Linux: Navigating the Network
IP Addresses, Netmasks, and Routing on Linux Servers
Introduction to Network Interfaces
Network interfaces refers to the point of interconnection between two systems. In linux, these can be hardware or software entities.
wlan0is the name of the wireless interface which is piece of hardware typically integrated into the motherboard.eth0is the name of the wired connections.lois a special network interface that your computer uses to communicate with itself. It’s often referred to aslocalhost(127.0.0.1). This can be great for debugging.Virtual interfaces are like virtual private networks, i.e. VPNs or container networking.
Public vs. Private IP Addresses
A public IP address is globally unique and can be accessed directly over the internet. It’s typically assigned to your router by your internet service provider (ISP).
The router then routes the public requests through the public IP to internal, private IPs. Private IPs are hidden away in your local network. Each devices in your network has a unique, private IP address, which is how devices on the same internal network talk to each other.
Understanding netmasks
Netmasks are used to break the IP into two parts: the network part and the host part. “The host” sounds fancy, but it just means “a specific device within the network”. Based on this information, one can see which network, sub-network and device the network interface belongs to.
Lets look at an example: We have an IP which is 161.35.30.228, and a netmask which is 255.255.240.0.
The netmask is translating the IP using a bitwise AND operation. All the 1’s
Step 1 - convert to binary representation
First, the netmask and network interface IP are converted to binary form, while still keeping the four octets.
Netmask:
255.255.240.0becomes11111111.11111111.11110000.00000000Network interface IP:
161.35.30.228becomes10100001.00100011.00011110.11100100
Step 2 - apply the netmask to separate the network interface IP into two parts
All the 1 and 2 in the netmask are translating the network interface IP. 1 means “keep the bit”, 0 means the result is 0.
The first octet in the netmask (11111111) is applied to the first octet of the network interface IP (10100001). Because the first octet in the netmask contains only 1, all the bits in the first octet of the network interface IP is part of the network portion.
Second octet of network interface IP (00100011) is also part of the network portion.
Third octet of the netmask is 11110000 which means the first four bits (0001) are part of the network portion, and the rest (1110) is part of the host/decide portion.
Forth octet of the netmask is 00000000, so the entire fourth octet (11100100) is part of the host/device part.
Step 3 - the result
Resulting network portion
Binary:
10100001.00100011.0001Converted back to IP address:
161.35.16
Host portion
Binary:
1110.11100100Converted back to IP address:
.14.228
So the network interface in this example is part of the 161.35.16 network, and .14.228 is the IP address of the device within the network. It’s like a street address; the network part is the city and the host/device part is the specific house number. There can be multiple houses in the same city, i.e. multiple devices in the same network.
Case Study: A Linux Server Network Configuration
Imagine a Linux server with the following network configuration output from ifconfig:
The server has two main interfaces:
eth0with an IP of192.168.1.10andeth1with an IP of10.0.0.15.eth0is connected to the public internet with a subnet mask of255.255.255.0, whileeth1is part of a private internal network with a subnet mask of255.0.0.0.
By analyzing the subnet masks, we can determine that eth0 is part of a smaller network segment, likely for internet-facing services. The reason the eth0 is part of a smaller network is that 255.255.255.0 has only one octet for devices, meaning only 255 devices can be part of the network. This case, eth0 has a host IP of 10. This means it's the 10th host (device) address in the subnet range 192.168.1.0 to 192.168.1.255.
In contrast, eth1 is used for a broader private network, possibly for internal communications or services.
Such configurations allow the server to handle both external and internal traffic efficiently, ensuring security and performance optimization.
Thank you for reading :-)