Linux Networking Commands: Cheat Sheet
Interfaces & IP
ip addr show # All interfaces
ip -br addr # Compact view
ip -s link show eth0 # Link stats (errors, drops)
sudo ip addr add 10.0.0.5/24 dev eth0
sudo ip addr del 10.0.0.5/24 dev eth0
sudo ip link set eth0 up # Bring up
sudo ip link set eth0 down # Bring down
Routing
ip route show # Route table
ip route get 8.8.8.8 # Which route for this IP?
sudo ip route add 10.10.0.0/16 via 10.0.0.1 dev eth0
sudo ip route add default via 10.0.0.1
sudo ip route del 10.10.0.0/16
ip neigh show # ARP / neighbor table
DNS
dig example.com +short # Quick A record lookup
dig example.com MX # MX records
dig @8.8.8.8 example.com # Query specific nameserver
dig -x 93.184.216.34 # Reverse lookup
dig example.com +trace # Full resolution chain
host example.com # Simple lookup
resolvectl status # systemd-resolved info
Connectivity
ping -c 4 10.0.0.1
traceroute -n example.com # Skip DNS (faster)
mtr example.com # Continuous traceroute
nc -zv 10.0.0.5 443 # TCP port check
curl -Iso /dev/null -w "%{http_code}" https://example.com
curl --connect-timeout 5 -v https://example.com
Connections & Ports
ss -tlnp # TCP listeners with process
ss -ulnp # UDP listeners
ss -tnp # Established connections
ss -tnp sport = :443 # Filter by port
ss -s # Socket summary
sudo lsof -i :8080 # Process on port
sudo fuser 8080/tcp # PID on port
Firewall
# iptables
sudo iptables -L -n -v # List rules
sudo iptables -L -n -v -t nat # NAT table
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -s 203.0.113.5 -j DROP
# nftables
sudo nft list ruleset
# firewalld
sudo firewall-cmd --list-all
sudo firewall-cmd --add-port=8080/tcp --permanent && sudo firewall-cmd --reload
Packet Capture
sudo tcpdump -i eth0 # All traffic on interface
sudo tcpdump -i eth0 host 10.0.0.5 and port 443
sudo tcpdump -i eth0 -w capture.pcap # Write to file
sudo tcpdump -i eth0 -c 100 # Capture 100 packets
sudo tcpdump -i any port 53 # DNS traffic only
Bandwidth
iperf3 -s # Server side
iperf3 -c 10.0.0.5 # Client side
nload eth0 # Real-time throughput
Quick Reference
| Task | Command |
|---|---|
| Public IP | curl -s ifconfig.me |
| Hostname | hostnamectl |
| Scan remote ports | nmap -Pn 10.0.0.5 |
| SSL cert dates | openssl s_client -connect example.com:443 </dev/null 2>/dev/null | openssl x509 -noout -dates |
| MAC address | ip link show eth0 | awk '/ether/{print $2}' |
| Flush DNS cache | sudo resolvectl flush-caches |
Related Articles
Was this article helpful?
Senior Kubernetes Architect
10+ years orchestrating containers in production. Battle-tested opinions on everything from pod scheduling to service mesh. I've seen clusters burn and helped rebuild them better.
What our experts think
Every DevOps engineer should have these commands committed to muscle memory. When a production networking issue hits, you don't have time to Google 'how to check open ports on Linux'.
Related Articles
Linux Networking & Firewall: Configuration and Troubleshooting
Configure Linux network interfaces, set up iptables/nftables/firewalld rules, troubleshoot connectivity with ss, ip, dig, and tcpdump, and secure your servers.
Linux Performance Troubleshooting: CPU, Memory, Disk, and Network
Diagnose Linux performance bottlenecks with top, htop, vmstat, iostat, sar, iotop, and strace — a systematic approach to finding and fixing issues.
Fix Linux 'Too Many Open Files' System-Wide
Resolve the Linux 'too many open files' error by increasing file descriptor limits at the system, user, and process level.
Fix SSH 'Connection Refused' After Server Reboot
Diagnose and fix SSH connection refused errors after a Linux server reboot, covering sshd service, firewall rules, port configuration, and host key issues.
Linux Kernel Tuning for Network Performance: sysctl Settings That Matter
The sysctl knobs that actually improve Linux network throughput, latency, and connection handling — with benchmarks and safe production values.
Linux Control Groups (cgroups V2): Limiting CPU And Memory For Production Workloads
If you're running production workloads without cgroup constraints, you're one runaway process away from a bad day. Here's everything you need to configure...
More in Linux
View all →Alpine Linux apk Reference: Package Management, Repositories, and System Administration
A complete reference for Alpine Linux's apk package manager — adding packages, managing repositories, pinning versions, building custom packages, and running Alpine as a minimal server OS.
Alpine Linux for Docker: Building Minimal, Secure Container Images
How to use Alpine Linux as a Docker base image effectively — understanding musl libc compatibility, multi-stage builds, layer optimization, and the security trade-offs versus glibc-based distributions.
openSUSE MicroOS and Transactional Updates: Atomic System Updates with Btrfs Snapshots
How openSUSE's transactional-update and Btrfs snapshot integration enables atomic, rollback-safe system updates — and how MicroOS takes this to a fully immutable, container-optimized OS.
openSUSE and SUSE Linux Enterprise: YaST Administration and zypper Package Management
A practical guide to SUSE Linux administration — using YaST for system configuration, zypper for package management, managing repositories, and understanding the differences between openSUSE Leap, Tumbleweed, and SUSE Linux Enterprise.