10 Linux Commands For Network Diagnostics

Sohail
Sohail

Table of Contents

It is difficult to find a Linux computer that is not connected to the network, be it server or workstation. From time to time it becomes necessary to diagnose faults, intermittence or slowness in the network. In this article, we will review some of the Linux commands most used for network diagnostics.

Diagnose Network In Linux With These Commands

1. ping

One of the first commands, if not the first one, when diagnosing a network failure or intermittence. The ping tool will help us determine if there is a connection in the network, be it local or the Internet.

[root @ horla] # ping www.linuxandubuntu.com
PING www.linuxandubuntu.com (173.274.34.38) 56 (84) bytes of data.
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 1 ttl = 59 time = 2.52 ms
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 2 ttl = 59 time = 2.26 ms
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 3 ttl = 59 time = 2.31 ms
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 4 ttl = 59 time = 2.36 ms
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 5 ttl = 59 time = 2.33 ms
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 6 ttl = 59 time = 2.24 ms
64 bytes from r4-nyc.webserversystems.com (173.274.34.38): icmp_seq = 7 ttl = 59 time = 2.35 ms

2. traceroute

This command allows us to see the jumps that are needed to reach a destination. In this case, we see the jumps that are required to reach our website. This test was done from a laptop with Linux. In the example, we make a traceroute to our website, www.linuxandubuntu.com.

horla @ horla-ProBook: ~ $ traceroute www.linuxandubuntu.com
traceroute to www.linuxandubuntu.com (173.274.34.38), 30 hops max, 60 byte packets
 1 linuxandubuntu.com (192.168.1.1) 267,686 ms 267,656 ms 267,616 ms
 2 10.104.0.1 (10.104.0.1) 267.630 ms 267.579 ms 267.553 ms
 3 10,226,252,209 (10,226,252,209) 267,459 ms 267,426 ms 267,396 ms
 4 * * *
 5 10,111.2,137 (10,111.2,137) 266,913 ms 10,111.2,141 (10,111.2,141) 266,784 ms 10,111.2,101 (10,111.2,101) 266,678 ms
 6 5.53.0.149 (5.53.0.149) 266.594 ms 104.340 ms 104.273 ms
 7 5.53.3.155 (5.53.3.155) 135.133 ms 94.142.98.147 (94.142.98.147) 135.055 ms 176.52.255.35 (176.52.255.35) 135.069 ms
 8 94,142,127,229 (94,142,127,229) 197,890 ms 5.53.6.49 (5.53.6.49) 197,850 ms 94,142,126,161 (94,142,126,161) 223,327 ms
 9 ae-11.r07.nycmny01.us.bb.gin.ntt.net (129.250.9.1) 197.702 ms 197.715 ms 180.145 ms
10 * * *
11 csc180.gsc.webair.net (173.239.0.26) 179.719 ms 149.475 ms 149.383 ms
12 dsn010.gsc.webair.net (173.239.0.34) 149.288 ms 168.309 ms 168.202 ms
13 r4-nyc.webserversystems.com (173.274.34.38) 168.086 ms 168.105 ms 142.733 ms
horla @ horla-ProBook: ~ $

3. route

This command allows us to see the route that our Linux team uses to connect to the network, in this case. Our equipment leaves through router 192.168.1.1.

horla @ horla-ProBook: ~ $ route -n
Core IP route table
Destination Gateway Genmask Indic Metric Ref Use Interface
0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlo1
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlo1
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlo1
horla @ horla-ProBook: ~ $

4. dig

This command allows us to verify if the DNS is working correctly, before that, we must verify which DNS we have in the network configuration. In this example, we want to see the IP address of our website, www.linuxandubuntu.com which returns us 173.274.34.38.

horla-ProBook: ~ $ dig www.linuxandubuntu.com
; << >> DiG 9.10.3-P4-Ubuntu << >> www.linuxandubuntu.com ;; global options: + cmd ;; Got answer: ;; - >> HEADER << - opcode: QUERY, status: NOERROR, id: 12083 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:; www.linuxandubuntu.com. IN A
;; ANSWER SECTION: www.linuxandubuntu.com. 2821 IN A 173.274.34.38
;; Query time: 21 msec ;; SERVER: 127.0.1.1 # 53 (127.0.1.1) ;; WHEN: Wed Nov 7 19:58:30 PET 2018 ;; MSG SIZE rcvd: 51
horla @ horla-ProBook: ~ $

5. ethtool

This tool is a replacement for mii-tool. It comes from CentOS6 onwards and allows to see if the network card is physically connected to the network, that is. We can diagnose if the network cable is actually connected to the switch.

# ethtool eth0
Settings for eth0: Supported ports: []
Supported link modes: Not reported
Supported pause frame use: No
Supports auto-negotiation: No Advertised
link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Speed: Unknown! Duplex: Unknown! (255)
Port: Other PHYAD: 0
Transceiver: internal
Auto-negotiation: off
Link detected: yes

6. IP ADDR LS

Another of the specific tools of Linux that allows us to list the network cards and their respective IP addresses. This tool is very useful when you have several IP addresses configured.

[root@linux named]# ip addr ls
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 inet 127.0.0.1/8 scope host lo
 inet6 ::1/128 scope host
 valid_lft forever preferred_lft forever
2: eth6:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
 link/ether 00:15:5d:a0:f6:05 brd ff:ff:ff:ff:ff:ff
 inet 193.82.34.169/27 brd 190.82.35.192 scope global eth6
 inet 192.168.61.10/24 brd 192.168.61.255 scope global eth6:1
 inet6 fe80::215:5dff:fea0:f605/64 scope link
 valid_lft forever preferred_lft forever

7. ifconfig

As essential as the previous ones, ifconfig allows us to see the network configuration of the cards installed in our team. In this case, 1 physical network card disconnected in p37s0, the local network card or localhost lo and the wireless network card wlo1 which is connected to the network is shown. We intentionally highlight the installed cards and the assigned IP addresses.

horla @ horla-ProBook: ~ $ ifconfig
 enp37s0 Link encap: Ethernet addressHW 2c: 41: 38: 15: 4b: 0e
 ACTIVE MULTICAST MTU DISTRIBUTION: 1500 Metric: 1
 RX packages: 0 errors: 0 lost: 0 overruns: 0 frame: 0
 TX packages: 0 errors: 0 lost: 0 overruns: 0 carrier: 0
 collisions: 0 long.colaTX: 1000
 Bytes RX: 0 (0.0 B) TX bytes: 0 (0.0 B)
lo Link encap: Local loop
 Direc. inet: 127.0.0.1 Másc: 255.0.0.0
 Inet6 address: :: 1/128 Scope: Host
 ACTIVE LOOP RUNNING MTU: 65536 Metric: 1
 RX packages: 19095 errors: 0 lost: 0 overruns: 0 frame: 0
 TX packages: 19095 errors: 0 lost: 0 overruns: 0 carrier: 0
 Collisions: 0 long.colaTX: 1
 Bytes RX: 1716020 (1.7 MB) TX bytes: 1716020 (1.7 MB)
wlo1 Link encap: Ethernet addressHW 20: 10: 7a: fc: b1: 44
 Direc. inet: 192.168.1.102 Difus.:192.168.1.255 Masc: 255.255.255.0
 Inet6 address: fe80 :: 2b5d: 1b14: 75a: e095 / 64 Scope: Link
 ACTIVE DIFFUSION FUNCTIONING MULTICAST MTU: 1500 Metric: 1
 RX packages: 1660063 errors: 0 lost: 0 overruns: 0 frame: 0
 TX packages: 1285046 errors: 0 lost: 0 overruns: 0 carrier: 0
 collisions: 0 long.colaTX: 1000
 Bytes RX: 966719020 (966.7 MB) TX bytes: 209302107 (209.3 MB)
horla @ horla-ProBook: ~ $

8. mtr

Another one of our favorite tools MTR or My Traceroute allows us to see the router jumps and ping each one. This is very useful to determine which of these routers are those that have delays in network traffic.

                              My traceroute [v0.75]
My traceroute [v0.75] router02 (0.0.0.0) Nov 7 20:19:24 2018Resolver: Received error response 2. (server failure) er of fields quit Packets Pings Host Loss% Snt Last Avg Best Wrst StDev
1. router2-linuxandubuntu.com 0.0% 11 0.7 0.7 0.6 0.8 0.1
2. 173.255.239.16 0.0% 11 0.8 0.9 0.8 1.6 0.2
3. 173.255.239.8 0.0% 11 2.9 3.2 0.8 7.8 2.1
4. ???
5. es0.nyc4.webair.net 0.0% 10 2.0 2.6 1.8 7.7 1.8
6. csc180.gsc.webair.net 0.0% 10 2.6 2.6 2.6 2.7 0.1
7. dsn010.gsc.webair.net 0.0% 10 2.2 2.2 2.1 2.3 0.1
8. r4-nyc.webserversystems.com 0.0% 10 2.3 2.4 2.2 2.5 0.1

9. nslookup

Another tool to know the IP address of the host we want to reach. In this case, we want to know the IP of our website, www.linuxandubuntu.com.

# nslookup www.linuxandubuntu.com
Server: 127.0.0.1
Address: 127.0.0.1 # 53
Non-authoritative answer:
Name: www.linuxandubuntu.com
Address: 173.274.34.38

10. nmtui-edit

Network Manager Text User Interface (nmtui or Network Manager based on command line). It uses ncurses and allows us to easily configure from the terminal and without additional dependencies. It offers a graphical interface, based on text, so that the user makes those modifications.  

Conclusion

With these networking commands, we will have the opportunity to perform a much more direct and precise management on the various parameters of the network in Linux environments. Also With the mtr command as we mention above, we can have a simpler control over the state of our network and check in a much more central way its different aspects focused on its optimization. Thanks for reading.

Linux TutorialsUncategorizedhow-to