Gentoo for Network Admins
This article hosts a guide for forging Gentoo into a fully-fledged, network-debugging Swiss army knife. This guide will be found useful for network admins, site reliability engineers, and DevOps engineers.
This guide assumes the reader is already familiar with the networking terminology and will therefore not go into further detail in explaining common acronyms or concepts. For example: defining DNS, IP addresses, OSI layers, et. al.
net-dns/bind-tools contains most of the DNS debugging tools such as nslookup, dig, and host.
emerge --ask net-dns/bind-tools
The s_client, ocsp, x509 commands and others are included in the dev-libs/openssl package.
emerge --ask dev-libs/openssl
Most popular command for netcat is nc -zv <host> <port>
emerge --ask net-analyzer/netcat
Check which ports are open, which services are running with nmap.
emerge --ask net-analyzer/nmap
Listen on an interface and show src/dest traffic and speed:
emerge --ask net-analyzer/iftop
Inspect incoming/outgoing packets:
emerge --ask net-analyzer/tcpdump
Network bandwidth measurement
iperf has many use cases. It can for example stress test a network by running
iperf -c qa2
IP troubleshooting (L3)
MyTraceroute does a traceroute by probing with ICMP packets:
emerge --ask net-analyzer/mtr
In case ICMP is blocked by some firewall on the LAN, try tcptraceroute:
emerge --ask net-analyzer/tcptraceroute
lft Layer four traceroute, traceroute using TCP:
emerge --ask net-analyzer/lft
Directly connected neighbor detection, capabilities, connected port etc:
emerge --ask net-misc/lldpd
Link detection, WOL support, link modes et. al.:
emerge --ask sys-apps/ethtool
x11-misc/xclip can be used to copy logs, file contents, etc. without leaving the terminal. For example:
cat /var/log/emerge.log | xclip -sel clip
- Recommended tools — lists system-administration related tools recommended for use in a shell environment (terminal/console)