Network Troubleshooting
So you have a network problem. This means your source host cannot reach a target host via the network. It can be that you cannot reach a website with your browser or anything else, no matter what it is, it is important to ask the right questions. These are:
- Do you have an IP address
- If yes
- Can you ping your default gateway
- If yes
- Does DNS work
- Can you ping into another subnet
- If both questions are "yes"
- Can you reach the port you need to reach
- If both questions are "yes"
- If yes
- Can you ping your default gateway
- If yes
Experienced users may skip pinging the default gateway if the target machine is in the same subnet and similar tricks. However, if you proceed according to this scheme, you are about to win in 90% of all network problems :)
Do you have an IP address
Most probably, you are using the IP protocol stack. For this, you need an IP address, otherwise, you need to fix this first. Find it out e.g. like this:
$ ifconfig eth1 Link encap:Ethernet HWaddr 00:1C:F0:BB:06:C8 inet addr:192.168.0.5 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::21c:f0ff:febb:6c8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:107889950 errors:0 dropped:0 overruns:0 frame:0 TX packets:273562838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:9617038808 (9171.5 Mb) TX bytes:369837330592 (352704.3 Mb) Interrupt:21 Base address:0xc000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:98106539 errors:0 dropped:0 overruns:0 frame:0 TX packets:98106539 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:355210630999 (338755.2 Mb) TX bytes:355210630999 (338755.2 Mb)
In this example, your network card eth1 has the IP address 192.168.0.5. The interface "lo" is quite useless, you need another one (typically called ethn, wlann or bondn where n is a number) you will need to have this fixed first. If you have it, proceed with the next chapter.
If not
If your card is recognized, you should see an entry called 'eth0'. Network cards are counted from 0, and the eth part means that it is using the ethernet protocol to communicate to your router. It is possible that it is perfectly configured, but not actually active. Try typing
ifconfig eth0 up
and then
ifconfig
again. You should see something like:
eth0 Link encap:Ethernet HWaddr 00:90:F5:03:4B:69 inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::290:f5ff:fe03:4b69/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:911573 errors:0 dropped:0 overruns:0 frame:0 TX packets:656393 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:604721438 (576.7 Mb) TX bytes:58964684 (56.2 Mb) Interrupt:10 Base address:0xf000
Whew, worked. If it didnt, try to run dmesg and ifconfig again to see what could cause the problem and ensure the module was loaded. (For me it first failed, then suddenly worked after two minutes trying it again) Notice how the Scope changed (Scope="Gültigkeitsbereich")
The _IP address_ shown here is 192.168.0.2 . This is another special IP address called a Class C Private Address, which means it can talk to your router without the whole world seeing it. (You could make a local network by assigned your PCs IP Addresses like 192.168.0.1, 192.168.0.3, 192.168.0.4 and so forth.)
Your router should have it's own address that the internet can talk to. If you have an address that looks like this, skip to test 3.
Sometimes you will see the following
inet addr: 0.0.0.0
This means that your router hasn't told you what IP address to have, or you haven't asked it yet. Routers use DHCP to negotiate a private ip address with your computer. Try running one from dhclient eth0 or dhcpcd eth0 or pump eth0, which will ask your router for a new address. If nothing happens, check the cable is firmly plugged in, between your computer and the router, and that the router is turned on. Finally, read the documentation for your router to see if it uses dhcp, or if you need to set a particular address on your computer.
If dhcp is successful, you have an ip address!
Usually, the dhcp client is activated from the ifconfig command.
If dhcp isn´t an option, you will need to create a manual file for ifconfig to read. RPM based systems will have a directory similar to /etc/sysconfig/network-scripts to hold the config files, eg
cat /etc/sysconfig/network-scripts/ifcfg-eth0 in RH gives..
MTU="" NETMASK=255.255.255.0 BROADCAST="" BOOTPROTO=none IPADDR=192.168.1.1 NETWORK=192.168.1.0 ONBOOT=yes DEVICE=eth0
If BOOTPROTO=dhcp, the ip, netmask & broadcast settings are ignored, in favour of the settings from the dhcp server.
Debian uses the file /etc/network/interfaces (see man interfaces) and Gentoo uses the file /etc/conf.d/net.
Can you ping your default gateway
If you can ping your default gateway, routing will work for you (provided the default gateway is configured correctly). Only if routing works, you will be able to reach a computer in another subnet. To find out your default gateway, use
$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 loopback * 255.0.0.0 U 0 0 0 lo default 192.168.0.1 0.0.0.0 UG 0 0 0 eth1
If you do not have a default entry, you need to know it, then add it:
$ route add default gw 192.168.0.1
In this example, you gateway is 192.168.0.1, so try pinging it:
$ ping 192.168.0.1 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.429 ms
In the above example, an answer came for the ping (time is not so important here). That means, you can reach another computer and even your gateway, so, connections out of your subnet should not be a problem.
Does DNS work
Without DNS, you can only ping IP addresses, no hostnames. So, provided you are not behind a proxy, the following should work:
$ nslookup linuxquestions.org Server: 194.25.2.129 Address: 194.25.2.129#53 Non-authoritative answer: Name: linuxquestions.org Address: 75.126.162.205
If you are behind a proxy, try looking up a hostname from that you know it exists (do not forget the domain name). If you do not know one, make sure at least that you can ping the name server:
$ cat /etc/resolv.conf domain site nameserver 192.168.0.1 $ ping 192.168.0.1 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_seq=1 ttl=61 time=46.5 ms
Can you ping another subnet
Once you have a valid IP address, lets see if you can connect to the internet.
A program exists for this very purpose, called 'ping'. It sends messages to another computer or router on a network, and if they are received, will send a reply back (sometimes called a 'pong').
try 'pinging' Google.
ping www.google.com
you should get the following.
PING www.google.akadns.net (66.102.11.99) 56(84) bytes of data. 64 bytes from 66.102.11.99: icmp_seq=1 ttl=244 time=28.6 ms 64 bytes from 66.102.11.99: icmp_seq=2 ttl=244 time=27.8 ms 64 bytes from 66.102.11.99: icmp_seq=3 ttl=244 time=26.6 ms 64 bytes from 66.102.11.99: icmp_seq=4 ttl=244 time=27.9 ms 64 bytes from 66.102.11.99: icmp_seq=5 ttl=244 time=27.7 ms 64 bytes from 66.102.11.99: icmp_seq=6 ttl=244 time=26.6 ms 64 bytes from 66.102.11.99: icmp_seq=7 ttl=244 time=26.9 ms
and so on. To stop it, press ctrl+c.
It maybe that you get a message that says 'no route to host' This means that your computer can't find a way to connect to the internet. Reasons include:
- you are behind a corporate firewall
- your route is not set correctly
- See route how to correct this.
Can you reach the port that you need to reach
To know which port you need to reach, read List Of Port Numbers.