RHCSA – Handy command line utilities for network troubleshooting

Here are some useful commands to help you locate and resolve network related issues:

  • ping – tests connectivity
  • traceroute – gives routing info. I.e. it gives you a list of all devices a data packet went throught to reach it’s destination. However this command isn’t that useful anymore because a lot of routers are locked down and doesn’t provide any info. I.e. there is filtering on the routers. When this occurs, each row is displayed as “* * *”
  • tracepath – alternative to traceroute
  • dig – gets DNS information
  • nmap – This is useful for troubleshooting network related issues by showing you what ports are opening and the corresponding services listening in on them. Be careful you have permission of the target machine owner before running this command against it.
  • ss -atn – this is a better version of the netstat command “netstat”.

Troubleshooting approach

Here’s a good approach to review your network settings in order to find any faults:

  1. find out your machines ip address – do this using ip addr show
  2. Check that default route is set, and default gateway ip is in the same range as your machine’s ip address. You can do this using ip route show
  3. Check what is the dns ip address that is currently being used. Best way to do this is cat /etc/resolv.conf | grep "nameserver"
  4. now use ping to see if you can ping to the default gateway, i.e. default router
  5. now ping the dns
  6. now use the host command, i.e. host {fqdn}. This will return the fqdn’s ip address. This will test that dns’s host name resolution is working as expected. However if /etc/hosts already has a matching entry, then the host command will still return a positive result, even if the dns server is switched off. Note the windows equivalent to this command is nslookup.
  7. using dig command, i.e. dig {fqdn}, this gives more detailed info and it will specifically test the dns server, and ignore the local /etc/hosts file. If everything is ok, then this command will output “NOERROR” somewhere within the output. If however if gives “NXDOMAIN”, then that means that the domain doesn’t exist.
  8. Here’s another troubleshooting approach:

    Here is a good network troubleshooting technique using ping. Do the following in sequence to test connectivity in small steps that gradually gets bigger:

    1.                 ping localhost     # This checks machine’s internal networking software is working correctly. “localhost” is an alias in /etc/hosts file. If sucsseful then do:
    2.                 ping eth0                                                                 # check connection to the eth0 (networking card hardware) interface. If successful, then do:
    3.                 ping {default gateway ip}                   # pings to the local router
    4.                 ping {another device on same network}                           #
    5.                 ping {external ip address}               # If it fails then it means that there is a breakdown in the connection somewhere between our router and destination server.