Linux Learning, network troubleshooting

When the Linux operating system generates a network failure, it should first go from hardware to software/,
1, check the network cable, network card.
To the machine room to check whether the two ends of the network cable is lit, the normal server should be solid green to normal, the switch green flashing indicates that data is being transferred.
You can also use the command ifconfig eth0/ethtool eth0 to see if a link to a network card is physically connected.

2. After you have determined that the network cable is through, look at the physical network card.
Ifconfig can see the network card successfully loaded, with Ethtool-i ETHX can see the network card driver. LSPCI can see all the devices connected to the PCI bus, LSMOD display all loaded modules, and the loaded modules will also be displayed in/proc/modules. In general, after the successful load network card, with Ifconfig can be seen. If you cannot find the network card at this time, then you should check whether the physical network card is connected to the PCI bus, LSPCI detection is likely to be the NIC is bad. There is a situation is not loaded NIC module, first go to Lspci to find the corresponding manufacturer and model: Ethernet Controller, and then use modprobe try to load the correct module, such as Modprobe 3c509. If an error occurs, the module does not exist. At this point you should find the correct module and recompile.

3. After the physical layer of the NIC has no problem, look at the NIC configuration. With ifconfig can see IP, mask and so on, permanently modify the network card information in/ETC/SYSCONFIG/NETWORK-SCRIPTS/IFCFG-ETHX (some Linux distributions are not necessarily the file name, but the path is much the same. The network file in the previous layer is modified hostname, and this file is also the correct place to put it in DNS. Restart network after modification.

4. Check that the routing table is correct. Use Route-n to view the kernel routing table, view the kernel route through the route command, verify that the specific network adapter is connected to the destination network route, and then try to ping the gateway to troubleshoot the connection to the gateway. If you cannot ping the gateway, it is possible that the gateway has restricted ICMP packets, or the switch is setting the issue. A very common problem: two network cards to provide internal and external network services, if the default gateway is an intranet network card, then the external Network service is not accessible. You need to remove and then add the default gateway. Use the route delete/add default GW command.
Now its own problem has been checked again, look at the overall.
5. First look at DNS, in/etc/resolve.conf can see the specified domain name server, but here is unable to modify this file and NetworkManager automatically generated, modify to go to etc/sysconfig/network-scripts/ Ifcfg-ethx.
It is useless to look at it, Nslookup can be used to diagnose DNS servers. Simple to use:

Server is the DNS server address that the machine points to, you can change your DNS address to 114.114.114.114 try.
6. If there is no problem with DNS, then check to see if it can be routed to a host properly, or how the route should be traced when a remote host is not connected. Traceroute is a tool used to track the gateway that passes between the host from which the packet is sent and the target host.
Parameter options:
-i specifies the network interface, which is useful for multiple network interfaces. such as-I eth1 or-I ppp1;
-M sets the maximum lifetime used in the outer probe test package to Max-ttl forwarding, the default value is 30 times;
-N Displays the IP address, without checking the host name. This parameter is often used when DNS does not work, and it is possible to troubleshoot DNS issues while checking.

Record by serial number starting from 1, each record is a hop, each hop represents a gateway, we see each line has three times, the unit is MS, is actually the default parameter-Q. The time that the gateway responds after a probe packet sends three packets to each gateway. An asterisk indicates that the firewall has blocked ICMP return information. Everyone is interested in Baidu under the display of the IP, such as I use the internet provided by the century public DNS (114.114.114.114), then 211.99.171.25 a check is the gateway of the century interconnection.
6. Next check to see if the service port of the remote host is open. You can use Telnet and nmap to check, without the two tools to self-install yum. For example, we want to see if Baidu's 80 port is open:

Status state is open to open, if the filtered is filtered by the firewall, you can try Baidu's 22 port, is certainly the filtered state.
You can also see if the port itself is open, not many examples. The more commands used for their own ports are netstat.

7. If there is a problem with the network, check the iptables strategy and SELinux. Before locating the problem, it is best to turn selinux off and use Iptables-l to see the rules of iptables.

Linux Learning, network troubleshooting