Networking

DNS records

Common record types

See the list of DNS record types for more information.

Type Description Function
A Address Maps a hostname to an IP
CNAME Canonical Name Alias to another hostname
MX Mail eXchange Maps a domain to a mail transfer agent
SRV SeRVice locator Generalized record type

dig

$ dig freebsd.org

; <<>> DiG 9.11.0-P1 <<>> freebsd.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1134
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;freebsd.org.                        IN      A

;; ANSWER SECTION:
freebsd.org.         3600    IN      A       8.8.178.110

;; Query time: 58 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: lun. déc. 05 19:36:05 CET 2016
;; MSG SIZE  rcvd: 45
$ dig +nocmd +noquestion +nostats archlinux.org

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25601
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; ANSWER SECTION:
archlinux.org.       1365    IN      A       138.201.81.199
$ dig +short debian.org

140.211.15.34
130.89.148.14
128.31.0.62

nslookup

$ nslookup freebsd.org

Server:      192.168.1.1
Address:     192.168.1.1#53

Non-authoritative answer:
Name:        freebsd.org
Address:     8.8.178.110
Name:        freebsd.org
Address:     2001:1900:2254:206a::50:0

Local lookup, e.g. when using dnsmasq to cache DNS results:

$ nslookup linux.org localhost

Server:      localhost
Address:     ::1#53

Non-authoritative answer:
Name:        linux.org
Address:     192.243.104.10

Port scanning - Nmap / Zenmap

State Meaning
closed the port is open, but no service is running on the remote server
filtered the port is blocked by a firewall
open the port is open, and there is a service running

nmap - open

$ nmap gerrit.example.com -p 29418 -Pn

Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-07 15:46 CEST
Nmap scan report for gerrit.example.com (163.33.26.149)
Host is up (0.072s latency).
rDNS record for 163.33.26.149: irsgerrit001.ir.example.com
PORT      STATE SERVICE
29418/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds

nmap - filtered

$ nmap gerrit.dev.example.com -p 29418 -Pn

Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-07 15:50 CEST
Nmap scan report for gerrit.dev.example.com (10.96.8.73)
Host is up.
rDNS record for 10.96.8.73: fmygit6003.fm.example.com
PORT      STATE    SERVICE
29418/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 2.11 seconds

nmap - scan several ports, and get information on the remote services

$ nmap server.domain.example.com -p 22,80,5432,8080 -Pn -sV

Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-07 16:01 CEST
Nmap scan report for server.domain.example.com (10.237.188.47)
Host is up (0.062s latency).
rDNS record for 10.225.127.36: server.domain.example.com
PORT     STATE  SERVICE    VERSION
22/tcp   open   ssh        OpenSSH 5.9p1 Debian 5ubuntu1.7 (Ubuntu Linux; protocol 2.0)
80/tcp   open   http       nginx 1.1.19
5432/tcp closed postgresql
8080/tcp open   tcpwrapped
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.52 seconds

Routing

traceroute - show routes between two hosts

$ traceroute example.com

traceroute to example.com (166.70.10.23), 30 hops max, 60 byte packets
 1  176.221.87.1 (176.221.87.1)  1.474 ms  1.444 ms  1.390 ms
 2  f126.broadband2.quicknet.se (92.43.37.126)  10.047 ms  19.868 ms  23.156 ms
 3  10.5.12.1 (10.5.12.1)  24.098 ms  24.340 ms  25.311 ms
 4  212.247.178.9 (212.247.178.9)  25.777 ms  27.184 ms  27.625 ms
 5  vst-ncore-1.bundle-ether1.tele2.net (130.244.39.46)  30.632 ms  31.610 ms  32.194 ms
 6  kst5-core-1.bundle-ether6.tele2.net (130.244.71.178)  33.608 ms  15.274 ms  16.449 ms
 7  kst5-peer-1.ae0-unit0.tele2.net (130.244.205.125) 252.53 ms 11.169 ms 12.158 ms
 8  avk6-peer-1.ae0-unit0.tele2.net (130.244.64.71)  19.661 ms  25.765 ms  26.730 ms
 9  peer-as3257.avk6.tele2.net (130.244.200.106)  25.390 ms  24.863 ms xe-5-0-0.nyc30.ip4.tinet.net (89.149.181.109)  23.626 ms
10  fortress-gw.ip4.tinet.net (216.221.158.90)  29.943 ms  31.112 ms  29.002 ms
11  208.116.63.254 (208.116.63.254)  32.102 ms  29.862 ms  29.337 ms

iptables - show local routes

$ sudo iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
DOCKER-ISOLATION  all  --  anywhere             anywhere
DOCKER     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (1 references)
target     prot opt source               destination

Chain DOCKER-ISOLATION (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Sockets

lsof - list active sockets

$ lsof -Pnl +M -i

rpcbind    1192        0    8u  IPv4    28745      0t0  TCP *:111[portmapper] (LISTEN)
rpcbind    1192        0   11u  IPv6    28748      0t0  TCP *:111[portmapper] (LISTEN)
cupsd      1221        0    8u  IPv6 16414694      0t0  TCP [::1]:631 (LISTEN)
rpc.statd  1238      116   11u  IPv6    11496      0t0  TCP *:55536 (LISTEN)
sshd       1295        0    3r  IPv4     1511      0t0  TCP *:22 (LISTEN)
ypbind     1395        0    5u  IPv4    28818      0t0  TCP *:724[ypbind] (LISTEN)
nrpe       1687      119    4u  IPv4    28924      0t0  TCP *:5666 (LISTEN)
nginx      1715        0   10u  IPv4     1720      0t0  TCP *:80 (LISTEN)