Master Linux Network Troubleshooting: From Ping to Traceroute

Fault Symptom Identification

Network failures usually appear as the following symptoms:

Website inaccessible

Application response slow

Intermittent connection drops

Data transfer timeout

Key Question

How to quickly locate the root cause?

Standardized Diagnostic Process

Step 1: Basic Connectivity Check (ping)

# Check local loopback
ping 127.0.0.1

# Check gateway connectivity
ping $(ip route | grep default | awk '{print $3}')

# DNS resolution
ping baidu.com
ping 8.8.8.8

Diagnostic points:

Packet loss >5% needs attention

Latency >100 ms may indicate congestion

Unable to ping gateway suggests local network misconfiguration

Step 2: Route Path Analysis (traceroute)

# Linux system
traceroute google.com

# If traceroute unavailable, use mtr
mtr --report --report-cycles 10 google.com

Output interpretation tips:

traceroute to google.com (142.250.191.14), 30 hops max, 60 byte packets
 1  192.168.1.1 (192.168.1.1)  1.234 ms  1.123 ms  1.456 ms
 2  10.0.0.1 (10.0.0.1)  15.678 ms  16.789 ms  17.234 ms
 3  * * *  (request timed out)
 4  8.8.8.8 (8.8.8.8)  45.123 ms  44.567 ms  43.890 ms

Third hop shows * : possible firewall block or device failure.

Sudden latency increase : possible congestion.

Persistent timeout at a hop : focus on that device.

Step 3: Port Connectivity Test

# Check specific port
telnet target-host 80
nc -zv target-host 443

# Bulk port scan
nmap -p 80,443,22,3306 target-host

Step 4: DNS Resolution Verification

# View DNS configuration
cat /etc/resolv.conf

# Manual DNS query
nslookup example.com
dig example.com

# Trace DNS resolution
dig +trace example.com

Common DNS issues:

Resolution timeout – DNS server slow.

NXDOMAIN – domain does not exist.

Incorrect results – DNS poisoning or misconfiguration.

Advanced Diagnostic Techniques

Network Interface Status Check

# Show interfaces
ip addr show
ip link show

# Network statistics
cat /proc/net/dev
ss -tuln   # show listening ports

Firewall Rule Inspection

# iptables rules
iptables -L -n -v

# Connection tracking
cat /proc/net/nf_conntrack | grep target-ip

Routing Table Analysis

# Show routing table
ip route show
route -n

# Add temporary route for testing
ip route add target-network via gateway-ip

Practical Case Analyses

Case 1: Slow Web Service

Symptoms: users report the website loads slowly.

Investigation steps: ping web-server – latency normal. telnet web-server 80 – connection succeeds but response slow. ss -tuln | grep :80 – many CLOSE_WAIT connections.

Conclusion: Application‑layer issue; optimize web server configuration.

Case 2: Intermittent Network Drops

Symptoms: network disconnects every few minutes.

Investigation steps: mtr --report target-host – a hop shows 30% packet loss. traceroute -I target-host – ICMP test.

Contact ISP to confirm link status.

Conclusion: ISP link instability.

Efficiency‑Boosting Tools

Automation Script

#!/bin/bash
# network-check.sh
TARGET=${1:-"8.8.8.8"}
echo "=== Network Diagnosis Report ==="
echo "Target: $TARGET"
echo "Time: $(date)"

echo -e "
1. Basic connectivity:"
ping -c 4 $TARGET

echo -e "
2. Route analysis:"
traceroute $TARGET

echo -e "
3. DNS test:"
nslookup $TARGET

echo -e "
4. Local network config:"
ip addr show | grep -A 2 "state UP"

Monitoring Alert Setup

# Continuous monitoring with watch
watch -n 5 'ping -c 1 critical-server && echo "OK" || echo "FAILED"'

# Integration with Zabbix or Prometheus for automated alerts

Best Practice Recommendations

1. Establish Standardized Process

Define detailed SOP for fault handling.

Document common solutions.

Build a knowledge base.

2. Toolbox Preparation

# Install essential network tools
yum install -y net-tools traceroute telnet nmap mtr
# or on Ubuntu/Debian
apt-get install -y net-tools traceroute telnet nmap mtr

3. Log Analysis Habit

# System logs
tail -f /var/log/messages | grep -i network
journalctl -u NetworkManager -f

# Network related logs
dmesg | grep -i network

4. Performance Baseline

Record normal network metrics.

Regularly test performance.

Set alert thresholds.

Preventive Strategies

Network Health Checklist

Regularly inspect device status.

Monitor bandwidth usage.

Check DNS performance.

Validate backup link availability.

Update firmware.

Automation Monitoring Script

#!/bin/bash
# daily-network-check.sh
HOSTS=("8.8.8.8" "114.114.114.114" "your-critical-server.com")
LOG_FILE="/var/log/network-health.log"

for host in "${HOSTS[@]}"; do
  if ping -c 3 $host > /dev/null 2>&1; then
    echo "$(date): $host - OK" >> $LOG_FILE
  else
    echo "$(date): $host - FAILED" >> $LOG_FILE
    echo "$host is unreachable" | mail -s "Network Alert" [email protected]
  fi
done

Further Learning Resources

Advanced Tools

Wireshark : packet analysis.

iftop : real‑time traffic monitoring.

nethogs : per‑process network usage.

tcpdump : command‑line capture.

Learning Path Suggestions

Master TCP/IP fundamentals.

Become familiar with Linux network configuration.

Study basic network security.

Practice automated operations.

Conclusion

Network troubleshooting is a core skill for operations engineers. By following a systematic flow—ping, traceroute, port testing, DNS verification, and deeper analysis—most issues can be located quickly. Remember that tools are means; a solid diagnostic mindset is essential.

Key Takeaways

Build a systematic troubleshooting approach.

Proficiently use common diagnostic commands.

Value log analysis and monitoring.

Continuously learn emerging network technologies.