Ict-innovation/LPI/109.3

= 109.3 Basic Network Troubleshooting = Candidates should be able to troubleshoot networking issues on client hosts

Key Knowledge Areas


 * Manually and automatically configure network interfaces and routing tables to include adding, starting, stopping, restarting, deleting or reconfiguring network interfaces.
 * Change, view, or configure the routing table and correct an improperly set default route manually.
 * Debug problems associated with the network configuration.

The figure summarises various points at which networking can fail, and may serve as a basis for fault-finding.



Figure 109.3-1: Potential Points of Failure in a Network

Can Linux find your network card?

The network interface card (NIC) must be supported by the kernel. Topic 109.2 provides some suggestions to help you determine if the kernel has detected your network card and loaded an appropriate driver.

Does it have an IP address assigned?

Use the command ifconfig to determine the network settings of your card:

Example:

In particular verify that the IP address and netmask are correct.

Can you ping other machines on the network?

The ping command can be used to test reachability of a machine by sending an ICMP echo request packet and awaiting a reply. A simple test is to ping another machine on the same network. In the example below the -c flag is used to limit the number of pings. By default, ping will continue indefinitely at 1 second intervals.

Does DNS name resolution work?

If you can connect to a machine by specifying its IP address but not by specifying its name you should suspect that name resolution is not working. First, verify that the correct DNS servers are specified in /etc/resolv.conf. See topic 109.4 for more detail on DNS client-side configuration.

Verify that you can ping your DNS servers by IP address.

Use the dig utility to manually test DNS lookups:

Verify that an answer (an A record) was received, and that it came from the DNS server you expect (192.168.81.2 in the example above).

The nslookup command can also be used but gives slightly less information:

Are your servers listening?

If other machines cannot connect to your services, verify that the services are running; for example:

Or you can look for them in the output from ps:

Verify that the service is listening on the expected port. The command netstat can be used to examine active ports; for example:

Here, the first three lines of output represent:


 * 1) A local DNS server listening on an internel network 192.168.122.0
 * 2) A secure shell server listening on port 22
 * 3) A CUPS print server listening on port 631 (but only on the loopback address)

The command netstat -i will show network interfaces. It provides similar information to running ifconfig with no arguments:

In the output above, you see a wired network interface (eth0), a wireless interface (wlan0), the loopback interface (lo) and three interfaces to support virtualization (virbr0, vmnet1 and vmnet8)

Other useful options for the netstat command include:

-r, --route:Show the routing table (similar to route -n)

-t, --tcp:Show TCP endpoints

-u, --udp:Show UDP endpoints

-a, --all:Show both listening and connected endpoints. By default only connectedendpoints are shown

-n, --numeric:Show numeric values instead of trying to determine symbolic names forhosts or ports

You can also examine active TCP and UDP endpoints with the command lsof -i:

As you can see, the lsof output is more informative – it tells you the name and the PID of the process that is using the endpoint.

Is your firewall blocking access?

If other machines are unable to connect to your services, check that your firewall is not blocking access. A quick way to make this check is to briefly disable the firewall and repeat the test. However, do not forget to re-enable it immediately afterwards. From the command line you can flush the firewall rules with the command:

Other diagnostic tools

The command traceroute can be used to trace the path that a packet takes to a specific destination. For example:

The times shown in the output above are the round-trip times of the probes to each gateway. (Each gateway is probed three times.)

The tracepath utility gives similar information with a slightly different format:

Usually it is only the first couple of hops in this route that are on your own network. Anything beyond that is likely outside of your administrative control.

The following is a partial list of the used files, terms and utilities:* ifconfig
 * ifup
 * ifdown
 * route
 * host
 * hostname
 * dig
 * netstat
 * ping
 * traceroute

Previous Chapter | Next Chapter