How to Troubleshoot Network Issues on Linux: Step-by-Step Diagnostic Guide

How to Troubleshoot Network Issues on Linux: Step-by-Step Diagnostic Guide

byMahesh Gupta Published on
0

Ever had that moment when your application works perfectly on your laptop but mysteriously fails when deployed? Or when your colleague says “the network is slow” and you have no idea where to even start looking? Welcome to the frustrating world of network troubleshooting — where problems hide in plain sight and every symptom could point to a dozen different causes.

Here’s the brutal truth: Most network issues aren’t actually network issues. They’re detective mysteries disguised as technical problems. The difference between a networking novice and a pro isn’t just knowing the commands — it’s knowing which clues to follow and in what order. Let’s turn you into a network detective who can solve mysteries that leave others scratching their heads!

Why Network Troubleshooting Skills Are Your Superpower

Think about it: when the network goes down, everything stops. Websites, APIs, databases, file sharing — your entire digital world grinds to a halt. Being the person who can quickly identify and fix these issues doesn’t just make you valuable; it makes you indispensable.

Master these tools and you’ll:

  • Diagnose connection problems in under 5 minutes
  • Identify performance bottlenecks before they become disasters
  • Become the go-to person when things mysteriously “stop working”
  • Save countless hours of random troubleshooting attempts

The Network Detective’s Essential Toolkit 🔍

Hostname and ARP: Know Your Network Neighborhood

Before investigating crimes, detectives need to know the neighborhood. Same with networks:

# Check your system's network identity
hostname
hostnamectl set-hostname myserver.local

# See who's on your local network (ARP table)
arp -a

Pro tip: The ARP table shows IP-to-MAC address mappings. If you can’t reach a local server, check if it’s even in your ARP table — it might not be on the same network segment you think it is!

Ethtool: Your Network Interface Inspector

# Check interface details (speed, duplex, link status)
sudo ethtool eth0

# View interface statistics (errors, drops, collisions)
sudo ethtool -S eth0

Real-world scenario: Users complaining about “slow network”? Check if your interface negotiated 100Mbps instead of 1Gbps, or if you’re seeing packet drops.

The Connectivity Testing Arsenal ⚔️

Ping: The Classic “Are You There?” Check

# Basic connectivity test
ping google.com

# IPv6 connectivity
ping6 google.com
# Send only 4 packets (don't run forever)
ping -c 4 192.168.1.1

Detective insight: Ping tells you IF destination is reachable, but not WHY it might be slow or WHY packets are getting lost.

Traceroute vs Tracepath: The Journey Mappers

# Show full path to destination (requires root)
traceroute google.com

# Lightweight alternative (no root needed)
tracepath google.com
# The modern hybrid that keeps running
mtr google.com

When to use which:

  • Traceroute: When you need detailed hop-by-hop analysis
  • Tracepath: For quick checks without root access
  • MTR: When you want continuous monitoring of path quality

Detective tip: If ping works but connections are slow, traceroute might reveal a congested hop in the middle of your path.

Iperf3: The Bandwidth Truth Teller

# On server machine
iperf3 -s

# On client machine (test actual bandwidth)
iperf3 -c server-ip-address

# Test UDP performance instead of TCP
iperf3 -c server-ip-address -u

Reality check: User says “network is slow”? Iperf3 will tell you if it’s actually the network or just a poorly configured application.

Socket Surveillance and Traffic Analysis 🔍

SS: The Socket Detective

The ss command is like having X-ray vision for network connections:

# Show listening TCP sockets with numeric ports
ss -lnt
# Show connections to/from port 22 (SSH)
ss -lnt src :22
# Show all TCP connections with process names
ss -tlnp

Detective scenario: Service won’t start? Use ss -lnt to see if another process is already using the port.

Netcat: The Network Swiss Army Knife

# Test if a port is open (like a network doorbell)
nc -zv google.com 80
# Create a simple TCP server for testing
nc -l 8080
# Transfer files over network (quick and dirty)
nc -l 8080 > received_file.txt  # receiver
nc target-ip 8080 < file.txt    # sender

Pro tip: Netcat is perfect for testing if firewall rules are working correctly.

Advanced Network Forensics 🔬

TCPDump: When You Need to See the Actual Packets

# Capture packets on interface eth0
sudo tcpdump -i eth0
# Capture only HTTP traffic
sudo tcpdump -i eth0 port 80
# Capture and save to file for later analysis
sudo tcpdump -i eth0 -w capture.pcap

Use case: When everything “looks right” but still doesn’t work, tcpdump shows you what’s really happening at the packet level.

Nmap: The Network Reconnaissance Master

# Stealth scan of common ports
nmap -sS -p 22,80,443 -T4 -Pn target-ip
# Scan entire local network
nmap -sn 192.168.1.0/24
# Service version detection
nmap -sV target-ip

Ethical note: Only scan networks you own or have permission to test!

Breakdown:

  • -sS: Stealth SYN scan
  • -T4: Faster timing (not too aggressive)
  • -Pn: Skip ping (useful for firewalled hosts)

DNS Troubleshooting: When Names Don’t Resolve 🌐

The DNS Debugging Trinity

# Classic DNS lookup (basic but limited)
nslookup google.com
# Modern DNS analysis (shows full DNS conversation)
dig google.com
# Check how YOUR system actually resolves names
resolvectl query google.com

Troubleshooting workflow:

  1. nslookup domain.com - Does basic DNS work?
  2. dig domain.com - Are DNS records correct?
  3. resolvectl query domain.com - Is your local system configured properly?

The Network Detective’s Investigation Process 🕵️‍♂️

When something “doesn’t work”:

  1. Scope the problemping - Is basic connectivity there?
  2. Check the pathtraceroute - Where does the journey fail?
  3. Verify servicesss -lnt - Is the service actually listening?
  4. Test the doornc -zv host port - Can you knock on the right port?
  5. Check the namedig hostname - Is DNS resolving correctly?
  6. Measure realityiperf3 - Is bandwidth actually the issue?

TLDR Network Detective Cheat Sheet 📋

Basic Connectivity:

  • ping host → Basic reachability test
  • tracepath host → Show network path (no root needed)
  • mtr host → Continuous path monitoring

Service Investigation:

  • ss -lnt → What's listening on which ports
  • nc -zv host port → Test if specific port is open
  • iperf3 -c host → Measure actual bandwidth

DNS Debugging:

  • nslookup domain → Basic DNS lookup
  • dig domain → Detailed DNS information
  • resolvectl query domain → How YOUR system resolves

Deep Packet Analysis:

  • tcpdump -i eth0 port 80 → See actual HTTP packets
  • nmap -sS -T4 host → Scan for open ports

Network Identity:

  • hostname → Your system's network name
  • arp -a → Who's on your local network
  • ethtool eth0 → Interface speed and status

Remember: Network troubleshooting is about following clues systematically, not randomly trying commands. Start broad (can I reach the host?), then narrow down (can I reach the specific service?), then dig deep (what do the actual packets show?).

Master this detective process, and you’ll solve network mysteries that stump even experienced developers! 🚀

Tags:

Post a Comment

Previous Post Next Post