Network configuration and troubleshooting

Computers are connected in a network to exchange data and resources with each other using a data link. Maintaining network up and running is a task of Network Administrator’s job.

Before configurations, we should know about some important files and directories.

/etc/resolv.conf is a file which keeps the address of DNS server to which the clients will be accessing to resolve IP to hostname and hostname to IP.

# cat /etc/resolv.conf
# Generated by NetworkManager
domain localdomain
search localdomain

/etc/hosts is file which is responsible for resolving hostname into IP locally, in other word it acts as local DNS if DNS server is not accessible.

# cat /etc/hosts localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 learndba

For Red Hat/Fedora/CentOS

/etc/sysconfig/network is file which keeps the information about the hostname assigned to the system. If you want to change the hostname permanently, you need to change the hostname in this file.

# cat /etc/sysconfig/network

/etc/sysconfig/network-scripts/ is the directory which keeps the configuration of network devices connected to the system.

# cd /etc/sysconfig/network-scripts/
# ll

For debian/Ubuntu

/etc/network/interfaces is a file which keeps the information about network configuration and devices. ex. Static IP and info, DHCP, etc.

# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp

Static IP address assignment

Command Line

# ifconfig eth0 netmask broadcast

Network IP aliasing

Assign more than one IP address to one ethernet card.

# ifconfig eth0 netmask broadcast

# ifconfig eth0:0 netmask broadcast

# ifconfig eth0:1 netmask broadcast

Check with ifcofig command

# inconfig

Changing the host name

# hostname
# cat /etc/sysconfig/network
# vi /etc/sysconfig/network

Change HOSTNAME value

# cat /etc/sysconfig/network

Restart the system with init 6 command and check hostname.

# init 6

# hostname

Network configuration utility

setup or $ system-config- network commands will open a text base utility.

# setup


Move the cursor to Network configuration and press Enter


Move the cursor to Device configuration and press Enter


Note : If system-config-network command is used, it will directly take you to above position.

Now select the NIC adapter i.e and press Enter


Assign IP address and other details per your requirement , move cursor to OK and press Enter.


Move the cursor to Save and press Enter to save the changes in device configuration.


Once again move cursor to Save&Quit and press Enter.


Finally move the cursor to Quit and press enter to quit the utility.


Now restart the network service and check IP address.

# service network restart

If the changes are not reflected with above service restart, restart network manager.

# service NetworkManager restart

Check IP address with ifconfig command.

If the server is in the remote location, use mii-tool to check the cable is connected or not.

# mii-tool eth0
eth0: negotiated 100baseTx-FD, link ok

To know more about the NIC card/adapter, use below command.

# ethtool eth0

Below are the commands to troubleshoot network on linux servers.


You can test network connection. ping is also can be used for basic DNS diagnostics, we can ping host by IP address or by its hostname and then decide if DNS works at all.


Ifconfig is used to configure the kernel-resident network interfaces. It is used at boot time to set up interfaces as necessary. After that, it is usually only needed when debugging or when system tuning is needed. If no arguments are given, ifconfig displays the status of the currently active interfaces. If a single interface argument is given, it displays the status of the given interface only; if a single -a argument is given, it displays the status of all interfaces, even those that are down. Otherwise, it configures an interface.


traceroute tracks the route packets taken from an IP network on their way to a given host. It utilizes the IP protocol’s time to live (TTL) field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to the host.


It traces path to destination discovering MTU along this path. It uses UDP port port or some random port. It is similar to traceroute, only does not not require superuser privileges and has no fancy options.

tracepath6 is good replacement for traceroute6 and classic example of application of Linux error queues. The situation with tracepath is worse, because commercial IP routers do not return enough information in icmp error messages. Probably, it will change, when they will be updated. For now it uses Van Jacobson’s trick, sweeping a range of UDP ports to maintain trace history.

dig – DNS lookup utility

dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.


Nslookup is a program to query Internet domain name servers. Nslookup has two modes: interactive and non-interactive. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain. Non-interactive mode is used to print just the name and requested information for a host or domain.


dmesg is used to examine or control the kernel ring buffer. The program helps users to print out their bootup messages. Instead of copying the messages by hand, the user need only: dmesg > boot.messages and mail the boot.messages file to whoever can debug their problem.

dmesg | less or dmesg | tail or dmesg | grep -i error – for understanding what the Linux kernel thinks about some trouble.


Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

Netstat prints information about the Linux networking subsystem. The type of information printed is controlled by the first argument, as follows:

  By default, netstat displays a list of open sockets. If you don’t specify any address families, then the active sockets of all configuredaddress families will be printed.

 --route , -r

   Display the kernel routing tables.

 --groups , -g

   Display multicast group membership information for IPv4 and IPv6.

 --interfaces=iface , -I=iface , -i

   Display a table of all network interfaces, or the specified iface.

 --masquerade , -M

   Display a list of masqueraded connections.

 --statistics , -s

   Display summary statistics for each protocol.


Another utility to investigate sockets.
ss is used to dump socket statistics. It allows showing information similar to netstat. It can display more TCP and state information than other tools.


Administration tool for IPv4 packet filtering and NAT
Iptables is used to set up, maintain, and inspect the tables of IPv4 packet filter rules in the Linux kernel. Several different tables may be defined.
Each table contains a number of built-in chains and may also contain user-defined chains. Each chain is a list of rules which can match a set of packets.
Each rule specifies what to do with a packet that matches. This is called a ‘target’, which may be a jump to a user-defined chain in the same table.

To investigate firewall issues on Linux: iptables -nvL shows how many packets are matched by each rule (iptables -Z to zero the counters). The LOG target inserted in the firewall chains is useful to see which packets reach them and how they have already been transformed when they get there. To get further NFLOG (associated with ulogd) will log the full packet.


iptables-save is used to dump the contents of an IP Table in easily parseable format to STDOUT. Use I/O-redirection provided by your shell to write to a file.


ethtool is used to query and control network device driver and hardware settings, particularly for wired Ethernet devices. devname is the name of the network device on which ethtool should operate.


OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.

The openssl program is a command line tool for using the various cryptography functions of OpenSSL’s crypto library from the shell. It can be used for

  • Creation and management of private keys, public keys and parameters
  • Public key cryptographic operations
  • Creation of X.509 certificates, CSRs and CRLs
  • Calculation of Message Digests
  • Encryption and Decryption with Ciphers
  • SSL/TLS Client and Server Tests
  • Handling of S/MIME signed or encrypted mail
  • Time Stamp requests, generation and verification


Arp manipulates the kernel’s ARP cache in various ways. The primary options are clearing an address mapping entry and manually setting up one. For debugging purposes, the arp program also allows a complete dump of the ARP cache.


Route manipulates the kernel’s IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig(8) program.

When the add or del options are used, route modifies the routing tables. Without these options, route displays the current contents of the routing tables.


strace is a useful diagnostic, instructional, and debugging tool. System administrators, diagnosticians and trouble-shooters will find it invaluable for solving problems with programs for which the source is not readily available since they do not need to be recompiled in order to trace them.
Students, hackers and the overly-curious will find that a great deal can be learned about a system and its system calls by tracing even ordinary programs. And programmers will find that since system calls and signals are events that happen at the user/kernel interface, a close examination of this boundary is very useful for bug isolation, sanity checking and attempting to capture race conditions.


Tcpdump prints out a description of the contents of packets on a network interface that match the Boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.