Network Troubleshooting
A systematic approach to diagnosing network connectivity issues.
Troubleshooting Methodology
1. Identify the problem
2. Establish a theory
3. Test the theory
4. Create an action plan
5. Implement the solution
6. Verify functionality
7. Document findingsEssential Commands
ping - Test Connectivity
# Basic ping
ping google.com
# Limit packets
ping -c 4 192.168.1.1
# Set packet size
ping -s 1500 192.168.1.1
# Continuous with timestamp
ping -D 192.168.1.1traceroute - Path Analysis
# Standard traceroute
traceroute google.com
# TCP-based (better for firewalls)
traceroute -T -p 443 google.com
# MTR - combines ping and traceroute
mtr google.comnetstat / ss - Connection Status
# All listening ports
ss -tulpn
# Active connections
ss -tan
# Connection statistics
ss -s
# Legacy netstat equivalent
netstat -tulpndig / nslookup - DNS Queries
# DNS lookup
dig example.com
# Specific record types
dig example.com MX
dig example.com TXT
# Query specific server
dig @8.8.8.8 example.com
# Reverse lookup
dig -x 8.8.8.8ip - Interface Configuration
# Show all interfaces
ip addr show
# Show routing table
ip route show
# Show neighbor table
ip neigh show
# Check link status
ip link showCommon Issues and Solutions
No Connectivity
# Check if interface is up
ip link show eth0
# Bring interface up
sudo ip link set eth0 up
# Check IP assignment
ip addr show eth0
# Request DHCP
sudo dhclient eth0Slow Network
# Check for packet loss
ping -c 100 192.168.1.1 | tail -2
# Test bandwidth
iperf3 -c server.example.com
# Check interface errors
ip -s link show eth0
# Monitor real-time traffic
iftop -i eth0DNS Issues
# Check DNS configuration
cat /etc/resolv.conf
# Test DNS resolution
dig example.com +short
# Clear DNS cache (systemd)
sudo systemd-resolve --flush-caches
# Test with different servers
dig @1.1.1.1 example.com
dig @8.8.8.8 example.comPort Connectivity
# Check if port is open
nc -zv 192.168.1.1 22
# Test multiple ports
nc -zv 192.168.1.1 20-25
# Check listening services
ss -tulpn | grep :80Packet Capture
# Basic capture
sudo tcpdump -i eth0
# Capture specific port
sudo tcpdump -i eth0 port 80
# Save to file
sudo tcpdump -i eth0 -w capture.pcap
# Read capture file
tcpdump -r capture.pcapNetwork Diagnostic Checklist
[ ] Physical layer - cables, link lights
[ ] IP configuration - correct address/mask
[ ] Gateway - can ping default gateway
[ ] DNS - resolution working
[ ] Firewall - rules not blocking
[ ] Service - application listening
[ ] Remote - target service runningBest Practices
- Start at Layer 1 - Check physical first
- Test locally first - Ping localhost, then gateway
- Check logs - System and application logs
- Document changes - What changed recently
- Use multiple tools - Cross-verify findings
- troubleshooting
- ping
- traceroute
- netstat
- network diagnostics
- connectivity