Objectives • Be able to identify and correct common network setup issues • Have knowledge of locations for basic configuration files. • Common tools and command are use to correct network problem
Common network problems
• Hardware • IP address • Routing and Ip forwarding • Hostname, DNS • Network services do not run • Firewall
Hardware • NIC was not detected – Make sure your NIC has been attached correctly – Check system boot log: dmesg | grep eth – Check hardware compatible list – Check driver module or kernel
• Network interface is not up – Wherether or not interrupt complicting – Check your cable – cat /proc/interrupts : check system interrupts – ifconfig a : view all interface has been detected. 4
Device Driver Problem • The system was not able to probe and identify network card – The network card is too old or is too new, – The card needs to be manually configured: ISA bus NE2000 cards, EtherExpress Pro's and the like.
• if you know the type of card, check and see the required driver: /lib/modules/kernelver/kernel/drivers/net Example: uses the 3c503.o module, attempt to load it with the command modprobe 3c503
– or need to pass some parameters for the driver. [root@baldur root]# modprobe eepro irq=5 io=0x300
• Once identified the correct driver module, can make it permanent: – /etc/modules.conf (2.4 ker) or/etc/modprobe.conf (2.6 kernel). – For example, the syntax to load the eepro.o: alias eth0 eepro options eepro irq=5 io=0x300
IP address • Ask network admin to find out your current subnet, default gateway, broadcast address, DNS server or using DHCP • Make sure ip complict do not occur • Check your ip address: ifconfig • Start, stop network service: /etc/init.d/network • Ping other host in the same subnet, or ping default gateway.
Interface Configuration • Use the ifconfig command to check to see that the machine's interfaces are up and have an IP address. [root@proserv root]# ifconfig eth0 Link encap:Ethernet HWaddr 00:08:A1:52:23:09 inet addr:10.11.2.1 Bcast:10.11.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:340802 errors:0 dropped:0 overruns:0 frame:0 TX packets:84583 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000
Interface configuration • Problems with an interface showing the wrong IP address, broadcast address or subnet mask are usually down to an incorrect entry in the configuration files – ifconfig eth0 192.168.0.1 netmask 255.255.252.0 – [root@sleipnir root]# cat /etc/sysconfig/networkscripts/ifcfgeth0
• Configuration by DHCP – If network interface is configured by a DHCP server, then the configuration script above will not specify the IP address: •
– [root@sleipnir root]# dhclient eth0 8
Network Reachability • Once you've got an IP address on an interface, the next step is to test whether you can reach remote systems: – 1. ping the system's local interface •
Routing and Ip forwarding • If you can ping machines on the local network but cannot get to all or some destinations on remote networks, then the problem could be in the routing table: – your machine – an upstream router.
• View routing table route netstat rn
Routing and Ip forwarding • Add new routing entry route add net network_addr netmask network_mask gw Gateway_addr
• Add default gateway in other to connect to outside route add default gw gateway_addr
• Ping remote host to check the connection • Use traceroute • Ip forwarding: /etc/sysctl.conf net.ipv4.ip_forward = 1
Hostname and DNS lookup • The problem is an inability to resolve names into IP addresses • /etc/resolv.conf nameserver 10.11.1.2 domain vnuitp.edu.vn.
• /etc/nsswitch.conf #hosts: db files nisplus nis dns hosts: files dns
• Ping Ip_address to check the connection • Ping hostname to check DNS lookup – ping server.vnuitp.edu.vn – ping www.vnn.vn 12
Hostname and DNS lookup • Check whether your system is able to connect to a DNS and resolve a hostname into an IP address with the host command: [les@sleipnir les]$ host fulbertfulbert.cullen.lesbell.com.au has address 192.168.168.1
• To get down to lowlevel debugging of DNS lookups, should learn the nuances of the dig command. [les@sleipnir les]$ dig www.pcuser.com.au @dvalin.lesbell.com.au ; <<>> DiG 9.2.1 <<>> www.pcuser.com.au @dvalin.lesbell.com.au ;; global options: printcmd ;; Got answer: ;; >>HEADER<< opcode: QUERY, status: NOERROR, id: 17821 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1 ;; QUESTION SECTION: ;www.pcuser.com.au. IN A ;; ANSWER SECTION: www.pcuser.com.au. 36417 IN A 22.214.171.124 <Output cont.> 13
Network services • Check services process make sure they are running – ps ef | more
• List all opened ports – netstat anp | more
• View system log to find out error – tail f /var/log/messages
• View service log file to check the status – tail f /var/log/maillog
• Telnet to service port on localhost – telnet 0.0.0.0 80 14
Firewall • Firewall in the way – while everything is configured fine at your end, but between you and the system you are trying to connect to, there is a firewall.
• Local firewall: check your firewall to make sure that it does not block network services – iptables L n – iptables L n t mangle – iptables L n t nat – /etc/init.d/iptables stop
tcpdump • Tcpdump prints out the headers of packets on a network interface – tcpdump [ adeflnNOpqRStuvxX ] [ c count ] [ i interface ] [ m module ] [ r file ] – c Exit after receiving count packets. – d Dump the compiled packetmatching code in a human readable form to standard output and stop. – i Listen on interface. If unspecified, tcpdump searches the system interface list for the lowest numbered, configured up interface (excluding loopback). – n Don’t convert host addresses to names. 16
Summary • Hardware problems • IP address • Routing and Ip forwarding • Hostname, DNS • Network services do not run • Firewall • Debug utility: tcpdump