Friday, 16 September 2011

Linux Network Troubleshooting


Linux Network Troubleshooting


Network connection problems include slow connections, as well as complete loss of connectivity. Factors that may cause slow connectivity include incorrectly configured domain name system (DNS) settings, inefficiently configured routing tables, inferior cabling, overloaded servers, and network congestion. The same set of factors, as well as power or server failures, may result in complete loss of connectivity.

To troubleshoot a network connectivity problem, you should first check for the presence of a physical connection. If the network interface card (NIC) link light on a system is off, it indicates that no physical connection exists. This may result from

the use of incompatible or damaged cables
loose or unplugged cables
loss of power to a network switch or router
Troubleshooting interface problems

Linux tools you can use to troubleshoot network interface problems include
ifconfig - Used to determine the status of NICs.Without arguments, this command returns the status of all active interfaces. If you specify the name of an interface, it returns the status only of that interface. With the -a argument, the command displays the status of all interfaces on a computer, including any that may be inactive. This is the basic syntax for using the ifconfig command: ifconfig [interface] [options]
mii-tool – The mii-tool utility enables you to display and manipulate the media-independent interface status. In its simplest form, you can use it to display the status of the interface’s link. This is the basic syntax for using the mii-tool command: mii-tool [options] [interface]
ethtool – The ethtool utility is a diagnostic tool that enables you to configure and diagnose problems with NICs. However, not all NICs support its use. This is the basic syntax for using the ethtool command: ethtool [options] interface

Examples:

ifconfig - The output of the ifconfig -a command specifies that the computer has two NICs. The first NIC – eth0 – is up and configured as 192.168.1.200. The second NIC is not currently active.

[gurklindia]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:C0:DF:03:A9:5B
inet addr:192.168.1.100
Bcast:192.168.1.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:26101 errors:0 dropped:0 overruns:0 frame:0
TX packets:15747 errors:0 dropped:0 overruns:0 carrier:0 collisions:116 txqueuelen:1000
RX bytes:2715195 (2.5 Mb)
TX bytes:6330747 (6.0 Mb)
Interrupt:11 Base address:0×6000
eth1 Link encap:Ethernet HWaddr 00:30:18:53:96:26
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b)
TX bytes:0 (0.0 b)
Interrupt:10 Base address:0xec00 lo
Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1

mii-tool - Use mii-tool to print verbose information on the link status and duplex settings for the NICs. The verbose output of the mii-tool command verifies that the eth0 interface link is functioning, and that the eth1 interface link is not.

[root@gurkulindia]# mii-tool -v
eth0: autonegotiation failed,
link ok
product info: vendor
00:00:00, model 0 rev 0
basic mode:
autonegotiation enabled
basic status:
autonegotiation complete,
link ok
capabilities: 100baseTx-FD
100baseTx-HD 10baseT-FD
10baseT-HD
advertising: 100baseTx-FD
100baseTx-HD 10baseT-FD
10baseT-HD flow-control
eth1: no link
product info: vendor
00:40:63, model 50 rev 5
basic mode:
autonegotiation enabled
basic status: no link
capabilities: 100baseTx-FD
100baseTx-HD 10baseT-FD
10baseT-HD
advertising: 100baseTx-FD
100baseTx-HD 10baseT-FD
10baseT-HD flow-control

Ethtool

The output of the ethtool command lists various statistics about the interface, including a verification that it has detected a link.

[root@gurkulindia]# ethtool eth0
Settings for eth0:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: Yes
Speed: 10Mb/s
Duplex: Half
Port: MII
PHYAD: 32
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pumbg
Wake-on: d
Current message level: 0xffffffff (-1)
Link detected: yes

Troubleshooting network connectivity

Once you’ve eliminated physical interface problems as the cause of a network connectivity problem, you need to isolate other possible causes. These may include local or network configuration errors, or faults with a router.

To help isolate the cause of a network connectivity problem, you need to determine whether a user is
unable to connect to any network

If a user is unable to connect to any network host, the problem most probably lies with the user’s local machine. For example, it may be configured with an incorrect local IP address or incorrect netmask settings.
able to connect to the local network only

If a user can connect only to the local network, then the problem probably lies with incorrectly configured default gateway settings.
able to connect to the internal network but not the Internet

If a user can connect to the internal network but not to the Internet, the problem probably lies with DNS or firewall settings.

Linux supports the following common tools for troubleshooting network connectivity problems:

ping

You use the ping command with the IP address or hostname of a target to check for a basic network connection to it. In its simplest form, the ping command sends Internet Control Message Protocol (ICMP) echo packets to the designated target computer, which – if a connection exists – responds with echo reply packets.

If you can ping an IP address but not the corresponding hostname, it indicates a name resolution problem.

[gurkuindia]$ ping 192.168.1.30 .

The output of the command indicates that the host is responding to ping requests.

[gurkulindia]$ ping 192.168.1.30

PING 192.168.1.30 (192.168.1.30) 56(84) bytes of data.
64 bytes from 192.168.1.30: icmp_seq=0 ttl=128 time=0.405 ms
64 bytes from 192.168.1.30: icmp_seq=0 ttl=128 time=0.405 ms
64 bytes from 192.168.1.30: icmp_seq=0 ttl=128 time=0.405 ms
64 bytes from 192.168.1.30: icmp_seq=0 ttl=128 time=0.405 ms

— 192.168.1.30 ping
statistics — 4 packets transmitted, 4 received, 0% packet loss, time 3009ms
rtt min/avg/max/mdev = 0.300/0.342/0.405/0.042 ms, pipe 2

traceroute

You use the traceroute command to identify and diagnose each hop in the route that packets take between two hosts. With the command, you specify the IP address or the hostname of the target host. You can also use one or more traceroute options.

The output of the traceroute command indicates that packets are reaching the default gateway of the network, but do not go any further. This is probably the result of packets being dropped by the network firewall.

[gurkulindia ~]$ traceroute 192.168.3.120
traceroute to 192.168.3.120 (192.168.1.120), 30 hops max, 38 byte packets
1 ny-fs01 (192.168.1.100) 0.384 ms 0.356 ms 0.291 ms
2 ny-fs22 (192.168.2.120) 0.434 ms 0.367 ms 0.287 ms
3 * * *

netstat – The netstat command is a complex utility that you can use to list different types of network statistics. Without options, it returns statistics about current TCP/IP connections, including the protocol, MAC address, IP address, and state of each connection.

Suppose you want to use the ping command to test for a connection to the ny-ws30 host. You are not sure if there are any problems with the DNS server, so you want to ping the host by its IP address.

Examples:

The netstat -s command returns summarized statistics for each network protocol.

[gurkulindia]$ netstat -s

Ip:
19095 total packets received
0 forwarded
0 incoming packets discarded
19024 incoming packets delivered
18971 requests sent out
Icmp:
72 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
destination unreachable: 68
echo replies: 4
68 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 68
Tcp:
10 active connections openings
7 passive connection openings
0 failed connection attempts
0 connection resets received

No comments:

Post a Comment

Twitter Bird Gadget