Networking

Netplan Reference

https://netplan.io/reference/

http://manpages.ubuntu.com/manpages/cosmic/man5/netplan.5.html

Dnsmasq Man Pages

https://linux.die.net/man/8/dnsmasq

I/O and Resource Access Metrics:

#execute typical instruction                       1 nanosec
#fetch from L1 cache memory                      0.5 nanosec
#branch misprediction                              5 nanosec
#fetch from L2 cache memory                        7 nanosec
#Mutex lock/unlock                                25 nanosec
#fetch from main memory                          100 nanosec
#send 2K bytes over 1Gbps network             20,000 nanosec
#read 1MB sequentially from memory           250,000 nanosec
#fetch from new disk location (seek)       8,000,000 nanosec
#read 1MB sequentially from disk          20,000,000 nanosec
#send packet US to Europe and back       150,000,000 nanosec

Linux Networking

Here we are going to be dealing with ethernet, links, virtual network interfaces, and virtual private networks, and tunnels.

https://en.wikipedia.org/wiki/Iproute2

The iproute2 collection includes the tools

1. arpd

2. bridge

3. ctstat

4. dcb

5. devlink

6. ip show / manipulate routing, network devices, interfaces and tunnels

7. lnstat

8. nstat

9. rdma

10. routef

11. rtacct

12. rtmon

13. rtstat

14. ss

15. tc

16. tipc

• ip addr and ip link and ip -s Address and Link Configuration

• ip route for routing tables

• ip neigh for Neighbors

• ip tunnel for Tunnels

• ip link set name rename network interface

• ip maddr multicast

• ip -s and ss for various network statustics

• bridge Handle bridge Addresses and devices

• lsmod show the status of modules in the linux kernel

• conntrack netfilter connection tracking tool

• ethtool settings and properties of an ethernet interface

# bring up or down a network interface
sudo ifconfig wlan0 down
sudo ifconfig wlan0 up

Internet Protocol v4 and v6

# four octets
ipv4 = 0xFF ** 4

print(ipv4)

# eight hextets
ipv6 = 0xFFFF ** 8

print(ipv6)

Reserved IP Addresses for IPv4 and IPv6

https://en.wikipedia.org/wiki/Reserved_IP_addresses

Private Network Address Ranges/blocks for IPv4 and IPv6:

https://en.wikipedia.org/wiki/Private_network

DNS

# flush dns caches
sudo systemd-resolve --flush-caches

# restart network d
sudo systemctl restart systemd-networkd

systemd-resolve --status | grep 'DNS Servers' -A2

# make a dns request over dnsmasq over non standard DNS port
dig @2601:181:c400:121b::feed -p 5399 uraspi.vpn

# make a dns request over dnsmasq over the standard DNS port
dig @2601:181:c400:121b::feed -p 53 uraspi.vpn

IPv4

Subnet Mask Cheatsheet:

https://www.aelius.com/njh/subnet_sheet.html

None-Loopback open ports and interfaces

This command greps everything that might need to be allowed through the firewall

sudo netstat -plnt | grep -E '192.168*|2601*'

IPv6

General and Special Special Address Blocks and Ranges

IPv6 Address Structure

https://en.wikipedia.org/wiki/IPv6_address

Special Purpose Addresses:

https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml#iana-ipv6-special-registry-1

Global Unicast Addresses:

https://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml

# get IPv6 hosts
ifconfig |grep inet6

# another way
ip -6 addr show

# http requests via explicit IPv6 addresses
wget http://[2601:181:c400:121b::999]/basic.html

Link Local IPv6 Addresses:

# to reach link local address we need to include the interface name of the localhost
# wlp61s0 is the interface name on thinkpad
# 96c6:91ff:fe1b:8e15 is the link address of nuc

ping fe80::96c6:91ff:fe1b:8e15%wlp61s0

ssh fe80::96c6:91ff:fe1b:8e15%wlp61s0

#assuming your the host interface name in variable MAIN_ETHERNET
# to obtain your link address for a given ethernet interface
ifconfig $MAIN_ETHERNET | grep link | awk '{print $2}'

# manually assign link addresses

ip -6 addr add fe80::feed/64 dev eno1 # nuc
ip -6 addr add fe80::face/64 dev wlp61s0 # thinkpad

Listen to IPv6 Addresses in Nginx:

For a specific Host

listen [2601:181:c400:121b::999]:80;

Wildcard IPv6 host

listen [::]:80;

Configure Host IPv6 static addresses in home network or private network

SLAAC+Stateless DHCP

Each host to assign their own IPv6 addresses, and addresses don’t get leased / released

Address Prefix

The netmask in IPv4 language, which is usually 64, meaning 64 bit prefix.

Gateway LAN Address

The gateway is the routers LAN IPv6 address, probably based on its MAC address, and looks something like this:

2601:181:C400:121B:1E3B:F3FF:FED2:6309

Static IPV6 address

Each host to assign their own static IP, and NAT is not needed in IPv6. Either Automatically (each host will ping others in the network to ensure IP is not already being used, or manually.

Assuming network prefix is:

2601:181:C400:121B

or

2601:181:C400:121B::/64

A host IP can range from

2601:181:C400:121B::1

to

2601:181:C400:121B:FFFF:FFFF:FFFF:FFFF