network-performance-monitoring
dns-troubleshooting
Following is the list of natively available troubleshooting commands.
=========================OR=================================
=====================OR==============================
hostname
Hostname command is used to view the hostname of the machine and to set the hostname.
hostname
You can use the hostname command to set a new hostname for the machine. For example,
sudo hostname temp.com
If you set the hostname using “hostname” command, when you restart the machine, the hostname will change to the name specified in the hostname file ( eg: /etc/hostname).
So if you want to change the hostname permanently, you can use the /etc/hosts file or relevant hostname file present on the server.
- For ubuntu machines, you can change it in the** /etc/hostname** file.
- For RHEL, CentOS and Fedora you can change it in the /etc/sysconfig/network file . ## host Host command is for the reverse lookup of IP or a DNS name.
For example, If you want to find a DNS attached with an IP you can use the host commands as follows.
host 8.8.8.8
You can also do the reverse to find the IP address associated with the domain name. For example,
host devopscube.com
ping
The ping networking utility is used to check if the remote server is reachable or not. It is primarily used for checking the connectivity and troubleshooting the network.
It provides the following details.
- Bytes sent and received
- Packets sent, received, and lost
- Approximate round-trip time (in milliseconds) Ping command has the following syntax.
ping <IP or DNS>
For example,
ping devopscube.com
To ping IP address
ping 8.8.8.8
If you want to limit the ping output without using ctrl+c, then you can use the “-c” flag with a number as shown below.
ping -c 1 devopscube.com
curl
Curl utility is primarily used to transfer data from or to a server. However, you can use it for network troubleshooting.
For network troubleshooting, curl supports protocols such as DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP
For example, curl can check connectivity on port 22 using telnet.
curl -v telnet://192.168.33.10:22
You can check the FTP connectivity using curl.
curl ftp://ftptest.net
You can troubleshoot web server connectivity as well.
curl http://devopscube.com -I
wget
The wget command is primarily used to fetch web pages.
You can use wget to troubleshoot network issues as well.
For example, you can troubleshoot proxy server connections using wget.
wget -e use_proxy=yes http_proxy=<proxy_host:port>
http://externalsite.com
You can check if a website is up by fetching the files.
wget www.google.com
ip (ifconfig)
ip command is used to display and manipulate routes and network interfaces. ip command is the newer version of ifconfig. ifconfig works in all the systems, but it is better to use ip command instead of ifconfig.
Let’s have a look at a few examples of ip command.
Display network devices and configuration
ip addr
You can use this command with pipes and grep to get more granular output like the IP address of the eth0 interface. It is very useful when you work on automation tools that require IP to be fetched dynamically.
The following command gets the IP address of eth0 network interface.
ip a | grep eth0 | grep "inet" | awk -F" " '{print $2}'
Get details of a specific interface
ip a show eth0
You can list the routing tables.
ip route
ip route list
arp
ARP (Address Resolution Protocol) shows the cache table of local networks’ IP addresses and MAC addresses that the system interacted with.
arp
Example output,
8.## ss (netstat)
The ss command is a replacement for netstat. You can still use the netstat command on all systems.
Using ss command, you can get more information than netstat command. ss command is fast because it gets all the information from the kernel userspace.
Now let’s have a look at a few usages of ss command.
Listing all connections
The “ss” command will list all the TCP, UDP, and Unix socket connections on your machine.
Filtering out TCP, UDP and Unix sockets
If you want to filter out TCP , UDP or UNIX socket details, use “-t” “-u” and “-x” flag with the “ss” command. It will show all the established connections to the specific ports. If you want to list both connected and listening ports using “a” with the specific flag as shown below.
List all listening ports
To list all the listening ports, use “-l” flag with ss command. To list specific TCP, UDP or UNIX socket, use “-t”, “-u” and “-x” flag with “-l” as shown below.
List all established
To list all the established ports, use the state established flag as shown below.
ss -t -r state established
To list all sockets in listening state,
ss -t -r state listening
traceroute
If you do not have a traceroute utility in your system or server, you can install it from the native repository.
traceroute is a network troubleshooting utility. Using traceroute you can find the number of hops required for a particular packet to reach the destination.
For example,
traceroute google.com
Here is the output.
1## mtr
The mtr utility is a network diagnostic tool to troubleshoot the network bottlenecks. It combines the functionality of both ping and traceroute
For example, the following command shows the traceroute output in real-time.
mtr google.com
mtr report
You can generate a report using the –report flag. When you run the mtr report, it sends 10 packets to the destination and creates the report.
mtr -n --report google.com
dig
If you have any task related to DNS lookup, you can use “dig” command to query the DNS name servers.
Get all DNS records with dig
The following command returns all the DNS records and TTL information of a twitter.com
dig twiter.com ANY
Use +short to get the output without verbose.
dig google.com ANY +short
Get Specific DNS Record with dig
For example, If you want to get the A record for the particular domain name, you can use the dig command. +short will provide the information without verbose
dig www.google.com A +short
Similarly, you can get the other record information separately using the following commands.
Reverse DNS Lookup with dig
You can perform a reverse DNS lookup with dig using the following command. Replace 8.8.8.8 with the required IP
dig -x 8.8.8.8
nslookup
Nslookup (Name Server Lookup) utility is used to check the DNS entries. It is similar to dig command.
To check the DNS records of a domain, you can use the following command.
nslookup google.com
You can also do a reverse lookup with the IP address.
nslookup 8.8.8.8
To get all the DNS records of a domain name, you can use the following.
nslookup -type=any google.com
Similarly, you can query for records like mx, soa etc
nc (netcat)
The nc (netcat) command is known as the swiss army of networking commands.
Using nc, you can check the connectivity of a service running on a specific port.
For example, to check if ssh port is open, you can use the following command.
nc -v -n 192.168.33.10 22
netcat can also be used for data transfer over TCP/UDP and port scanning.
Port scanning is not recommended in cloud environments. You need to request the cloud provider to perform port scanning operations in your environment.
telnet
The telnet command is used to t*roubleshoot the TCP connections on a port*.
To check port connectivity using telnet, use the following command.
telnet 10.4.5.5 22
route
The “route” command is used to g*et the details of the route table for your system and to manipulate* it. Let us look at a few examples for the route command.
Listing all routes
Execute the “route” command without any arguments to list all the existing routes in your system or server.
If you want to get the full output in numerical form without any hostname, you can use “-n” flag with the route command.
tcpdump
command is primarily used for troubleshooting network traffic.
Note: T*o analyze the output of tcpdump command* requires some learning, so explaining it is out of the scope of this article.
tcpdump command works with the network interfaces of the system. So you need to use administrative privileges to execute the command.
List all network interfaces
Use the following command to list all the interfaces.
sudo tcpdump --list-interfaces
Capture Packets on Specific Interface
To get the dump of packets on a specific interface, you can use the following command.
Note: press ctrl + c to stop capturing the packets.
sudo tcpdump -i eth0
To limit the packet capturing, you can use the -c flag with the number.
For example,
sudo tcpdump -i eth0 -c 10
Capture Packets on All Interfaces
To capture packets on all the interfaces, use the any flag as shown below.
sudo tcpdump -i any
lsof
lsof is a command that would used in day to day linux troubleshooting. This command is equally important for anyone working with Linux systems.
To list all open files, execute the lsof command.
lsof
One of the common error face by developers & DevOps engineers is “Bind failed error: Address already in use“. You can find the process ID associated with a port using the following command. The you can kill the process to free up the port.
lsof -i :8080
Top comments (0)