Linux - Network troubleshooting guide, Network troubleshooting commands

Network troubleshooting guide

Below are few frequently used commands for my application troubleshooting

Check IP tables
 # iptables -t nat -nL

Check how many simultaneous connections are present
 # netstat -auntpl | grep | grep 22 | wc -l 
Part of active connections
 # netstat -auntpl | egrep -i "active|proto|" | head -20

Nmap scans
 # nmap -p 50-100 <ip address> -Pn
 # nmap -oG -PA -T5 -p 20-22
 # nmap -PA -p 80 -T5 -D 10.8.9.x,ME,104.50.x.x <target-ip>
-Pn - Treat all hosts as online, skip host discovery

 # telnet <ip-address> 2089 
 # tracerout -T -p 2089 <destination ip>

netcat check via proxy
 # while true; do date; nc -vzw2 443; sleep 1; done 

 # nc -zv -x proxy:8080 -X connect 443 

 # niping -s -S 51512 -I 0

 # ip route get <eth0 IP>
 # ip route show

 # ip route show table bond0

 # ip route show table main

 # route -n

 # netstat -r

 # iptables -t nat -nL

Do arping for nearest IPs or available IPs
 # arping -c 4 
 # arping -c 4 -A -I eth0 <ipaddress>

Do are ping for available IPs
 # for i in $(ip addr sh eth0 | grep -i inet | awk '{split($2,a,"/");print a[1]}') ; do arping -c 1 -A -I eth0 $i; done

If ping is working. do a check based on packet size. Sometime if ping is not failing means RTA value is high following command will help to identify network issues
 # ping -c 5 -s 16000 <IP Address> 

 # ping <IP Address> -c 5 -s 16000 -i 0.2

 # sar -n EDEV -f <last sar file>
Any RX ERROR, TX ERROR above 0 shows network issue
Any RX DROP, TX DROP above 0 shows network issue

 # sar -n DEV

 # sar -n EDEV 

 # lsof -i -P -n | grep -i "LISTEN "

 # tcpdump -s0 -nvi eth0 src 10.1X1.21.1BX and port53

 # tcpdump -s0 -host <ip-address>
 # tcpdump -s0 -vvttnnlSppei eth0 -host <ip-address> 

The topic on Linux - Network troubleshooting guide is posted by - Vaish

Hope you have enjoyed, Linux - Network troubleshooting guideThanks for your time

Tech Bluff