90 minutes; session 4 of 5
Viewing Interface Statistics with ip -s link
The ip -s link command displays detailed statistics for network interfaces in Linux. This provides insights into traffic flows and interface performance.
Introduction
Examining interface metrics helps monitor performance and identify potential issues. Let’s look at using ip -s link to view statistics.
Steps
Open Terminal
First, open a terminal window on your system.
View Interface Stats
Use this command to show statistics for an interface:
ip -s link show dev eth0
Replace eth0 with your desired interface.
Understand Output
The output will contain metrics like:
- Packets/bytes sent/received
- Packet errors
- Dropped packets
-collisions - Overruns
These help identify throughput, loss, and other issues.
Manipulate Interface
The interface can be brought down and up to observe statistic changes:
sudo ip link set eth0 down
sudo ip link set eth0 up
Recheck Statistics
View interface metrics again after manipulating state:
ip -s link show dev eth0
Metrics will update according to the interface changes.
Summary
The ip -s link show command reveals detailed interface statistics useful for monitoring and debugging network issues.
Viewing IP Address Statistics with ip -s addr
The ip -s addr command displays IP address information and statistics in Linux. This provides visibility into traffic flows per address.
Introduction
Examining IP address metrics helps identify usage patterns and potential issues. Let’s look at using ip -s addr to view statistics.
Steps
Open Terminal
First, open a terminal window on your system.
View Address Stats
Use this command to show IP address stats:
ip -s addr show eth0
Replace eth0 with your desired interface.
Understand Output
The output contains traffic stats for each address like:
- Bytes/packets sent/received
- Packet errors
- Dropped packets
View Errors
Add a second -s flag to view detailed error counters:
ip -s -s addr show eth0
Manipulate Interface
Bring interface up/down to see metric changes:
sudo ip link set eth0 down
sudo ip link set eth0 up
Recheck Statistics
View IP address stats again after manipulating interface state:
ip -s addr show eth0
Summary
The ip -s addr command reveals useful IP address statistics for monitoring usage patterns and identifying potential issues.
Viewing Route Statistics with ip -s route
The ip -s route command displays routing table statistics in Linux. This provides visibility into traffic flows and routing performance.
Introduction
Examining route metrics helps identify route issues and optimize network traffic. Let’s look at using ip -s route.
Steps
Open Terminal
First, open a terminal window on your system.
View Route Stats
Use this to show routing statistics:
ip -s route
Understand Output
The output contains metrics per route like:
- Packets/bytes sent/received
- Packet errors
- Dropped packets
Manipulate Routes
Bring an interface up/down to cause routing changes:
sudo ip link set eth0 down
sudo ip link set eth0 up
Recheck Statistics
View route stats again after manipulating connectivity:
ip -s route
Metrics will update according to the routing changes.
Summary
The ip -s route command reveals detailed route statistics useful for monitoring routing health and optimizing network traffic flows.
Viewing Neighbor Statistics with ip -s neigh
The ip -s neigh command displays neighbor table statistics in Linux. This provides insights into neighbor connectivity and ARP performance.
Introduction
Examining neighbor metrics helps identify reachability and response issues. Let’s look at using ip -s neigh.
Steps
Open Terminal
First, open a terminal window on your system.
View Neighbor Stats
Use this to show neighbor statistics:
ip -s neigh
Understand Output
The output contains metrics per neighbor like:
- Packets/bytes sent/received
- Reachability status
- ARP probe and reply counts
Manipulate Interface
Disable an interface to cause neighbor disruption:
sudo ip link set eth0 down
Recheck Statistics
View neighbor stats again after manipulating connectivity:
ip -s neigh
Metrics will reflect the loss of certain neighbors.
Restore Interface
Bring the interface back up:
sudo ip link set eth0 up
Summary
The ip -s neigh command reveals useful ARP/neighbor connectivity statistics for monitoring network health and identifying issues.
Viewing IPsec Security Policies with ip xfrm policy
The ip xfrm policy command allows viewing and managing IPsec policies in Linux. IPsec provides encrypted networking for security.
Introduction
IPsec policies define rules for encrypting traffic between hosts. Inspecting policies helps validate security configuration.
Steps
Open Terminal
First, open a terminal window on your system.
List Policies
Use this to display current IPsec policies:
ip xfrm policy
Understand Output
Policies list details like:
- Unique policy ID
- Source/destination host IPs
- Direction (in/out)
- Encryption requirements
Remove Policy
Delete a policy temporarily, e.g.:
sudo ip xfrm policy del id 123
Re-add Policy
Re-insert deleted policy to restore security:
sudo ip xfrm policy add id 123 ...
Summary
The ip xfrm policy command allows inspecting IPsec security policies. This helps validate that encryption rules are correctly configured.
Viewing IPsec Security Associations with ip xfrm state
The ip xfrm state command displays current IPsec security associations in Linux. This helps monitor encryption status.
Introduction
IPsec security associations manage encrypted communication channels between hosts. Inspecting active associations provides security insights.
Steps
Open Terminal
First, open a terminal window on your system.
List Associations
Use this to show active IPsec associations:
ip xfrm state
Understand Output
Associations list details like:
- Security protocol (ESP/AH)
- Encryption algorithm
- Keys
- Connection endpoints
Flush Associations
Delete all associations temporarily, e.g:
sudo ip xfrm state flush
Restore Associations
Allow IPsec to re-establish security associations:
sudo ip xfrm state flush
Summary
The ip xfrm state command reveals active IPsec security associations. This allows monitoring encryption status between hosts.