RESOLVING NETWORK ISSUES ON LINUX






Dealing with networking issues can be a very challenging task. A packet sent from a client to a server (or vice versa) might be dropped in various locations and for various reasons. Some of the most common cases are -






1. A firewall that is blocking the packet. It can be a firewall on the server side, on the client side or any firewall along the way between the server and the client. The blocking may be based on an ip (source and/or destination), ports (in case of tcp/udp) or any other layer 3,4 criteria.





2. Lack of layer 2 connectivity.





3. Routing configurations that are not set properly.





Fortunately, Linux command line tools supply significant information that might help us narrow down the problem. From my experience those are my top 8 tools that will help you overcome networking issues.













  1.  ping: This is the most fundamental command when troubleshooting a networking issue. The ping command will test the network connectivity between your host and the server. This is definitely the first command to use when suspecting no network connectivity. 
  2.  ifconfig: ifconfig will allow you to view and configure your network interfaces.You can view your network interfaces and the ip addresses assigned to them.You can view the network statistics for each network interface (worth looking on dropped or error packets counters).
  3.  tcpdump: tcpdump will print the content of the packets that are being received or transmitted by a network interface (or by all network interfaces). This is a powerful util due to its ability to give a full view of the network traffic and its filtering capabilities that allow us to filter traffic by layer 3 and 4 properties.For example to view all the traffic on eth0 transmitted to port 80 or received by port 80 -
  4.  netstat: netstat will print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.I want to focus on netstat's ability to provide information about listening sockets. When establishing a tcp connection from a client to a server on server's specific port. The server must have a running program that "listens" on that specific port. Using netstat's command (on the server side) we can verify that indeed a program has a listening socket on that specific port and on which ip addresses it accepts connections from.
  5.  ip rule, ip route: I intentionally put those 2 commands together since they are related. Usually when we want to have a look on our configured routing table, we type the ip route command -
  6.  iptables: iptables is an administration tool for IPv4 packet filtering and NAT. This basically serves as a firewall. iptables has 4 tables with predefined chains. usually we will inspect the filter table. The filter table is the default table shown when typing iptables -L and all the filtering is defined in this table.
  7.  ip neighbour: This command prints to the screen the arp table. Always remember that before sending an ip packet from one point to another, the destination's mac address should be known to the sender (its actually the gateway's mac address in most cases where the 2 endpoints are not directly connected). So its always worth checking out the arp table for layer 2 connectivity issues before checking the network or transport layer.
  8.  conntrack: conntrack will give you the information of all the system's connection, their state and some other useful information.




       In conclusion, there are almost endless different types of networking issues you can face, solving those issues is not always easy, however mastering those tools i have mentioned will dramatically increase your chances to solve many of those issues.





Peace Out.
@suhaibbinyounis


Post a Comment

Post a Comment (0)

Previous Post Next Post