Important Network and Troubleshooting Tools for Linux
James Kinga
Posted on December 29, 2021
1. Overview
At times, navigating Linux operating system can be daunting for new users and so is the troubleshooting process. Unlike in Windows where one simply navigates to the control panel to troubleshoot network issues, Linux is often not so direct and obvious.
Therefore, this article seeks to simplify this process by discussing some of the basic Linux commands to view the network status and troubleshoot any related issues.
2. Tools and Commands
2.1. ifconfig
ifconfig displays the status of the currently active interfaces if not argument is given.
Useful options:
-
-a
to view all interfaces which are currently available, even if down -
-s
display a short list (like netstat -i)
Example of ifconfig output:
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:0a
inet addr:172.17.0.10 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2235 errors:0 dropped:0 overruns:0 frame:0
TX packets:667 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:508519 (508.5 KB) TX bytes:92572 (92.5 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- eth0 - the Ethernet interface. Can be eth1, eth2,..., ethn
- lo - the loopback interface which is used by the system to communicate with itself.
2.2. ping
Basically used to test connectivity. Common and handy flags:
-c, -count count
Stop after sending (and receiving) count ECHO_RESPONSE packets.-
-q, -quiet
Quiet output. Nothing is displayed except the summary lines at startup time and when finished.
-
-i, -interval wait
Wait wait seconds between sending each packet. The default is to wait for one second between each packet. This option is incompatible with the -f option.
2.3. whois
whois searches for an object in a RFC 3912 (WHOIS) database.
WHOIS is a query and response protocol that is commonly used for accessing databases that contain the registered users of an Internet resource, such as a [domain name] or a [IP] [address] block, but it can also be used for a wider range of information.
The majority of recent implementations of whois attempt to guess the correct server to query for the requested object. Whois will connect to whois.networksolutions.com for NIC handles or whois.arin.net for [IPv4] addresses and network names if no guess can be made.
Often not installed by default on most systems but can be installed using apt - sudo apt install whois
2.4. nslookup
nslookup is used to determine the Internet name servers interactively. It stands for Name Server Lookup.
nslookup has two modes:
- Interactive: useful in querying name servers for information about various hosts and domains or to print a list of hosts in a domain.
- Non-interactive: useful to print just the name and requested information for a host or domain.
Usage:
nslookup [-option] [name | -] [server]
Where host [server] looks for information for a host using the default server or server, if one is given.
2.5. traceroute
traceroute prints the route packets trace to network host.
Traceroute records the path packets follow from an IP network to a certain host. It makes use of the IP protocol's time to live (TTL) parameter to try to get an ICMP TIME EXCEEDED response from each gateway on the route to the host.
2.6. netstat
netstat gets the network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.
This tool prints information about the Linux subsytem. Useful arguments include:
--route, -r
Display the kernel routing tables. See the description in route(8) for details. netstat -r and route
-e produce the same output.
--groups, -g
Display multicast group membership information for IPv4 and IPv6.
--interfaces, -i
Display a table of all network interfaces.
--statistics, -s
Display summary statistics for each protocol.
2.7. dig
dig is a DNS lookup tool. This means it interrogates dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried.
Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
Simple usage:
dig @server name type
Where:
server
is the name or IP address of the name server to query. When the supplied server argument is a hostname, dig resolves that name before querying that name server.
If no server argument is provided, dig consults /etc/resolv.conf; if an address is found there, it queries the name server at that address. If either of the -4 or -6 options are in use, then only addresses for the corresponding transport will be tried. If no usable addresses are found, dig will send the query to the local host. The reply from the name server that responds is displayed.name
is the name of the resource record that is to be looked up.type
indicates what type of query is required — ANY, A, MX, SIG, etc. type can be any valid query type. If no type argument is supplied, dig will perform a lookup for an A record.
3. Conclusion
This article looked at seven handy network tools for Linux: ifconfig, ping, whois, nslookup, traceroute, netstat and dig.
We also discussed the usage of each tool and its importance in troubleshooting various network issues.
Posted on December 29, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.