Network Diagnostics#

Concepts#

Diagnostic Toolkit#

When network issues occur, these tools help you pinpoint the problem. Work from the bottom up: check physical/link connectivity first, then IP, then DNS, then application.

ping — Check Reachability# 

ping -c 4 192.168.1.1        # send 4 packets to gateway
ping -c 3 8.8.8.8             # test internet connectivity
ping -c 3 google.com          # test DNS + connectivity
ping -i 0.5 -c 10 host        # 0.5 second interval

If ping 8.8.8.8 works but ping google.com fails → DNS problem. If ping gateway fails → local network problem.

Note that ping will use ICMPpackets. Almost all devices will respond to these pings but it’s worth keeping in mind that if a ping test fails it does not necessarily mean the host is down/unreachable.

traceroute / tracepath — Trace the Path#

Shows every router (hop) between you and the destination:

traceroute google.com
tracepath google.com          # doesn't require root

mtr combines ping and traceroute in real time:

sudo apt install -y mtr
mtr google.com               # interactive
mtr -r -c 10 google.com      # report mode (10 rounds)

ss — Socket Statistics#

Replaces the older netstat. Shows network connections and listening ports:

# Listening TCP ports
sudo ss -tlnp
# t=TCP, l=listening, n=numeric, p=process

# Listening UDP ports
sudo ss -ulnp

# All established connections
ss -tn

# Connections to a specific port
ss -tn sport = :22

# Summary statistics
ss -s

Output columns:

State    Recv-Q  Send-Q  Local Address:Port  Peer Address:Port  Process
LISTEN   0       128     0.0.0.0:22          0.0.0.0:*          users:(("sshd",pid=456))

dig — Full DNS Lookup# 

dig google.com                # full DNS query
dig google.com +short         # just the IP
dig google.com MX             # mail server records
dig google.com NS             # nameserver records
dig -x 8.8.8.8               # reverse lookup (IP → name)
dig @8.8.8.8 example.com     # query a specific DNS server

nslookup — Simple DNS Lookup# 

nslookup google.com
nslookup google.com 8.8.8.8   # query a specific server

host — Quick DNS Lookup# 

host google.com               # forward lookup (DNS -> IP)
host 8.8.8.8                  # reverse lookup (IP -> DNS)

curl and wget — HTTP Testing# 

# Download a page
curl https://example.com

# Show headers only
curl -I https://example.com

# Follow redirects
curl -L https://example.com

# Download a file
curl -O https://example.com/file.zip
wget https://example.com/file.zip

# Verbose (see the connection details)
curl -v https://example.com 2>&1 | head -20

# Test connectivity with status code
curl -s -o /dev/null -w "%{http_code}" https://example.com
# Output: 200

nc (netcat) — Network Swiss Army Knife# 

# Test if a port is open
nc -zv 192.168.1.1 22         # check SSH port
nc -zv google.com 443         # check HTTPS port
nc -zv host 80-90             # scan port range

# Simple chat between two machines
# Machine A: nc -l 1234
# Machine B: nc machineA 1234

Diagnostic Workflow#

When troubleshooting network issues, work through this checklist:

1. Is the interface up?           → ip link show
2. Do I have an IP?               → ip addr show
3. Can I reach the gateway?       → ping gateway_ip
4. Can I reach the internet?      → ping 8.8.8.8
5. Does DNS work?                 → ping google.com / dig google.com
6. Is the service port open?      → ss -tlnp / nc -zv host port
7. Does the application respond?  → curl http://host:port

Lab#

Exercise 1: Ping Tests# 

# Ping your gateway
GW=$(ip route | awk '/default/ {print $3}')
ping -c 3 "$GW"

# Ping external IP
ping -c 3 8.8.8.8

# Ping domain (tests DNS)
ping -c 3 google.com

Exercise 2: DNS Diagnostics# 

dig google.com +short
dig google.com MX +short
host google.com
nslookup google.com

Exercise 3: Check Open Ports# 

sudo ss -tlnp
sudo ss -ulnp

Exercise 4: Test Remote Ports# 

nc -zv google.com 80
nc -zv google.com 443
nc -zv google.com 22 2>&1     # likely refused or timeout

Exercise 5: HTTP Testing# 

curl -I https://example.com
curl -s -o /dev/null -w "Status: %{http_code}\nTime: %{time_total}s\n" https://example.com

Exercise 6: Trace a Route# 

tracepath google.com
# Or if mtr is installed:
# mtr -r -c 5 google.com

Review#

1. If `ping 8.8.8.8` works but `ping google.com` fails, what is the problem?

DNS resolution. IP connectivity works, but the system cannot translate domain names to IP addresses. Check /etc/resolv.conf and DNS server availability.

2. What command shows which ports are listening on your machine?

sudo ss -tlnp (TCP) or sudo ss -ulnp (UDP). The -p flag shows which process is listening.

3. How do you test if a specific port is open on a remote host?

nc -zv hostname port. For example, nc -zv google.com 443 tests if HTTPS is reachable.

4. What is `mtr`?

mtr combines ping and traceroute. It continuously pings each hop along the route, showing latency and packet loss at every step. Useful for finding where network problems occur.

5. How do you get just the HTTP status code from curl?

curl -s -o /dev/null -w "%{http_code}" URL — silent mode, discard body, print only the status code.

Previous: Network Configuration | Next: Firewalls