Master Linux Network Troubleshooting: From Ping to Traceroute

Linux Network Troubleshooting: From Ping to Traceroute Diagnostic Process

"Network is down again!" As an operations engineer, this phrase is familiar. When users report network problems, what is your first reaction? Panic or confidently opening a terminal?

Today we share a systematic network fault diagnosis process that can turn a "network rookie" into a "network diagnosis expert".

Fault Symptom Identification

Network faults usually manifest as:

Website inaccessible

Application response slow

Intermittent connection drops

Data transfer timeout

Key Question: How to quickly locate the root cause?

Standardized Diagnosis Process

Step 1: Basic Connectivity Check (ping)

# Check local loopback
ping 127.0.0.1

# Check gateway connectivity
ping $(ip route | grep default | awk '{print $3}')

# DNS resolution
ping baidu.com
ping 8.8.8.8

Diagnosis Points:

Packet loss >5% needs attention

Latency >100 ms may indicate congestion

Unable to ping gateway suggests local network configuration issue

Step 2: Route Path Analysis (traceroute)

# Linux system
traceroute google.com

# If traceroute unavailable, use mtr
mtr --report --report-cycles 10 google.com

Output Interpretation Tips:

traceroute to google.com (142.250.191.14), 30 hops max, 60 byte packets
 1  192.168.1.1 (192.168.1.1)  1.234 ms  1.123 ms  1.456 ms
 2  10.0.0.1 (10.0.0.1)  15.678 ms  16.789 ms  17.234 ms
 3  * * *  (request timed out)
 4  8.8.8.8 (8.8.8.8)  45.123 ms  44.567 ms  43.890 ms

Star at hop 3: possible firewall block or device failure

Sudden latency increase: likely congestion at that node

Persistent timeout on a hop: focus on that network device

Step 3: Port Connectivity Test

# Check specific port
telnet target-host 80
nc -zv target-host 443

# Bulk port scan
nmap -p 80,443,22,3306 target-host

Step 4: DNS Resolution Verification

# View DNS configuration
cat /etc/resolv.conf

# Manual DNS query
nslookup example.com
dig example.com

# Trace DNS resolution process
dig +trace example.com

Common DNS Issues:

Resolution timeout – DNS server slow

NXDOMAIN – domain does not exist

Incorrect results – DNS poisoning or misconfiguration

Advanced Diagnostic Techniques

Network Interface Status Check

# Show interface status
ip addr show
ip link show

# Network statistics
cat /proc/net/dev
ss -tuln  # show listening ports

Firewall Rule Inspection

# iptables rule check
iptables -L -n -v

# Connection tracking
cat /proc/net/nf_conntrack | grep target-ip

Routing Table Analysis

# Show routing table
ip route show
route -n

# Add temporary route for testing
ip route add target-network via gateway-ip

Practical Case Analyses

Case 1: Web Service Access Slow

Symptoms: Users report the website loads very slowly.

Investigation Steps: ping web-server – latency normal telnet web-server 80 – connection succeeds but response slow ss -tuln | grep :80 – many CLOSE_WAIT connections

Conclusion: Application‑layer problem; need to optimize web server configuration.

Case 2: Intermittent Network Interruptions

Symptoms: Network drops every few minutes.

Investigation Steps: mtr --report target-host – a hop shows 30% packet loss traceroute -I target-host – ICMP test

Contact ISP to confirm link status

Conclusion: ISP link instability.

Efficiency Tools

Automation Diagnostic Script

#!/bin/bash
# network-check.sh
TARGET=${1:-"8.8.8.8"}

echo "=== Network Diagnosis Report ==="
echo "Target: $TARGET"
echo "Time: $(date)"

echo -e "
1. Basic Connectivity Test:"
ping -c 4 $TARGET

echo -e "
2. Route Path Analysis:"
traceroute $TARGET

echo -e "
3. DNS Test:"
nslookup $TARGET

echo -e "
4. Local Network Config:"
ip addr show | grep -A 2 "state UP"

Monitoring Alert Setup

# Continuous monitoring with watch
watch -n 5 'ping -c 1 critical-server && echo "OK" || echo "FAILED"'

# Integrate with Zabbix or Prometheus for automated alerts

Best Practice Recommendations

1. Establish Standardized Process

Define detailed SOP for fault handling

Document common issue solutions

Build a knowledge base

2. Toolbox Preparation

# Install essential network tools
yum install -y net-tools traceroute telnet nmap mtr
# or on Ubuntu/Debian
apt-get install -y net-tools traceroute telnet nmap mtr

3. Log Analysis Habit

# System log check
tail -f /var/log/messages | grep -i network
journalctl -u NetworkManager -f

# Network‑related logs
dmesg | grep -i network

4. Performance Baseline Establishment

Record normal network metrics

Regularly test network performance

Set alert thresholds

Preventive Strategies

Network Health Check List

Regularly inspect network device status

Monitor bandwidth usage

Check DNS performance

Verify backup link availability

Update device firmware

Summary

Network fault diagnosis is a core skill for operations engineers. By following a standardized flow—ping → traceroute → port test → DNS verification → deeper analysis—most issues can be located quickly. Remember, tools are means; systematic thinking is the key.