Wednesday, April 22, 2015

Day 19: The Linux Command Line Ch16 Notes

Chapter 16 - Networking

ping - Send an ICMP ECHO_REQUEST to network hosts
traceroute - Print the route packets trace to a network host
netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
host - DNS lookup utility
ftp - Internet file transfer program
wget - Non-interactive network downloader
ssh - OpenSSH SSH client (remote login program)

First a little terminology (explanation for 13 year old son):

IP Address: An address that identifies a device in the network.
Just like most people have home addresses, computers and other devices in the network (printers, routers, switches, smart TVs, etc.). In order to send messages between those devices computer-to-computer talk, they must have some form of unique identifiers. They are those four bytes that look like:

Host: computer in the network
Computer can have many applications installed on them. The ones that want to communicate accross the network. For instance, your game, your web browser etc. We say that computers are hosts for this applications.

Domain Name: Name that represents IP address
Since applications require IP addresses of the servers (server is a bigger computer that sends to your application what it requested), with which it communicate, it would be next to impossible for you to remember those four-byte thingies. Instead, you use names rather than addresses, but there is a special service on the Internet that translates them to actual IP addresses that your computer can use. For instance, in your web browser you say:, rather than, 

In this post I would like to help you get the hang of networking basics.

On the command line type:

$ ping

After few seconds press CTRL-c to stop it.

Here's my output of this test:

PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=57 time=23.8 ms
64 bytes from icmp_seq=2 ttl=57 time=24.5 ms
64 bytes from icmp_seq=3 ttl=57 time=24.6 ms
64 bytes from icmp_seq=4 ttl=57 time=33.3 ms
64 bytes from icmp_seq=5 ttl=57 time=25.7 ms
64 bytes from icmp_seq=6 ttl=57 time=25.4 ms
--- ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5009ms
rtt min/avg/max/mdev = 23.858/26.278/33.336/3.218 ms

What just happened?
Your computer sent a number of special packets called: ICMP echo-request (will talk more on ICMP some time in the future). Those messages were delivered by so called routers (special devices finding the best path to destinations and forwarding those packets to them), to a computer with IP address That happens to be Google public DNS server (the one that can translate any domain name to actual IP address).

Since the computer responded with ICMP echo-reply message (those line you see above starting with 64 bytes from, it shows you that your computer has access to the Internet. Also, you can learn that the average time it took to send this packet and receive reply from host is 26.278 millisecond). Pow Wow! That's fast right? (millisecond is one millionth of a second!).

If you want to send a specified number of packets (say 4 packets only), try to use the following command:

$ ping -c 4

Next, very useful tool to check what routers (those magical boxes delivering our packets to the right host in different network than ours), are between us and the final destination. Try this (if you don't have this command available on your RP, do this: $ sudo apt-get update; sudo apt-get install traceroute):

$ traceroute

Today, I am in the hotel in town called Tralee, Ireland. This is what I got:

traceroute to (, 30 hops max, 60 byte packets
 1 (  7.131 ms  7.100 ms  7.084 ms
 2 (  113.396 ms  117.233 ms  117.241 ms
 3 (  27.189 ms  27.196 ms  27.182 ms
 4  * * *
 5 (  33.020 ms  33.010 ms  32.999 ms
 6 (  32.986 ms  22.912 ms  22.873 ms
 7 (  22.829 ms (  22.646 ms (  22.578 ms
 8 (  24.808 ms  24.779 ms  24.738 ms

The number 4 (asterisks) did not respond to my request, but all other did. It seems like there are 7 routers between my laptop and host which is the last responder. There IP addresses or names are displayed. If you want only IP addresses, disable domain name resolution doing this:

$ traceroute -n

Here's my output:

traceroute to (, 30 hops max, 60 byte packets
 1  5.435 ms  5.381 ms  5.330 ms
 2  20.936 ms  23.475 ms  23.442 ms
 3  20.793 ms  20.741 ms  23.283 ms
 4  26.518 ms  26.531 ms  26.483 ms
 5  * * *
 6  26.267 ms  24.507 ms  24.423 ms
 7  27.151 ms  23.204 ms  23.177 ms
 8  23.154 ms  23.527 ms  23.479 ms

This time it is the 5th router that did not respond in timely manner. Cool!

One last networking command I'd like you to play with today (more on networking tomorrow), is netstat.

Do this:

$ netstat -r

Here's my output (Hotel in Tralee)

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         UG        0 0          0 wlan0       *        U         0 0          0 wlan0

I can find out that my default gateway (local router that will be helping my packets find the destinations) is

If you want to see some statistics of your interface try this:

$ netstat -ie

It displays statistics of all network interfaces of your computer (again my laptop in the hotel shows something like this):

wlan0     Link encap:Ethernet  HWaddr 00:24:d6:75:7e:40  
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::224:d6ff:fe75:7e40/64 Scope:Link
          RX packets:22154 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16542 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 

          RX bytes:17330515 (17.3 MB)  TX bytes:3320213 (3.3 MB)

Received 17.3 MB so far. Transmitted 3.3 MB, no errors etc.

These tools have a way more to offer than I showed you. One thing at a time ;).

Before we call it a day, I am going to add one more tool so you can find out if your domain name service is working. This service is the most important service we have on the Internet. Remember that you use domain names in your applications rather than IP addresses? Who would remember all those weird numbers. It is so much easier to remember: rather than its current IP address.

Check this out:

$ host

Here's my output: has address


Mess around with those commands. Try to see man pages of the ones we used today. Some of them have a huge number of options, so don't try to remember them. Instead, read as much as you can to have an idea of their capabilities. You can always come back to those specifics.

More on networking in the next post. Meanwhile have fun with our today's tools.

What do you think this command do?

$ host

It also resolves name-to-ip but instead of using your local DNS server, it will ask Google public DNS server for help to resolve the name!

PS. Some workers cut the phone line to my house I'm told. Next post in few days when Eircom fixes it. So far they did not say when ..., that's just great. No Internet for God knows how many days!