Boost Your Ops Efficiency 10× with Essential Linux Network Tools

Introduction

Network problems are a daily challenge for operations engineers. Whether it is abnormal server communication, slow application access, or complex routing issues, mastering the right network testing tools is key to quickly locating and fixing problems. Linux offers a rich set of diagnostic utilities, each suited to specific scenarios. This article introduces the major Linux network testing tools, covering basic connectivity, routing analysis, DNS resolution, port scanning, performance testing, and more, to help engineers build a complete diagnostic knowledge base.

Basic Connectivity Tools

ping – the first line of defense

ping sends ICMP echo requests to test reachability and latency.

#!/bin/bash
# ping_test.sh - basic connectivity script
ping -c 4 google.com
ping -c 5 -i 0.5 192.168.1.1
ping -c 3 -W 2 remote-server.com
ping -c 3 -s 1024 target-host.com
ping -D target-host.com
ping -c 10 -q 8.8.8.8
# batch ping function
batch_ping() {
  local hosts=("192.168.1.1" "8.8.8.8" "114.114.114.114")
  echo "Starting batch ping..."
  for host in "${hosts[@]}"; do
    echo "Testing $host:"
    if ping -c 3 -W 2 "$host" >/dev/null; then
      echo "✓ $host reachable"
    else
      echo "✗ $host unreachable"
    fi
    echo "---"
  done
}
batch_ping

traceroute – tracing network paths

traceroute shows the route packets take to a destination, helping identify bottlenecks.

#!/bin/bash
# traceroute_analysis.sh
traceroute google.com
traceroute -U baidu.com
traceroute -I 8.8.8.8
traceroute -T -p 80 github.com
traceroute -m 15 remote-host.com
# advanced analysis function
analyze_route() {
  local target=$1
  local output_file="/tmp/traceroute_${target}_$(date +%Y%m%d_%H%M%S).log"
  echo "Analyzing route to $target..."
  traceroute -I "$target" | tee "$output_file"
  local hop_count=$(traceroute -I "$target" | grep -c "^ *[0-9]")
  echo "Total hops: $hop_count"
  local timeout_hops=$(traceroute -I "$target" | grep -c "* * *")
  if [ "$timeout_hops" -gt 0 ]; then
    echo "Warning: $timeout_hops timeout hops"
  fi
  echo "Result saved to: $output_file"
}
compare_routes() {
  local target1=$1
  local target2=$2
  echo "Comparing routes: $target1 vs $target2"
  echo "=== $target1 ==="
  traceroute -I "$target1" | head -10
  echo "=== $target2 ==="
  traceroute -I "$target2" | head -10
}
analyze_route "8.8.8.8"
compare_routes "google.com" "baidu.com"

DNS Resolution Testing Tools

nslookup and dig – DNS diagnostics

DNS issues are common; nslookup and dig help diagnose them.

#!/bin/bash
# dns_test.sh
echo "=== nslookup test ==="
nslookup google.com
nslookup google.com 8.8.8.8
nslookup -type=MX google.com

echo "=== dig test ==="
dig google.com
dig google.com MX
dig google.com TXT
dig google.com AAAA
dig +short google.com
dig +trace google.com

dns_performance_test() {
  local domain=$1
  local dns_servers=("8.8.8.8" "114.114.114.114" "223.5.5.5" "1.1.1.1")
  echo "Testing domain: $domain"
  echo "DNS server performance:"
  for dns in "${dns_servers[@]}"; do
    echo -n "Testing $dns: "
    local result=$(dig @$dns $domain | grep "Query time")
    echo "$result"
  done
}

batch_dns_test() {
  local domains=("google.com" "baidu.com" "github.com")
  for domain in "${domains[@]}"; do
    echo "Testing domain: $domain"
    local ip=$(dig +short "$domain" | head -1)
    if [ -n "$ip" ]; then
      echo "✓ A record: $ip"
    else
      echo "✗ A record lookup failed"
    fi
    local mx=$(dig +short "$domain" MX | head -1)
    if [ -n "$mx" ]; then
      echo "✓ MX record: $mx"
    else
      echo "- No MX record"
    fi
    echo "---"
  done
}

dns_performance_test "google.com"
batch_dns_test

Port and Connection State Checking Tools

netstat and ss – monitoring connections

netstat and ss display connections, routing tables, interface statistics, and are essential for troubleshooting.

#!/bin/bash
# network_status.sh
echo "=== Network connection check ==="
netstat -t
netstat -l
netstat -tulpn
netstat -r
netstat -i

echo "=== ss command check ==="
ss -a
ss -t
ss -l
ss -p

check_port_usage() {
  local port=$1
  echo "Checking port $port usage:"
  local netstat_result=$(netstat -tlnp | grep ":$port ")
  if [ -n "$netstat_result" ]; then
    echo "netstat result:"
    echo "$netstat_result"
  fi
  local ss_result=$(ss -tlnp | grep ":$port ")
  if [ -n "$ss_result" ]; then
    echo "ss result:"
    echo "$ss_result"
  fi
  if command -v lsof >/dev/null; then
    local lsof_result=$(lsof -i :"$port")
    if [ -n "$lsof_result" ]; then
      echo "lsof result:"
      echo "$lsof_result"
    fi
  fi
}

connection_stats() {
  echo "TCP connection state stats:"
  ss -t state all | awk '{print $1}' | sort | uniq -c | sort -nr
  echo "Listening port count:"
  ss -tln | grep LISTEN | wc -l
  echo "Established connections:"
  ss -t state established | wc -l
}

check_port_usage 22
check_port_usage 80
connection_stats

Network Performance Testing Tools

iperf3 – bandwidth testing

iperf3 measures TCP and UDP bandwidth performance.

#!/bin/bash
# bandwidth_test.sh
start_iperf_server() {
  echo "Starting iperf3 server..."
  iperf3 -s -D
  echo "iperf3 server listening on port 5201"
}

run_bandwidth_test() {
  local server_ip=$1
  local test_duration=${2:-10}
  echo "Starting bandwidth test – server: $server_ip"
  echo "=== TCP test ==="
  iperf3 -c "$server_ip" -t "$test_duration"
  echo "=== UDP test ==="
  iperf3 -c "$server_ip" -u -t "$test_duration"
  echo "=== Bidirectional test ==="
  iperf3 -c "$server_ip" -d -t "$test_duration"
  echo "=== Parallel test ==="
  iperf3 -c "$server_ip" -P 4 -t "$test_duration"
}

latency_test() {
  local target=$1
  local count=${2:-100}
  echo "Latency test – target: $target"
  if command -v hping3 >/dev/null; then
    echo "Using hping3:"
    hping3 -c "$count" -S -p 80 "$target"
  else
    echo "Using ping:"
    ping -c "$count" "$target" | tail -1
  fi
}

comprehensive_network_test() {
  local target=$1
  local test_duration=${2:-30}
  echo "Comprehensive test start..."
  echo "Target: $target"
  echo "Duration: $test_duration seconds"
  echo "1. Connectivity"
  if ping -c 3 -W 2 "$target" >/dev/null; then
    echo "✓ Connectivity OK"
  else
    echo "✗ Connectivity failed"
    return 1
  fi
  echo "2. Latency"
  latency_test "$target" 20
  echo "3. Bandwidth"
  if nc -z "$target" 5201; then
    run_bandwidth_test "$target" "$test_duration"
  else
    echo "iperf3 server not running, skipping bandwidth test"
  fi
  echo "4. Route"
  traceroute -I "$target" | head -10
  echo "Comprehensive test completed"
}
# Example usage:
# start_iperf_server
# run_bandwidth_test "192.168.1.100" 30
# comprehensive_network_test "google.com" 60

Network Traffic Analysis Tools

tcpdump – packet capture and analysis

tcpdump captures packets for deep analysis.

#!/bin/bash
# packet_capture.sh
basic_capture() {
  local interface=${1:-eth0}
  local count=${2:-100}
  echo "Starting packet capture..."
  tcpdump -i "$interface" -c "$count"
  tcpdump -i "$interface" -w "/tmp/capture_$(date +%Y%m%d_%H%M%S).pcap"
}

advanced_capture() {
  local interface=${1:-eth0}
  echo "Advanced capture examples..."
  echo "HTTP traffic:"
  tcpdump -i "$interface" port 80 -A
  echo "Specific host:"
  tcpdump -i "$interface" host 8.8.8.8
  echo "TCP SYN packets:"
  tcpdump -i "$interface" 'tcp[tcpflags] & tcp-syn != 0'
  echo "DNS queries:"
  tcpdump -i "$interface" port 53
  echo "Large packets (>1000 bytes):"
  tcpdump -i "$interface" greater 1000
}

traffic_analysis() {
  local interface=${1:-eth0}
  local duration=${2:-60}
  echo "Traffic analysis – interface: $interface, duration: $duration seconds"
  local temp_file="/tmp/traffic_$(date +%Y%m%d_%H%M%S).pcap"
  timeout "$duration" tcpdump -i "$interface" -w "$temp_file" &
  local tcpdump_pid=$!
  echo "Capturing (PID: $tcpdump_pid)..."
  wait "$tcpdump_pid"
  echo "Protocol distribution:"
  tcpdump -r "$temp_file" | awk '{print $3}' | sort | uniq -c | sort -nr | head -10
  echo "Top talkers:"
  tcpdump -r "$temp_file" | awk '{print $3}' | cut -d. -f1-4 | sort | uniq -c | sort -nr | head -10
  rm -f "$temp_file"
}

real_time_monitor() {
  local interface=${1:-eth0}
  echo "Real‑time monitor – interface: $interface"
  if command -v iftop >/dev/null; then
    iftop -i "$interface"
  else
    tcpdump -i "$interface" -l | while read line; do
      echo "$(date '+%H:%M:%S'): $line"
    done
  fi
}

security_monitor() {
  local interface=${1:-eth0}
  local log_file="/tmp/security_$(date +%Y%m%d_%H%M%S).log"
  echo "Security monitor start..."
  {
    echo "Start time: $(date)"
    echo "=== Port scan detection ==="
    tcpdump -i "$interface" 'tcp[tcpflags] & tcp-syn != 0' -l &
    echo "=== ARP activity ==="
    tcpdump -i "$interface" arp -l &
    echo "=== ICMP traffic ==="
    tcpdump -i "$interface" icmp -l &
  } | tee "$log_file"
}

# Usage examples:
# basic_capture eth0 1000
# traffic_analysis eth0 300
# real_time_monitor eth0
# security_monitor eth0

Case Study: End‑to‑End Fault Diagnosis

When an application cannot reach a remote service, follow these steps: use ping to verify basic connectivity, traceroute to locate the failing hop, dig or nslookup to confirm DNS resolution, telnet or nc to test the target port, and netstat/ss to check local port usage. If basic checks pass, assess performance with iperf3 and capture traffic with tcpdump for deeper analysis.

Conclusion

Linux network testing tools are essential for operations engineers. Selecting the right tool for each scenario—ping for connectivity, traceroute for routing, dig for DNS, netstat/ss for connection monitoring, iperf3 for performance, and tcpdump for packet analysis—enables rapid problem identification and resolution. Building a standardized troubleshooting workflow and mastering these utilities greatly improves efficiency and system reliability.