Common network problems and solutions in linux system

Enterprise 2023-07-02 09:53:56 views: null

1. Check network connectivity : Use the ping command to test whether the target address is reachable, for example, ping www.google.com.

If the ping fails, it may be caused by DNS resolution failure or network configuration problems

2. Check DNS resolution : Use nslookup or dig command to test whether DNS resolution is normal, for example, nslookup www.google.com If DNS resolution fails, you can try to replace the DNS server or check the local DNS configuration.

DNS configuration steps:

Enter the following command to open the resolv.conf file:

sudo nano /etc/resolv.conf

Check the file for the nameserver lines, which list the IP addresses of the DNS servers used for DNS resolution. For example, two DNS servers are listed in the following sample file:

nameserver 8.8.8.8 nameserver 8.8.4.4

If you need to modify the DNS server, you can edit the resolv.conf file and change the IP address in the nameserver line to the IP address of the DNS server you need to use.

Save and exit the file, then try ping or nslookup to test whether the DNS resolution is normal.

Note that if your Linux system uses NetworkManager, the resolv.conf file may be pointed to another file or generated dynamically. In this case, you can use nmcli command to check and change DNS server configuration. For example, the following command will add Google's public DNS servers as preferred DNS servers:
sudo nmcli connection modify "Wired connection 1" ipv4.dns "8.8.8.8, 8.8.4.4"

Among them, "Wired connection 1" is the name of your network connection, and ipv4.dns is the DNS server address. After saving the changes, you need to restart your network connection or use the following command for the changes to take effect:

sudo systemctl restart NetworkManager

3. Check the status of the network card : use ifconfig or ip command to check the status of the network card, such as ifconfig eth0. If the network card is not enabled or faulty, you can try to re-enable the network card or replace the network card.

Troubleshoot and solve:

Check the network configuration file: Check whether the network configuration in files such as /etc/network/interfaces or /etc/sysconfig/network-scripts/ifcfg-eth0 (take eth0 as an example) is correct. Make sure that the IP address, subnet mask, gateway, DNS and other information in the network configuration file match the network environment.

Check whether the network card is activated: Use the ifconfig -a command to check whether the network card is activated. If the network card is not activated, you can use the ifup eth0 command to activate the network card.

Check the network link: Use the ping command to check whether the network link is smooth. If other devices cannot be pinged, you can check whether the network cables, switches and other network devices are working normally.

Check the firewall: Check the firewall settings of the Linux system to see if network communication is blocked. You can use the iptables -L command to view the current firewall settings.

Check network service: Checks whether the network service is started. Use the systemctl status network command to check the network service status.

Check the network card driver: Use the lspci -v command to check whether the network card driver is installed correctly, and check whether the driver supports the current Linux kernel version.

4. Check the firewall configuration : Use the iptables command to check the firewall rule configuration, such as iptables -L. If there is a problem with the firewall rules, you can try to adjust the rules or disable the firewall to test.

Basic steps for rule configuration and troubleshooting:

View the current iptables rules: Use the iptables -L command to view all the current iptables rules.

Configure iptables rules: iptables rule configuration includes operations such as adding, deleting, and modifying rules. For example, to add a rule to allow SSH connections, the following command can be used:

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

This command will add a rule to the INPUT chain to allow connections on TCP port 22 (the SSH port).

Save iptables rules: iptables rules are not automatically saved after reboot by default. To save iptables rules, you can use the following command:

/sbin/service iptables save

or

/usr/libexec/iptables/iptables.init save

This will save the current iptables rules to the /etc/sysconfig/iptables file to be automatically loaded after a system reboot.

Delete iptables rules: You can delete iptables rules with the following command:

iptables -D INPUT -p tcp --dport 22 -j ACCEPT

This command will remove the rule in the INPUT chain that allows SSH connections.

Firewall troubleshooting: If you cannot connect to the server, it may be due to misconfigured firewall rules. In this case, you can troubleshoot the issue by following these steps:

a. Verify that the firewall rules on the server include the ports that allow the connection.

b. Check that the iptables rules are consistent with other network configurations such as network interface configurations and routing tables.

c. Check if the server has SELinux enabled, if so, you need to confirm that the SELinux policy allows connections to the required ports.

d. Verify that no other network devices such as firewalls or routers are blocking the connection between the server and client.

Monitor iptables logs: When iptables blocks network traffic, you can view relevant information in the logs. You can view the iptables logs with the following command:

tail -f /var/log/messages | grep iptables

This will display iptables related log information.

Enable iptables logging: Logging can be enabled by modifying iptables rules. For example, the following rule could be added to the INPUT chain:

iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

This will add a rule to the INPUT chain that logs each blocked packet and prefixes the log with "iptables denied: ".

Use firewall management tools: iptables rule configuration and management can use some firewall management tools to simplify operations, for example, firewalld and ufw. These tools provide an easier interface to configure firewall rules.

5. Check the routing configuration : Use the route command to check the routing table configuration, such as route -n. If the routing table configuration is wrong, you can try to add the correct routing rules.

The steps to check and resolve routing configuration errors are as follows:

Check the current routing table: Use the ip route show command to view the current routing table. This will display routing information for all network interfaces currently in the system.

Check the IP address of the network interface: Use the ip addr show command to view the IP address and other related information of the network interface in the current system. Make sure each interface has a unique IP address that is consistent with other devices in the network topology.

Confirm the default gateway: Use the ip route show default command to view the default gateway in the current system. Make sure the IP address of the default gateway is consistent with other devices in the network topology.

Add a static route: If you need to add a static route to make a specific network reachable, you can use the ip route add command. For example, if you wanted to add the 10.0.0.0/24 network to the 192.168.1.1 gateway, you would use the following command:

ip route add 10.0.0.0/24 via 192.168.1.1

Delete static route: If you need to delete a static route, you can use the ip route del command. For example, if you wanted to remove the route added above, you could use the following command:

ip route del 10.0.0.0/24 via 192.168.1.1

Check for routing errors: If you still cannot reach the target network, check for routing errors. For example, if you try to access the 10.0.0.0/24 network and cannot, you can use the following command to check for routing errors:

traceroute 10.0.0.1

This will show which device in the network your request went to, and where it stopped.

Fix routing errors: Based on the output of the traceroute command, you can identify and resolve routing errors. For example, if the traceroute command stops on one device, you can examine that device's routing table and configuration to determine the problem.

6. Check the network service : Use the netstat command to check the status of the network service, such as netstat -tln. If the network service is not started or is faulty, you can try restarting the service or adjusting the configuration.

The steps to check and resolve network service failures are as follows:

Check service status: Use the systemctl status command to check the status of the service. For example, if you want to check the status of the Apache HTTP server, you can use the following command:

systemctl status httpd

This will display the status of the Apache HTTP server, such as whether it is running, whether it is enabled, etc.

Check the service configuration: Use the cat command to view the configuration file of the service. For example, if you want to view the configuration file of the Apache HTTP server, you can use the following command:

cat /etc/httpd/conf/httpd.conf

This will display the configuration file for the Apache HTTP server.

Check the network port: Use the netstat command to check the status of the network port. For example, if you want to check the listening port of the Apache HTTP server, use the following command:

netstat -anp | grep :80

This will show whether the Apache HTTP server is listening on port 80.

Check your firewall: If you use a firewall to protect your server, you need to make sure that the firewall allows the required services through. For example, if you use an iptables firewall and want to allow HTTP services through, use the following command:

iptables -I INPUT -p tcp --dport 80 -j ACCEPT

This will allow HTTP service over port 80.

Restart the service: If the service fails, you can try to solve the problem by restarting the service. For example, if the Apache HTTP server stops responding, restart the service with the following command:

systemctl restart httpd

Check the log: use the journalctl command to view the system log. For example, if you want to view the logs of the Apache HTTP server, use the following command:

journalctl -u httpd

This will display the logs of the Apache HTTP server.

Troubleshooting: Based on inspection results and log information, you can identify and resolve network service failures. For example, if you find that the Apache HTTP server is misconfigured, you can edit the configuration file and restart the service.

Solutions to network problems need to be determined on a case-by-case basis, sometimes requiring multiple steps of inspection and debugging. At the same time, make full use of the network diagnostic tools provided in the Linux system to find and solve problems faster.

Guess you like

Origin blog.csdn.net/weixin_47450720/article/details/129702712
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com