In today’s world, Internet connectivity enables the access and transfer of information over a network. Working in a network-centric role requires system administrators to be aware of potential issues and be able to troubleshoot them.
So in an environment where efficient communication is required for day to day activities, you must know Linux/Unix networking tools and how to use them to solve internet connectivity issues. This article will help you identify potential network problems in Linux and provide ways to troubleshoot them.
Troubleshoot incoming and outgoing connections
Before you start solving problems, it’s important to identify whether the problem is client-side or server-side. This section covers methods for identifying outgoing and incoming connection issues on Linux.
Identify and troubleshoot outgoing connection issues
When trying to access the website as a client, sometimes you may find the website unavailable. The problem may be due to name resolution or a connection outside your local network.
To identify the exact cause, you can start by sending an ICMP echo request using the ping command and waiting for a response.
In the case of no network connectivity or 100 percent packet loss, another possibility could be the absence of a network interface. Run ip command to check the status of all available interfaces on your system.
The command output displays the status of each network interface as UP or DOWN. An interface with DOWN status in the output will not have an assigned IP address, which can be a possible cause of a connectivity issue.
Packets fail to reach the router when it is physically disconnected or turned off. If the connection is successful, ping any systems outside your router, and the website unavailability in this scenario may be due to DNS service issues.
If the server is reachable but the connection is slow, you can identify the root cause by running the traceroute command as it displays the time it takes for the packets to reach each intermediate node.
Troubleshoot incoming connection problems
Most organizations configure Linux systems as servers and have high availability requirements. For example, the Apache server hosting a website may not have any clients due to network problems. Website hostnames are registered on a public DNS server that resolves their name to an IP address.
If name-address resolution is working fine, you can ping the server from a Linux client to check its availability from outside. Similarly, from a Linux client, you can check whether the httpd service is running using the nmap command.
Nmap is one of the most powerful and versatile tools that network administrators use to test the services running on a network. However, it is also a cracker that can provide system-related information to intruders.
If the TCP port 80 and 443 states are up and running for the HTTP and HTTPS services, this indicates that the service is listening for incoming connections. For this situation you need to check how the service is configured inside the main configuration file.
In addition, the absence of TCP ports 80 and 443 indicates that a firewall is blocking the ports and filtering them, while a close status in the nmap output means that the httpd service is not running or listening on the port. Is.
Troubleshoot DNS server issues
If you can ping the IP address of the website and it is not accessible via browser, then you have a problem with hostname resolution. A client-server communicating over the Internet performs hostname-to-address resolution by communicating with DNS servers.
In Linux/Unix operating systems, you configure DNS servers by either entering them manually or by requesting a DHCP server for automatic assignment when starting up an interface. In any case, the DNS server addresses are available inside the /etc/resolv.conf file.
So, whenever you try to connect to a website, it looks for hosts in the /etc/hosts file and proceeds to find the DNS server addresses one by one in the resolv.conf file. It probes for servers until it finds a host to return a “host not found” error.
If the NetworkManager service is enabled and an incorrect DNS server IP address is found, you simply cannot add an entry to the resolv.conf file. This is because NetworkManager overrides the file entries and connects to the DHCP server for automatic assignment.
Troubleshooting Firewall in Linux
The default firewall setting in Linux may block all incoming connections on TCP ports 80 and 443. Check any drop/reject rules in the /etc/sysconfig/iptables file before adding any rules for TCP ports. Move the open ports rule above DROP/REJECT to solve the problem.