Skip to main content
Engineering LibreTexts

10-F.11.3: Network Troubleshooting Commands - ip / route / nmap

  • Page ID
    40976
  • \( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

    \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

    \( \newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\)

    ( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\)

    \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

    \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\)

    \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

    \( \newcommand{\Span}{\mathrm{span}}\)

    \( \newcommand{\id}{\mathrm{id}}\)

    \( \newcommand{\Span}{\mathrm{span}}\)

    \( \newcommand{\kernel}{\mathrm{null}\,}\)

    \( \newcommand{\range}{\mathrm{range}\,}\)

    \( \newcommand{\RealPart}{\mathrm{Re}}\)

    \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\)

    \( \newcommand{\Argument}{\mathrm{Arg}}\)

    \( \newcommand{\norm}[1]{\| #1 \|}\)

    \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\)

    \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\AA}{\unicode[.8,0]{x212B}}\)

    \( \newcommand{\vectorA}[1]{\vec{#1}}      % arrow\)

    \( \newcommand{\vectorAt}[1]{\vec{\text{#1}}}      % arrow\)

    \( \newcommand{\vectorB}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

    \( \newcommand{\vectorC}[1]{\textbf{#1}} \)

    \( \newcommand{\vectorD}[1]{\overrightarrow{#1}} \)

    \( \newcommand{\vectorDt}[1]{\overrightarrow{\text{#1}}} \)

    \( \newcommand{\vectE}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash{\mathbf {#1}}}} \)

    \( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \)

    \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)

    \(\newcommand{\avec}{\mathbf a}\) \(\newcommand{\bvec}{\mathbf b}\) \(\newcommand{\cvec}{\mathbf c}\) \(\newcommand{\dvec}{\mathbf d}\) \(\newcommand{\dtil}{\widetilde{\mathbf d}}\) \(\newcommand{\evec}{\mathbf e}\) \(\newcommand{\fvec}{\mathbf f}\) \(\newcommand{\nvec}{\mathbf n}\) \(\newcommand{\pvec}{\mathbf p}\) \(\newcommand{\qvec}{\mathbf q}\) \(\newcommand{\svec}{\mathbf s}\) \(\newcommand{\tvec}{\mathbf t}\) \(\newcommand{\uvec}{\mathbf u}\) \(\newcommand{\vvec}{\mathbf v}\) \(\newcommand{\wvec}{\mathbf w}\) \(\newcommand{\xvec}{\mathbf x}\) \(\newcommand{\yvec}{\mathbf y}\) \(\newcommand{\zvec}{\mathbf z}\) \(\newcommand{\rvec}{\mathbf r}\) \(\newcommand{\mvec}{\mathbf m}\) \(\newcommand{\zerovec}{\mathbf 0}\) \(\newcommand{\onevec}{\mathbf 1}\) \(\newcommand{\real}{\mathbb R}\) \(\newcommand{\twovec}[2]{\left[\begin{array}{r}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\ctwovec}[2]{\left[\begin{array}{c}#1 \\ #2 \end{array}\right]}\) \(\newcommand{\threevec}[3]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\cthreevec}[3]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \end{array}\right]}\) \(\newcommand{\fourvec}[4]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\cfourvec}[4]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \end{array}\right]}\) \(\newcommand{\fivevec}[5]{\left[\begin{array}{r}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\cfivevec}[5]{\left[\begin{array}{c}#1 \\ #2 \\ #3 \\ #4 \\ #5 \\ \end{array}\right]}\) \(\newcommand{\mattwo}[4]{\left[\begin{array}{rr}#1 \amp #2 \\ #3 \amp #4 \\ \end{array}\right]}\) \(\newcommand{\laspan}[1]{\text{Span}\{#1\}}\) \(\newcommand{\bcal}{\cal B}\) \(\newcommand{\ccal}{\cal C}\) \(\newcommand{\scal}{\cal S}\) \(\newcommand{\wcal}{\cal W}\) \(\newcommand{\ecal}{\cal E}\) \(\newcommand{\coords}[2]{\left\{#1\right\}_{#2}}\) \(\newcommand{\gray}[1]{\color{gray}{#1}}\) \(\newcommand{\lgray}[1]{\color{lightgray}{#1}}\) \(\newcommand{\rank}{\operatorname{rank}}\) \(\newcommand{\row}{\text{Row}}\) \(\newcommand{\col}{\text{Col}}\) \(\renewcommand{\row}{\text{Row}}\) \(\newcommand{\nul}{\text{Nul}}\) \(\newcommand{\var}{\text{Var}}\) \(\newcommand{\corr}{\text{corr}}\) \(\newcommand{\len}[1]{\left|#1\right|}\) \(\newcommand{\bbar}{\overline{\bvec}}\) \(\newcommand{\bhat}{\widehat{\bvec}}\) \(\newcommand{\bperp}{\bvec^\perp}\) \(\newcommand{\xhat}{\widehat{\xvec}}\) \(\newcommand{\vhat}{\widehat{\vvec}}\) \(\newcommand{\uhat}{\widehat{\uvec}}\) \(\newcommand{\what}{\widehat{\wvec}}\) \(\newcommand{\Sighat}{\widehat{\Sigma}}\) \(\newcommand{\lt}{<}\) \(\newcommand{\gt}{>}\) \(\newcommand{\amp}{&}\) \(\definecolor{fillinmathshade}{gray}{0.9}\)

    The ip Command

    The ip command comes from the net-tools which is used for performing several network administration tasks. IP stands for Internet Protocol. This command is used to show or manipulate routing, devices, and tunnels. It is similar to ifconfig but it is much more powerful with more functions and facilities attached to it. ifconfig is one of the deprecated Linux commands and has not been maintained for many years. The ip command is used to perform several tasks, like assigning an address to a network interface or configuring network interface parameters.

    It can perform several other tasks like configuring and modifying the default and static routing, setting up tunnel over IP, listing IP addresses and property information, modifying the status of the interface, or assigning, deleting and setting up IP addresses and routes.

    Syntax:

    ip [ OPTIONS ] OBJECT { COMMAND | help }

    Command Options

    Options Meaning
    -V, -Version Print the version of the ip utility and exit.
    -h, -human, -human-readable output statistics with human readable values followed by suffix.
    -b, -batch <FILENAME> Read commands from provided file or standard input and invoke them. First failure will cause termination of ip.
    -s, -stats, -statistics Output more information. If the option appears twice or more, the amount of information increases. As a rule, the information is statistics or some time values.
    -d, -details Output more detailed information.
    -f, -family <FAMILY> Specifies the protocol family to use.
    -4 shortcut for -family inet.
    -6 shortcut for -family inet6.
    -B shortcut for -family bridge.
    -M shortcut for -family mpls.
    -0 shortcut for -family link.
    -r, -resolve use the system's name resolver to print DNS names instead of host addresses.
    -N, -Numeric Print the number of protocol, scope, dsfield, etc directly instead of converting it to human readable name.
    -t, -timestamp display current time when using monitor option.

    With the ip command you can:

    • Assign an IP address to a specific interface
    • Check the IP address on any interface
    • Remove an IP address from an interface
    • Enable an IP address on an interface
    • Disable a network interface
    • Check the routing table
    • Add a static route
    • Remove a static route
    • Add a persistent static route

    The route Command

    The route command enables users to work with the IP/kernel routing table. It is mainly used to set up static routes to specific hosts or networks via an interface. It can also show or update the IP/kernel routing table. A router, which normally does the routing in a network, is a device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet using information in its routing table or a routing policy to direct the packet to the next network on its journey.

    Syntax:

    route [ OPTIONS ]

    Command Options:

    Options Meaning
    -A family use the specified address family (eg `inet'). Use route --help for a full list. You can use -6 as an alias for --inet6 and -4 as an alias for -A inet
    -F operate on the kernel's FIB (Forwarding Information Base) routing table. This is the default.
    -C operate on the kernel's routing cache.
    -v select verbose operation.
    -n show numerical addresses instead of trying to determine symbolic host names. This is useful if you are trying to determine why the route to your nameserver has vanished.
    -e use netstat(8)-format for displaying the routing table. -ee will generate a very long line with all parameters from the routing table.
    del delete a route.
    add add a new route.
    target the destination network or host. You can provide an addresses or symbolic network or host name. Optionally you can use /prefixlen notation instead of using the netmask option.
    -net the target is a network.
    -host the target is a host.
    netmask NM when adding a network route, the netmask to be used.
    gw GW route packets via a gateway. NOTE: The specified gateway must be reachable first. This usually means that you have to set up a static route to the gateway beforehand. If you specify the address of one of your local interfaces, it will be used to decide about the interface to which the packets should be routed to. This is a BSDism compatibility hack.
    metric M set the metric field in the routing table (used by routing daemons) to M. If this option is not specified the metric for inet6 (IPv6) address family defaults to '1', for inet (IPv4) it defaults to '0'. You should always specify an explicit metric value to not rely on those defaults - they also differ from iproute2.
    mss M sets MTU (Maximum Transmission Unit) of the route to M bytes. Note that the current implementation of the route command does not allow the option to set the Maximum Segment Size (MSS).
    window W set the TCP window size for connections over this route to W bytes. This is typically only used on AX.25 networks and with drivers unable to handle back to back frames.

    The following example shows the routing table - the gateway device, the local link and the network this host sits on:

    pbmac@pbmac-server $ route
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    default         _gateway        0.0.0.0         UG    100    0        0 enp0s25
    link-local      0.0.0.0         255.255.0.0     U     1000   0        0 enp0s25
    192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 enp0s25
    
    To add a default gateway an IP address must be used
    pbmac@pbmac-server $  route add default gw 169.254.0.0
    

    The nmap Command

    Nmap (Network Mapper) is a free and open-source network scanner used to discover hosts and services on a computer network by sending packets and analyzing the responses.

    Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection. These features are extensible by scripts that provide more advanced service detection, vulnerability detection, and other features. Nmap can adapt to network conditions including latency and congestion during a scan.
    Nmap features include:

    • Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open.
    • Port scanning – Enumerating the open ports on target hosts.
    • Version detection – Interrogating network services on remote devices to determine application name and version number.
    • OS detection – Determining the operating system and hardware characteristics of network devices.
    • Scriptable interaction with the target – using Nmap Scripting Engine (NSE) and Lua programming language.
    • Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.

    Typical uses of Nmap:

    • Auditing the security of a device or firewall by identifying the network connections which can be made to, or through it.
    • Identifying open ports on a target host in preparation for auditing.
    • Network inventory, network mapping, maintenance and asset management.
    • Auditing the security of a network by identifying new servers.
    • Generating traffic to hosts on a network, response analysis and response time measurement.
    • Finding and exploiting vulnerabilities in a network.
    • DNS queries and subdomain search.

    Syntax:

    nmap [ OPTIONS ] [ TARGET ]

    The options summary is presented when the command is run with no options and no target.

    The target can be a hostname or an IP address.

    The nmap utility offers various methods to scan a system. In the example below, a scan is performed using hostname www.deltacollege.edu, to find out all open ports and services on the system. As usual, if the -v option is used the output is much more verbose, not necessarily providing any additional information, but providing it in a very clear manner.

    pbmac@pbmac-server $ nmap www.deltacollege.edu
    
    Starting Nmap 7.60 ( https://nmap.org ) at 2020-10-20 13:33 PDT
    Nmap scan report for www.deltacollege.edu (52.36.131.229)
    Host is up (0.040s latency).
    rDNS record for 52.36.131.229: ec2-52-36-131-229.us-west-2.compute.amazonaws.com
    Not shown: 997 filtered ports
    PORT    STATE SERVICE
    22/tcp  open  ssh
    80/tcp  open  http
    443/tcp open  https
    
    Nmap done: 1 IP address (1 host up) scanned in 5.00 seconds

    Adapted from:
    "ip command in Linux with examples" by raghavmangal22, Geeks for Geeks is licensed under CC BY-SA 4.0
    "Nmap" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0


    10-F.11.3: Network Troubleshooting Commands - ip / route / nmap is shared under a CC BY-SA 4.0 license and was authored, remixed, and/or curated by LibreTexts.