooting with dig