The routine tasks of a network administrator, such as administration, monitoring, configuration, and troubleshooting, don’t require learning complicated third-party tools. Instead, you can do all of these tasks with readily available tools that come preinstalled with most Linux distributions.
This article focuses on the network troubleshooting part of a network administrator’s responsibilities and covers tools that solve these problems in different categories. It also describes how these tools help in practical scenarios.
ifconfig is a command line utility known for its interface configuration in Linux/Unix operating systems. Network administrators also use it to query and manage interface parameters using configuration scripts.
It helps you enable or disable a network interface and allows you to assign an IP address and netmask to the selected interface. You can also view all available interfaces, IP addresses, hardware addresses, and maximum transmission unit size for active interfaces.
You can enable/disable each interface by using the up/down parameters as follows:
sudo ifconfig up eth0
sudo ifconfig down eth0
To assign an IP address to an interface:
sudo ifconfig eth0 192.168.120.5 netmask 255.255.255.0
However, this utility is not readily available in Linux distributions and you may get an error message “ifconfig: command not found“. You can solve the problem by using the net tools package using your distribution’s package manager.
sudo apt-get install net-tools
On Fedora, CentOS, and other RPM-based distributions:
yum install net-tools
On Arch Linux:
sudo pacman -S net-tools
ip is an alternative to the good old ifconfig. However, the scope of its functionality includes two layers of the TCP/IP protocol, the data link layer and the network layer.
It lists network interfaces and configures network devices, just like the ifconfig utility. It also displays and modifies kernel routing tables with adding/removing ARP cache entries.
To view all interfaces and their details:
ip addr show
To add and remove interfaces:
ip a add 192.168.120.174 dev eth0
ip a del 192.168.120.174 dev eth0
Use the on/off options to enable/disable the ARP protocol for the interface:
ip link set dev eth0 arp on
ip link set dev eth0 arp off
The ping utility helps you identify network and host availability. It checks if the host is reachable or if a service is running. You can also check for network connectivity issues such as high latency and packet loss using the ping command.
ping sends Internet Control Message Protocol (ICMP) echo request messages and waits for the ICMP echo response packets to check the host’s availability. The output contains the total of sent and received messages with the time it takes for a packet to reach its destination.
netstat is a command-line tool that helps discover connected and listening TCP, UDP, and UNIX sockets. It displays information about routing tables, listening ports, and information statistics.
You can display both listening and closed connections by typing:
To display only listening TCP connections:
It also allows you to display the PID of the processes and program names using TCP connections:
host is a minimal but powerful CLI utility that performs DNS lookups and converts the hostname to IP addresses and vice versa. In addition to troubleshooting DNS servers, NS and MX DNS record types and ISP DNS servers are also listed and verified.
To find NX for the Google website:
host -t ns google.com
You can also find MX records by running:
host -n -t mx google.com
The arp command manipulates the cache of the system’s ARP table by adding/removing addresses and displaying them. ARP stands for Address Resolution Protocol and maps the IP address to the MAC address of the machine. Therefore, the arp command performs the task and is one of the tools available in the net tools package.
Run the command without parameters to view the table contents:
You can also find the MAC address assigned to a specific IP address by specifying the IP address:
7. trace route
Once the ping utility provides information about network connectivity and the total time it takes for a packet to reach the destination, you can use the traceroute command to get in-depth details of the path the packet takes to the destination host and fix that problem. to solve.
The output shows the packet route and all intermediate hosts between the source and destination with their response time.
For example, the following command executes all hops to the destination host 220.127.116.11 (Google) from the local machine:
The utility uses the time-to-live (TTL) field of the IP packet, which tells about its lifetime in the network, as it decreases a number when the packet reaches the hop.
The utility also uses the concept of round-trip-time (RTT), which causes each intermediate node to drop the packet and returns the ICMP error message that helps traceroute measure the time it takes for a packet to travel each hop along the way. reach.
This functionality helps network administrators identify the root cause of Internet connection problems and fix the exact problem in the route.
dig, an acronym for Domain Information Groper, collects DNS-related information and resolves DNS issues.
The output of the dns command displays information available in files containing DNS records and helps network administrators verify that host to IP address resolution is working properly.
You can run the DNS lookup query as follows:
Similarly, you can query all types of DNS records associated with a domain using the EACH choice:
dig google.com ANY
Wireshark is a powerful and versatile open-source packet analysis tool. It records the traffic of your selected interface card in real time. Allows network administrators to capture traffic based on protocol/port for monitoring and troubleshooting.
Apart from the recording filter, it also has a display filter with various options that allow you to view the traffic in question.
Troubleshooting Networking on Linux
Network troubleshooting is part of a network administrator’s day-to-day activities. Knowing which tool to use in the absence of one or with broader functionality is equally important for effectively troubleshooting different network conditions.
You can learn more about analyzing network traffic with Wireshark and network connections with the ss command.