How To Troubleshoot Your Internet Connection In Linux

In today's world, internet connectivity enables the usage and transfer of information over a network. Working in a network-focused role requires system administrators to be aware of possible issues and be capable of troubleshooting them.

So in an environment that requires efficient communication for day-to-day activities, you must know Linux/Unix networking tools and how to use them to resolve internet connectivity issues. This article will help you identify the possible network issues in Linux and provide ways to troubleshoot them.

Troubleshooting Incoming and Outgoing Connections

Before you begin to resolve the issues, it's important to identify if the problem is at the client-side or the server-side. This section covers ways to identify outgoing and incoming connection issues on Linux.

Identify and Troubleshoot Outgoing Connection Issues

As a client trying to access the website, sometimes you may find the website unavailable. The problem can be with name resolution or the connection being outside your local network.

To identify the exact reason, you can begin with sending ICMP echo requests using the ping command and wait for the response.

        ping <ip_add>

In case of no network connectivity or 100 percent packet loss, another possibility can be the absence of any network interface. Run the ip command to check the status of all the available interfaces on your system:

        ip add show

The command output displays status of each network interface as either UP or DOWN. The interface with the DOWN state in the output will not have any assigned IP address, which can be the possible reason for the connectivity issue.

You can resolve the problem by changing the internet state by running:

        sudo ifup <interface_name>

Now, if the interface is available but the server is still not accessible, use the ping command to find the router's IP address and check if it's reachable:

        ping <router's_ip_add>

The packet fails to reach the router if it is either physically disconnected or off. If the connection succeeds, ping any system beyond your router, and the unavailability of the website in this scenario can be due to DNS service issues.

If the server is reachable, but the connection is slow, you can identify the root cause by running the traceroute command as it displays the time a packet takes to reach each intermediate node.

        traceroute <ip_add>

Troubleshoot Incoming Connection Issues

Most organizations configure Linux systems as servers and have high availability requirements. For instance, an Apache server hosting a website can have no client reach causing incoming network issues. The website hostnames are registered to a public DNS server that resolves their name to an IP address.

If the name-address resolution is working fine, you can ping the server from a Linux client to check its availability from the outside. Similarly, from the Linux client, you can check if the httpd service is running by using the nmap command.

Nmap is the most powerful and versatile tool network administrators use to check services running on a network. However, it's also a cracker that can provide system-related information to intruders.

You can run the tool to check if your server ports are available to the outside connections. Use the hostname or IP address to scan the system for running services/ports:

        nmap <hostname/ip_add>

If the TCP ports 80 and 443 states are up and running for HTTP and HTTPS services, it indicates the service is listening for incoming connections. This situation requires you to check how the service is configured inside the main configuration file: /etc/httpd/conf/httpd.conf.

Besides, the absence of the TCP ports 80 and 443 indicates the firewall is blocking the ports and filtering them, while a close state in the Nmap output means the httpd service is not running or listening to the port.

Troubleshoot DNS Server Issues

If you can ping the IP address of the website and it's not accessible through the browser, you have a problem with hostname resolution. The client-server communicating over the internet perform hostname-to-address resolution by communicating with the DNS server.

In Linux/Unix operating systems, you configure the DNS server by either entering them manually or requesting the DHCP server for automatic assignment while starting the interfaces. In either case, the DNS server addresses are available inside the /etc/resolv.conf file.

Hence, whenever you try to connect to a website, it looks for the host in the /etc/hosts file and moves onwards to searching DNS server addresses one by one in the resolv.conf file. It checks for the servers until it can't find the host to return the "Host Not Found" error.

To debug DNS-related issues, begin with checking if the DNS server is reachable by using the ping command, as follows:

        ping -c <dns_server_address>

Check if the server is working or performing name to IP address resolution with the help of dig or host command, as follows:

        dig @X.X.X.X www.google.com 
host www.google.com X.X.X.X

If the NetworkManager service is enabled and a wrong DNS server's IP address is found, you simply can't add an entry to the resolv.conf file. This is because NetworkManager overrides the file entries and connects to the DHCP server for automatic assignment.

To resolve this issue, open the interface files to add PEERDNS=no and set the new address as DNS1=X.X.X.X.

        # On CentOS/Fedora/RHEL
sudo vim /etc/sysconfig/network-scripts/<interface_name>


# On Ubuntu/Debian
sudo vim /etc/network/interfaces

Once you've opened the files, add the following lines:

        PEERDNS=no
DNS1=X.X.X.X

The aforementioned command snippet will prevent DHCP from overwriting the DNS address allowing you to edit the resolv.conf file directly.

Troubleshooting the Firewall in Linux

The default firewall setting in Linux can block all incoming connections on TCP ports 80 and 443. Check for any DROP/REJECT rule in the /etc/sysconfig/iptables file before adding any rule for the TCP ports. Move the rule for open ports above the DROP/REJECT to resolve the problem.

Besides, you can also check if the firewall drops packets to/from any specific host. In the iptables file, look for any IP address and DROP/ACCEPT value followed by the -s and -j flags. You can either edit the rule or create a new one specific to the host and place it above others to make it an exception.

Fixing Network Issues on Linux

This article covers beginner to advanced level techniques to identify and remediate any internet connectivity issues in Linux. Before beginning to troubleshoot, it is important to identify the root cause of the problem and take steps effectively.

You can learn more about troubleshooting issues and be more creative in identifying and resolving them by learning about different networking tools available inside Linux.