akatsync
3 Followers 2 Following
PUBLIC FOLDERS
All
Genshine
2 Pages
Linux
2 Pages
My Java Script Journey
1 Pages
Web
2 Pages
Notes in “Linux”
Linux Networking: What Actually Happens When Your System Talks to the Internet
Published Jan 01, 2026

 

You open a terminal.
You type a command.
You hit Enter.

Sometimes it works instantly.
Sometimes it hangs.
Sometimes it fails with no clear reason.

That moment — when Linux is “thinking” — is networking in action.

Let’s break down what actually happens when your Linux system talks to the internet, without buzzwords or textbook noise.

Step 1: Linux Doesn’t Know Names, Only Numbers

When you type:

google.com

Linux doesn’t understand that name.

It immediately asks:

“What is the IP address for this?”

This is DNS.

Linux checks the DNS servers listed in:

/etc/resolv.conf

If DNS fails:

  • Websites won’t load
  • Browsers show “No internet”
  • But ping 8.8.8.8 might still work

This is why DNS issues feel confusing — the network is up, but name resolution is broken.

Step 2: Routing — Deciding Where Traffic Goes

Once Linux has the IP address, it needs to decide how to reach it.

That decision is made using the routing table:

ip route

A typical entry looks like:

default via 192.168.1.1 dev eth0

This means:

“If the destination isn’t local, send it to the router.”

If this route is missing or wrong, your system knows where it wants to go — but has no path to get there.

Step 3: Network Interfaces Are the Doors

Linux sends data through interfaces, not through “the internet”.

Common ones:

  • eth0 – Ethernet
  • wlan0 – Wi-Fi
  • lo – Loopback (self communication)

You can check them with:

ip addr

If an interface is down, nothing leaves your system — even if everything else is configured perfectly.

This is why many network fixes start with:

ip link

Step 4: Ports Decide Which Application Gets the Data

Your system doesn’t talk to the internet — applications do.

Ports are how Linux knows which app should receive data.

Examples:

  • Web server → 80 / 443
  • SSH → 22
  • Database → 5432

You can see active ports using:

ss -tulnp

A common mistake:

  • Service is running
  • Port is open
  • But it’s bound to 127.0.0.1

That means it works only locally, not from the outside world.

Step 5: Firewalls Can Block Everything Silently

Even if:

  • The app is running
  • The port is listening
  • The route exists

Linux still asks:

“Is this traffic allowed?”

This is handled by the firewall:

  • iptables
  • nftables
  • ufw

Firewalls don’t always say “blocked”.
They often just drop packets quietly.

That’s why networking bugs sometimes feel like ghosts.

Step 6: NAT — Why Your Private IP Works Online

Your Linux machine usually has a private IP like:

192.168.1.10

The internet never sees this.

Your router uses NAT (Network Address Translation) to:

  • Replace private IPs with a public one
  • Track which response belongs to which device

This is why:

  • Port forwarding exists
  • Containers need special rules
  • Some services work internally but not externally

NAT is invisible — until it breaks.

Why Linux Networking Feels Hard (But Isn’t)

Linux networking is not one thing.

It’s a pipeline:

  1. DNS → name to IP
  2. Routing → path decision
  3. Interface → exit door
  4. Port → application
  5. Firewall → permission
  6. NAT → translation

If any one step fails, everything fails.

But once you understand this chain, debugging becomes logical — not magical.

Final Thought

Linux networking isn’t about memorizing commands.

It’s about understanding how Linux thinks:

  • Where should this packet go?
  • Who should receive it?
  • Should it be allowed?

When you understand those questions, you stop guessing — and start fixing problems with confidence.

0 0 1
Read →
Understanding ip route Output — Line by Line, Word by Word
Published Jan 01, 2026

When debugging network issues on Linux, one of the most important commands is:

ip route

This command shows the routing table — the rules your system uses to decide where every network packet should go.

Let’s break down the following output in detail:

default via 192.168.1.1 dev wlp0s20f3 proto dhcp src 192.168.1.9 metric 600
192.168.1.0/24 dev wlp0s20f3 proto kernel scope link src 192.168.1.9 metric 600

No assumptions. No skipped words.

What a Routing Table Actually Is

A routing table is a list of instructions that answers one question:

“If a packet needs to go to this destination, which interface, gateway, and source IP should be used?”

Linux checks routes top-down, choosing the most specific match.

Line 1: The Default Route

default via 192.168.1.1 dev wlp0s20f3 proto dhcp src 192.168.1.9 metric 600

This line controls all traffic going outside your local network (internet traffic).

Word-by-word breakdown

  • default
    • Matches any destination not covered by a more specific route
    • Used for internet traffic
  • via
    • Indicates a gateway is required
  • 192.168.1.1
    • The gateway IP
    • Usually your Wi-Fi router
  • dev
    • Specifies the network interface
  • wlp0s20f3
    • Wireless network interface name
    • (wl = wireless, rest is hardware naming)
  • proto
    • Route origin
  • dhcp
    • Route was added automatically by DHCP
    • Not manually configured
  • src
    • Source IP address for outgoing packets
  • 192.168.1.9
    • Your system’s IP address on this network
  • metric
    • Route priority
    • Lower number = higher priority
  • 600
    • Priority value used when multiple routes exist

Meaning in plain English

“For any destination not in the local network, send traffic through router 192.168.1.1 using Wi-Fi interface wlp0s20f3, with source IP 192.168.1.9.”

Line 2: The Local Network Route

192.168.1.0/24 dev wlp0s20f3 proto kernel scope link src 192.168.1.9 metric 600

This route handles local LAN traffic only.

Word-by-word breakdown

  • 192.168.1.0/24
    • Destination subnet
    • Covers 192.168.1.1192.168.1.254
    • /24 = subnet mask 255.255.255.0
  • dev
    • Network interface used
  • wlp0s20f3
    • Same Wi-Fi interface
  • proto
    • Route origin
  • kernel
    • Automatically added when interface came up
    • Not from DHCP or user config
  • scope
    • Defines how far the route applies
  • link
    • Destination is directly reachable
    • No gateway required
  • src
    • Source IP for packets in this subnet
  • 192.168.1.9
    • Your machine’s IP
  • metric
    • Route priority
  • 600
    • Same priority as default route

Meaning in plain English

“Any device inside 192.168.1.0/24 can be reached directly through Wi-Fi without using a router.”

Why Two Routes Are Needed

Linux needs both:

Route TypePurpose
Local routeTalk to devices on the same LAN
Default routeReach everything else (internet)

Without the local route → LAN breaks
Without the default route → Internet breaks

How Linux Chooses Between These Routes

Example: packet going to 192.168.1.50

  • Matches 192.168.1.0/24
  • Uses local route
  • No gateway

Example: packet going to 8.8.8.8

  • No specific subnet match
  • Falls back to default route
  • Uses router 192.168.1.1

Final Mental Model

Think of it like this:

  • Local address? → send directly
  • Anything else? → send to router
  • Interface decides how
  • Metric decides priority
  • Source IP decides identity
0 0 2
Read →