Bài giảng LPI202 - Chapter 02 Advanced Linux Network Administration

Network Troubleshooting Chapter 02Advanced Linux Network Administration ObjectivesBe able to identify and correct common network setup issuesHave knowledge of locations for basic configuration files.Common tools and command are use to correct network problemCommon network problemsHardwareIP addressRouting and Ip forwardingHostname, DNSNetwork services do not runFirewallHardwareNIC was not detectedMake sure your NIC has been attached correctlyCheck system boot log: dmesg | grep ethCheck hardware compatible listCheck driver module or kernelNetwork interface is not upWherether or not interrupt complictingCheck your cablecat /proc/interrupts : check system interruptsifconfig -a : view all interface has been detected.Device Driver ProblemThe system was not able to probe and identify network cardThe network card is too old or is too new, The card needs to be manually configured: ISA bus NE-2000 cards, EtherExpress Pro's and the like.if you know the type of card, check and see the required driver:/lib/modules/kernelver/kernel/drivers/net Example: uses the 3c503.o module, attempt to load it with the command modprobe 3c503or need to pass some parameters for the driver. [root@baldur root]# modprobe eepro irq=5 io=0x300Once identified the correct driver module, can make it permanent:/etc/modules.conf (2.4 ker) or/etc/modprobe.conf (2.6 kernel). For example, the syntax to load the eepro.o:alias eth0 eeprooptions eepro irq=5 io=0x300IP addressAsk network admin to find out your current subnet, default gateway, broadcast address, DNS server or using DHCPMake sure ip complict do not occurCheck your ip address: ifconfigStart, stop network service: /etc/init.d/networkPing other host in the same subnet, or ping default gateway.Interface Configuration Use the ifconfig command to check to see that the machine's interfaces are up and have an IP address. [root@proserv root]# ifconfigeth0 Link encap:Ethernet HWaddr 00:08:A1:52:23:09 inet addr:10.11.2.1 Bcast:10.11.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:340802 errors:0 dropped:0 overruns:0 frame:0 TX packets:84583 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:22910593 (21.8 Mb) TX bytes:106456406 (101.5 Mb) Interrupt:22 Base address:0xd000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:7113 errors:0 dropped:0 overruns:0 frame:0 TX packets:7113 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:492201 (480.6 Kb) TX bytes:492201 (480.6 Kb)Interface configurationProblems with an interface showing the wrong IP address, broadcast address or subnet mask are usually down to an incorrect entry in the configuration filesifconfig eth0 192.168.0.1 netmask 255.255.252.0[root@sleipnir root]# cat /etc/sysconfig/network-scripts/ifcfg-eth0Configuration by DHCPIf network interface is configured by a DHCP server, then the configuration script above will not specify the IP address:ONBOOT=yesDEVICE=eth0BOOTPROTO=dhcpUSERCTL=no[root@sleipnir root]# dhclient eth0Network Reachability Once you've got an IP address on an interface, the next step is to test whether you can reach remote systems:1. ping the system's local interface[root@sleipnir root]# ifconfig|grep inet inet addr:192.168.168.11  Bcast:192.168.168.255 Mask:255.255.255.0         inet addr:127.0.0.1  Mask:255.0.0.0[root@sleipnir root]# ping -c 2 192.168.168.112. ping the upstream router[root@sleipnir root]# ping -c 2 192.168.168.13. ping a remote host[root@sleipnir root]# ping -c 2 203.35.202.153Routing and Ip forwardingIf you can ping machines on the local network but cannot get to all or some destinations on remote networks, then the problem could be in the routing table:your machine an upstream router.View routing tableroutenetstat -rnRouting and Ip forwardingAdd new routing entryroute add -net network_addr netmask network_mask gw Gateway_addrAdd default gateway in other to connect to outsideroute add default gw gateway_addrPing remote host to check the connectionUse tracerouteIp forwarding: /etc/sysctl.confnet.ipv4.ip_forward = 1Hostname and DNS lookupThe problem is an inability to resolve names into IP addresses/etc/resolv.confnameserver 10.11.1.2domain vnu-itp.edu.vn./etc/nsswitch.conf#hosts: db files nisplus nis dnshosts: files dnsPing Ip_address to check the connectionPing hostname to check DNS lookupping server.vnu-itp.edu.vnping www.vnn.vnHostname and DNS lookupCheck whether your system is able to connect to a DNS and resolve a hostname into an IP address with the host command:[les@sleipnir les]$ hostfulbertfulbert.cullen.lesbell.com.au has address 192.168.168.1To get down to low-level debugging of DNS lookups, should learn the nuances of the dig command.[les@sleipnir les]$ dig www.pcuser.com.au @dvalin.lesbell.com.au; > DiG 9.2.1 > www.pcuser.com.au @dvalin.lesbell.com.au;; global options:  printcmd;; Got answer:;; ->>HEADERNetwork servicesCheck services process make sure they are runningps -ef | moreList all opened portsnetstat -anp | more View system log to find out errortail -f /var/log/messagesView service log file to check the statustail -f /var/log/maillogTelnet to service port on localhosttelnet 0.0.0.0 80FirewallFirewall in the way while everything is configured fine at your end, but between you and the system you are trying to connect to, there is a firewall.Local firewall: check your firewall to make sure that it does not block network servicesiptables -L -niptables -L -n -t mangleiptables -L -n -t nat/etc/init.d/iptables stoptcpdumpTcpdump prints out the headers of packets on a network interfacetcpdump [ -adeflnNOpqRStuvxX ] [ -c count ] [ -i interface ] [ -m module ] [ -r file ]-c Exit after receiving count packets.-d Dump the compiled packet-matching code in a human readable form to standard output and stop.-i Listen on interface. If unspecified, tcpdump searches the sys-tem interface list for the lowest numbered, configured up inter-face (excluding loopback).-n Don’t convert host addresses to names.SummaryHardware problemsIP addressRouting and Ip forwardingHostname, DNSNetwork services do not runFirewallDebug utility: tcpdump