Site icon Free Linux Tutorials

Top 5 Basic Steps to Troubleshoot Network in Linux

1.Find if your interface has IP address, it’s either obtained dynamically via DHCP server or manually configured using static configuration.

You can either use commands from the “iproute”  or “net-tools” package

ip addr
ifconfig

There are few more ways to find the IP address and you can refer to these following links below:
Top 5 Commands to Find IP address in Linux
Find your Public IP Address using curl

Sample Output:
[root@localhost ~]# ip addr
1: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:df:cf:03 brd ff:ff:ff:ff:ff:ff
inet 192.168.15.22/29 brd 192.168.15.23 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
inet6 fe80::704f:b774:7ae7:53cc/64 scope link noprefixroute
valid_lft forever preferred_lft forever

 

2. Find your gateway or default route by displaying the routing table.  There are few commands to do this:

netstat

– command to display network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

netstat -nr –> where “n”  will show numerical addresses instead of trying to determine symbolic host, port or user names, while “-r” display the kernel routing tables. It is useful in determining your default route.

Sample Output:
[root@localhost ~]# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0  192.168.15.17 0.0.0.0 UG 0 0 0 ens3
192.168.15.16 0.0.0.0 255.255.255.248 U 0 0 0 ens3

route

-command to show or can even manipulate the IP routing table

route -n –> where “-n” is to show numerical addresses instead of trying to determine symbolic host names. This is useful if you are trying to determine why the route to your nameserver has vanished.

Sample output:
[root@localhost ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.15.17 0.0.0.0 UG 100 0 0 ens3
192.168.15.16 0.0.0.0 255.255.255.248 U 100 0 0 ens3

ip route

-command for routing table management

ip route list  or ip route show  –> to display the routing table

Sample Output:
[root@localhost ~]# ip route list
default via 192.168.15.17 dev ens3 proto static metric 100
192.168.15.16/29 dev ens3 proto kernel scope link src 192.168.15.22 metric 100

 

3.  Test if a networked device is alive and reachable. It will send ICMP ECHO_REQUEST to network hosts. But not necessarily if host is unable to ping means the device is down, it could be also due to some firewall or ACL blocking ICMP ECHO requests.
Note: In troubleshooting network connectivity, if server’s interface is configured, first to try to ping its default route or gateway IP.

ping

Sample output: (Ctrl +C to stop (^C))
[root@localhost ~]# ping 192.168.15.17
PING 192.168.15.17 (192.168.15.17) 56(84) bytes of data.
64 bytes from 192.168.15.17: icmp_seq=1 ttl=255 time=0.913 ms
64 bytes from 192.168.15.17: icmp_seq=2 ttl=255 time=0.816 ms

Popular options with “ping” command.

ping -c [count]–> Stop after sending count ECHO_REQUEST packets.

Sample Output:
[root@localhost ~]# ping -c 3 google.com

PING google.com (172.217.194.138) 56(84) bytes of data.
64 bytes from 172.217.194.138 (172.217.194.138): icmp_seq=1 ttl=108 time=2.43 ms
64 bytes from 172.217.194.138 (172.217.194.138): icmp_seq=2 ttl=108 time=4.85 ms
64 bytes from 172.217.194.138 (172.217.194.138): icmp_seq=3 ttl=108 time=2.36 ms
— google.com ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 2.356/3.212/4.854/1.162 ms

ping -s [packetsize] –> Specifies the number of data bytes to be sent. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data.

 

4.  Find the path taken by a packet from  your device to destination using “these commands below. . It will display the route packets trace to network host. This is useful in determining which route or hop it stopped for further troubleshooting.

traceroute

Install traceroute if still not existing. Some distribution will ask you to install when found command not found,e.g. CentOS 8

Sample Output:
[root@localhost ~]# traceroute google.com
bash: traceroute: command not found…
Install package ‘traceroute’ to provide command ‘traceroute’? [N/y] y
* Waiting in queue…
The following packages have to be installed:
traceroute-3:2.1.0-6.el8.x86_64 Traces the route taken by packets over an IPv4/IPv6 network
Proceed with changes? [N/y] y
* Waiting in queue…
* Waiting for authentication…
* Waiting in queue…
* Downloading packages…
* Requesting data…
* Testing changes…
* Installing packages…
traceroute to google.com (172.217.194.102), 30 hops max, 60 byte packets
1 17.15.168.192.freelinuxtutorials.com (192.168.15.17) 0.906 ms 0.801 ms 0.697 ms
2 192.168.2.21 (192.168.2.21) 0.907 ms 0.757 ms 0.720 ms
3 172.217.194.102 (172.217.194.102) 1.836 ms 1.887 ms 1.986 ms
[root@localhost ~]#

Another way to traces path to a network host is:

tracepath

-command traces path to destination discovering MTU along this path. It uses UDP port port or some random port. It is similar to traceroute, only does not require superuser privileges and has no fancy options.

Sample Output:
[root@localhost ~]# tracepath google.com
1?: [LOCALHOST] pmtu 1500
1: 17.15.168.192.freelinuxtutorials.com 1.020ms
1: 17.15.168.192.freelinuxtutorials.com 1.215ms
2: 192.168.2.21 1.076ms
3: 172.217.194.102 1.318ms reached
Resume: pmtu 1500 hops 3 back 3

 

5. Check if can query domain name servers. If you happen to ping private and public IP addresses but cannot resolve hostnames, then something related with your DNS (domain name server) configuration. Use “nslookup” to query DNS.

nslookup

e.g.
google.com = 74.125.24.102

If you can ping 74.125.24.102, but cannot ping google.com, then you can use “nslookup” to query further

[root@localhost ~]# ping -c 2 74.125.24.102
PING 74.125.24.102 (74.125.24.102) 56(84) bytes of data.
64 bytes from 74.125.24.102: icmp_seq=1 ttl=107 time=1.89 ms
64 bytes from 74.125.24.102: icmp_seq=2 ttl=107 time=1.82 ms

— 74.125.24.102 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 1.823/1.858/1.893/0.035 ms

[root@localhost ~]# ping google.com
ping: google.com: Name or service not known

[root@localhost ~]# nslookup google.com
;; connection timed out; no servers could be reached

If received connection timed out, it means it cannot reach the DNS servers. One way to fix this is by adding your preferred DNS in your /etc/resolv.conf file. We can use free public DNS like from Cloudflare (1.1.1.1) or Google (8.8.8.8)

vi /etc/resolv.conf

Sample Output:
[root@localhost ~]# cat /etc/resolv.conf
nameserver 1.1.1.1
nameserver 8.8.8.8

Try again:

[root@localhost ~]# nslookup google.com
Server: 1.1.1.1
Address: 1.1.1.1#53

Non-authoritative answer:
Name: google.com
Address: 74.125.24.102
Name: google.com
Address: 2404:6800:4003:c04::66

Most server administrators preferred another flexible tool for interrogating and troubleshooting DNS problems because its flexibility, ease of use and clarity of output.

dig

Sample Output:
[root@localhost ~]# dig google.com

; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29806
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 113 IN A 172.217.194.101
google.com. 113 IN A 172.217.194.102

;; Query time: 2 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Feb 19 02:55:33 EST 2021
;; MSG SIZE rcvd: 135

Useful options of “dig” command:

dig -t [type] [domain/IP] –>  where “-t” is to query the resource record type (e.g. NS, AAAA, MX)

Sample Output:
[root@localhost ~]# dig -t AAAA google.com

; <<>> DiG 9.11.20-RedHat-9.11.20-5.el8 <<>> -t AAAA google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 760
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;google.com. IN AAAA

;; ANSWER SECTION:
google.com. 193 IN AAAA 2404:6800:4003:c03::65
google.com. 193 IN AAAA 2404:6800:4003:c03::8a
google.com. 193 IN AAAA 2404:6800:4003:c03::8b
google.com. 193 IN AAAA 2404:6800:4003:c03::71

;; Query time: 2 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Feb 19 03:00:18 EST 2021
;; MSG SIZE rcvd: 151

Another DNS lookup utility that can be  used to convert names to IP addresses and vice versa

host

Sample Output:
[root@localhost ~]# host google.com
google.com has address 74.125.24.102
google.com has IPv6 address 2404:6800:4003:c03::66
google.com mail is handled by 10 aspmx.l.google.com.

Honorable Mention:

mtr

It is a network diagnostic tool combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

As mtr starts, it investigates the network connection between the host mtr runs on and HOSTNAME by sending packets with purposely low TTLs. It continues to send packets with low TTL, noting the response time of the inter
vening routers. This allows mtr to print the response percentage and response times of the internet route to HOSTNAME. A sudden increase in packet loss or response time is often an indication of a bad (or simply overloaded) link.

The results are usually reported as round-trip-response times in milliseconds and the percentage of packetloss.

Sample Output:
[root@localhost ~]# mtr 1.1.1.1
My traceroute [v0.92]
localhost.localdomain (192.168.15.22) 2021-02-19T03:09:22-0500
Keys: Help Display mode Restart statistics Order of fields quit
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. 17.15.168.192.freelinuxtutorials.com 0.0% 7 0.9 1.3 0.9 3.0 0.8
2. 192.16.2.21 0.0% 7 1.0 0.9 0.9 1.0 0.0
3. 172.20.0.10 0.0% 7 2.3 1.7 1.0 2.6 0.7
4. 162.158.160.230 20.0% 6 1.6 1.7 1.6 1.9 0.1
5. one.one.one.one 0.0% 6 1.9 1.9 1.7 2.0 0.1

Exit mobile version