Network Suite

A comprehensive networking skill for building, debugging, and managing network configurations, protocols, and services including TCP/IP, DNS, HTTP, and network automation.

When to Use

Choose Network Suite when:

• Diagnosing network connectivity issues, DNS resolution, and routing problems
• Building network automation scripts for configuration management
• Setting up and testing network services (DNS, DHCP, load balancers)
• Analyzing network performance with throughput and latency testing

Consider alternatives when:

• Managing cloud networking — use cloud-specific tools (AWS VPC, Azure NSG)
• Building web applications — use application-level frameworks
• Setting up firewalls — use platform-specific firewall management tools

Quick Start

Copy
# Network diagnostics toolkit
ping -c 4 google.com
traceroute google.com
dig google.com A +short
nslookup -type=MX example.com
curl -I -s https://example.com | head -20
ss -tlnp  # List listening TCP ports

Copy
import socket
import subprocess
import ipaddress
from concurrent.futures import ThreadPoolExecutor
import ssl
import json

class NetworkTools:
    def dns_lookup(self, domain, record_type='A'):
        """Perform DNS lookup"""
        try:
            if record_type == 'A':
                results = socket.getaddrinfo(domain, None, socket.AF_INET)
                return list(set(r[4][0] for r in results))
            elif record_type == 'AAAA':
                results = socket.getaddrinfo(domain, None, socket.AF_INET6)
                return list(set(r[4][0] for r in results))
            elif record_type == 'MX':
                result = subprocess.run(
                    ['dig', '+short', 'MX', domain],
                    capture_output=True, text=True
                )
                return result.stdout.strip().split('\n')
        except socket.gaierror as e:
            return f"DNS lookup failed: {e}"

    def port_scan(self, host, ports=None, timeout=1):
        """Scan ports on a host"""
        ports = ports or range(1, 1025)
        open_ports = []

        def check_port(port):
            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            sock.settimeout(timeout)
            result = sock.connect_ex((host, port))
            sock.close()
            if result == 0:
                try:
                    service = socket.getservbyport(port)
                except OSError:
                    service = 'unknown'
                return {'port': port, 'service': service, 'state': 'open'}
            return None

        with ThreadPoolExecutor(max_workers=100) as executor:
            results = executor.map(check_port, ports)
            open_ports = [r for r in results if r]

        return open_ports

    def check_ssl(self, hostname, port=443):
        """Check SSL certificate details"""
        context = ssl.create_default_context()
        with socket.create_connection((hostname, port), timeout=10) as sock:
            with context.wrap_socket(sock, server_hostname=hostname) as ssock:
                cert = ssock.getpeercert()
                return {
                    'subject': dict(x[0] for x in cert['subject']),
                    'issuer': dict(x[0] for x in cert['issuer']),
                    'serial': cert['serialNumber'],
                    'not_before': cert['notBefore'],
                    'not_after': cert['notAfter'],
                    'san': [x[1] for x in cert.get('subjectAltName', [])],
                    'version': ssock.version()
                }

    def subnet_info(self, cidr):
        """Get subnet information from CIDR notation"""
        network = ipaddress.ip_network(cidr, strict=False)
        return {
            'network': str(network.network_address),
            'broadcast': str(network.broadcast_address),
            'netmask': str(network.netmask),
            'prefix_length': network.prefixlen,
            'total_hosts': network.num_addresses - 2,
            'first_host': str(list(network.hosts())[0]) if network.num_addresses > 2 else None,
            'last_host': str(list(network.hosts())[-1]) if network.num_addresses > 2 else None,
            'is_private': network.is_private
        }

Core Concepts

Network Layers and Tools

Layer	Protocol	Diagnostic Tools	Common Issues
Physical (L1)	Ethernet	ethtool, cable testers	Cable faults, link speed
Data Link (L2)	ARP, MAC	arp, bridge	MAC conflicts, VLAN issues
Network (L3)	IP, ICMP	ping, traceroute, ip	Routing, MTU problems
Transport (L4)	TCP, UDP	ss, netstat, nc	Port conflicts, timeouts
Application (L7)	HTTP, DNS	curl, dig, nslookup	DNS resolution, TLS errors

HTTP Performance Testing

Copy
# Test HTTP endpoint performance
curl -w "DNS: %{time_namelookup}s\nConnect: %{time_connect}s\nTLS: %{time_appconnect}s\nFirst byte: %{time_starttransfer}s\nTotal: %{time_total}s\n" \
  -o /dev/null -s https://example.com

# Load test with wrk
wrk -t12 -c400 -d30s https://example.com/api/health

# Test DNS resolution time across resolvers
for dns in 8.8.8.8 1.1.1.1 9.9.9.9; do
  echo "=== $dns ==="
  dig @$dns example.com +stats | grep "Query time"
done

Configuration

Option	Description	Default
dns_servers	Custom DNS resolvers	["8.8.8.8","1.1.1.1"]
scan_timeout	Port scan timeout per port (seconds)	1
max_threads	Maximum concurrent scan threads	100
default_ports	Port range for default scans	"1-1024"
ssl_verify	Verify SSL certificates	true
ipv6_enabled	Enable IPv6 operations	true
mtu_size	Default MTU for testing	1500
traceroute_hops	Maximum traceroute hops	30

Best Practices

1. Start diagnostics from the bottom of the network stack — verify physical connectivity (link up/down), then L3 routing (ping gateway), then DNS resolution (dig), then application layer (curl); skipping layers wastes time chasing symptoms instead of root causes
2. Use specific DNS record types in queries (dig A, dig MX, dig CNAME) rather than generic queries to get precise answers and understand exactly how a domain resolves through the DNS hierarchy
3. Test from the client's perspective when diagnosing connectivity issues because network policies, firewalls, and routing may differ between your workstation and the affected client; use SSH to test from the client's network when possible
4. Monitor SSL certificate expiry proactively and set up alerts at 30, 14, and 7 days before expiration; certificate-related outages are entirely preventable with proper monitoring
5. Document network topology and IP assignments in a version-controlled file so the team has a single source of truth for network architecture; undocumented network changes are the leading cause of configuration-related outages

Common Issues

DNS resolution inconsistencies: Different DNS resolvers cache records at different rates, causing inconsistent resolution during DNS changes. Use dig +trace to follow the resolution chain from root servers, check the TTL on records to understand caching behavior, and explicitly query authoritative nameservers to verify propagation status.

MTU-related connectivity failures: Packets exceeding the path MTU get silently dropped when "Don't Fragment" is set, causing connections to hang after the initial handshake. Test with ping -M do -s 1472 target to find the actual path MTU, and configure interfaces or tunnels to use the discovered value.

Intermittent connection timeouts: Sporadic timeouts often indicate network congestion, failing hardware, or misconfigured keepalive settings. Capture packets with tcpdump during failures, check for TCP retransmissions, monitor interface error counters with ethtool -S, and verify that firewall connection tracking tables are not overflowing.