Skip to content
Home » Essential Linux Commands for Network Troubleshooting

Essential Linux Commands for Network Troubleshooting

Are you tired of constantly struggling to fix network issues on your Linux system? Look no further! These 10 essential commands will help you troubleshoot and resolve any network problems you may encounter.

1. ping

The ping command is a simple but powerful tool used to test the reachability of a host on a network. It works by sending an Internet Control Message Protocol (ICMP) echo request to the specified host and waiting for a response. Here’s an example of how to use it:

$ ping google.com
PING google.com (172.217.164.78) 56(84) bytes of data.
64 bytes from mad01s19-in-f78.1e100.net (172.217.164.78): icmp_seq=1 ttl=116 time=15.3 ms
64 bytes from mad01s19-in-f78.1e100.net (172.217.164.78): icmp_seq=2 ttl=116 time=16.1 ms
64 bytes from mad01s19-in-f78.1e100.net (172.217.164.78): icmp_seq=3 ttl=116 time=15.3 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 15.300/15.657/16.146/0.426 ms

If the host is reachable, you will see a series of responses like the ones shown above. If the host is not reachable, you will see a message saying “destination host unreachable.”

2. traceroute

The traceroute command is used to trace the path that a packet takes from your device to the specified host. It works by sending a series of packets with increasing Time To Live (TTL) values and displaying the IP addresses of the routers that the packets pass through. If you don’t have traceroute installed, then run: sudo apt install traceroute

Here’s an example of how to use it:

$ traceroute google.com
traceroute to google.com (172.217.164.78), 30 hops max, 60 byte packets
 1  192.168.1.1 (192.168.1.1)  2.109 ms  1.382 ms  1.287 ms
 2  10.0.0.1 (10.0.0.1)  9.917 ms  9.865 ms  9.749 ms
 3  74.125.39.129 (74.125.39.129)  11.737 ms  11.640 ms  11.678 ms
 4  108.170.250.65 (108.170.250.65)  10.065 ms  10.065 ms  10.059 ms
 5  108.170.249.97 (108.170.249.97)  10.077 ms  10.086 ms  10.081 ms
 6  216.239.56.149 (216.239.56.149)  10.076 ms  10.088 ms  10.072 ms
 7  108.170.247.141 (108.170.247.141)  10.105 ms  10.100 ms  10.093 ms
 8  172.217.164.78 (172.217.164.78)  10.140 ms 10.157 ms 10.159 ms

Traceroute is a useful tool for identifying where a problem may be occurring in the network path between your device and the specified host. For example, if you are experiencing slow connection speeds, traceroute can help you determine if the issue is with your local network or with a remote router.

There is an alternative to traceroute called mtr (short for “My Traceroute”). mtr combines the functionality of ping and traceroute and provides more detailed information about network performance. It is also able to continuously send packets to the specified host, allowing you to monitor the performance of the network in real-time. mtr is available on most Linux distributions and can be installed using the package manager. Here’s an example of how to use it:

Copy code
$ mtr google.com
HOST: localhost.localdomain          Loss%   Snt   Last   Avg  Best  Wrst StDev
  1.|-- 192.168.1.1                               0.0%    10    1.5   1.5   1.5   1.5   0.0
  2.|-- 10.0.0.1                                  0.0%    10    2.3   2.3   2.3   2.3   0.0
  3.|-- 74.125.39.129                             0.0%    10   15.5  15.5  15.5  15.5   0.0
  4.|-- 108.170.250.65                            0.0%    10   16.0  16.0  16.0  16.0   0.0
  5.|-- 108.170.249.97                            0.0%    10   15.9  15.9  15.9  15.9   0.0
  6.|-- 216.239.56.149                            0.0%    10   16.0  16.0  16.0  16.0   0.0
  7.|-- 108.170.247.141                           0.0%    10   15.9  15.9  15.9  15.9   0.0
  8.|-- 172.217.164.78                            0.0%    10   15.9  15.9  15.9  15.9   0.0

3. netstat

The netstat command is used to display information about active network connections, routing tables, and a variety of other network-related statistics. Here’s an example of how to use it to display active connections:

$ netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 192.168.1.2:22          192.168.1.1:50738      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50737      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50736      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50735      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50734      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50733      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50732      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50731      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50730      ESTABLISHED
tcp        0      0 192.168.1.2:22          192.168.1.1:50729      ESTABLISHED

Netstat is a useful tool for identifying which processes are using which network connections and for identifying potential security issues.

4. ifconfig

The ifconfig command is used to configure network interfaces on a Linux system. It can be used to display the current configuration of an interface, as well as to configure IP address, netmask, and other parameters. Here’s an example of how to use it to display the configuration of the eth0 interface:

$ ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.24.31.43  netmask 255.255.240.0  broadcast 172.24.31.255
        inet6 fe80::215:5dff:fed9:a4c3  prefixlen 64  scopeid 0x20<link>
        ether 00:15:5d:d9:a4:c3  txqueuelen 1000  (Ethernet)
        RX packets 85089  bytes 119394663 (119.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 18233  bytes 1237964 (1.2 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Ifconfig is a useful tool for quickly checking the configuration of a network interface and for making changes to its settings.

5. route

The route command is used to display and manipulate the routing table on a Linux system. It can be used to display the current routing table, as well as to add or delete routes. If you don’t have route installed then run: sudo apt install net-tools

Here’s an example of how to use it to display the routing table:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0

The routing table specifies which network paths should be used for different types of network traffic. Route is a useful tool for identifying and troubleshooting routing issues on your system.

6. host

The host command is used to perform DNS lookups on a Linux system. It can be used to resolve domain names to IP addresses and vice versa. Here’s an example of how to use it to resolve a domain name to an IP address:

$ host google.com
google.com has address 142.251.39.110
google.com has IPv6 address 2a00:1450:400e:811::200e
google.com mail is handled by 10 smtp.google.com.

Host is a useful tool for verifying that DNS is functioning properly on your system and for troubleshooting DNS issues.

7. dig

The dig command is similar to the host command, but it is more powerful and provides more detailed information. It is used to perform DNS lookups and to display information about DNS records. Here’s an example of how to use it to display the MX records for a domain:

$ dig google.com MX

; <<>> DiG 9.9.5-9+deb8u14-Debian <<>> google.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30604
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com.            IN      MX

;; ANSWER SECTION:
google.com.     300     IN      MX      10 aspmx.l.google.com.
google.com.     300     IN      MX      20 alt1.aspmx.l.google.com.
google.com.     300     IN      MX      20 alt2.aspmx.l.google.com.
google.com.     300     IN      MX      30 alt3.aspmx.l.google.com.
google.com.     300     IN      MX      30 alt4.aspmx.l.google.com.

;; Query time: 78 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Aug 27 22:44:12 EDT 2018
;; MSG SIZE  rcvd: 151

Dig is a useful tool for performing advanced DNS troubleshooting and for gathering more detailed information about DNS records.

Tips

  1. Use the c flag with ping to specify the number of pings to send, rather than pinging indefinitely.
  2. Use the w flag with traceroute to specify a timeout for each hop, which can help speed up the process if you are experiencing delays.
  3. Use the l flag with netstat to display listening sockets, which can be useful for identifying servers and potential security issues.
  4. Use the a flag with ifconfig to display all interfaces, including those that are down or inactive.
  5. Use the v flag with route to display more detailed information about each route in the routing table.

Challenge

Try using these commands to troubleshoot a network issue on your own system. Can you identify the problem and come up with a solution using these tools?

Leave a Reply

Your email address will not be published. Required fields are marked *

18 + fourteen =