LINUX
NETWORKING

// Connect. Route. Secure.

NETWORKING IS THE LIFEBLOOD OF SERVERS.

Every service runs on a network port. Every server needs an IP. Understanding how data flows through your system is fundamental to being a competent Linux administrator.

FIREWALLS PROTECT WHAT YOU OWN.

iptables isn't just a tool—it's your first line of defense. Learn to block threats, forward ports, and shape traffic. The internet is hostile. Your firewall is your shield.

MASTER THE STACK.

From IP addresses to SSH tunnels, from DNS resolution to packet filtering. This guide takes you from "it works" to "I understand exactly what's happening."

START LEARNING →

// The Path to Network Mastery

12 lessons. Full network control.

LESSON 01

Introduction to Linux Networking

Understand networking fundamentals on Linux systems

Beginner
LESSON 02

Network Interfaces and IP Configuration

Configure IPs, subnets, and interfaces

Beginner
LESSON 03

Routing and the Routing Table

Master network routing and gateway configuration

Intermediate
LESSON 04

DNS Configuration on Linux

Set up and troubleshoot DNS resolution

Beginner
LESSON 05

iptables Basics - Your First Firewall

Build basic firewall rules with iptables

Intermediate
LESSON 06

NAT and Port Forwarding

Configure network address translation

Intermediate
LESSON 07

Network Diagnostics and Troubleshooting

Use ping, traceroute, tcpdump, and netstat

Intermediate
LESSON 08

SSH Tunneling and Port Forwarding

Secure remote access and tunneling techniques

Advanced
LESSON 09

VPNs with WireGuard

Advanced
LESSON 10

Network Monitoring and Performance

Monitor bandwidth, latency, and packet loss

Advanced
LESSON 11

VPN Setup

Configure OpenVPN and WireGuard VPN servers

Advanced
LESSON 12

Advanced Networking

Load balancing, high availability, and network automation

Advanced

// Why Networking Matters

Linux powers the vast majority of servers on the internet. Understanding networking on Linux means you can:

Every network service, every web application, every container—everything depends on networking. Master this, and you can build anything.

The internet runs on Linux. Now you'll know how.

// Tools & References

📖 iptables Manual

Linux firewall documentation

linux.die.net/man/8/iptables

🔧 ip Command

Network configuration tool

man7.org/linux/man-pages

🛡️ nftables

Next-generation firewall

wiki.nftables.org

📡 SS Command

Socket statistics tool

man7.org/linux/man-pages

🔍 netstat

Network statistics

man7.org/linux/man-pages

🌐 WireGuard

Modern VPN solution

wireguard.com

// Introduction to Linux Networking

×

How Linux Handles Networking

Linux has a powerful networking stack built into the kernel. Every packet that enters or leaves your system goes through this stack, and you can configure every aspect of it.

The OSI Model Refresher

Understanding networking requires knowing the OSI model layers:

  • Layer 1 (Physical): Cables, NICs, hardware
  • Layer 2 (Data Link): MAC addresses, switches
  • Layer 3 (Network): IP addresses, routing
  • Layer 4 (Transport): TCP/UDP, ports
  • Layer 7 (Application): HTTP, DNS, SSH

Key Networking Concepts

  • IP Address: A unique identifier for your machine on a network
  • Subnet Mask: Defines which addresses are "local"
  • Gateway: The router that connects your network to the internet
  • DNS: Translates domain names to IP addresses
  • Port: A logical endpoint for network communication (1-65535)

Your First Network Commands

$ ip addr show           # Show all network interfaces and IPs
$ ip route show          # Show routing table
$ cat /etc/resolv.conf   # Show DNS servers
$ hostname -I           # Show all IP addresses

Quiz

What layer of the OSI model handles IP addresses?

What model has 7 layers for networking?

What protocol provides reliable, ordered delivery?

What protocol is faster but unreliable?

What command shows network interfaces?

What command shows the routing table?

What address identifies a network card?

What determines network vs host portion of IP?

Show Answers

Answers

  1. layer 3
  2. osi model
  3. tcp
  4. udp
  5. ip addr
  6. ip route
  7. mac address
  8. subnet mask

// Network Interfaces and IP Configuration

×

Understanding Network Interfaces

In Linux, network interfaces are represented as files in /sys/class/net/. Common interface names:

  • eth0, eth1: Traditional Ethernet interfaces
  • ens, enp: Predictable network interface names (systemd)
  • wlan0, wlan1: Wireless interfaces
  • lo: The loopback interface (127.0.0.1)
  • tun0, tap0: VPN tunnel interfaces
  • docker0: Docker bridge interface

Viewing Interface Information

$ ip link show              # Show all interfaces
$ ip addr show eth0         # Show specific interface details
$ ip -s link               # Show interface statistics
$ ethtool eth0             # Show hardware info (if installed)

Configuring IP Addresses

Temporary Configuration (lost on reboot):

$ sudo ip addr add 192.168.1.100/24 dev eth0   # Add an IP
$ sudo ip addr del 192.168.1.100/24 dev eth0   # Remove an IP
$ sudo ip link set eth0 up                       # Bring interface up
$ sudo ip link set eth0 down                     # Bring interface down

Permanent Configuration

Debian/Ubuntu (/etc/network/interfaces):

auto eth0
iface eth0 inet static
    address 192.168.1.100
    netmask 255.255.255.0
    gateway 192.168.1.1
    dns-nameservers 8.8.8.8 8.8.4.4

RHEL/CentOS (/etc/sysconfig/network-scripts/ifcfg-eth0):

TYPE=Ethernet
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8

Quiz

Which command brings a network interface down?

What is the traditional name for first Ethernet interface?

What is the loopback interface name?

What command assigns an IP address?

What is the loopback IP address?

What protocol automatically assigns IPs?

What setting controls maximum packet size?

What command shows interface hardware info?

Show Answers

Answers

  1. ip link set eth0 down
  2. eth0
  3. lo
  4. ip addr add
  5. 127.0.0.1
  6. dhcp
  7. mtu
  8. ethtool

// Routing and the Routing Table

×

Understanding Linux Routing

Routing is the process of deciding where to send a packet. The routing table contains rules that determine the path packets take.

Viewing the Routing Table

$ ip route show
default via 192.168.1.1 dev eth0 proto dhcp src 192.168.1.100 metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100
192.168.2.0/24 via 192.168.1.254 dev eth0

Understanding the Output

  • default: The default gateway (route of last resort)
  • via 192.168.1.1: Next hop IP address
  • dev eth0: Output interface
  • proto dhcp: How the route was learned
  • metric 100: Route priority (lower is preferred)
  • scope link: Only reachable on this link

Adding Static Routes

$ sudo ip route add 10.0.0.0/8 via 192.168.1.1 dev eth0   # Add route to private network
$ sudo ip route add 172.16.0.0/12 via 192.168.1.1        # Another private network
$ sudo ip route add default via 192.168.1.1             # Default gateway
$ sudo ip route del 10.0.0.0/8                            # Remove a route

Policy Routing

Linux supports advanced routing with multiple tables:

$ ip route show table all              # Show all tables
$ cat /etc/iproute2/rt_tables       # View routing tables
$ sudo ip rule add from 192.168.1.100 table internal   # Add routing rule

Quiz

What does "default" in the routing table represent?

What device connects your network to internet?

What command adds a static route?

What determines route priority?

What keyword specifies next hop in route?

What limits route to local network?

What file defines custom routing tables?

What command manages routing policy?

Show Answers

Answers

  1. the route of last resort
  2. gateway
  3. ip route add
  4. metric
  5. via
  6. scope
  7. rt_tables
  8. ip rule

// DNS Configuration on Linux

×

How Linux Resolves Names

Linux uses a system called NSS (Name Service Switch) and /etc/nsswitch.conf to determine how to resolve hostnames:

$ cat /etc/nsswitch.conf | grep hosts
hosts: files dns myhostname

This means Linux looks in:

  1. files: /etc/hosts first
  2. dns: Then queries DNS servers
  3. myhostname: Falls back to local hostname

/etc/hosts - Local Name Resolution

$ cat /etc/hosts
127.0.0.1   localhost
127.0.1.1   myserver
192.168.1.10    dbserver.internal
192.168.1.11    webserver.internal

/etc/resolv.conf - DNS Servers

$ cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
search internal.local

DNS Lookup Tools

$ class="command">         # Basic DNS lookup (deprecated)
$ dig google.com            # Detailed DNS query
$ dig +short google.com     # Just get the IP
$ host google.com           # Simple lookup
$ getent hosts google.com   # Use NSS resolver

Systemd-Resolved

Modern systems use systemd-resolved which manages /etc/resolv.conf:

$ resolvectl status        # Show DNS servers
$ resolvectl query google.com   # Query DNS

Quiz

In /etc/nsswitch.conf, what does "files" refer to for host resolution?

What file contains DNS server addresses?

What command queries DNS servers?

What command provides detailed DNS info?

What service manages DNS on modern Linux?

Show Answers

Answers

  1. /etc/hosts
  2. resolv.conf
  3. nslookup
  4. dig
  5. systemd-resolved

// iptables Basics - Your First Firewall

×

Understanding iptables

iptables is the Linux firewall that filters packets based on rules. It uses "chains" that packets pass through:

  • INPUT: Packets destined for local processes
  • OUTPUT: Packets generated locally
  • FORWARD: Packets being routed through (not for local)
  • PREROUTING: Before routing decision (NAT)
  • POSTROUTING: After routing decision (NAT)

Viewing Rules

$ sudo iptables -L -v -n        # List all rules with details
$ sudo iptables -L INPUT -n     # List INPUT chain
$ sudo iptables -t nat -L -v    # View NAT table

Basic Rule Syntax

$ sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT   # Allow SSH
$ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT   # Allow HTTP
$ sudo iptables -A INPUT -j DROP                      # Drop everything else

Common Options

  • -A: Append rule to chain
  • -I: Insert rule at position
  • -D: Delete rule
  • -p: Protocol (tcp, udp, icmp)
  • --dport: Destination port
  • --sport: Source port
  • -s: Source address
  • -d: Destination address
  • -j: Jump (target): ACCEPT, DROP, REJECT, LOG
  • -i: Input interface
  • -o: Output interface

Practical Examples

# Allow established connections (important!)
$ sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow SSH on custom port
$ sudo iptables -A INPUT -p tcp --dport 2222 -j ACCEPT

# Allow HTTP and HTTPS
$ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
$ sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

# Allow ping
$ sudo iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT

# Drop everything else
$ sudo iptables -A INPUT -j DROP

Quiz

Which chain handles packets destined for a local service?

Which chain handles locally generated packets?

Which chain handles routed packets?

What target allows traffic?

What target blocks traffic silently?

Show Answers

Answers

  1. input
  2. output
  3. forward
  4. accept
  5. drop

// NAT and Port Forwarding

×

Understanding NAT

Network Address Translation (NAT) allows multiple devices to share a single public IP address. The NAT table has two main purposes:

  • SNAT (Source NAT): Change source IP of outgoing packets
  • DNAT (Destination NAT): Change destination IP of incoming packets

Common NAT Scenarios

# Masquerade (hide private network behind public IP)
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

# Port forward (external port 8080 to internal 192.168.1.100:80)
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to-destination 192.168.1.100:80

# Forward to internal host
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to-destination 192.168.1.50:22

Enable IP Forwarding

# Temporarily enable (for routing)
$ sudo sysctl -w net.ipv4.ip_forward=1

# Permanently (add to /etc/sysctl.conf)
$ echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/99-ip-forward.conf
$ sudo sysctl -p /etc/sysctl.d/99-ip-forward.conf

Persistent NAT Rules

iptables rules are lost on reboot. Save them:

# Debian/Ubuntu
$ sudo iptables-save | sudo tee /etc/iptables/rules.v4

# RHEL/CentOS
$ sudo service iptables save

# Restore on boot (add to startup)
$ sudo iptables-restore < /etc/iptables/rules.v4

Quiz

Which iptables table is used for NAT?

What changes source IP for outgoing traffic?

What changes destination IP for incoming traffic?

What is dynamic SNAT called?

What redirects traffic to different port?

Show Answers

Answers

  1. nat
  2. snat
  3. dnat
  4. masquerade
  5. port forwarding

// Network Diagnostics and Troubleshooting

×

Essential Diagnostic Tools

When network issues arise, these tools are your best friends:

ping - Test Connectivity

$ ping google.com              # Continuous ping
$ ping -c 4 google.com         # Ping 4 times
$ ping -i 0.2 google.com       # Faster interval
$ ping -I eth0 google.com       # Specific interface

traceroute - Path Discovery

$ traceroute google.com       # Trace route
$ traceroute -I google.com      # ICMP traceroute
$ traceroute -T google.com      # TCP traceroute
$ mtr google.com                # Continuous traceroute

netstat/ss - Port and Connection Info

$ ss -tuln                  # Listening TCP/UDP ports
$ ss -tn                    # Active connections
$ ss -tp                    # Show process using socket
$ ss -s                     # Socket summary

tcpdump - Packet Capture

$ sudo tcpdump -i eth0                    # Capture all traffic
$ sudo tcpdump -i eth0 port 80              # HTTP traffic only
$ sudo tcpdump -i eth0 host 8.8.8.8         # Specific host
$ sudo tcpdump -i eth0 -w capture.pcap      # Save to file
$ tcpdump -r capture.pcap                   # Read from file

Other Essential Tools

$ ip neighbor show          # ARP table
$ netstat -i               # Interface statistics
$ dig +trace google.com     # Full DNS resolution
$ curl -v google.com        # HTTP request with details
$ nc -zv host 80             # Check if port is open

Quiz

Which tool shows which process is using a network port?

What is the older alternative to ss?

What captures network packets?

What tests connectivity to a host?

What shows the path packets take?

Show Answers

Answers

  1. ss -tp
  2. netstat
  3. tcpdump
  4. ping
  5. traceroute

// SSH Tunneling and Port Forwarding

×

Why SSH Tunnels?

SSH tunnels encrypt your traffic and can bypass firewalls. They're essential for:

  • Secure browsing on public WiFi
  • Accessing internal services remotely
  • Bypassing restrictive firewalls
  • Securing unencrypted protocols

Local Port Forwarding (-L)

Forward a local port to a remote destination:

# Access remote MySQL through SSH tunnel
$ ssh -L 3306:localhost:3306 user@remote-server

# Access internal web server
$ ssh -L 8080:internal-web:80 user@gateway

# Background tunnel with key
$ ssh -f -N -L 8080:internal-web:80 user@gateway

Remote Port Forwarding (-R)

Allow remote host to access local services:

# Expose local web server to remote
$ ssh -R 8080:localhost:80 user@remote-server

# Share local port with internet (requires GatewayPorts)
$ ssh -R 0.0.0.0:8080:localhost:80 user@remote-server

Dynamic Port Forwarding (-D)

Create a SOCKS proxy for dynamic forwarding:

# Create SOCKS proxy on local port 1080
$ ssh -D 1080 user@remote-server

# Use with browser: localhost:1080 as SOCKS5 proxy
$ ssh -f -N -D 1080 user@remote-server

SSH Config for Easy Tunnels

$ cat ~/.ssh/config
Host tunnel
    HostName remote-server.com
    User admin
    LocalForward 8080 internal-web:80
    IdentityFile ~/.ssh/id_rsa

Now just run: ssh tunnel

Quiz

Which SSH flag creates a SOCKS proxy for dynamic forwarding?

Which SSH flag enables local port forwarding?

Which SSH flag enables remote port forwarding?

Which SSH flag redirects stdin from /dev/null?

Which SSH flag runs in background?

Show Answers

Answers

  1. -d
  2. -l
  3. -r
  4. -n
  5. -f

// VPNs with WireGuard

×

Why WireGuard?

WireGuard is a modern, fast, and simple VPN. Compared to OpenVPN:

  • Faster: ~4x faster than OpenVPN
  • Simpler: ~4,000 lines vs ~100,000
  • Secure: Modern cryptography (Curve25519, ChaCha20)
  • Kernel-native: Built into Linux kernel

Installing WireGuard

$ sudo apt install wireguard        # Debian/Ubuntu
$ sudo dnf install wireguard-tools   # RHEL/Fedora

Generating Keys

$ wg genkey | tee privatekey | wg pubkey > publickey

Server Configuration

$ sudo cat > /etc/wireguard/wg0.conf << 'EOF'
[Interface]
Address = 10.0.0.1/24
ListenPort = 51820
PrivateKey = SERVER_PRIVATE_KEY
PostUp = iptables -A FORWARD -i %i -j ACCEPT
PostUp = iptables -A FORWARD -o %i -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT
PostDown = iptables -D FORWARD -o %i -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = CLIENT_PUBLIC_KEY
AllowedIPs = 10.0.0.2/32
EOF

Client Configuration

$ sudo cat > wg0.conf << 'EOF'
[Interface]
Address = 10.0.0.2/24
PrivateKey = CLIENT_PRIVATE_KEY
DNS = 1.1.1.1

[Peer]
PublicKey = SERVER_PUBLIC_KEY
Endpoint = your-server.com:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25
EOF

Starting WireGuard

$ sudo wg-quick up wg0      # Start VPN
$ sudo wg-quick down wg0    # Stop VPN
$ sudo wg show            # Show status
$ sudo systemctl enable wg-quick@wg0  # Enable on boot

Quiz

What port does WireGuard use by default?

What is the default WireGuard interface name?

What tool manages WireGuard interfaces?

What key must stay secret in WireGuard?

What represents a remote VPN endpoint?

Show Answers

Answers

  1. 51820
  2. wg0
  3. wg-quick
  4. privatekey
  5. peer

// Network Monitoring and Performance

×

Monitoring Network Traffic

Understanding your network traffic patterns is crucial for security and performance.

iftop - Real-Time Traffic

$ sudo iftop                    # Monitor all traffic
$ sudo iftop -i eth0           # Specific interface
$ sudo iftop -B                # Bytes instead of bits

nethogs - Per-Process Traffic

$ sudo nethogs                # Show per-process bandwidth
$ sudo nethogs eth0           # Specific interface

Bandwidth Monitoring with vnstat

$ vnstat -l                   # Live monitoring
$ vnstat -h                   # Hourly stats
$ vnstat -d                   # Daily stats
$ vnstat -m                   # Monthly stats

Network Performance Metrics

$ cat /proc/net/dev           # Interface statistics
$ ip -s link                 # Packet error counters
$ netstat -s                 # Protocol statistics
$ sar -n DEV 1 5             # Network I/O rates

Custom Traffic Scripts

# Simple traffic monitor script
$ cat traffic-monitor.sh
#!/bin/bash
INTERFACE="eth0"
while true; do
    RX1=$(cat /sys/class/net/$INTERFACE/statistics/rx_bytes)
    TX1=$(cat /sys/class/net/$INTERFACE/statistics/tx_bytes)
    sleep 1
    RX2=$(cat /sys/class/net/$INTERFACE/statistics/rx_bytes)
    TX2=$(cat /sys/class/net/$INTERFACE/statistics/tx_bytes)
    echo "RX: $(( (RX2-RX1)/1024 )) KB/s TX: $(( (TX2-TX1)/1024 )) KB/s"
done

Quiz

Which tool shows bandwidth usage per process?

What shows bandwidth per host connection?

What monitors long-term traffic history?

What is a curses-based bandwidth monitor?

Where does Linux store interface statistics?

Show Answers

Answers

  1. nethogs
  2. iftop
  3. vnstat
  4. bmon
  5. /sys/class/net

// VPN Setup

×

VPN Fundamentals

A Virtual Private Network (VPN) creates an encrypted tunnel over an untrusted network, allowing secure remote access and privacy protection.

WireGuard Setup

WireGuard is a modern, fast, and secure VPN protocol. Here's how to configure it:

$ sudo apt install wireguard wireguard-tools # Install WireGuard on Debian/Ubuntu $ sudo dnf install wireguard-tools # Install on RHEL/CentOS/Fedora

Generating WireGuard Keys

$ wg genkey | tee privatekey | wg pubkey > publickey # Generate private and public keys $ cat privatekey # View private key (keep secret!) $ cat publickey # View public key (share with peers)

WireGuard Server Configuration

$ sudo nano /etc/wireguard/wg0.conf [Interface] Address = 10.0.0.1/24 ListenPort = 51820 PrivateKey = SERVER_PRIVATE_KEY PostUp = iptables -A FORWARD -i wg0 -j ACCEPT PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [Peer] # Client 1 PublicKey = CLIENT1_PUBLIC_KEY AllowedIPs = 10.0.0.2/32

OpenVPN Setup (Alternative)

OpenVPN is a mature VPN solution with wide compatibility:

$ sudo apt install openvpn easy-rsa # Install OpenVPN $ sudo systemctl enable --now openvpn-server@server # Start and enable OpenVPN service
Security Tip: Always use strong encryption (AES-256-GCM), perfect forward secrecy, and keep your VPN software updated to protect against vulnerabilities.

Client Configuration

$ sudo wg-quick up wg0 # Start WireGuard interface $ sudo wg-quick down wg0 # Stop WireGuard interface $ sudo systemctl enable wg-quick@wg0 # Enable on boot

Troubleshooting VPN Connections

$ sudo wg show # Check WireGuard status $ sudo tcpdump -i wg0 # Monitor VPN interface traffic $ ping 10.0.0.1 # Test VPN connectivity

Quiz

What command is used to start a WireGuard interface?

What is WireGuard's default UDP port?

What iptables target allows VPN clients to access the internet?

Which key can be safely shared with VPN peers?

Show All Answers

Answers

  1. wg-quick
  2. 51820
  3. masquerade
  4. publickey

// Advanced Networking

×

Load Balancing

Load balancing distributes network traffic across multiple servers to improve performance and reliability.

HAProxy for Load Balancing

HAProxy is a high-performance TCP/HTTP load balancer:

$ sudo apt install haproxy # Install HAProxy $ sudo nano /etc/haproxy/haproxy.cfg frontend web_frontend bind *:80 default_backend web_servers backend web_servers balance roundrobin server web1 192.168.1.10:80 check server web2 192.168.1.11:80 check server web3 192.168.1.12:80 check

Nginx Load Balancing

$ sudo nano /etc/nginx/nginx.conf upstream backend { least_conn; server 192.168.1.10:8080 weight=5; server 192.168.1.11:8080 weight=5; server 192.168.1.12:8080 backup; } server { location / { proxy_pass http://backend; } }

High Availability with Keepalived

Keepalived provides VRRP (Virtual Router Redundancy Protocol) for automatic failover:

$ sudo apt install keepalived # Install Keepalived $ sudo nano /etc/keepalived/keepalived.conf vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 authentication { auth_type PASS auth_pass secret123 } virtual_ipaddress { 192.168.1.100/24 } }
High Availability: Configure a BACKUP node with lower priority (e.g., 90) on another server. If the MASTER fails, the BACKUP automatically takes over the virtual IP.

Network Automation with Ansible

Ansible automates network configuration across multiple devices:

$ sudo apt install ansible # Install Ansible $ cat > network.yml << 'EOF' --- - name: Configure Network hosts: webservers become: yes tasks: - name: Configure static IP template: src: interfaces.j2 dest: /etc/network/interfaces notify: restart networking - name: Configure firewall ufw: rule: allow port: '80' handlers: - name: restart networking service: name=networking state=restarted EOF $ ansible-playbook network.yml # Run the playbook

Network Bonding

Bonding combines multiple network interfaces for redundancy or increased bandwidth:

$ sudo nano /etc/netplan/01-netcfg.yaml network: version: 2 ethernets: eth0: {} eth1: {} bonds: bond0: dhcp4: yes interfaces: - eth0 - eth1 parameters: mode: active-backup primary: eth0

Quiz

What software is commonly used for TCP/HTTP load balancing?

What provides VRRP for automatic IP failover?

What tool is used for network automation and configuration management?

What load balancing algorithm distributes requests equally in sequence?

Show All Answers

Answers

  1. haproxy
  2. keepalived
  3. ansible
  4. roundrobin