Subnet to Mask Bits conversion table
Mask CIDR Length (Mask Bits)
128.0.0.0 1
192.0.0.0 2
224.0.0.0 3
240.0.0.0 4
248.0.0.0 5
252.0.0.0 6
254.0.0.0 7
255.0.0.0 8
255.128.0.0 9
255.192.0.0 10
255.224.0.0 11
255.240.0.0 12
255.248.0.0 13
255.252.0.0 14
255.254.0.0 15
255.255.0.0 16
255.255.128.0 17
255.255.192.0 18
255.255.224.0 19
255.255.240.0 20
255.255.248.0 21
255.255.252.0 22
255.255.254.0 23
255.255.255.0 24
255.255.255.128 25
255.255.255.192 26
255.255.255.224 27
255.255.255.240 28
255.255.255.248 29
255.255.255.252 30
255.255.255.254 31
255.255.255.255 32
Networking
Verify the speed of my Network Cards in Linux
How to tell the network speed of network cards in Linux?
CentOS 7
Find the network cards:
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:d5:dc:4a brd ff:ff:ff:ff:ff:ff
inet 216.55.xxx.xxx/24 brd 216.55.169.255 scope global ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fed5:dc4a/64 scope link
valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:d5:dc:54 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.101/24 brd 192.168.1.255 scope global ens192
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fed5:dc54/64 scope link
valid_lft forever preferred_lft forever
Ethtool
# ethtool ens160
Settings for ens160:
Supported ports: [ TP ]
Supported link modes: 1000baseT/Full
10000baseT/Full
Supported pause frame use: No
Supports auto-negotiation: No
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Speed: 10000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: off
MDI-X: Unknown
Supports Wake-on: uag
Wake-on: d
Link detected: yes
# ethtool ens160 | grep Speed
Speed: 10000Mb/s
Script:
for i in $(netstat -i | cut -f1 -d" " | tail -n+3) ; do echo "$i: $(ethtool "$i" | grep Speed | sed 's/Speed://g')" ; done
cat /sys/class/net/<interface>/speed
# cat /sys/class/net/ens160/speed 10000
Above would be in MB.
DMESG
# dmesg |grep eth0 [0.932304] vmxnet3 0000:03:00.0 eth0: NIC Link is Up 10000 Mbps
Show List Of Network Cards in Linux
How do I display a list of all network cards under Linux operating systems?
You can use any one of the following command to list network cards installed under Linux operating systems. Please note that the ifconfig and ip commands will also display interfaces information about vpn, loopback, and other configured interfaces.
- lspci command : List all PCI devices.
- lshw command : List all hardware.
- dmidecode command : List all hardware data from BIOS.
- ifconfig command : Outdated network config utility.
- ip command : Recommended new network config utility.
- lspci command
Type the following command:
# lspci | egrep -i --color 'network|ethernet'
Sample outputs:
09:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5761e Gigabit Ethernet PCIe (rev 10) 0c:00.0 Network controller: Intel Corporation Ultimate N WiFi Link 5300
lshw command
The lshw command can extract detailed information on the hardware configuration of the machine including network cards. Type the following command:
# lshw -class network
Sample outputs:
*-network DISABLED
description: Wireless interface
product: Ultimate N WiFi Link 5300
vendor: Intel Corporation
physical id: 0
bus info: pci@0000:0c:00.0
logical name: wlan0
version: 00
serial: 00:21:6a:ca:9b:10
width: 64 bits
clock: 33MHz
capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless
configuration: broadcast=yes driver=iwlwifi driverversion=3.2.0-0.bpo.1-amd64 firmware=8.83.5.1 build 33692 latency=0 link=no multicast=yes wireless=IEEE 802.11abgn
resources: irq:46 memory:f1ffe000-f1ffffff
*-network
description: Ethernet interface
product: NetXtreme BCM5761e Gigabit Ethernet PCIe
vendor: Broadcom Corporation
physical id: 0
bus info: pci@0000:09:00.0
logical name: eth0
version: 10
serial: b8:ac:6f:65:31:e5
size: 1GB/s
capacity: 1GB/s
width: 64 bits
clock: 33MHz
capabilities: pm vpd msi pciexpress bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation
configuration: autonegotiation=on broadcast=yes driver=tg3 driverversion=3.121 duplex=full firmware=5761e-v3.71 ip=192.168.1.5 latency=0 link=yes multicast=yes port=twisted pair speed=1GB/s
resources: irq:48 memory:f1be0000-f1beffff memory:f1bf0000-f1bfffff
ifconfig and ip command
To see all configured network devices, enter:
# ifconfig -a
OR
# ip link show
OR
# ip a
Sample outputs:
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc mq state UP qlen 1000
link/ether b8:ac:6f:65:31:e5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.5/24 brd 192.168.1.255 scope global eth0
inet6 fe80::baac:6fff:fe65:31e5/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:21:6a:ca:9b:10 brd ff:ff:ff:ff:ff:ff
4: pan0: mtu 1500 qdisc noop state DOWN
link/ether 92:0a:e7:31:e0:83 brd ff:ff:ff:ff:ff:ff
5: vmnet1: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:50:56:c0:00:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.121.1/24 brd 192.168.121.255 scope global vmnet1
inet6 fe80::250:56ff:fec0:1/64 scope link
valid_lft forever preferred_lft forever
6: vmnet8: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:50:56:c0:00:08 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.1/24 brd 192.168.179.255 scope global vmnet8
inet6 fe80::250:56ff:fec0:8/64 scope link
valid_lft forever preferred_lft forever
/proc/net/dev
The dev pseudo-file contains network device status information. This gives the number of received and sent packets, the number of errors and collisions and other basic statistics.
$ cat /proc/net/dev
Sample outputs:
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 20097 179 0 0 0 0 0 0 20097 179 0 0 0 0 0 0
vmnet8: 0 0 0 0 0 0 0 0 0 33 0 0 0 0 0 0
pan0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
wlan0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
eth0: 592509534 623058 0 0 0 0 0 1053 122269656 401567 0 0 0 0 0 0
vmnet1: 0 0 0 0 0 0 0 0
What is the use of /etc/udev/rules.d/70-persistent-net.rules file in Rhel/Centos?
what is the use of /etc/udev/rules.d/70-persistent-net.rules file in linux? is anyother way to change interface name in linux other than 70-persistent-net.rules?
This file associates your NIC’s MAC address with an interface name that will be given to the NIC at startup. There are certainly ways to change the name at runtime but if you reboot, it’s gonna be the contents of that file that count.
Additionally, you can use it for renaming the interfaces
Neighbor table overflow Error in Linux
The ‘neighbor table overflow’ is a VERY common linux issue on large networks. Some network trigger this with default linux settings (because the previous network regime put so many IP address subnets on a single vlan , it creates large ARP tables – which is not normal / default settings). It is not an indication of anything wrong. It is a trigger of linux default.
Here is how to adjust:
If you see this….
__ratelimit: 20 callbacks suppressed Neighbour table overflow.
For busy networks increase the kernel’s internal ARP cache size. The following kernel variables are used:
net.ipv4.neigh.default.gc_thresh1 net.ipv4.neigh.default.gc_thresh2 net.ipv4.neigh.default.gc_thresh3 To see current values, type:
Run this…
# sysctl net.ipv4.neigh.default.gc_thresh1 net.ipv4.neigh.default.gc_thresh1 = 128
# sysctl net.ipv4.neigh.default.gc_thresh2 net.ipv4.neigh.default.gc_thresh2 = 512
# sysctl net.ipv4.neigh.default.gc_thresh3 net.ipv4.neigh.default.gc_thresh3 = 1024
You need to make sure that the arp table to become bigger than the above defaults. The above limitations are good for small network or a single server. This will also affect your DNS traffic.
How Do I Fix “Neighbour Table Overflow” Error?
# vi /etc/sysctl.conf
Append the following:
## works best with <= 500 client computers ## # Force gc to clean-up quickly net.ipv4.neigh.default.gc_interval = 3600 # Set ARP cache entry timeout net.ipv4.neigh.default.gc_stale_time = 3600 # Setup DNS threshold for arp net.ipv4.neigh.default.gc_thresh3 = 4096 net.ipv4.neigh.default.gc_thresh2 = 2048 net.ipv4.neigh.default.gc_thresh1 = 1024
To load new changes type the following command:
# sysctl -p
Add private IP to Debian Ubuntu for R1
Add the IP as Eth0 when the primary is Eth1 (no gateway)
# nano /etc/network/interfaces
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 10.168.19.36 netmask 255.255.255.224 hwaddress 0C:C4:7A:6A:0F:E4 auto eth1 iface eth1 inet static address 206.xxx.xx.xx netmask 255.255.255.0 gateway 206.xxx.xx.1 hwaddress 0C:C4:7A:6A:0F:E5 dns-nameservers 8.8.8.8 4.4.4.4
Nmap
See if ports are open
nmap -T4 -Pn -p 21,22,25,80,110,143,443,3389 $SERVER_IP
Test server download speeds
Server connections speeds are a function of a variety of variables. The server’s connection speed to the Internet, all processes that are simultaneously trying to connect (uploads and downloads share the total speed available), the overall health of the Internet and the connection capability of the off-site computer, which is also limited by the same factors.
Linux
You can test the download speed of a Linux server by downloading a very large file and watching the speed.
# cd /tmp
500 MB
# wget --output-document=/dev/null http://speedtest.wdc01.softlayer.com/downloads/test500.zip
or
# wget --output-document=/dev/null http://cachefly.cachefly.net/100mb.test
Windows
The Difference between a Megabyte (MB) and a Megabit (Mb)
Do you think 1 Megabit per second (1 Mbps) will allow you to download a 1 Megabyte file in one second?
This is not the case. A Megabit is 1/8 as big as a Megabyte.
1 Megabyte = 8 Megabits
Mbps = Megbits per second
MBps = MegBytes per second
Internet speed is usually measured in megabits per second
So, to download a 1MB file in 1 second you would need a connection of 8Mbps ( 8 Megbits per second). The difference between a Gigabyte (GB) and a Gigabit (Gb) is the same, with a Gigabyte being 8 times larger than a Gigabit.
To calculate how long it will take a file to download over your connection, you can use Google’s simple MB/Mb converter:
Netstat Commands for DDoS Checking
Useful commands to check if a server is getting ddos’d
Show IPs with more than 10 connections open:
# netstat -nat | grep ":80" | awk -F: '{print $8}' | sort | uniq -c | sort -n | awk '{ if ( $1 > 10) print $2 ; }'
Show # of connections open per IP
# netstat -nat | egrep ":80|:443" | awk -F: '{print $8}' | sort | uniq -c | sort -n
Number of connections per IP
# netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Haynie’s version(better sorting):
# netstat -anp|awk '{print $5}'|awk -F: '{print $4}'|sort -n -t. -k1,1 -k2,2 -k3,3 -k4,4|uniq -c|sort -n
Drop ips with 100 or more connections:
# netstat -nat | egrep ":80|:443" | awk -F: '{print $8}' | sort | uniq -c | sort -n | awk '{ if ( $1 > 100) print $2 ; }' | xargs -n1 echo iptables -I INPUT -j DROP -s
Graphic netstat connections(# of connections open per host)
# netstat -an | grep ESTABLISHED | awk '{print $5}' | awk -F: '{print $1}' | sort | uniq -c | awk '{ printf("%s\t%s\t",$2,$1) ; for (i = 0; i < $1; i++) {printf("*")}; print "" }'