星期一, 2月 26, 2007

9 Tips to diagnose remote GNU/Linux server network connectivity issues


Many new admin or Linux users get frustrated when their remote Linux box is not accessible dues to network connectivity.

In this article I will try to provide tools and information about how to diagnose network configurations. You can try these tips/tools to diagnose an issue of Linux network connectivity to remote or local servers.

Steps to diagnose the problem:

#1: Use ping command
Always ping the IP address of server and then try hostname. For example:
$ ping 75.126.43.232
$ ping cyberciti.biz

If you can ping by IP address but not by hostname, then make sure you have correct DNS name servers setup in /etc/resolv.conf file.
$ less /etc/resolv.conf
Output:

nameserver 192.168.1.10
nameserver 208.67.222.222
nameserver 208.67.220.220Make sure your own DNS server running.

#2: Use traceroute command
If you cannot ping your server at all, use traceroute to trace network problem. traceroute provides the detailed information about path to a network server. You can always find out if server is down from your own workstation or gateway router.
$ traceroute cyberciti.biz
#3: Look for default route / gateway IP
If traceroute point out that you cannot reach to your own gateway, then check routing setting on your own workstation. Add default route.
# route
# route add default gw 192.168.1.254 eth0

#4: Look for IP address
Make sure you have correct IP address assigned by DHCP server. Some time network admin make changes to DHCP server or changes IP routing or other stuff. It is a good idea to restart network interface:
# /etc/init.d/network restart
# tail -f /var/log/message
# ifconfig -a
# route
#5: Check for network cables and power supply
Make sure the network cable is plugged into interface as well as into network switch/hub. It is possible that someone may have pulled out network cable from switch/workstation.

#6: Check firewall log
Make sure your own firewall is not blocking access to remote server. Just try to stop your firewall.
# iptables -L -n
# tail -f /var/log/messages
# /etc/init.d/iptables stop
If you are using Cisco PIX or dedicated Linux / OpenBSD box as firewall, check logs for more information.

#7: Connect to correct ports
Most service connects to default port such as
HTTP - port 80
Proxy - port 3128
SSH - port 22
FTP - port 21

Sometime you change default ports to increase security, so make sure you are connecting to correct remote port.

#8 Network analysis
Besides above tools you must use network analysis tools such as Wireshark aka Ethereal sniffer, netwatch, tcpdump and others. These tools are commonly known as a network protocol analyzer. They can watch routing, client and server communication, packets and much more.

Install Wireshark.
# apt-get install wireshark
$ sudo wireshark &

For detailed usage please refer to official documentation

tcpdump
tcpdump is one my favorite tool. For example to print all packets arriving at router, use:
# tcpdump host router
Read man page of tcpdump for more examples and usage. I recommend you to read tcpdump recipes for more information.

If all of the above test fails contact remote IDC staff. Remote server may be down due any one of the following causes:

Remote network/gateway down (traceroute will tell this)
Your server is down (cable is not plugged or power is down or hardware failure etc)
Your server is under heavy load (Slashdotted or dugg to death)
Your server is under attack ( DoS/DDoS )
Your server is rooted (read as cracked or hacked)
Misconfiguration (server software - firewall, apache, mysql config issues)
#9: Some common question (FAQ)
I can ping a server by its ip address, but I can not “ping” it by name
Setup correct nameserver

I can connect to a Web or FTP server directly, but if I “ping” the server it always returns “Request Timed Out”
Many net/server admins block ICMP ping request as a security measure. So it is not possible to use ping or traceroute command. However you can try out tcptraceroute to bypass the firewall filters policy to run traceroute.

Can I use GUI tools?
You can use cheops - a network monitor tools for same purpose. It’s a combination of a variety of network tools to provide system administrators and users with a simple interface to managing and accessing their networks. Install cheops with apt-get command:
# apt-get install cheops
$ sudo cheops &

Now just add your domains and hosts. You can select any of your host by right clicking and run ping, traceroute, DNS lookup etc.

You can also use mtr for finding out a bad or simply overloaded network link with Linux/UNIX oses.

Please note that you can use these tools to diagnose any operating system such as Sun Solaris or Microsoft Window server

That’s all my brain can remember. Feel free to share any other tips in the comments.

Updated for accuracy.




沒有留言: