Chapter 02
Advanced Linux Network Administration
Network Troubleshooting
1
SaigonCTT All rights reserved
Objectives
• Be able to identify and correct common network setup issues
• Have knowledge of locations for basic configuration files.
• Common tools and command are use to correct network problem
2
LPI Linux
Common network problems
• Hardware
• IP address
• Routing and Ip forwarding
• Hostname, DNS
• Network services do not run
• Firewall
3
LPI Linux
Hardware
• NIC was not detected
– Make sure your NIC has been attached correctly
– Check system boot log: dmesg | grep eth
– Check hardware compatible list
– Check driver module or kernel
• Network interface is not up
– Wherether or not interrupt complicting
– Check your cable
– cat /proc/interrupts : check system interrupts
– ifconfig a : view all interface has been detected.
4
LPI Linux
Device Driver Problem
• The system was not able to probe and identify network card
– The network card is too old or is too new,
– The card needs to be manually configured: ISA bus NE2000 cards, EtherExpress Pro's
and the like.
• if you know the type of card, check and see the required driver:
/lib/modules/kernelver/kernel/drivers/net
Example: uses the 3c503.o module, attempt to load it with the command
modprobe 3c503
– or need to pass some parameters for the driver.
[root@baldur root]# modprobe eepro irq=5 io=0x300
• Once identified the correct driver module, can make it permanent:
– /etc/modules.conf (2.4 ker) or/etc/modprobe.conf (2.6 kernel).
– For example, the syntax to load the eepro.o:
alias eth0 eepro
options eepro irq=5 io=0x300
5
LPI Linux
IP address
• Ask network admin to find out your current subnet, default
gateway, broadcast address, DNS server or using DHCP
• Make sure ip complict do not occur
• Check your ip address: ifconfig
• Start, stop network service: /etc/init.d/network
• Ping other host in the same subnet, or ping default gateway.
6
LPI Linux
Interface Configuration
• Use the ifconfig command to check to see that the machine's interfaces are
up and have an IP address.
[root@proserv root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:08:A1:52:23:09
inet addr:10.11.2.1 Bcast:10.11.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:340802 errors:0 dropped:0 overruns:0 frame:0
TX packets:84583 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22910593 (21.8 Mb) TX bytes:106456406 (101.5 Mb)
Interrupt:22 Base address:0xd000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:7113 errors:0 dropped:0 overruns:0 frame:0
TX packets:7113 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:492201 (480.6 Kb) TX bytes:492201 (480.6 Kb)
7
LPI Linux
Interface configuration
• Problems with an interface showing the wrong IP address, broadcast address
or subnet mask are usually down to an incorrect entry in the configuration
files
– ifconfig eth0 192.168.0.1 netmask 255.255.252.0
– [root@sleipnir root]# cat /etc/sysconfig/networkscripts/ifcfgeth0
• Configuration by DHCP
– If network interface is configured by a DHCP server, then the configuration script
above will not specify the IP address:
•
ONBOOT=yes
•
DEVICE=eth0
•
BOOTPROTO=dhcp
•
USERCTL=no
– [root@sleipnir root]# dhclient eth0
8
LPI Linux
Network Reachability
• Once you've got an IP address on an interface, the next step is to
test whether you can reach remote systems:
– 1. ping the system's local interface
•
[root@sleipnir root]# ifconfig|grep inet
inet addr:192.168.168.11 Bcast:192.168.168.255 Mask:255.255.255.0
inet addr:127.0.0.1 Mask:255.0.0.0
[root@sleipnir root]# ping c 2 192.168.168.11
– 2. ping the upstream router
•
[root@sleipnir root]# ping c 2 192.168.168.1
– 3. ping a remote host
•
[root@sleipnir root]# ping c 2 203.35.202.153
9
LPI Linux
Routing and Ip forwarding
• If you can ping machines on the local network but cannot get to
all or some destinations on remote networks, then the problem
could be in the routing table:
– your machine
– an upstream router.
• View routing table
route
netstat rn
10
LPI Linux
Routing and Ip forwarding
• Add new routing entry
route add net network_addr netmask network_mask gw Gateway_addr
• Add default gateway in other to connect to outside
route add default gw gateway_addr
• Ping remote host to check the connection
• Use traceroute
• Ip forwarding: /etc/sysctl.conf
net.ipv4.ip_forward = 1
11
LPI Linux
Hostname and DNS lookup
• The problem is an inability to resolve names into IP addresses
• /etc/resolv.conf
nameserver 10.11.1.2
domain vnuitp.edu.vn.
• /etc/nsswitch.conf
#hosts: db files nisplus nis dns
hosts: files dns
• Ping Ip_address to check the connection
• Ping hostname to check DNS lookup
– ping server.vnuitp.edu.vn
– ping www.vnn.vn
12
LPI Linux
Hostname and DNS lookup
• Check whether your system is able to connect to a DNS and resolve a
hostname into an IP address with the host command:
[les@sleipnir les]$ host
fulbertfulbert.cullen.lesbell.com.au has address 192.168.168.1
• To get down to lowlevel debugging of DNS lookups, should learn the
nuances of the dig command.
[les@sleipnir les]$ dig www.pcuser.com.au @dvalin.lesbell.com.au
; <<>> DiG 9.2.1 <<>> www.pcuser.com.au @dvalin.lesbell.com.au
;; global options: printcmd
;; Got answer:
;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 17821
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1
;; QUESTION SECTION:
;www.pcuser.com.au. IN A
;; ANSWER SECTION:
www.pcuser.com.au. 36417 IN A 203.18.241.23
<Output cont.>
13
LPI Linux
Network services
• Check services process make sure they are running
– ps ef | more
• List all opened ports
– netstat anp | more
• View system log to find out error
– tail f /var/log/messages
• View service log file to check the status
– tail f /var/log/maillog
• Telnet to service port on localhost
– telnet 0.0.0.0 80
14
LPI Linux
Firewall
• Firewall in the way
– while everything is configured fine at your end, but between you and the
system you are trying to connect to, there is a firewall.
• Local firewall: check your firewall to make sure that it does not
block network services
– iptables L n
– iptables L n t mangle
– iptables L n t nat
– /etc/init.d/iptables stop
15
LPI Linux
tcpdump
• Tcpdump prints out the headers of packets on a network
interface
– tcpdump [ adeflnNOpqRStuvxX ] [ c count ]
[ i interface ] [ m module ] [ r file ]
– c Exit after receiving count packets.
– d Dump the compiled packetmatching code in a human readable
form to standard output and stop.
– i Listen on interface. If unspecified, tcpdump searches the system
interface list for the lowest numbered, configured up interface
(excluding loopback).
– n Don’t convert host addresses to names.
16
LPI Linux
Summary
• Hardware problems
• IP address
• Routing and Ip forwarding
• Hostname, DNS
• Network services do not run
• Firewall
• Debug utility: tcpdump
17
LPI Linux