Configure Networking: Difference between revisions
m (→Install iptables/ip6tables: Use pkg template and mentin that the ip6tables pkg is not in 3.19+ (included in the iptables package)) |
Prabuanand (talk | contribs) m (updated links) |
||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
This page will assist you in setting up networking on Alpine Linux. | This page will assist you in setting up networking on Alpine Linux. | ||
{{Note|You must be logged in as root in order to perform the actions on this page.}} | {{Note|You must be logged in as root in order to perform the actions on this page.}} | ||
= Setting System Hostname = | == Network setup-scripts == | ||
Among the alpine setup scripts that are installed as part of <code>alpine-conf</code>, the following network related scripts are available. | |||
* <code>setup-hostname</code> | |||
* <code>setup-interfaces</code> | |||
* <code>setup-dns</code> | |||
* <code>setup-proxy</code> | |||
* <code>setup-ntp</code> | |||
All the above utilities are interactive. When <code>setup-interfaces</code> is invoked as follows, | |||
{{Cmd|# setup-interfaces}} | |||
it helps to configure wireless and ethernet interfaces in addition to other types. The above scripts will satisfy most trivial configurations. For a versatile networking front end, refer [[NetworkManager]]. If you're needs are more advanced, you've to refer to the following detailed guides.. | |||
== Setting System Hostname == | |||
To set the system hostname: | To set the system hostname: | ||
{{Cmd|# echo "shortname" > /etc/hostname}} | {{Cmd|# echo "shortname" > /etc/hostname}} | ||
| Line 35: | Line 52: | ||
}} | }} | ||
= Configuring DNS = | == Configuring DNS == | ||
{{Tip|'''For users of IPv4 DHCP:''' Please note that {{path|/etc/resolv.conf}} will be completely overwritten with any nameservers provided by DHCP. | {{Tip|'''For users of IPv4 DHCP:''' Please note that {{path|/etc/resolv.conf}} will be completely overwritten with any nameservers provided by DHCP. | ||
If DHCP does not provide any nameservers, then {{path|/etc/resolv.conf}} will still be overwritten, but will not contain any nameservers!}} | If DHCP does not provide any nameservers, then {{path|/etc/resolv.conf}} will still be overwritten, but will not contain any nameservers!}} | ||
| Line 55: | Line 72: | ||
{{Tip|If you decide to use Hurricane Electric's nameserver, be aware that it is 'Google-whitelisted'. What does this mean? It allows you access to many of Google's services via IPv6. (Just don't add other, non-whitelisted, nameservers to {{path|/etc/resolv.conf}} — ironically, such as Google's Public DNS Servers.) Read [https://www.google.com/intl/en/ipv6/ here] for more information.}} | {{Tip|If you decide to use Hurricane Electric's nameserver, be aware that it is 'Google-whitelisted'. What does this mean? It allows you access to many of Google's services via IPv6. (Just don't add other, non-whitelisted, nameservers to {{path|/etc/resolv.conf}} — ironically, such as Google's Public DNS Servers.) Read [https://www.google.com/intl/en/ipv6/ here] for more information.}} | ||
= Interface Configuration = | == Interface Configuration == | ||
== Loopback Configuration (Required) == | === Loopback Configuration (Required) === | ||
{{Note|The loopback configuration must appear first in {{path|/etc/network/interfaces}} to prevent networking issues.}} | {{Note|The loopback configuration must appear first in {{path|/etc/network/interfaces}} to prevent networking issues.}} | ||
To configure loopback, add the following to a new file {{path|/etc/network/interfaces}}: | To configure loopback, add the following to a new file {{path|/etc/network/interfaces}}: | ||
| Line 67: | Line 84: | ||
The above works to set up the IPv4 loopback address (127.0.0.1), and the IPv6 loopback address (<code>::1</code>) — if you enabled IPv6. | The above works to set up the IPv4 loopback address (127.0.0.1), and the IPv6 loopback address (<code>::1</code>) — if you enabled IPv6. | ||
== Wireless Configuration == | === Wireless Configuration === | ||
Alpine Linux supports two wireless daemons i.e [[iwd]] and [[Wi-Fi#wpa_supplicant|wpa_supplicant]]. Using both may lead to conflicts. | |||
== Ethernet Configuration == | === Ethernet Configuration === | ||
For the following Ethernet configuration examples, we will assume that you are using Ethernet device <code>eth0</code>. | For the following Ethernet configuration examples, we will assume that you are using Ethernet device <code>eth0</code>. | ||
=== Initial Configuration === | ==== Initial Configuration ==== | ||
Add the following to the file {{path|/etc/network/interfaces}}, above any IP configuration for <code>eth0</code>: | Add the following to the file {{path|/etc/network/interfaces}}, above any IP configuration for <code>eth0</code>: | ||
{{cat|/etc/network/interfaces|... | {{cat|/etc/network/interfaces|... | ||
| Line 81: | Line 98: | ||
}} | }} | ||
=== IPv4 DHCP Configuration === | ==== IPv4 DHCP Configuration ==== | ||
Add the following to the file {{path|/etc/network/interfaces}}, below the <code>auto eth0</code> definition: | Add the following to the file {{path|/etc/network/interfaces}}, below the <code>auto eth0</code> definition: | ||
{{cat|/etc/network/interfaces|... | {{cat|/etc/network/interfaces|... | ||
| Line 96: | Line 113: | ||
For a complete list of command line options for udhcpc, see [https://busybox.net/downloads/BusyBox.html#udhcpc this document]. | For a complete list of command line options for udhcpc, see [https://busybox.net/downloads/BusyBox.html#udhcpc this document]. | ||
=== IPv4 Static Address Configuration === | ==== IPv4 Static Address Configuration ==== | ||
Add the following to the file {{path|/etc/network/interfaces}}, below the <code>auto eth0</code> definition: | Add the following to the file {{path|/etc/network/interfaces}}, below the <code>auto eth0</code> definition: | ||
| Line 117: | Line 134: | ||
==== Additional IP addresses ==== | ===== Additional IP addresses ===== | ||
{{cat|/etc/network/interfaces|... | {{cat|/etc/network/interfaces|... | ||
| Line 141: | Line 158: | ||
}} | }} | ||
=== IPv6 DHCP Configuration === | ==== IPv6 DHCP Configuration ==== | ||
Alpine's use of ifupdown-ng supports three DHCP clients: udhcpc, dhclient, and dhcpcd. Of these, only dhcpcd can interact with both DHCP and DHCPv6 from the same process, which ifupdown-ng requires. Thus the IPv4 DHCP configuration given above will also result in the use of DHCPv6, but only if you install the dhcpcd package. (The ifupdown-ng scripts prioritize dhclient over udhcpc, and they prioritize dhcpcd over dhclient; see {{path|/usr/libexec/ifupdown-ng/dhcp}}.) | Alpine's use of ifupdown-ng supports three DHCP clients: udhcpc, dhclient, and dhcpcd. Of these, only dhcpcd can interact with both DHCP and DHCPv6 from the same process, which ifupdown-ng requires. Thus the IPv4 DHCP configuration given above will also result in the use of DHCPv6, but only if you install the dhcpcd package. (The ifupdown-ng scripts prioritize dhclient over udhcpc, and they prioritize dhcpcd over dhclient; see {{path|/usr/libexec/ifupdown-ng/dhcp}}.) | ||
| Line 151: | Line 168: | ||
}} | }} | ||
=== IPv6 Static Address Configuration === | ==== IPv6 Static Address Configuration ==== | ||
Add the following to the file {{path|/etc/network/interfaces}}, below the <code>auto eth0</code> definition: | Add the following to the file {{path|/etc/network/interfaces}}, below the <code>auto eth0</code> definition: | ||
| Line 173: | Line 190: | ||
}} | }} | ||
== Example: Dual-Stack Configuration == | === Example: Dual-Stack Configuration === | ||
This example shows a dual-stack configuration. | This example shows a dual-stack configuration. | ||
| Line 211: | Line 228: | ||
}} | }} | ||
= Firewalling with iptables and ip6tables = | == Firewalling with iptables and ip6tables == | ||
See also: [[Alpine Wall]] - [[How-To Alpine Wall]] - [ | See also: [[Alpine Wall]] - [[How-To Alpine Wall]] - [https://git.alpinelinux.org/awall/about/ Alpine Wall User's Guide]. | ||
== Install iptables/ip6tables == | === Install iptables/ip6tables === | ||
* To install iptables (includes ip6tables in alpine 3.19 and up): | * To install iptables (includes ip6tables in alpine 3.19 and up): | ||
: {{Cmd|# apk add {{pkg|iptables|arch=}}}} | : {{Cmd|# apk add {{pkg|iptables|arch=}}}} | ||
| Line 225: | Line 242: | ||
: {{Cmd|# apk add {{pkg|iptables-doc|arch=}}}} | : {{Cmd|# apk add {{pkg|iptables-doc|arch=}}}} | ||
== Configure iptables/ip6tables == | === Configure iptables/ip6tables === | ||
== Save Firewall Rules == | === Save Firewall Rules === | ||
=== For iptables === | === For iptables === | ||
| Line 256: | Line 273: | ||
##* {{ Cmd|# lbu ci }} | ##* {{ Cmd|# lbu ci }} | ||
= Activating Changes and Testing Connectivity = | == Activating Changes and Testing Connectivity == | ||
Changes made to {{path|/etc/network/interfaces}} can be activated by running: | Changes made to {{path|/etc/network/interfaces}} can be activated by running: | ||
{{Cmd|# rc-service networking restart}} | {{Cmd|# rc-service networking restart}} | ||
| Line 272: | Line 289: | ||
</nowiki>}} | </nowiki>}} | ||
For an IPv6 traceroute | For an IPv6 traceroute run <code>traceroute6</code>: | ||
{{Cmd|$ traceroute6 ipv6.google.com | {{Cmd|$ traceroute6 ipv6.google.com | ||
traceroute to ipv6.l.google.com (2001:4860:8009::67) from 2001:470:ffff:ff::2, 30 hops max, 16 byte packets | traceroute to ipv6.l.google.com (2001:4860:8009::67) from 2001:470:ffff:ff::2, 30 hops max, 16 byte packets | ||
| Line 289: | Line 303: | ||
}} | }} | ||
= Additional Utilities = | == Additional Utilities == | ||
== iproute2 == | === iproute2 === | ||
You may wish to install the 'iproute2' package (note that this will also install iptables if not yet installed) | You may wish to install the 'iproute2' package (note that this will also install iptables if not yet installed) | ||
| Line 314: | Line 328: | ||
{{Cmd|$ ss -h}} | {{Cmd|$ ss -h}} | ||
== drill == | === drill === | ||
You may also wish to install 'drill' (it will also install the 'ldns' package) which is a superior (IMHO) replacement for nslookup and dig etc: | You may also wish to install 'drill' (it will also install the 'ldns' package) which is a superior (IMHO) replacement for nslookup and dig etc: | ||
| Line 328: | Line 342: | ||
{{Cmd|$ drill -x 8.8.8.8 @208.67.222.222}} | {{Cmd|$ drill -x 8.8.8.8 @208.67.222.222}} | ||
= Related articles = | == Related articles == | ||
You may also wish to review the following network related articles: | You may also wish to review the following network related articles: | ||
* [[VLAN|VLAN setup]] | |||
[[VLAN|VLAN setup]] | * [[Bonding|Bonding setup]] | ||
* [[Bridge|Network bridge setup]] | |||
[[Bonding|Bonding setup]] | * [[udhcpc|udhcpc configuration]] | ||
* [[NetworkManager]] - Front-end to Networking | |||
[[Bridge|Network bridge setup]] | * [[Wifi#wpa_supplicant|wpa_supplicant]] - Default wifi daemon | ||
* [[Iwd|iwd]] - An alternate to wpa_supplicant | |||
[[udhcpc|udhcpc configuration]] | |||
[[Category:Networking]] | [[Category:Networking]] | ||
Latest revision as of 05:37, 18 October 2024
This page will assist you in setting up networking on Alpine Linux.
Network setup-scripts
Among the alpine setup scripts that are installed as part of alpine-conf, the following network related scripts are available.
setup-hostnamesetup-interfacessetup-dnssetup-proxysetup-ntp
All the above utilities are interactive. When setup-interfaces is invoked as follows,
# setup-interfaces
it helps to configure wireless and ethernet interfaces in addition to other types. The above scripts will satisfy most trivial configurations. For a versatile networking front end, refer NetworkManager. If you're needs are more advanced, you've to refer to the following detailed guides..
Setting System Hostname
To set the system hostname:
# echo "shortname" > /etc/hostname
Then, to activate the change:
# hostname -F /etc/hostname
If you're using IPv6, you should also add the following special IPv6 addresses to your /etc/hosts file:
Contents of /etc/hosts
For a static IP configuration, it's common to also add the machine's hostname you just set (above) to the /etc/hosts file.
Here's an IPv4 example:
Contents of /etc/hosts
And here's an IPv6 example:
Contents of /etc/hosts
Configuring DNS
For a static IP address and static nameservers, use one of the following examples.
For IPv4 nameservers, edit your /etc/resolv.conf file to look like this:
The following example uses Google's Public DNS servers.
Contents of /etc/resolv.conf
For IPv6 nameservers, edit your /etc/resolv.conf file to look like this:
The following example uses Hurricane Electric's public DNS server.
Contents of /etc/resolv.conf
You can also use Hurricane Electric's public IPv4 DNS server:
Contents of /etc/resolv.conf
Interface Configuration
Loopback Configuration (Required)
To configure loopback, add the following to a new file /etc/network/interfaces:
Contents of /etc/network/interfaces
The above works to set up the IPv4 loopback address (127.0.0.1), and the IPv6 loopback address (::1) — if you enabled IPv6.
Wireless Configuration
Alpine Linux supports two wireless daemons i.e iwd and wpa_supplicant. Using both may lead to conflicts.
Ethernet Configuration
For the following Ethernet configuration examples, we will assume that you are using Ethernet device eth0.
Initial Configuration
Add the following to the file /etc/network/interfaces, above any IP configuration for eth0:
Contents of /etc/network/interfaces
IPv4 DHCP Configuration
Add the following to the file /etc/network/interfaces, below the auto eth0 definition:
Contents of /etc/network/interfaces
By default, the busybox DHCP client (udhcpc) requests a static set of options from the DHCP server. If you need to extend this set, you can do so by setting some additional command line options for the DHCP client, via the udhcpc_opts in your interface configuration. The following example requests
domain-search option:
Contents of /etc/network/interfaces
For a complete list of command line options for udhcpc, see this document.
IPv4 Static Address Configuration
Add the following to the file /etc/network/interfaces, below the auto eth0 definition:
Contents of /etc/network/interfaces
Since Alpine 3.13 (and only if you have ifupdown-ng installed) must be:
Contents of /etc/network/interfaces
Additional IP addresses
Contents of /etc/network/interfaces
Since Alpine 3.13 (and only if you have ifupdown-ng installed) must be:
Contents of /etc/network/interfaces
IPv6 DHCP Configuration
Alpine's use of ifupdown-ng supports three DHCP clients: udhcpc, dhclient, and dhcpcd. Of these, only dhcpcd can interact with both DHCP and DHCPv6 from the same process, which ifupdown-ng requires. Thus the IPv4 DHCP configuration given above will also result in the use of DHCPv6, but only if you install the dhcpcd package. (The ifupdown-ng scripts prioritize dhclient over udhcpc, and they prioritize dhcpcd over dhclient; see /usr/libexec/ifupdown-ng/dhcp.)
IPv6 Stateless Autoconfiguration
Add the following to the file /etc/network/interfaces, below the auto eth0 definition:
Contents of /etc/network/interfaces
IPv6 Static Address Configuration
Add the following to the file /etc/network/interfaces, below the auto eth0 definition:
Contents of /etc/network/interfaces
Since Alpine Linux 3.13 (and only if you have ifupdown-ng installed) must be as:
Contents of /etc/network/interfaces
Example: Dual-Stack Configuration
This example shows a dual-stack configuration.
Contents of /etc/network/interfaces
Take care since Alpine 3.13 (and only if you have ifupdown-ng installed) must be as:
Contents of /etc/network/interfaces
Firewalling with iptables and ip6tables
See also: Alpine Wall - How-To Alpine Wall - Alpine Wall User's Guide.
Install iptables/ip6tables
- To install iptables (includes ip6tables in alpine 3.19 and up):
# apk add iptables
- To install ip6tables (Alpine older than 3.19 only):
# apk add ip6tables
- To install the man pages for iptables and ip6tables:
# apk add iptables-doc
Configure iptables/ip6tables
Save Firewall Rules
For iptables
- Set iptables to start on reboot
# rc-update add iptables
- Write the firewall rules to disk
# rc-service iptables save
- If you use Alpine Local Backup:
- Save the configuration
# lbu ci
- Save the configuration
For ip6tables
- Set ip6tables to start on reboot
# rc-update add ip6tables
- Write the firewall rules to disk
# rc-service ip6tables save
- If you use Alpine Local Backup:
- Save the configuration
# lbu ci
- Save the configuration
Activating Changes and Testing Connectivity
Changes made to /etc/network/interfaces can be activated by running:
# rc-service networking restart
If you did not get any errors, you can now test that networking is configured properly by attempting to ping out:
$ ping www.google.com PING www.l.google.com (74.125.47.103) 56(84) bytes of data. 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=1 ttl=48 time=58.5 ms 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=2 ttl=48 time=56.4 ms 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=3 ttl=48 time=57.0 ms 64 bytes from yw-in-f103.1e100.net (74.125.47.103): icmp_seq=4 ttl=48 time=60.2 ms ^C --- www.l.google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3007ms rtt min/avg/max/mdev = 56.411/58.069/60.256/1.501 ms
For an IPv6 traceroute run traceroute6:
$ traceroute6 ipv6.google.com traceroute to ipv6.l.google.com (2001:4860:8009::67) from 2001:470:ffff:ff::2, 30 hops max, 16 byte packets 1 2001:470:ffff:ff::1 (2001:470:ffff:ff::1) 3.49 ms 0.62 ms 0.607 ms 2 * * * 3 * * * 4 pr61.iad07.net.google.com (2001:504:0:2:0:1:5169:1) 134.313 ms 95.342 ms 88.425 ms 5 2001:4860::1:0:9ff (2001:4860::1:0:9ff) 100.759 ms 100.537 ms 89.907 ms 6 2001:4860::1:0:5db (2001:4860::1:0:5db) 115.563 ms 102.946 ms 106.191 ms 7 2001:4860::2:0:a7 (2001:4860::2:0:a7) 101.754 ms 100.475 ms 100.512 ms 8 2001:4860:0:1::c3 (2001:4860:0:1::c3) 99.272 ms 111.989 ms 99.835 ms 9 yw-in-x67.1e100.net (2001:4860:8009::67) 101.545 ms 109.675 ms 99.431 ms
Additional Utilities
iproute2
You may wish to install the 'iproute2' package (note that this will also install iptables if not yet installed)
# apk add iproute2
This provides the 'ss' command which is IMHO a 'better' version of netstat.
Show listening tcp ports:
$ ss -tl
Show listening tcp ports and associated processes:
$ ss -ptl
Show listening and established tcp connections:
$ ss -ta
Show socket usage summary:
$ ss -s
Show more options:
$ ss -h
drill
You may also wish to install 'drill' (it will also install the 'ldns' package) which is a superior (IMHO) replacement for nslookup and dig etc:
# apk add drill
Then use it as you would for dig:
$ drill alpinelinux.org @8.8.8.8
To perform a reverse lookup (get a name from an IP) use the following syntax:
$ drill -x 8.8.8.8 @208.67.222.222
Related articles
You may also wish to review the following network related articles:
- VLAN setup
- Bonding setup
- Network bridge setup
- udhcpc configuration
- NetworkManager - Front-end to Networking
- wpa_supplicant - Default wifi daemon
- iwd - An alternate to wpa_supplicant