Gentoo for Network Admins

This article hosts a guide for forging Gentoo into a fully-fledged, network-debugging Swiss army knife. This guide will be found useful for network admins, site reliability engineers, and DevOps engineers.

Useful tools

DNS debugging

net-dns/bind-tools contains most of the DNS debugging tools such as nslookup, dig, and host.

SSL/TLS/PKI troubleshooting

The s_client, ocsp, x509 commands and others are included in the dev-libs/openssl package.

Port knocking/scanning

Most popular command for netcat is nc -zv <host> <port>

Check which ports are open, which services are running with nmap.

Traffic analyzers

Listen on an interface and show src/dest traffic and speed:

Inspect incoming/outgoing packets:

Network bandwidth measurement

iperf has many use cases. It can for example stress test a network by running

IP troubleshooting (L3)

MyTraceroute does a traceroute by probing with ICMP packets:

In case ICMP is blocked by some firewall on the LAN, try tcptraceroute:

lft Layer four traceroute, traceroute using TCP:

L2 troubleshooting

Directly connected neighbor detection, capabilities, connected port etc:

L1 troubleshooting

Link detection, WOL support, link modes et. al.:

Others

x11-misc/xclip can be used to copy logs, file contents, etc. without leaving the terminal. For example:

See also

• Recommended tools — lists system-administration related tools recommended for use in a shell environment (terminal/console)

External resources

• Tcpdump examples: 50 practical recipes for everyday tasks
• Julia Evans tcpdump interactive magazine
• Find RFC's easier