Hi all,
I am looking for recommendations on resources to learn Linux networking. I am primarily hoping for text resources such as books, guides, blog series, articles, etc. I have trouble focusing on videos.
I am mainly targeting linux networking topics, such as how the linux networking stack works, and things like iptables, network namespaces, network interfaces, sockets, NAT, firewalls, internal IP-addressing, subnetting, routing, proxying, internal DNS, and anything that I may not know exists but is related to these concepts and linux networking in general.
Any recommendations?
I’m normally someone who’ll dig into the weeds on something, but for some reason Linux networking just switches my brain off after about 5 minutes. Something engaging or practical here would be a godsend. Network chuck is someone I’ve tangentially brushed against, but he seems like he could get the concepts across, is there a series of his that will kind of get me going?
For reference purposes, the manpages. For a more conversational, ‘guide for the perplexed’-type book, though, I’d wholeheartedly recommend Michael W. Lucas’s ‘Networking for sysadmins’ book: https://mwl.io/nonfiction/networking#n4sa – this one helped me understand many of the fundamental concepts.
If you are familiar with the concepts and are looking more for the specific details, you can probably go a long way with official docs (iptables, nftables, kernel), the arch wiki, man pages, and some hands-on.
I’m not super familiar. I was blindly fighting iptables with some WireGuard tutorials and also getting into the weeds of container orchestration.
I cut my teeth on an early version of The Linux Networking Howto, still available at tldp.org. That’s a little bit out of date now :-) but the basic IPv4 networking concepts are still good.
These days so much is implementation or distribution dependent. There has been so much very rapid development in this field during the internet era that the age of documentation matters significantly.
A mitigating, but also confusing, factor is that different generations of networking tools have backwards compatibility built in so that it has been possible to build firewalls on kernels running nftables using iptables utilities in userspace.
I think you could do worse than starting with the Debian wikis and then drilling down into other documentation for the specific distributions or applications you want to use.
I seem to remember that openwrt.org and shorewall.org (though that product is EOL) also have some good overarching network stuff. I think Hurricane Electric he.com may still do their free basic IPv6 certificate programme?
Wikipedia is also your friend in this, especially the references.
I’ve enjoyed onemarcfifty.com’s videos too, but that format isn’t what you are looking for, and the transcripts I have seen are not formatted.
iptables? What year did you last use Linux?
IPv4? Why aren’t you using IPv6?
Just because something can replace it doesn’t mean everyone is going to abandon what’s already working.
IPv4? Why aren’t you using IPv6?
I am. Right now in fact.
Most tutorials, even recent ones, reference iptables. Never seen nftables. One example is WireGuard guide.
nftables has been the replacement for iptables since kernel 3.13.
https://wiki.nftables.org/wiki-nftables/index.php/What_is_nftables%3F
True; but many guides & tutorials that came out long after that still give their examples/instructions in iptables. Esp. those that involve ifup/ifdown/etc. scripts.
(although nftables is considerably easier to read, IMHO)
I’ve never seen nftables, or should I say never noticed nftables, when ever I’ve seen documentation it’s always referenced iptables, if it has mentioned nftables I’m guessing my brain just glossed over it. It’s kind of like with networking configuring with /etc/network/interfaces rather than with netplan or network manager or systems or ifup ifdown, or anything else I’ve missed
The best thing to do imo is insight thru experience - build your own networks (plural), your own software, secure them then connect them.
That was honestly what I was trying, but I felt myself blindly following tutorials without understanding what any of those components are or doing. And searching individual terms was not good enough. The concepts seem intertwined, and searching the web only gave me surface level explanations that didn’t cut it.
I’ve fallen in the same hole before. tbh in my experience you don’t really learn much until things start breaking.
build some of your own projects then. For example, my router has split routing between sites that require no VPN and normal sites. Find a project to do that isn’t covered by tutorials, or read manuals instead of tutorials
Wikipedia, RFC (especially for networking protocol), sources code