Network basics with Manjaro Linux – Chapter 11.1

This is the thirteenth of the free articles directly taken from the Manjaro Linux User Guide book, available at https://www.amazon.com/dp/B0C4PSWRQS/. The full list of freely available articles is here: Manjaro Linux User Guide – For newbies, fans, and mid users. More information at the end of the article.

Read time: 4 minutes. Previous article: 10.3 Backups, Tools, Rsync, And Recovery. Next article: 13.2 Linux Virtual Terminals.

Available on Amazon

Intro

This section will examine the network basics by explaining how they work in local networks. An explanation of protocols, how the internet works, common network attacks, and how firewalls work is provided in Chapter 12. It also reveals how to connect securely and anonymously to the internet via a Virtual Private Network (VPN). What is important to know here is that a protocol is a set of rules for the network messages’ contents and sequences. A  message is a small data packet sent over the network. We exchange thousands of packets when we access servers, other computers, and websites. Without a protocol, we can’t communicate over a network.

IP stands for Internet Protocol, and an IP address is the unique identifier for a computer in a network. A network, wireless or cable-based, connects many computers and devices. The internet is the ultimate network of networks, connecting small local networks with public networks and servers.

We need a cable or wireless card and a local router to connect to a local network. To connect to the internet, we need an Internet Service Provider (ISP), which provides internet connectivity to our router via cable or wireless connection. No matter whether we have 5, 10, or 500 devices connected in our local network, when they connect to the internet, they all connect via the router and the ISP.

Simple local networks offer no special services except connecting to the central router for internet access. In comparison, the internet offers connections to web pages, servers, web applications, and so on. Sometimes, in local networks, information sharing is done by sharing a directory with locally connected users. Other internet users not in our network have no access to these resources.

When local special services such as servers, local wiki pages, and others are provided to local network users, it is often called intranet.

In this chapter, we will learn two ways to share information with our local network, but first, let’s see the basic terms. This chapter will also refer to starting some services, explained in detail in Chapter 13.

—– —– —– —– —–

IPv4 address

Until more than a decade ago, IP addresses were only IPv4 (IP version 4), written as four numbers between 0 and 255 separated by dots, such as 10.58.236.17. This scheme provides approximately 4.2 billion addresses, distributed between all countries worldwide and separated into five continental regions. There is a small percentage of reserved addresses in this whole range. Between 2011 and 2019, all regions gradually ran out of addresses. This is called IPv4 address exhaustion, predicted long ago and analyzed officially at the beginning of the 1990s. Nowadays, IPv4 addresses are used mainly for Local Area Network (LAN) cable connections inside a single building. The old international IPv4 addresses still belong to those who bought and reserved them for their use. For new servers, companies now pay for IPv6 addresses.

—– —– —– —– —–

IPv6 address

In 1995, the first steps were taken for the development of IPv6. In 1998, a second improvement started its development. In 2003, major universities worldwide gradually started using it experimentally, and IPv6 also found its way into the 4G mobile devices standard. The Domain Name System (DNS, reviewed later in this section) translates human language web addresses to numerical IP addresses, and has IPv6 support since 2008. By 2011, practically all major computer OSs and servers had production-quality IPv6 capabilities.

IPv6 provides 340 trillion trillion trillion addresses written in the form of 8 groups of 4 hexadecimal numbers, each separated by a colon. Hexadecimal is a numerical system with digits from 0 to 9 and then letters from A to F. An example address is as follows:

2001:0db8:0000:0000:34f4:0000:0000:003d/64.

There are several ways to reduce this string length, the most important being one double colon instead of the longest sequence of groups with all zeros:

2001:0db8::34f4:0000:0000:003d/64

If there are more occasions of more than one group with zeroes, the leftmost is replaced by the double colon. As this is still long, the second instance of all zeros in a section can be replaced with a single 0, resulting in:

2001:0db8::34f4:0:0:003d/64

Finally, leading zeros from a group can be removed, and the initial address can be written as:

2001:db8::34f4:0:0:3d/64

This string is much shorter than the original; as it has six groups, we know the double colons represent two groups with zeros.

—– —– —– —– —–

Hostname

Your computer’s hostname is a name/label that can (but not necessarily will) be used to represent your machine on the local network. You got it automatically or set it manually during Manjaro’s installation. You can always change it if you wish. To see your current name, execute $ hostname in the terminal. To change it, execute:

$ sudo hostnamectl set-hostname NewName

Discovering a machine by its hostname is not covered in this book.

DNS and WWW

The internet is the network of networks. WWW stands for World Wide Web, or the web pages hosted on different servers, which we access through the internet. Each web page has a Domain Name (such as www.google.com) and a corresponding IP address at which the page contents are located. The DNS translates the human language addresses (like google.com) to IP addresses. The three w letters are often omitted in a web address.

With the ping command, you may check whether you can reach a given address, such as google.com or packtpub.com. If the page server has not disabled ping requests, this will work. Try $ ping google.com, $ ping packtpub.com, or $ ping lwn.net. To test your IPv6 connectivity to a server, add the -6 option: $ ping -6 google.com. This is the most frequently used tool to check our internet connection.

Note that DNS usually is not installed and configured in simple local networks. It is used globally for the internet and in big companies’ intranet networks.

—– —– —– —– —–

Local network configuration basics

The next point is how to get the address of our machine locally for the network on which we will share. Again, whenever you are part of some local network (such as in your home or small office), sharing information is limited inside this network. You will need a so-called public IP to share it with everyone worldwide, so don’t worry.

The local network connection is done via a LAN cable-connected Ethernet card or a Wireless card. Such cards are also called network adapters. To list all active network adapters on your PC, use the $ ip -br -c a command. Here, br stands for brief format, and c is for coloring. For me, the ip command reported the following:

$ ip -br - c a
lo UNKNOWN 127.0.0.1/8 ::1/128
eno1 UP 10.51.8.166/22 fe80::6140:852b:fdea:3660/64
wlp3s0 UP 192.168.87.152/22 fe80::8ed8:84e3:6d3:d2b8/64

We see three rows, as I have three network adapters. The first one, lo, stands for the loopback interface. Via lo, we can load a website hosted on our PC to check it out (via the web page address http://localhost). Localhost is a hostname that calls the IP loopback interface. It is a network interface for us to our own PC and usually has the IPv4 address 127.0.0.1. The other address, ::1, is my IPv6 localhost address. Both these addresses come from the default settings of the Manjaro network driver, following the network standards. This means they are the same (and by default present) for everyone.

Any line starting with en, letters, and digits after this stands for Ethernet – a local LAN cable network card/adapter.

The last line, with wl, letters, and digits after this, stands for wireless, as my mini-PC has both wireless and Ethernet network adapters. Manjaro KDE can connect simultaneously to both, improving the throughput and network performance. Also, whenever one of the interfaces has a partial connection loss, the network manager will switch to the other network adapter, and I will not even notice.

In the preceding ip report, lo, eno1, and wlp3s0 are interface IDs for the adapters, which we can use in the terminal as arguments for different commands.

You can see that each of the interfaces has an IPv4 and an IPv6 address. The number after the slash / is the so-called subnet mask, which we will look into at the end of this section. To get more detailed information in the ip report, omit -br.

To get the list of adapters, you can also call the obsolete ifconfig command, which will show the same identifiers: lo, eno1, and wlp3s0. As it is obsolete, it is not installed by default on Manjaro. I mention this as many online guides still don’t mention that ifconfig is obsolete. To get it, you must install the net-tools package.

—– —– —– —– —–

Pinging a computer in our local network

To ping a computer means to check on the network whether a machine can answer on a given IP address. This is unrelated to whether the given machine shares something by whatever technology. In other words, ping only validates the existence of a machine with a given address and a working network connection to it. It is a continuous command and needs to be stopped with Ctrl+C. You can ping a machine using $ ping 192.168.87.152, or, if you know your network is connected via IPv6, use the following:

$ ping -6 fe80::5078:d1ff:fe30:9b9f%wlp3s0

The last part after the % sign (%xxxxxx) is the name of the interface (i.e., the network card) that we will use. In this example, this is my wireless network card ID. The -6 parameter explicitly requires the IPv6 protocol to be used. Be extra careful of single or double colons! Writing the wrong address will give you no answer.

There are three things you need to be aware of. First, computers with special network settings or special set-up firewalls may not answer to ping, leaving the impression they don’t exist. By default, however, the ping answer is enabled on any home PC.

Second, many web guides contain references to ping6, which is as obsolete as ifconfig. A few years ago, ping6 was merged into ping.

And third, local LAN cable networks might often use only IPv4, like in my office and home. This is because it is a small local network, and many users are still unaware of IPv6. Nobody implements it for local and small networks because IPv4 allows enough devices to be connected: 4.2 billion. The local network then has its own router, and all devices connected to it access the external world through it. A router typically has one worldwide viewable (discoverable) public IP.

How do we determine whether our router connects via IPv6 to the external world? This is easy – try the website https://test-ipv6.com/.

Since many modern mobile devices use IPv6 for their Wi-Fi connection, even if the cable (LAN) network is only IPv4, IPv6 is often enabled by default for devices connected via Wi-Fi. This is because the 4G mobile device standard includes IPv6 in its specification. However, not all IPv6 devices can be pinged. To run an IPv6 ping, we will need some scanning covered later in this section.

—– —– —– —– —–

Router

A router is a network device that connects multiple devices requiring network connectivity and is usually connected to the internet. It is practically a small LAN microcomputer that manages our local network. Either our ISP (the company we pay for internet access) provides us with one, or we have our own. It is the entry point for the internet. The router uses many protocols to connect on one side to the internet and on the other to all possible local devices that use the network: PCs, printers, mobiles, smart TVs, laptops, tablets, IP cameras, and so on. The diagram on Figure 11.1 presents this later in the article.

—– —– —– —– —–

Static and dynamic IPs

A dynamic IP is a network router service based on the Dynamic Host Configuration Protocol (DHCP) that assigns an IP address to any new device connected to its network. When we connect to the router via the network name and password, we get an IP. Say we disconnect from it and connect again after a week – we may often get a different (currently free) local IP.

A static IP is used when a router knows a given IP is reserved especially for one device. Based on the machine’s unique network adapter ID, it keeps the IP for this machine between reconnections. This unique ID, named Media Access Control (MAC) address, typically doesn’t change. In comparison, the IP is assigned by the router or network administrator. Many devices support editing their MAC address, but this is done only on special occasions.

The other way to have a static IP is to set up your router or server to have a reserved range of static IPs allowed on your network. In this case, you set the static IP in the given machine. Thus, the static IP is configured either in the router or in the device.

It is critically important that two machines in the same network cannot have the same IP. Once a machine is registered with an IP, connecting another machine with the same IP leads to connection errors.

We use static IPs to provide a long-term connection for other users to devices, which rarely change. Such are network printers, servers, or a home NAS. It is convenient; otherwise, each time the device address changes and we want to connect to it, we will have to reconfigure – for example, our printer setup.

When a device such as your laptop connects frequently to a network, it may get the same IP address each time. This doesn’t mean it has a static IP. Some routers work this way, especially if only a limited set of devices connect to the network.

—– —– —– —– —–

Local and public IP

When a device connects to a local network, the local router assigns to it a local IP address, no matter whether static or dynamic. To illustrate this, I have created the schematic in Figure 11.1:

Figure 11.1 – Local network architecture example

To use a metaphor, say we have a big business building with 500 offices on 47 Sunshine Blvd., in Chicago. Its address is the external public address known to anyone worldwide, equivalent to the public IP by our ISP. The internal addresses consist of floors, companies, and people’s names. They are known only by the building administration and are equivalent to the local IPs.

—– —– —– —– —–

Scanning the network

Scanning is a standard functionality of IP communication (and not hacking). For IPv4, you can download the arp-scan tool via pamac and run the following:

$ sudo arp-scan --localnet

ARP is the IPv4 Address Resolution Protocol. This command lists all IPv4-discoverable devices.

Scanning on an IPv6 network is done with ping with the -l (lowercase L) option, an explicit network adapter ID after it, and a special broadcast address. In the following example, I use my Wi-Fi card. This command scans for all IPv6 devices via the IPv6 multicast address ff02::1:

$ ping -l wlp3s0 ff02::1

This call will list some IPv6 addresses (at least the one of your router). Then, you can use one of them and test the IPv6 ping to it, adding the obligatory adapter ID at the end:

$ ping -6 fe80::5078:d1ff:fe30:9b9f%wlp3s0

Try the presented commands. The results are always interesting.

—– —– —– —– —–

Subnet mask of a network

Our last stop in this section is a subnet of a network, which defines a range of IP addresses. Understanding this is easier when you know binary numbers. If you don’t understand them, check this link related to IPs: https://www.networkacademy.io/ccna/ip-subnetting/converting-ip-addresses-into-binary.

Now, let’s consider a simple example with IPv4. The addresses in it have the format 0-255.0-255.0-255.0-255. This means we have 4 groups of digits between 0 and 255. The total possible number of addresses is 256*256*256*256 = 4.29 billion addresses. Each of these 256 numbers is represented by 8 bits; thus, 4 groups of 8 bits give us 32 bits. The subnet mask tells how many of the 32 bits are fixed and how many are free to change. If I want to tell a user, server, firewall, or software to work with all possible addresses starting with 156.144.xxx.xxx, I will use a mask of 16 bits written in the form 156.144.0.0/16. This example is a subnet of all addresses formed by the first two numbers, 156.144., and completed by two other numbers between 0 and 255.

As the first digits of the address provide its geolocation, 156.144.xxx.xxx is located in the area of Chicago, Illinois, USA. Suppose we want a particular server to be active only for this region. We then set a rule in its firewall stating that requests from any other address not within this mask shall be discarded, providing an allowed range of requestors via the mask 156.144.0.0/16. The zeros indicate that you don’t care which number is in their position (but only when used with a subnet mask!). For this example, requests to the server from an address such as 157.144.xxx.xxx will be discarded.

Here is another example. Say we have a big company in a skyscraper 50 stories high with 25,000 devices connected to its network. Instead of exposing them all directly to the internet, we want them all in a local network, which will be behind a firewall. Then, we will give the DHCP server a range of 65,535 addresses by defining a rule to work with IP mask 178.62.0.0/16. The network router will provide an IP within this range to each newly connected device. We will limit all devices’ local configurations to work only with addresses within this range by configuring their firewalls to ignore other addresses. This would allow them to communicate only with local devices. Then, one of the valid local addresses within this mask will be the address of our internet gateway. In the local settings of each device requiring internet access, we set that internet requests go to the local network’s gateway IP address. The gateway will have only a few public/international IPs visible from the internet, and all the traffic will go through them. Thus, instead of using 25,000 international addresses and leaving our local network devices unprotected, we have a local sub-network based on a mask. Typically, the gateway also has a firewall, protecting our internal network. Though this example is realistic, real settings may differ a lot, depending on multiple factors.

Any home router does the same – it has no problem connecting at least 127 devices by default (and more if necessary) and provides a local IP in your network for each. You practically have a subnet hidden from the outside world behind a dedicated public IP address provided by your ISP.

An excellent explanation of subnetting is provided here: https://www.freecodecamp.org/news/subnet-cheat-sheet-24-subnet-mask-30-26-27-29-and-other-ip-address-cidr-network-references/.

Now, how will this work for an IPv6 address? For IPv6 addresses, the subnet mask is called a routing prefix, a global prefix, or sometimes only a prefix.

You have already seen an example IPv6 address earlier in the chapter:

eno1 UP 10.51.8.166/22 fe80::6140:852b:fdea:3660/64

IPv6 provides 128-bit addressing and trillions of trillions of possible addresses. The routing prefix for IPv6 is not up to 32 bits but up to 128 bits, as we have 8 groups of 16 bits, each written with 4 hexadecimal numbers. In the decimal system, a 16-bit binary number is the range between 0 and 65,535.

So, the /64 prefix in the preceding snippet says that the first 4 groups (16*4=64) are limited, and the other groups can have any number.

If you remember, the double colon means at least one group of zeros is hidden. As we have to have eight groups, the full address is as follows:

fe80:0000:0000:0000:6140:852b:fdea:3660/64

Here is an article on IPv6, including information on shortening and prefixes: https://www.networkacademy.io/ccna/ipv6/ipv6-address-representation.

In the book we continue here with a short network sharing introduction, and then go on with NFS, Samba, SSH, and SSHFS.

—– —– —– —– —–

Next article: 13.2 Linux Virtual Terminals.

* * * * *

You can subscribe for news, discounts, and giveaways HERE. Triple Helix Guarantees 100% privacy and will never provide your data to third parties. We keep the right to inform you on some of the news for our open-source projects, which will be rare. You can unsubscribe at any moment.

You can also follow me for such news on LinkedIn, where the giveaways will take place. I share development news, guides, and helpful content.

All rights reserved. Parts of this free content are allowed to be cited only when the official link to this article is provided as a source of the information, the author’s name is mentioned, as well as the publisher and the book name. Example: “Cited from the article <insert_link> by Atanas Georgiev Rusev, as part of the Manjaro Linux User Guide book, by PACKT publishing. All rights reserved”.