4b7eca8a46
All checks were successful
Reindex Knowledge Base / reindex (push) Successful in 3s
Adds title, description, type, domain, and tags frontmatter to every doc for improved KB semantic search. The description field is prepended to every search chunk, and domain/type/tags enable filtered queries. Type values: context, guide, runbook, reference, troubleshooting Domain values match directory structure (networking, docker, etc.) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
3.4 KiB
3.4 KiB
| title | description | type | domain | tags | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Network Troubleshooting Commands | Quick-reference diagnostic commands for connectivity, port debugging, firewall rules, SSL certificates, DNS resolution, and bandwidth testing. | reference | networking |
|
Network Troubleshooting Reference
Connectivity Issues
Basic connectivity tests
# Test connectivity
ping <target_ip>
ping -c 4 <target_ip> # Linux (4 packets)
# Test specific port
telnet <target_ip> <port>
nc -zv <target_ip> <port> # netcat
nmap -p <port> <target_ip>
# DNS resolution
nslookup <hostname>
dig <hostname>
host <hostname>
Network interface debugging
# Show interfaces
ip addr show
ifconfig
# Show routing table
ip route
route -n
# Show network statistics
netstat -i
ss -i
Service Issues
Port and process debugging
# Show listening ports
netstat -tulpn
ss -tulpn
lsof -i :<port>
# Find process using port
fuser <port>/tcp
lsof -i tcp:<port>
# Show all connections
netstat -an
ss -an
Service status
# Systemd services
systemctl status <service>
systemctl is-active <service>
systemctl is-enabled <service>
# Service logs
journalctl -u <service> -f
journalctl -u <service> --since "1 hour ago"
Firewall Debugging
iptables
# List rules
iptables -L -n -v
iptables -t nat -L -n -v
# Check if rule exists
iptables -C INPUT -p tcp --dport 80 -j ACCEPT
# Temporarily disable firewall
systemctl stop iptables # CentOS/RHEL
ufw disable # Ubuntu
UFW (Ubuntu)
# Check status
ufw status verbose
# Show rules by number
ufw status numbered
# Check logs
tail -f /var/log/ufw.log
SSL/TLS Issues
Certificate debugging
# Check certificate details
openssl x509 -in certificate.crt -text -noout
openssl s_client -connect <hostname>:443 -servername <hostname>
# Check certificate chain
openssl s_client -connect <hostname>:443 -showcerts
# Test SSL connection
curl -vI https://<hostname>
wget --no-check-certificate -O /dev/null https://<hostname>
Certificate expiration
# Check expiration date
openssl x509 -in certificate.crt -enddate -noout
# Check remote certificate expiration
echo | openssl s_client -servername <hostname> -connect <hostname>:443 2>/dev/null | openssl x509 -noout -dates
DNS Issues
DNS server testing
# Test specific DNS server
nslookup <hostname> <dns_server>
dig @<dns_server> <hostname>
# Flush DNS cache
# Linux (systemd-resolved)
systemctl restart systemd-resolved
# Linux (nscd)
systemctl restart nscd
DNS configuration
# Check DNS settings
cat /etc/resolv.conf
cat /etc/systemd/resolved.conf
# Test DNS resolution order
getent hosts <hostname>
Performance Issues
Bandwidth testing
# iperf3 testing
# Server: iperf3 -s
# Client: iperf3 -c <server_ip>
# wget speed test
wget -O /dev/null http://speedtest.tele2.net/100MB.zip
Network latency
# Continuous ping with timestamps
ping -D <target>
# MTR (better than traceroute)
mtr <target>
mtr --report <target>
Quick Diagnostics
One-liner network check
# Basic network health
ping -c 1 8.8.8.8 && echo "Internet OK" || echo "No Internet"
# Service accessibility
nc -zv localhost 80 && echo "HTTP service running" || echo "HTTP service down"
Network interface stats
# Interface statistics
cat /proc/net/dev
watch -n 1 cat /proc/net/dev