Linux Network Troubleshooting
Linux Network : Stuck with network issues on your Linux system? No worries use commands like ip a, netstat, ping, and traceroute to figure out what’s going wrong. Whether it’s a wonky interface, a service not playing nice, or DNS acting up, these steps will help you troubleshoot and get your network back on track.
1. Check Network Interface Status:
Command:
ip a
Interpretation:
- Look for the
UPstatus under the interface name (e.g.,eth0,wlan0). If the interface is marked asDOWN, the network interface might be disabled or disconnected. - Ensure the IP address assigned to the interface is correct and belongs to the expected network.
- If there is no IP address, there may be an issue with DHCP or static IP configuration.
Example Output:
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
UPmeans the interface is operational.- The
inetline shows the assigned IP (192.168.1.2/24). If the IP is not present, check DHCP settings.
2. Check for Active Connections:
Command:
netstat -tuln
Interpretation:
- This command shows a list of active ports your system is listening on. This helps verify if services (like HTTP, SSH) are running and accepting connections.
- Look for services like
ssh(port 22),http(port 80), orhttps(port 443). If the service you expect to be running is not listed, it may not be started or there could be a firewall blocking the port.
Example Output:
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp6 0 0 :::80 :::* LISTEN
- If
LISTENappears, it means the service is ready to accept connections. - If you don’t see
LISTENfor a service, check if the service is running or check firewall rules.
3. Verify DNS Resolution:
Command:
nslookup google.com
Interpretation:
- If the
nslookupcommand successfully resolves a domain (e.g.,google.com), it means DNS resolution is working. If you see an error like “Non-existent domain,” it means DNS isn’t resolving correctly. - If DNS resolution fails, check the contents of
/etc/resolv.confto ensure valid DNS servers are listed.
Example Output:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 172.217.5.78
- If the DNS server is
8.8.8.8(Google’s public DNS), it means the DNS query was successful. - If no address is returned or a different DNS server is listed, investigate your DNS configuration.
4. Check Routing Table:
Command:
ip route show
Interpretation:
- This shows the current routing table. The key route to look for is the
defaultroute, which directs packets to the internet. - If the default route is missing or misconfigured, your system won’t be able to reach external networks.
Example Output:
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.2
default via 192.168.1.1indicates that the default gateway is192.168.1.1(usually your router).- If the default route is missing or incorrect, you may need to configure it or fix the network gateway.
5. Ping the Gateway and Remote Hosts:
Command:
ping 192.168.1.1
Interpretation:
- If you can successfully ping your gateway (router), the issue is likely with your external connection or DNS configuration.
- If you can’t ping the gateway, check the network connection or verify if the network interface is configured correctly.
Example Output:
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.242 ms
- If the latency is low (in ms), the local network is fine.
- High latency or timeouts indicate a problem in the local network.
Ping External Host (e.g., 8.8.8.8):
ping 8.8.8.8
Interpretation:
- If pinging an external IP (like Google’s DNS server 8.8.8.8) works, it indicates that the system can reach the internet, but there may be a DNS issue.
- If pinging 8.8.8.8 fails, there is likely a network routing issue, a firewall issue, or an ISP connectivity problem.
6. Traceroute to Diagnose Routing Issues:
Command:
traceroute google.com
Interpretation:
- This command helps identify where packets are getting delayed or dropped in the network path.
- Each line in the output represents a router (hop) along the route, and the times show how long it took to reach that router. If there’s a large delay at a certain hop, the issue may be with that router or network segment.
Example Output:
1 192.168.1.1 (192.168.1.1) 1.428 ms 1.408 ms 1.387 ms
2 10.0.0.1 (10.0.0.1) 4.213 ms 4.194 ms 4.190 ms
3 172.16.1.1 (172.16.1.1) 20.370 ms 20.340 ms 20.317 ms
4 203.0.113.1 (203.0.113.1) 35.781 ms 35.748 ms 35.725 ms
5 google.com (172.217.5.78) 48.251 ms 48.214 ms 48.183 ms
- If there is a large delay (e.g., over 100ms) at any hop, the problem could be with that specific hop or the router’s network.
- If the trace stops (shows
* * *), it indicates that the router at that hop did not respond to ICMP packets (not necessarily a problem).
7. Test Bandwidth and Speed:
Command:
iperf3 -s # Run this on the server
iperf3 -c <server_IP> # Run this on the client
Interpretation:
iperf3measures the bandwidth between two systems. You should check for the average throughput reported byiperf3.- If the throughput is low, it could indicate congestion, packet loss, or hardware limitations in the network.
Example Output:
[ 5] 0.0-10.0 sec 100 MBytes 83.3 Mbits/sec
- If the bandwidth is much lower than expected, check for network congestion, faulty cables, or poor-quality network devices.
8. Check Firewall and Security Settings:
Command:
sudo ufw status
Interpretation:
- If the firewall is blocking essential ports (e.g., SSH on port 22, HTTP on port 80), services may be inaccessible.
- Ensure the firewall allows inbound and outbound traffic for the services you’re trying to access.
Example Output:
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
Command:
sudo iptables -L
Interpretation:
- Check for any rules that might block traffic. For example, if a rule exists that blocks
INPUTorOUTPUTfor certain ports, this could explain network connectivity issues.
9. Check for Network Congestion or Errors:
Command:
netstat -i
Interpretation:
- Check for any packet errors, dropped packets, or collisions on the network interface. These can indicate network congestion, a faulty cable, or misconfigured hardware.
Example Output:
Iface MTU RX-OK RX-ERR RX-DROP TX-OK TX-ERR TX-DROP Coll
eth0 1500 100000 0 0 100000 0 0 0
- If
RX-ERRorTX-ERRis non-zero, it indicates packet loss or hardware issues.
10. Review Logs for Errors:
Command:
sudo journalctl -xe
Interpretation:
- Look for any error messages related to networking, such as interface down, DHCP issues, or DNS resolution errors.
- This log can provide clues if a service failed to start or if a network-related error was logged by the kernel.
FAQ : Linux Network Issue Troubleshoot
1. How do I check if my network interface is up?
Command:ip a
What to look for:
- Look for the interface status. If it shows
UPunder the interface (e.g.,eth0,wlan0), then the network interface is active. - If it shows
DOWN, the interface may be disabled or disconnected. You can bring it up using:sudo ip link set eth0 up
2. How can I see which ports are open on my system?
Command:netstat -tuln
What to look for:
- This will list active listening ports and the services bound to them. For instance, port 22 for SSH, port 80 for HTTP, and port 443 for HTTPS.
- If the service you expect is missing, ensure that it’s running, or check if a firewall is blocking the port.
3. How do I check if my DNS is working properly?
Command:nslookup google.com
What to look for:
- If the DNS query returns an IP address (e.g.,
172.217.5.78), it means DNS is working. - If it fails, check your
/etc/resolv.conffile for correct DNS server entries, or test with different public DNS servers like8.8.8.8(Google’s DNS).
4. What do I do if I can’t reach the internet?
Commands:ping 192.168.1.1 (ping your router)ping 8.8.8.8 (ping an external address)
What to look for:
- If you can ping your router (
192.168.1.1), but not external addresses (like8.8.8.8), the issue is likely with your gateway or routing. - If you can’t ping the router, it’s a local network issue (wrong IP settings or physical connection problems).
5. How do I check if my routing table is correct?
Command:ip route show
What to look for:
- Ensure there is a valid
defaultroute pointing to your gateway, usually shown asdefault via 192.168.1.1. - If the default route is missing or incorrect, add it using:
sudo ip route add default via 192.168.1.1
6. How can I troubleshoot network latency or slow connections?
Command:traceroute google.com
What to look for:
- The output will show each hop (router) your data takes on its way to
google.com. If there’s a delay at any particular hop, it could indicate a network congestion or issue at that point. - High latency or timeouts could suggest problems with that hop or a broader network issue.
7. How can I test network performance or bandwidth?
Command:iperf3 -s (on the server)iperf3 -c <server_IP> (on the client)
What to look for:
- This will provide throughput stats, including bandwidth, latency, and packet loss.
- If throughput is lower than expected, check for congestion or hardware limitations.
8. How do I check if my firewall is blocking network traffic?
Commands:sudo ufw status (for UFW firewall)sudo iptables -L (for iptables firewall)
What to look for:
- Check for any rules that may be blocking important ports like
22(SSH),80(HTTP), or443(HTTPS). - If you need to open a port, you can do so with:
sudo ufw allow 22/tcp
9. How do I identify network errors or congestion?
Command:netstat -i
What to look for:
- Look for any
RX-ERRorTX-ERRvalues that are greater than 0. These could indicate packet errors or hardware issues. - Network congestion can also show as dropped packets, which could mean faulty cables or misconfigured network hardware.
10. How do I review system logs for network issues?
Command:sudo journalctl -xe
What to look for:
- Search for any networking-related errors such as interface failures, DHCP issues, or DNS resolution errors. Logs can often provide more context on what went wrong.