Networking

Subnet to Mask Bits conversion table

by

Subnet to Mask Bits conversion table
Mask CIDR Length (Mask Bits)
128.0.0.0 1
192.0.0.0 2
224.0.0.0 3
240.0.0.0 4
248.0.0.0 5
252.0.0.0 6
254.0.0.0 7
255.0.0.0 8
255.128.0.0 9
255.192.0.0 10
255.224.0.0 11
255.240.0.0 12
255.248.0.0 13
255.252.0.0 14
255.254.0.0 15
255.255.0.0 16
255.255.128.0 17
255.255.192.0 18
255.255.224.0 19
255.255.240.0 20
255.255.248.0 21
255.255.252.0 22
255.255.254.0 23
255.255.255.0 24
255.255.255.128 25
255.255.255.192 26
255.255.255.224 27
255.255.255.240 28
255.255.255.248 29
255.255.255.252 30
255.255.255.254 31
255.255.255.255 32

Verify the speed of my Network Cards in Linux

by

How to tell the network speed of network cards in Linux?

CentOS 7

Find the network cards:

ip addr

1: lo:  mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens160:  mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:29:d5:dc:4a brd ff:ff:ff:ff:ff:ff
    inet 216.55.xxx.xxx/24 brd 216.55.169.255 scope global ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed5:dc4a/64 scope link
       valid_lft forever preferred_lft forever
3: ens192:  mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:29:d5:dc:54 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.101/24 brd 192.168.1.255 scope global ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed5:dc54/64 scope link
       valid_lft forever preferred_lft forever

Ethtool

# ethtool ens160
Settings for ens160:
        Supported ports: [ TP ]
        Supported link modes:   1000baseT/Full
                                10000baseT/Full
        Supported pause frame use: No
        Supports auto-negotiation: No
        Advertised link modes:  Not reported
        Advertised pause frame use: No
        Advertised auto-negotiation: No
        Speed: 10000Mb/s
        Duplex: Full
        Port: Twisted Pair
        PHYAD: 0
        Transceiver: internal
        Auto-negotiation: off
        MDI-X: Unknown
        Supports Wake-on: uag
        Wake-on: d
        Link detected: yes


# ethtool ens160 | grep Speed
        Speed: 10000Mb/s

Script:

for i in $(netstat -i | cut -f1 -d" " | tail -n+3) ; do echo "$i: $(ethtool "$i" | grep Speed | sed 's/Speed://g')" ; done

cat /sys/class/net//speed

# cat /sys/class/net/ens160/speed
10000

Above would be in MB.

DMESG

# dmesg |grep eth0
[0.932304] vmxnet3 0000:03:00.0 eth0: NIC Link is Up 10000 Mbps

Show List Of Network Cards in Linux

by

How do I display a list of all network cards under Linux operating systems?

You can use any one of the following command to list network cards installed under Linux operating systems. Please note that the ifconfig and ip commands will also display interfaces information about vpn, loopback, and other configured interfaces.

  • lspci command : List all PCI devices.
  • lshw command : List all hardware.
  • dmidecode command : List all hardware data from BIOS.
  • ifconfig command : Outdated network config utility.
  • ip command : Recommended new network config utility.
  • lspci command

Type the following command:

# lspci | egrep -i --color 'network|ethernet'

Sample outputs:

09:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5761e Gigabit Ethernet PCIe (rev 10)
0c:00.0 Network controller: Intel Corporation Ultimate N WiFi Link 5300

lshw command

The lshw command can extract detailed information on the hardware configuration of the machine including network cards. Type the following command:

# lshw -class network

Sample outputs:

  *-network DISABLED      
       description: Wireless interface
       product: Ultimate N WiFi Link 5300
       vendor: Intel Corporation
       physical id: 0
       bus info: pci@0000:0c:00.0
       logical name: wlan0
       version: 00
       serial: 00:21:6a:ca:9b:10
       width: 64 bits
       clock: 33MHz
       capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless
       configuration: broadcast=yes driver=iwlwifi driverversion=3.2.0-0.bpo.1-amd64 firmware=8.83.5.1 build 33692 latency=0 link=no multicast=yes wireless=IEEE 802.11abgn
       resources: irq:46 memory:f1ffe000-f1ffffff
  *-network
       description: Ethernet interface
       product: NetXtreme BCM5761e Gigabit Ethernet PCIe
       vendor: Broadcom Corporation
       physical id: 0
       bus info: pci@0000:09:00.0
       logical name: eth0
       version: 10
       serial: b8:ac:6f:65:31:e5
       size: 1GB/s
       capacity: 1GB/s
       width: 64 bits
       clock: 33MHz
       capabilities: pm vpd msi pciexpress bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation
       configuration: autonegotiation=on broadcast=yes driver=tg3 driverversion=3.121 duplex=full firmware=5761e-v3.71 ip=192.168.1.5 latency=0 link=yes multicast=yes port=twisted pair speed=1GB/s
       resources: irq:48 memory:f1be0000-f1beffff memory:f1bf0000-f1bfffff

ifconfig and ip command

To see all configured network devices, enter:

# ifconfig -a

OR

# ip link show

OR

# ip a

Sample outputs:

1: lo:  mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc mq state UP qlen 1000
    link/ether b8:ac:6f:65:31:e5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.5/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::baac:6fff:fe65:31e5/64 scope link 
       valid_lft forever preferred_lft forever
3: wlan0:  mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 00:21:6a:ca:9b:10 brd ff:ff:ff:ff:ff:ff
4: pan0:  mtu 1500 qdisc noop state DOWN 
    link/ether 92:0a:e7:31:e0:83 brd ff:ff:ff:ff:ff:ff
5: vmnet1:  mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:c0:00:01 brd ff:ff:ff:ff:ff:ff
    inet 192.168.121.1/24 brd 192.168.121.255 scope global vmnet1
    inet6 fe80::250:56ff:fec0:1/64 scope link 
       valid_lft forever preferred_lft forever
6: vmnet8:  mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:50:56:c0:00:08 brd ff:ff:ff:ff:ff:ff
    inet 192.168.179.1/24 brd 192.168.179.255 scope global vmnet8
    inet6 fe80::250:56ff:fec0:8/64 scope link 
       valid_lft forever preferred_lft forever

/proc/net/dev

The dev pseudo-file contains network device status information. This gives the number of received and sent packets, the number of errors and collisions and other basic statistics.

$ cat /proc/net/dev

Sample outputs:

Inter-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
    lo:   20097     179    0    0    0     0          0         0    20097     179    0    0    0     0       0          0
vmnet8:       0       0    0    0    0     0          0         0        0      33    0    0    0     0       0          0
  pan0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
 wlan0:       0       0    0    0    0     0          0         0        0       0    0    0    0     0       0          0
  eth0: 592509534  623058    0    0    0     0          0      1053 122269656  401567    0    0    0     0       0          0
vmnet1:       0       0    0    0    0     0          0         0

What is the use of /etc/udev/rules.d/70-persistent-net.rules file in Rhel/Centos?

by

what is the use of /etc/udev/rules.d/70-persistent-net.rules file in linux? is anyother way to change interface name in linux other than 70-persistent-net.rules?

This file associates your NIC’s MAC address with an interface name that will be given to the NIC at startup. There are certainly ways to change the name at runtime but if you reboot, it’s gonna be the contents of that file that count.

Additionally, you can use it for renaming the interfaces

Neighbor table overflow Error in Linux

by

The ‘neighbor table overflow’ is a VERY common linux issue on large networks. Some network trigger this with default linux settings (because the previous network regime put so many IP address subnets on a single vlan , it creates large ARP tables – which is not normal / default settings). It is not an indication of anything wrong. It is a trigger of linux default.

Here is how to adjust:
If you see this….

__ratelimit: 20 callbacks suppressed
Neighbour table overflow.

For busy networks increase the kernel’s internal ARP cache size. The following kernel variables are used:


net.ipv4.neigh.default.gc_thresh1
net.ipv4.neigh.default.gc_thresh2
net.ipv4.neigh.default.gc_thresh3
To see current values, type:

Run this…


# sysctl net.ipv4.neigh.default.gc_thresh1
net.ipv4.neigh.default.gc_thresh1 = 128


# sysctl net.ipv4.neigh.default.gc_thresh2
net.ipv4.neigh.default.gc_thresh2 = 512


# sysctl net.ipv4.neigh.default.gc_thresh3
net.ipv4.neigh.default.gc_thresh3 = 1024

You need to make sure that the arp table to become bigger than the above defaults. The above limitations are good for small network or a single server. This will also affect your DNS traffic.

How Do I Fix “Neighbour Table Overflow” Error?


# vi /etc/sysctl.conf

Append the following:


 ## works best with <= 500 client computers ##
# Force gc to clean-up quickly
net.ipv4.neigh.default.gc_interval = 3600
 
# Set ARP cache entry timeout
net.ipv4.neigh.default.gc_stale_time = 3600
 
# Setup DNS threshold for arp
net.ipv4.neigh.default.gc_thresh3 = 4096
net.ipv4.neigh.default.gc_thresh2 = 2048
net.ipv4.neigh.default.gc_thresh1 = 1024

To load new changes type the following command:

# sysctl -p

Add private IP to Debian Ubuntu for R1

by

Add the IP as Eth0 when the primary is Eth1 (no gateway)

# nano /etc/network/interfaces

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 10.168.19.36
netmask 255.255.255.224
hwaddress 0C:C4:7A:6A:0F:E4

auto eth1
iface eth1 inet static
address 206.xxx.xx.xx
netmask 255.255.255.0
gateway 206.xxx.xx.1
hwaddress 0C:C4:7A:6A:0F:E5
dns-nameservers 8.8.8.8 4.4.4.4

Nmap

by

See if ports are open

nmap -T4 -Pn -p 21,22,25,80,110,143,443,3389 $SERVER_IP

Test server download speeds

by

Server connections speeds are a function of a variety of variables. The server’s connection speed to the Internet, all processes that are simultaneously trying to connect (uploads and downloads share the total speed available), the overall health of the Internet and the connection capability of the off-site computer, which is also limited by the same factors.
Linux

You can test the download speed of a Linux server by downloading a very large file and watching the speed.

# cd /tmp

500 MB

# wget --output-document=/dev/null http://speedtest.wdc01.softlayer.com/downloads/test500.zip

or

# wget --output-document=/dev/null http://cachefly.cachefly.net/100mb.test

Windows

http://speedtest.net

The Difference between a Megabyte (MB) and a Megabit (Mb)

by

Do you think 1 Megabit per second (1 Mbps) will allow you to download a 1 Megabyte file in one second?

This is not the case. A Megabit is 1/8 as big as a Megabyte.

1 Megabyte = 8 Megabits
Mbps = Megbits per second
MBps = MegBytes per second
Internet speed is usually measured in megabits per second

So, to download a 1MB file in 1 second you would need a connection of 8Mbps ( 8 Megbits per second). The difference between a Gigabyte (GB) and a Gigabit (Gb) is the same, with a Gigabyte being 8 times larger than a Gigabit.

To calculate how long it will take a file to download over your connection, you can use Google’s simple MB/Mb converter:

https://www.google.com/search?q=megabyte+megabit+converter

Netstat Commands for DDoS Checking

by

Useful commands to check if a server is getting ddos’d

Show IPs with more than 10 connections open:


# netstat -nat | grep ":80" | awk -F: '{print $8}' | sort | uniq -c | sort -n | awk '{ if ( $1 > 10) print $2 ; }'

Show # of connections open per IP


# netstat -nat | egrep ":80|:443" | awk -F: '{print $8}' | sort | uniq -c | sort -n

Number of connections per IP


# netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Haynie’s version(better sorting):


# netstat -anp|awk '{print $5}'|awk -F: '{print $4}'|sort -n -t. -k1,1 -k2,2 -k3,3 -k4,4|uniq -c|sort -n

Drop ips with 100 or more connections:


# netstat -nat | egrep ":80|:443" | awk -F: '{print $8}' | sort | uniq -c | sort -n | awk '{ if ( $1 > 100) print $2 ; }' | xargs -n1 echo iptables -I INPUT -j DROP -s

Graphic netstat connections(# of connections open per host)


# netstat -an | grep ESTABLISHED | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | awk '{ printf("%s\t%s\t",$2,$1) ; for (i = 0; i < $1; i++) {printf("*")}; print "" }'