Gentoo for Network Admins
This article hosts a guide for fellow UNIX Network Admins/SRE/DevOps into configuring a fully-fledged Swiss army knife Gentoo in order to make network debugging much easier.
This guide assumes the reader is already familiar with the networking terminology and therefore will not go into further detail in explaining common acronyms or concepts. For example: defining DNS, IP addresses, OSI layers, et. al.
net-dns/bind-tools contains most of the DNS debugging tools such as nslookup, dig, and host.
emerge --ask net-dns/bind-tools
The s_client, ocsp, x509 commands and others:
emerge --ask dev-libs/openssl
Most popular command for netcat is nc -zv <host> <port>
emerge --ask net-analyzer/netcat
Check which ports are open, which services are running with nmap.
emerge --ask net-analyzer/nmap
Listen on an interface and show src/dest traffic and speed:
emerge --ask net-analyzer/iftop
Inspect incoming/outgoing packets:
emerge --ask net-analyzer/tcpdump
Network bandwidth measurement
iperf has many use cases. It can for example stress test a network by running iperf -c qa2
emerge --ask net-misc/iperf
IP troubleshooting (L3)
MyTraceroute does a traceroute by probing with ICMP packets:
emerge --ask net-analyzer/mtr
In case ICMP is blocked by some firewall on the LAN, try tcptraceroute:
emerge --ask net-analyzer/tcptraceroute
lft Layer four traceroute, traceroute using TCP:
emerge --ask net-analyzer/lft
Link detection, WOL support, link modes et. al.:
emerge --ask sys-apps/ethtool
Directly connected neighbor detection, capabilities, connected port etc:
emerge --ask net-misc/lldpd
Copy logs, file contents, et. al. without leaving terminal cat /var/log/emerge.log | xclip -sel clip
emerge --ask x11-misc/xclip
- Recommended tools — lists system administration related tools recommended for use in a shell (terminal/console) environment.