11 October, 2010

Troubleshooting Network problems in Ubuntu

                Internet connectivity is one of the important means of communication in todays life. So troubleshooting the problems in our own networks or reconfiguring it for the easiness is not to be praised as a "geekness". In my opinion you don't need to be a geek for setting an internet connection or recovering your machine from a network problem.

Before getting into more troubles just checkout wheather the physical network components (cables, NICs, and so on) are connected properly and working. If everything is right then proceed to the following steps

Checking the Connectivity to a Host

The troubleshooting is done in a bottom up manner. So we will troubleshoot the network layer first and then move on to transport layer. Here we will check the connetivity by pinging  to your default gateway. You should have either configured the default gateway in the /etc/network/interfaces file, i have written a post about it in the last month or leave it to the system using service such as DHCP. To check your default gateway in the actual routing table, use the ip command as follows:

$ ip route

The gateway for the default route in this example is To make sure wheather there is internet connectivity to that gateway, use the ping command as follows, passing the address for your default gateway:

$ ping

By default, ping continues until you press Ctrl+c. Other important ping options include the following:
$ ping -a
            [You can here a buzzer sound @ each pings]
$ ping -c 4 
            [Ping 4 times and exit (default in Windows)]
$ ping -q -c 5 
            [Show summary of pings (works best with -c)]
$ sudo ping -f 
            [Send a flood of pings (must be root)]
$ ping -i 3 
            [Send packets in 3-second intervals]
$ sudo ping -I eth0  
            [Set source to eth0 (use if multiple NICs)]

Use the ping flood option with caution, if the packet size is larger than usual  it can cause connections to stand out.

Checking Address Resolution Protocol (ARP)

If you’re not able to ping your gateway, you may have an issue at the Ethernet hardware address layer. The Address Resolution Protocol (ARP) can be used to find information at the MAC layer (hardware layer). 

ARP stands for Address Resolution Protocol, which is used to  find  the  media  access control [MAC] address of a network neighbour for a given IP Address.

To view and configure ARP entries, we can use the arp or ip neighbor command. Arp  command displays  the  kernel’s IPv4 network neighbour cache. It can add entries to the table, delete one or display the current content.

$ arp -v    [List ARP cache entries by name]

Above command will show the names of other computers that the local computer’s ARP cache knows about and the associated hardware type and hardware address of each computer’s NIC. You can disable name resolution to see those computers’ IP addresses instead of the hostname by using the following command:

$ arp -vn     [List ARP cache entries by IP address]

          To delete an entry from the ARP cache, use 
          the -d option:
              $ sudo arp -d
                   [Delete address from ARP cache]

          Instead of just letting ARP dynamically learn 
          about other systems, you can add static ARP 
          entries to the cache using the -s option:
               $ sudo arp -s 00:0B:6A:02:EC:95

To query a subnet to see if an IP is already in use, and to find the MAC address of the device using it, use the arping command. The arping command continuously queries for the address until the command is ended by typing Ctrl+c. Typically, you just want to know if the target is alive, so you can run one of the following commands:

$ arping -f 
[Query and stop at the first reply]

$ arping -c 2 
[Query and stop after 2 counts]

Tracing Routes to Hosts

After verifying that you can ping your gateway and even reach machines that are outside of your network you can use traceroute (traceroute package should be installed) to find the problem correctly.

$ traceroute  www.mywebsite.com  
[Follow the route taken to a host]

If there are lines of asterisks (*) in the end of  the list  it is because of the firewalls inside your office/college network that block traffic to the target. However, if you see several asterisks before the destination, those can indicate congestion or network failures and points to bottleneck issues.

traceroute command options are
$ traceroute -I www.google.com 
                        Use ICMP packets to trace a route
$ traceroute -p 25 www.google.com 
                        Connect to port 25 in trace
$ traceroute -n www.google.com 
                        Disable name resolution in trace
$ tracepath www.google.com 
                        Use UDP to trace the route

Using the ip command...
You can do the same activities with ip command similar to route command. Here are three different ways to show the same basic routing information:

$ ip route show 
[Display basic routing information]

options for adding and deleting routes with ip are as follows:
$ sudo ip r add via dev eth0                  - Add route to interface
$ sudo ip r add via  
                           - Add route no interface
$ sudo ip r del 
                           - Delete route

To make a new route permanent, edit the /etc/network/interfaces file and place the information about the new route in that file. For example, to add the route added with the ip command above, add the following lines to /etc/network/interfaces:
       iface eth0 inet static

Troubleshooting at the transport layer

To display information about packets sent between transport-layer protocols (TCP and UDP), and ICMP use the netstat command:
$ netstat -s | less

$ sudo netstat -tapn          -  [View active TCP connections]

You can see a list of all TCP connections, including which process is handling the connection. Replace the t with u [ie -uapn] to see all UDP connections

If still the problem persists check out weather the proxy address and authentication is set while you are trying to connect from a proxy enabled environment. Nearly every aspect of the network connections from your Ubuntu system can be configured, checked, and monitored using  command-line tools. . .


Post a Comment

speak out... itz your time !!!

Related Posts with Thumbnails

Follow crack bytez with facebook

Terminal Diary | techblog Copyright © 2009 Gadget Blog is Designed by jintu jacob Powered by Blogger