Please enable JavaScript.
Coggle requires JavaScript to display documents.
Dsk, CPU, RM, NetWrk Management (Enterprise Linux), Performance Management…
Dsk, CPU, RM, NetWrk Management (Enterprise Linux)
Overview
Purpose
Storage provisioning
Performance optimization
Data protection
High availability
Capacity planning
Enterprise Goals
Standardized storage layout
Scalability
Security
Backup and recovery
Compliance
Disk Identification
List Disks
lsblk
fdisk -l
blkid
parted -l
Device Naming
/dev/sda
/dev/sdb
/dev/nvme0n1
/dev/mapper/*
View UUID
blkid
lsblk -f
Enterprise Practice
Use UUID in fstab
Avoid device names in production
Partition Management
MBR
Up to 2TB
Maximum 4 Primary Partitions
GPT
Supports Large Disks
Recommended Standard
More Partitions
Commands
fdisk
gdisk
parted
Workflow
Identify Disk
Create Partition
Verify Partition
Format Filesystem
Mount Filesystem
Filesystem Management
Filesystem Types
XFS
Enterprise Standard
Default on RHEL
Supports Large Volumes
EXT4
Common Linux Filesystem
Good Compatibility
BTRFS
Snapshots
Advanced Features
Create Filesystem
mkfs.xfs /dev/sdb1
mkfs.ext4 /dev/sdb1
Check Filesystem
xfs_repair
fsck
View Usage
df -h
du -sh
Mount Management
Temporary Mount
mount /dev/sdb1 /data
Unmount
umount /data
Persistent Mount
/etc/fstab
Verify
mount
findmnt
Enterprise Best Practice
Use UUID
Test fstab before reboot
Commands
blkid
mount -a
LVM (Logical Volume Manager)
Benefits
Online Expansion
Flexible Storage
Easier Management
Enterprise Standard
Components
Physical Volume PV
pvcreate
Volume Group VG
vgcreate
Logical Volume LV
lvcreate
Workflow
Create PV
Create VG
Create LV
Create Filesystem
Mount Filesystem
Commands
pvcreate /dev/sdb1
vgcreate vg_data /dev/sdb1
lvcreate -L 100G -n lv_app vg_data
mkfs.xfs /dev/vg_data/lv_app
mount /dev/vg_data/lv_app /app
Expand LV
lvextend -r -L +50G /dev/vg_data/lv_app
Display Information
pvs
vgs
lvs
RAID (Redundant Array of Independent Disks)
Purpose
Redundancy
Performance
Fault Tolerance
RAID 0
Striping
High Performance
No Redundancy
RAID 1
Mirroring
Disk Redundancy
RAID 5
Striping with Parity
Good Balance
RAID 6
Double Parity
Higher Protection
RAID 10
Mirror + Stripe
Enterprise Recommended
Commands
mdadm --create
mdadm --detail
cat /proc/mdstat
Enterprise Use Cases
Databases
Virtualization
Critical Applications
Encryption
LUKS
Linux Unified Key Setup
Industry Standard Encryption
AES-256 Support
Workflow
Create Partition
luksFormat
Open Device
Create Filesystem
Mount
Commands
cryptsetup luksFormat /dev/sdb1
cryptsetup open /dev/sdb1 secure_disk
mkfs.xfs /dev/mapper/secure_disk
mount /dev/mapper/secure_disk /secure
Enterprise Benefits
Data Protection
Compliance Requirements
Lost Disk Protection
Swap Management
Purpose
Memory Extension
Crash Dumps
View Swap
swapon --show
free -h
Create Swap File
fallocate -l 8G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
Persistent Configuration
/etc/fstab
Storage Expansion
Add New Disk
Detect Disk
Partition Disk
Add to LVM
Extend Volume
Commands
pvcreate
vgextend
lvextend
xfs_growfs
resize2fs
Enterprise Process
Change Request
Backup
Maintenance Window
Validation
Enterprise Storage Layout
OS Volume
/
/boot
swap
Application Volume
/app
Database Volume
/db
Log Volume
/var/log
Backup Volume
/backup
Benefits
Easier Recovery
Better Performance
Security Isolation
Monitoring and Troubleshooting
Capacity Monitoring
df -h
du -sh
lsblk
Performance Monitoring
iostat
iotop
sar
RAID Monitoring
mdadm --detail
cat /proc/mdstat
LVM Monitoring
pvs
vgs
lvs
Filesystem Issues
fsck
xfs_repair
Backup and Recovery
Backup Types
Full Backup
Incremental Backup
Differential Backup
Tools
rsync
tar
enterprise backup solutions
Recovery Planning
Test Restores
Disaster Recovery Procedures
Backup Verification
Security Best Practices
LUKS Encryption
Least Privilege Access
Separate Application Data
Secure Backups
Audit Storage Changes
Use UUID in fstab
Monitor Disk Utilization
Enterprise Implementation Workflow
Capacity Planning
Storage Design
RAID Configuration
Partition Creation
LVM Deployment
Filesystem Creation
Encryption Configuration
Mount Configuration
Monitoring Setup
Backup Integration
Documentation
Disaster Recovery Testing
Interview Questions
Difference Between MBR and GPT
Difference Between RAID 1 and RAID 5
Difference Between RAID 5 and RAID 10
Difference Between EXT4 and XFS
What is LVM
Components of LVM
How to Extend a Logical Volume
How to Extend an XFS Filesystem
What is LUKS
How LUKS Works
What is UUID
Why Use UUID in fstab
What Happens If fstab Is Misconfigured
Difference Between Mount and fstab
Commands to Troubleshoot Full Disk
How to Check RAID Status
How to Recover a Filesystem
CPU Management (Enterprise Linux)
CPU Management (Enterprise Linux)
CPU Management
Purpose
Optimize Performance
Prevent CPU Bottlenecks
Ensure Fair Resource Allocation
Improve Application Stability
Reduce System Latency
Support Capacity Planning
CPU Fundamentals
CPU Core
Physical Processing Unit
vCPU
Virtual CPU Assigned to VM
Thread
Execution Path Within Process
CPU Socket
Physical CPU Package
NUMA
Non-Uniform Memory Access Architecture
CPU Cache
L1
L2
L3
CPU Monitoring
top
Real-Time CPU Usage
top
htop
Interactive Monitoring
htop
mpstat
Per-Core CPU Statistics
mpstat -P ALL 1
sar
Historical CPU Analysis
sar -u 1 5
vmstat
CPU Wait Analysis
vmstat 1
uptime
Load Average Check
uptime
lscpu
CPU Hardware Details
lscpu
CPU Metrics
User CPU
Application Processing
System CPU
Kernel Processing
Idle CPU
Unused CPU
iowait
Waiting for Disk Operations
Steal Time
Hypervisor Consuming CPU
Load Average
CPU Demand Indicator
Context Switches
Task Switching Rate
Run Queue
Waiting Processes
Process CPU Management
ps
Process Information
ps aux
pidstat
Per-Process CPU Usage
pidstat 1
pgrep
Find Process ID
pgrep nginx
kill
Stop Misbehaving Process
kill -9 PID
Process Priority
Nice Value
Range -20 to 19
Lower Value = Higher Priority
Check Priority
ps -eo pid,ni,cmd
Start Process
nice -n 10 process
Change Priority
renice -5 PID
Enterprise Use
Database High Priority
Batch Jobs Low Priority
CPU Affinity
Purpose
Bind Process To Specific CPU
Check Affinity
taskset -p PID
Assign CPU
taskset -cp 0,1 PID
Enterprise Use
Database Isolation
Application Optimization
Low Latency Services
Cgroups
Purpose
CPU Resource Control
CPU Quotas
Limit CPU Usage
CPU Shares
Relative CPU Allocation
Commands
systemd-run --scope -p CPUQuota=50% bash
Enterprise Use
Multi-Tenant Servers
Shared Infrastructure
Resource Isolation
Systemd CPU Controls
CPUQuota
Hard CPU Limit
CPUWeight
Relative CPU Share
Example
systemctl edit apache2
Configuration
CPUQuota=50%
CPUWeight=200
CPU Scheduling
Scheduler
CFS (Completely Fair Scheduler)
Scheduling Classes
Normal
Batch
Real-Time
Real-Time Tools
chrt
chrt -r 50 PID
Enterprise Use
Telecom Systems
Financial Applications
Industrial Control Systems
NUMA Management
Purpose
Optimize CPU-Memory Access
Check NUMA
numactl --hardware
Run On Specific NUMA Node
numactl --cpunodebind=0 application
Enterprise Use
Oracle Databases
SAP Systems
Large Memory Servers
Virtualization CPU Management
Hypervisors
VMware ESXi
KVM
Hyper-V
vCPU Allocation
Avoid Overcommitment
CPU Reservation
Guaranteed CPU Resources
CPU Limits
Restrict VM Consumption
CPU Shares
Priority Between VMs
Enterprise Use
Critical Production Workloads
Container CPU Management
Docker
CPU Limits
docker run --cpus=2 image
Kubernetes
CPU Requests
CPU Limits
Example
resources:
requests:
cpu: 500m
limits:
cpu: 1
Enterprise Use
Multi-Tenant Clusters
Resource Governance
Performance Tuning
Identify High CPU Processes
Analyze Load Average
Check IOWait
Optimize Application
Tune Database Queries
Balance Workloads
Scale Horizontally
Scale Vertically
Troubleshooting High CPU
Step 1
top
htop
Step 2
Identify Process
ps aux --sort=-%cpu
Step 3
Check Logs
journalctl -xe
Step 4
Analyze Threads
top -H -p PID
Step 5
Apply Affinity
Apply Limits
Tune Application
Step 6
Validate Improvement
Enterprise Monitoring
Prometheus
CPU Metrics Collection
Grafana
CPU Dashboards
Zabbix
CPU Alerting
Nagios
Threshold Monitoring
Datadog
Infrastructure Monitoring
Capacity Planning
Monitor CPU Trends
Peak Usage Analysis
Growth Forecasting
Resource Forecasting
Upgrade Planning
Cloud Scaling Strategy
Security Considerations
Detect Crypto Mining
Detect CPU Abuse
Resource Isolation
Limit Rogue Processes
Monitor Unauthorized Workloads
Interview Questions
What Is Load Average
Difference Between User CPU And System CPU
What Is CPU Affinity
What Is Nice And Renice
What Is NUMA
What Is CPU Steal Time
What Is Cgroup
Difference Between CPUQuota And CPUWeight
How To Troubleshoot High CPU Usage
How To Limit CPU Usage Of A Process
How To Monitor CPU Utilization Per Core
Enterprise Implementation Workflow
Baseline Assessment
lscpu
mpstat
sar
Monitoring Setup
Prometheus
Grafana
Alerts
Resource Classification
Critical Applications
Standard Applications
Batch Jobs
CPU Allocation
CPUQuota
CPUWeight
Affinity
Performance Validation
Stress Testing
Benchmarking
Continuous Monitoring
Trend Analysis
Capacity Planning
Incident Response
High CPU Investigation
Root Cause Analysis
Optimization Actions
Best Practices
Monitor CPU Continuously
Avoid CPU Overcommitment
Use Affinity Only When Needed
Configure CPU Quotas
Review Load Average Daily
Separate Critical Workloads
Perform Capacity Planning
Document CPU Policies
Automate Monitoring And Alerts
Review CPU Trends Monthly
RAM Management (Enterprise Linux)
Overview
What is RAM
Temporary memory used by running processes
Faster than disk storage
Volatile (data lost after reboot)
Goals
Ensure application performance
Prevent Out Of Memory (OOM) conditions
Optimize resource utilization
Maintain system stability
Key Components
Physical Memory (RAM)
Virtual Memory
Swap Space
Page Cache
Buffers
Shared Memory
Memory Architecture
Physical Memory
Installed hardware RAM
Used by OS and applications
Virtual Memory
Memory abstraction layer
Allows processes to use more memory than physical RAM
Swap Space
Disk-based memory extension
Used when RAM becomes scarce
Slower than RAM
Page Cache
Caches frequently accessed files
Improves disk performance
Buffers
Temporary storage for I/O operations
Shared Memory
Memory shared between processes
Monitoring Memory Usage
Free Command
free -h
free -m
free -g
Purpose
View RAM and swap usage
VMStat
vmstat 5
vmstat -s
Purpose
Monitor memory, CPU, swap activity
Top
top
Purpose
Real-time resource monitoring
HTop
htop
Purpose
Interactive process monitoring
Process Memory Usage
ps aux --sort=-%mem
ps -eo pid,user,%mem,rss,command --sort=-rss
Purpose
Identify memory-consuming processes
Proc Filesystem
cat /proc/meminfo
cat /proc/swaps
Purpose
Detailed memory statistics
SAR
sar -r
sar -S
Purpose
Historical memory analysis
Memory Metrics
Total Memory
Installed RAM
Used Memory
RAM currently utilized
Free Memory
Unused RAM
Available Memory
RAM available for applications
Cached Memory
File cache memory
Buffered Memory
I/O buffers
Swap Used
Disk memory currently utilized
RSS
Resident Set Size
Actual RAM used by process
VSZ
Virtual memory size
Enterprise Capacity Planning
Baseline Analysis
Monitor normal memory consumption
Record peak usage
Growth Planning
Analyze trends
Forecast future requirements
Thresholds
Warning
70% Memory Usage
Critical
85% Memory Usage
Emergency
95% Memory Usage
Monitoring Tools
Prometheus
Grafana
Zabbix
Nagios
Wazuh
Elastic Stack
Swap Management
Check Swap
swapon --show
free -h
Create Swap File
fallocate -l 4G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
Permanent Swap
Add entry in /etc/fstab
Verify
swapon --show
Enterprise Best Practice
Keep swap enabled
Prevent sudden OOM events
Monitor swap growth
Swappiness Tuning
Check Value
cat /proc/sys/vm/swappiness
Temporary Change
sysctl vm.swappiness=10
Permanent Change
Edit /etc/sysctl.conf
Recommended Values
Database Servers
1-10
Application Servers
10-20
General Purpose Systems
30-60
OOM Management
OOM Killer
Terminates processes when memory exhausted
Check Logs
dmesg | grep -i oom
journalctl -k
Enterprise Actions
Increase RAM
Optimize applications
Tune JVM memory
Add swap
Limit memory usage
Memory Leak Investigation
Symptoms
Gradual memory growth
Increased swap usage
Performance degradation
Commands
top
htop
pmap PID
smem
ps aux --sort=-rss
Actions
Identify leaking process
Restart service
Patch application
Analyze application logs
Cache Management
View Cache
free -h
Clear Cache (Troubleshooting Only)
sync
echo 3 > /proc/sys/vm/drop_caches
Enterprise Practice
Do not clear cache routinely
Linux uses cache for performance
Systemd Resource Controls
Memory Limits
MemoryMax=
MemoryHigh=
Example
systemctl edit nginx
Benefits
Prevent runaway applications
Resource isolation
Cgroups
Purpose
Control memory allocation
Limit application resource usage
Features
Memory Limits
CPU Limits
Process Isolation
Enterprise Usage
Containers
Kubernetes
Docker
Multi-tenant environments
Container Memory Management
Docker
docker run --memory=2g
Kubernetes
Requests
Limits
Benefits
Prevent node exhaustion
Predictable resource allocation
Enterprise Troubleshooting Flow
Step 1
free -h
Step 2
vmstat 5
Step 3
top
Step 4
ps aux --sort=-%mem
Step 5
Check swap usage
Step 6
Review logs
dmesg
journalctl
Step 7
Identify memory leak
Step 8
Tune application or add RAM
Security Considerations
Restrict access to memory statistics
Monitor abnormal memory consumption
Detect memory exhaustion attacks
Configure alerts
Interview Preparation
What is RAM
Fast volatile memory used by running processes
Difference Between RAM And Swap
RAM is physical memory
Swap is disk-based memory
What Is Virtual Memory
Memory abstraction allowing larger address space
What Is Swappiness
Kernel preference for swapping
What Is OOM Killer
Kernel mechanism to terminate processes when memory exhausted
Why Is Cache Used
Improve file access performance
Commands To Check Memory
free -h
top
htop
vmstat
sar
cat /proc/meminfo
What Is RSS
Actual physical RAM used by a process
What Is Cgroups
Linux resource control framework
How To Troubleshoot High Memory Usage
Check memory usage
Identify process
Review logs
Check swap
Investigate leaks
Tune application
Enterprise Best Practices
Maintain memory monitoring
Keep swap enabled
Configure alert thresholds
Perform capacity planning
Use cgroups and limits
Investigate memory leaks quickly
Review trends monthly
Document memory baselines
Test applications under load
Monitor containers separately
Linux Network Management (Enterprise Level)
Overview
Purpose
Configure and manage network connectivity
Ensure high availability and security
Support enterprise applications and services
Key Components
NetworkManager
nmcli
nmtui
iproute2
DNS
Routing
Firewall
Bonding
VLANs
NetworkManager
Purpose
Centralized network management service
Manages interfaces, IP addresses, routes, DNS
Service Management
Check Status
systemctl status NetworkManager
Start
systemctl start NetworkManager
Enable at Boot
systemctl enable NetworkManager
Restart
systemctl restart NetworkManager
Configuration Files
/etc/NetworkManager/
/etc/NetworkManager/system-connections/
Network Interface Management
View Interfaces
ip link show
nmcli device status
Interface States
UP
Active and operational
DOWN
Disabled
Enable Interface
ip link set ens33 up
Disable Interface
ip link set ens33 down
Enterprise Use
Server onboarding
Troubleshooting connectivity
Interface maintenance
IP Address Management
View IP Address
ip addr show
ip a
Assign Static IP
nmcli con mod ens33 ipv4.addresses 192.168.1.10/24
nmcli con mod ens33 ipv4.method manual
nmcli con up ens33
DHCP Configuration
nmcli con mod ens33 ipv4.method auto
nmcli con up ens33
Enterprise Practice
Static IP for servers
DHCP for desktops and laptops
IP planning and documentation
DNS Configuration
Purpose
Resolve names to IP addresses
View DNS
cat /etc/resolv.conf
nmcli dev show
Configure DNS
nmcli con mod ens33 ipv4.dns "8.8.8.8 1.1.1.1"
nmcli con up ens33
DNS Testing
nslookup google.com
dig google.com
host google.com
Enterprise DNS
Internal DNS servers
Active Directory DNS integration
Redundant DNS servers
Routing Management
Purpose
Control traffic paths
View Routing Table
ip route
Add Route
ip route add 10.10.0.0/16 via 192.168.1.1
Delete Route
ip route del 10.10.0.0/16
Default Gateway
ip route add default via 192.168.1.1
Enterprise Use
Multi-site connectivity
Data center routing
VPN route management
Connectivity Troubleshooting
Verify IP Configuration
ip addr show
Verify Routes
ip route
Ping Test
ping 8.8.8.8
ping google.com
Trace Path
traceroute google.com
Check Listening Ports
ss -tulpn
Check Connectivity
nc -zv target-ip 443
Enterprise Workflow
Interface Check
IP Check
Route Check
DNS Check
Application Check
NetworkManager CLI (nmcli)
View Connections
nmcli con show
View Devices
nmcli device status
Activate Connection
nmcli con up ens33
Deactivate Connection
nmcli con down ens33
Create Connection
nmcli con add
Enterprise Benefits
Automation
Scripting
Standardization
Text Interface (nmtui)
Launch Tool
nmtui
Functions
Edit Connection
Activate Connection
Set Hostname
Best For
Quick server configuration
Console-only systems
Hostname Management
View Hostname
hostnamectl
Set Hostname
hostnamectl set-hostname web01
Enterprise Naming Standard
web01
db01
app01
monitor01
Firewall Integration
Firewalld
systemctl status firewalld
View Zones
firewall-cmd --get-active-zones
Open Port
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
Enterprise Practice
Least privilege access
Segmentation
Change management approval
Firewalld (Enterprise Linux Firewall Management)
Overview
What is Firewalld
Dynamic firewall management service
Frontend for Netfilter/nftables
Zone-based security model
Supports runtime and permanent rules
Benefits
Centralized firewall management
Dynamic changes without service restart
Easier administration than raw iptables
Enterprise-ready access control
Architecture
Firewalld Service
daemon (firewalld)
Manages zones, services, ports, rich rules
Backend
nftables (modern default)
iptables (legacy systems)
Configuration Types
Runtime Configuration
Active immediately
Lost after reboot/reload
Permanent Configuration
Saved on disk
Survives reboot
Requires reload to activate
Installation & Service Management
Check Installation
rpm -q firewalld
Install
sudo dnf install firewalld -y
Start Service
sudo systemctl start firewalld
Enable at Boot
sudo systemctl enable firewalld
Verify Status
sudo systemctl status firewalld
Check Firewall State
sudo firewall-cmd --state
Zones (Core Concept)
What is a Zone
Trust level assigned to network interfaces
Defines allowed traffic
Default Zones
drop
Drop all incoming traffic
block
Reject incoming traffic
public
Untrusted networks
Default enterprise workstation zone
external
NAT and gateway systems
dmz
Public-facing servers
work
Trusted office network
home
Trusted home network
internal
Internal corporate network
trusted
Allow all traffic
View Zones
firewall-cmd --get-zones
Active Zones
firewall-cmd --get-active-zones
Default Zone
firewall-cmd --get-default-zone
firewall-cmd --set-default-zone=public
Enterprise Network Design
Internet
Zone
1 more item...
Public Web Server
Zone
1 more item...
Application Server
Zone
1 more item...
Database Server
Zone
1 more item...
Employee LAN
Zone
1 more item...
Administrator Network
Zone
1 more item...
Unknown Visitors
Zone
1 more item...
Malicious Networks
Zone
1 more item...
Common Enterprise Architecture
Internet
1 more item...
Load Balancer
1 more item...
Web Servers
1 more item...
Application Servers
1 more item...
Database Servers
1 more item...
Management Network
1 more item...
Employee Network
1 more item...
Firewalld Commands
Service Status
1 more item...
Start Firewalld
1 more item...
Enable Firewalld
1 more item...
Reload Configuration
1 more item...
View Active Zones
1 more item...
View Default Zone
1 more item...
View All Zones
1 more item...
View Zone Configuration
1 more item...
Zone Assignment
Assign Interface Runtime
1 more item...
Assign Interface Permanent
1 more item...
Assign Source Network
1 more item...
Verify Assignment
1 more item...
Service Management
Allow SSH
1 more item...
Allow HTTP
1 more item...
Allow HTTPS
1 more item...
Remove Service
1 more item...
List Services
1 more item...
Port Management
Open Port
1 more item...
Remove Port
1 more item...
List Ports
1 more item...
Rich Rules
Restrict SSH to Specific IP
1 more item...
Block Specific IP
1 more item...
Enterprise Usage
3 more items...
NAT and Masquerading
Enable Masquerade
1 more item...
Verify
1 more item...
Enterprise Usage
3 more items...
Runtime vs Permanent
Runtime
2 more items...
Permanent
2 more items...
Apply Permanent Rules
1 more item...
Enterprise Best Practices
Use Least Privilege
Separate DMZ from Internal Network
Restrict Management Access
Use Trusted Zone Carefully
Avoid Open Ports
Use Rich Rules for Critical Systems
Regular Firewall Audits
Monitor Firewall Changes
Implement Change Management
Document Zone Assignments
Troubleshooting
Check Active Zones
1 more item...
List All Rules
1 more item...
Reload Configuration
1 more item...
Verify Service
1 more item...
Verify Port
1 more item...
Check Logs
1 more item...
Interview Questions
What is Firewalld
1 more item...
What is a Zone
1 more item...
Difference Between Public and Trusted
2 more items...
Difference Between Runtime and Permanent
2 more items...
How to Open SSH
2 more items...
How to View Active Zones
1 more item...
Which Zone is Used for Web Servers
1 more item...
Which Zone is Used for Internal Servers
1 more item...
Which Zone is Most Secure
1 more item...
Which Zone Gives Full Access
1 more item...
Real Enterprise Scenario
Internet Interface
1 more item...
Web Server Interface
1 more item...
Application Server Interface
1 more item...
Database Interface
1 more item...
Administrator Network
1 more item...
Employee Network
1 more item...
Security Goal
4 more items...
Interface Management
View Interface Assignments
firewall-cmd --get-active-zones
Assign Interface to Zone
firewall-cmd --zone=public --change-interface=ens33
Permanent Assignment
firewall-cmd --permanent --zone=public --change-interface=ens33
Enterprise Example
Public NIC → public
Server LAN NIC → internal
Internet Gateway NIC → external
Services Management
Purpose
Open predefined application rules
List Services
firewall-cmd --get-services
View Allowed Services
firewall-cmd --list-services
Allow SSH
firewall-cmd --add-service=ssh
Allow HTTP
firewall-cmd --add-service=http
Allow HTTPS
firewall-cmd --add-service=https
Permanent Rule
firewall-cmd --permanent --add-service=https
Remove Service
firewall-cmd --remove-service=http
Port Management
Open Specific Port
firewall-cmd --add-port=8080/tcp
Open UDP Port
firewall-cmd --add-port=161/udp
Permanent Port
firewall-cmd --permanent --add-port=8080/tcp
Remove Port
firewall-cmd --remove-port=8080/tcp
Verify
firewall-cmd --list-ports
Rich Rules
Purpose
Advanced access control
Allow Specific IP
firewall-cmd --add-rich-rule='rule family="ipv4" source address="10.10.10.50" accept'
Block Specific IP
firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.50" reject'
Allow SSH from Management Subnet
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="10.10.10.0/24" service name="ssh" accept'
View Rich Rules
firewall-cmd --list-rich-rules
Source-Based Rules
Purpose
Apply firewall policy by network source
Add Source Network
firewall-cmd --zone=internal --add-source=10.10.10.0/24
Permanent Source Rule
firewall-cmd --permanent --zone=internal --add-source=10.10.10.0/24
Masquerading (NAT)
Purpose
Internet sharing and gateways
Enable NAT
firewall-cmd --zone=external --add-masquerade
Permanent NAT
firewall-cmd --permanent --zone=external --add-masquerade
Verify
firewall-cmd --zone=external --list-all
Port Forwarding
Purpose
Redirect traffic to internal systems
Forward Port
firewall-cmd --add-forward-port=port=80:proto=tcp:toport=8080
Forward to Another Host
firewall-cmd --add-forward-port=port=80:proto=tcp:toaddr=10.10.10.20
Logging & Monitoring
List All Rules
firewall-cmd --list-all
List Zone Rules
firewall-cmd --zone=public --list-all
Log Denied Packets
firewall-cmd --set-log-denied=all
View Logs
journalctl -u firewalld
journalctl -xe
Verify Listening Ports
ss -tulpn
Runtime vs Permanent
Runtime
Immediate effect
Temporary testing
Permanent
Survives reboot
Production deployment
Apply Permanent Changes
firewall-cmd --reload
Save Best Practice
Test Runtime First
Verify Connectivity
Convert to Permanent
Enterprise Server Implementations
Web Server
Allow HTTP
Allow HTTPS
Restrict SSH to Admin Network
Enable Logging
Database Server
Allow Database Port Only from App Servers
Deny Direct Internet Access
Use Rich Rules
Bastion Host
Allow SSH Only
Restrict Source Networks
Enable Logging
DNS Server
Allow TCP 53
Allow UDP 53
Monitoring Server
Allow SNMP
Allow Agent Ports
Restrict Source IPs
Security Best Practices
Principle of Least Privilege
Open only required services
Restrict SSH Access
Allow management subnet only
Use Zones Properly
Separate trusted and untrusted networks
Enable Logging
Audit firewall changes
Remove Unused Rules
Review Rules Regularly
Use Permanent Rules for Production
Backup Firewall Configuration
Troubleshooting
Check Firewalld Status
systemctl status firewalld
Verify Active Rules
firewall-cmd --list-all
Reload Configuration
firewall-cmd --reload
Check Listening Services
ss -tulpn
Test Connectivity
ping
nc
telnet
curl
Review Logs
journalctl -u firewalld
Interview Questions
What is Firewalld
Dynamic firewall management framework
Difference Between Runtime and Permanent
Runtime temporary
Permanent persistent
What is a Zone
Trust-based traffic policy
How to Open a Port
firewall-cmd --add-port=8080/tcp
How to Allow SSH
firewall-cmd --add-service=ssh
How to View Active Zones
firewall-cmd --get-active-zones
How to Reload Rules
firewall-cmd --reload
Difference Between Firewalld and iptables
Firewalld provides dynamic management and zone abstraction
What is a Rich Rule
Advanced filtering based on source, service, protocol and action
Enterprise Best Practice
Least privilege, zone segregation, logging, source restrictions
VLAN Configuration
Purpose
Logical network segmentation
Create VLAN
nmcli con add type vlan con-name vlan100 dev ens33 id 100
Verify VLAN
ip link show
Enterprise Use
User VLAN
Server VLAN
Management VLAN
Storage VLAN
Network Bonding (NIC Teaming)
Network Bonding (Linux term) or NIC Teaming is the process of combining multiple physical network interfaces into one logical interface to achieve
Purpose
High availability
Increased throughput
Modes
Active Backup
LACP (802.3ad)
Create Bond
nmcli con add type bond ifname bond0 mode active-backup
Add Slave Interface
nmcli con add type ethernet ifname ens33 master bond0
nmcli con add type ethernet ifname ens34 master bond0
Enterprise Use
Database servers
Virtualization hosts
Critical production servers
Static Routes
Purpose
Reach remote networks
Add Static Route
nmcli con mod ens33 +ipv4.routes "10.20.0.0/16 192.168.1.1"
Apply Changes
nmcli con up ens33
Enterprise Use
Branch offices
VPN networks
Cloud connectivity
Network Security
SSH Access
ssh
user@server
Disable Unused Services
ss -tulpn
Restrict Firewall Rules
Allow only required ports
Network Hardening
CIS Benchmarks
Secure DNS
Segmentation
Logging
Monitoring and Logs
NetworkManager Logs
journalctl -u NetworkManager
Interface Statistics
ip -s link
Connection Monitoring
ss -ant
Enterprise Monitoring
ELK Stack
Wazuh
Zabbix
Prometheus
Grafana
Enterprise Network Design
Management Network
SSH
Monitoring
Backups
Production Network
Applications
Databases
Storage Network
NFS
SAN
iSCSI
DMZ Network
Web Servers
Reverse Proxies
WAF
Enterprise Implementation Workflow
Planning
IP Addressing Scheme
VLAN Design
DNS Design
Deployment
Configure Interfaces
Configure DNS
Configure Routes
Configure Firewall
Validation
Ping
DNS Resolution
Route Verification
Application Testing
Monitoring
Logs
Alerts
Performance Metrics
Documentation
IP Inventory
VLAN Inventory
Network Diagrams
Change Records
Interview Questions
What is NetworkManager?
Difference between nmcli and nmtui?
Difference between static IP and DHCP?
How to configure DNS?
How to troubleshoot network issues?
What is a default gateway?
What is VLAN?
What is NIC Bonding?
Difference between bonding and teaming?
How to add a static route?
How to view routing table?
How to check listening ports?
What is firewalld?
How do you troubleshoot DNS failures?
Explain enterprise network segmentation.
Performance Management in Linux (Enterprise Level)
Objective
Identify Performance Bottlenecks
CPU
Memory
Disk I/O
Network
Application
Maintain SLA and Availability
Capacity Planning
Performance Tuning
Proactive Monitoring
Performance Troubleshooting Workflow
User Reports Slowness
Website Slow
Application Slow
Login Slow
Database Slow
Verify System Health
uptime
Load Average
top
htop
Check Resources
CPU
Memory
Disk
Network
Identify Root Cause
Resource Exhaustion
Misconfiguration
Application Issue
Hardware Issue
Implement Fix
Tune System
Restart Service
Add Resources
Optimize Application
Monitor Results
Compare Before and After
Document Findings
CPU Performance Management
Purpose
Detect CPU Saturation
Find High CPU Processes
Commands
top
htop
mpstat -P ALL 1
sar -u 1 5
pidstat -u 1
Key Metrics
User CPU
System CPU
Idle CPU
IOWait
Load Average
Enterprise Investigation
Identify High CPU Process
top
ps aux --sort=-%cpu
Check Service
systemctl status service_name
Analyze Logs
journalctl -xe
Optimization
Kill Rogue Process
Optimize Application
Increase CPU Resources
Tune Thread Usage
Interview Questions
What is Load Average
Difference Between CPU Utilization and Load Average
What is IOWait
Memory Performance Management
Purpose
Detect Memory Exhaustion
Prevent OOM Events
Commands
free -h
vmstat 1
top
htop
sar -r 1 5
Key Metrics
Used Memory
Free Memory
Available Memory
Buffers
Cache
Swap Usage
Enterprise Investigation
free -h
ps aux --sort=-%mem
Find Top Memory Consumers
top
htop
OOM Analysis
dmesg | grep -i oom
journalctl -k
Optimization
Restart Memory Leaking Service
Tune JVM Memory
Add RAM
Configure Swap
Interview Questions
What is Available Memory
Why Linux Uses Cache
What is OOM Killer
Disk Performance Management
Purpose
Detect Storage Bottlenecks
Commands
iostat -x 1
iotop
df -h
du -sh
lsblk
Key Metrics
Utilization
Await
Read IOPS
Write IOPS
Throughput
Enterprise Investigation
Check Disk Usage
df -h
Find Large Directories
du -sh *
Check I/O Wait
iostat -x 1
Optimization
Cleanup Old Logs
Archive Data
Upgrade Storage
Tune Filesystem
Interview Questions
Difference Between df and du
What is IOPS
What is Disk Await
Network Performance Management
Purpose
Detect Connectivity and Throughput Issues
Commands
ip addr
ip route
ss -tulpn
netstat -tulpn
ping
traceroute
mtr
iftop
nload
Key Metrics
Latency
Packet Loss
Throughput
Connection Count
Enterprise Investigation
Verify Connectivity
ping
Check Routing
ip route
Check Listening Ports
ss -tulpn
Monitor Traffic
iftop
Optimization
Fix DNS
Tune Network Buffers
Upgrade NIC
Load Balance Traffic
Interview Questions
Difference Between Ping and Traceroute
Difference Between TCP and UDP
How to Check Open Ports
Service Performance Management
Purpose
Ensure Services Respond Efficiently
Commands
systemctl status service
systemctl restart service
journalctl -u service
Enterprise Investigation
Service Status
systemctl status nginx
Logs
journalctl -u nginx
Resource Consumption
top
pidstat
Optimization
Restart Service
Tune Configuration
Scale Horizontally
Scale Vertically
Interview Questions
How to Troubleshoot Slow Service
How to Check Service Logs
Log Analysis
Purpose
Detect Hidden Issues
Commands
journalctl -xe
journalctl -p err
tail -f /var/log/messages
grep ERROR logfile
Enterprise Use
Detect Application Errors
Detect Kernel Issues
Detect Resource Exhaustion
Enterprise Monitoring Stack
Infrastructure Monitoring
Prometheus
Grafana
Zabbix
Nagios
Log Monitoring
Elasticsearch
Logstash
Kibana
Wazuh
Metrics Collection
Node Exporter
Telegraf
Alerting
Email
Slack
PagerDuty
Capacity Planning
CPU Trend Analysis
sar
Prometheus
Memory Trend Analysis
Historical Usage
Disk Growth Analysis
Storage Forecasting
Network Growth Analysis
Bandwidth Forecasting
Enterprise Incident Response
Step 1
Receive Alert
Step 2
Validate Issue
Step 3
Identify Resource Bottleneck
Step 4
Collect Evidence
top
vmstat
iostat
ss
Step 5
Implement Fix
Step 6
Monitor Recovery
Step 7
Create RCA
Root Cause Analysis
Performance Tuning
CPU
Tune Threads
Tune Scheduler
Memory
Tune Swappiness
Optimize Cache Usage
Disk
RAID Optimization
SSD Deployment
Network
MTU Optimization
TCP Buffer Tuning
Enterprise Performance Commands Cheat Sheet
CPU
top
htop
mpstat
pidstat
sar -u
Memory
free -h
vmstat
sar -r
Disk
df -h
du -sh
iostat
iotop
Network
ss -tulpn
ping
traceroute
mtr
iftop
Services
systemctl status
journalctl -u
Logs
journalctl -xe
dmesg
Interview Preparation
System Slow First Command
top
uptime
High CPU Investigation
top
mpstat
pidstat
High Memory Investigation
free -h
vmstat
High Disk I/O Investigation
iostat
iotop
Network Slowness Investigation
ping
traceroute
ss
Service Slowness Investigation
systemctl status
journalctl -u
Enterprise Answer
Check CPU
Check Memory
Check Disk I/O
Check Network
Check Logs
Identify Root Cause
Implement Fix
Validate Performance
Document RCA