Skip to main content
Engineering LibreTexts

10-F.11.3: Network Troubleshooting Commands - ip / route / nmap

  • Page ID
    40976
  • The ip Command

    The ip command comes from the net-tools which is used for performing several network administration tasks. IP stands for Internet Protocol. This command is used to show or manipulate routing, devices, and tunnels. It is similar to ifconfig but it is much more powerful with more functions and facilities attached to it. ifconfig is one of the deprecated Linux commands and has not been maintained for many years. The ip command is used to perform several tasks, like assigning an address to a network interface or configuring network interface parameters.

    It can perform several other tasks like configuring and modifying the default and static routing, setting up tunnel over IP, listing IP addresses and property information, modifying the status of the interface, or assigning, deleting and setting up IP addresses and routes.

    Syntax:

    ip [ OPTIONS ] OBJECT { COMMAND | help }

    With the ip command you can:

    • Assign an IP address to a specific interface
    • Check the IP address on any interface
    • Remove an IP address from an interface
    • Enable an IP address on an interface
    • Disable a network interface
    • Check the routing table
    • Add a static route
    • Remove a static route
    • Add a persistent static route

    The route Command

    The route command enables users to work with the IP/kernel routing table. It is mainly used to set up static routes to specific hosts or networks via an interface. It can also show or update the IP/kernel routing table. A router, which normally does the routing in a network, is a device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet using information in its routing table or a routing policy to direct the packet to the next network on its journey.

    Syntax:

    route [ OPTIONS ]

    The following example shows the routing table - the gateway device, the local link and the network this host sits on:

    pbmac@pbmac-server $ route
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    default         _gateway        0.0.0.0         UG    100    0        0 enp0s25
    link-local      0.0.0.0         255.255.0.0     U     1000   0        0 enp0s25
    192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 enp0s25
    
    To add a default gateway an IP address must be used
    pbmac@pbmac-server $  route add default gw 169.254.0.0
    

    The nmap Command

    Nmap (Network Mapper) is a free and open-source network scanner used to discover hosts and services on a computer network by sending packets and analyzing the responses.

    Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection. These features are extensible by scripts that provide more advanced service detection, vulnerability detection, and other features. Nmap can adapt to network conditions including latency and congestion during a scan.
    Nmap features include:

    • Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open.
    • Port scanning – Enumerating the open ports on target hosts.
    • Version detection – Interrogating network services on remote devices to determine application name and version number.
    • OS detection – Determining the operating system and hardware characteristics of network devices.
    • Scriptable interaction with the target – using Nmap Scripting Engine (NSE) and Lua programming language.
    • Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.

    Typical uses of Nmap:

    • Auditing the security of a device or firewall by identifying the network connections which can be made to, or through it.
    • Identifying open ports on a target host in preparation for auditing.
    • Network inventory, network mapping, maintenance and asset management.
    • Auditing the security of a network by identifying new servers.
    • Generating traffic to hosts on a network, response analysis and response time measurement.
    • Finding and exploiting vulnerabilities in a network.
    • DNS queries and subdomain search.

    Syntax:

    nmap [ OPTIONS ] [ TARGET ]

    The target can be a hostname or an IP address.

    The nmap utility offers various methods to scan a system. In the example below, a scan is performed using hostname www.deltacollege.edu, to find out all open ports and services on the system. As usual, if the -v option is used the output is much more verbose, not necessarily providing any additional information, but providing it in a very clear manner.

    pbmac@pbmac-server $ nmap www.deltacollege.edu
    
    Starting Nmap 7.60 ( https://nmap.org ) at 2020-10-20 13:33 PDT
    Nmap scan report for www.deltacollege.edu (52.36.131.229)
    Host is up (0.040s latency).
    rDNS record for 52.36.131.229: ec2-52-36-131-229.us-west-2.compute.amazonaws.com
    Not shown: 997 filtered ports
    PORT    STATE SERVICE
    22/tcp  open  ssh
    80/tcp  open  http
    443/tcp open  https
    
    Nmap done: 1 IP address (1 host up) scanned in 5.00 seconds

    Adapted from:
    "ip command in Linux with examples" by raghavmangal22, Geeks for Geeks is licensed under CC BY-SA 4.0
    "Nmap" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0