Network Troubleshooting and Monitoring

Network Diagnostic Tools

0:00

0% complete

LearnStep 1 of 3

Essential Command-Line Network Diagnostics

Learning Objectives

•Master connectivity and path analysis using ping and traceroute/mtr to isolate network latency or packet loss
•Analyze active socket connections and listening ports on Linux systems using ss (the modern replacement for netstat)
•Diagnose DNS resolution issues with dig and HTTP application layer problems using curl
•Perform raw TCP/UDP connectivity checks and debug TLS handshakes using netcat (nc) and openssl

Lesson Outline

LearnStep 1/3

Essential Command-Line Network Diagnostics

For senior engineers, the ability to diagnose network issues directly from the command line is a critical skill. While monitoring dashboards provide high-level overviews, CLI tools offer the granularity needed to identify the root cause of connectivity failures, latency spikes, or misconfigurations.

1. Connectivity & Path Analysis: ping, traceroute, mtr

ping is the most basic tool for testing reachability using ICMP Echo Requests. It measures Round-Trip Time (RTT) and packet loss.

bash

traceroute maps the path packets take to a destination by manipulating the IP Time-To-Live (TTL) field. mtr (My Traceroute) combines ping and traceroute into a real-time diagnostic tool.

bash

2. Socket Statistics: ss & netstat

While netstat is deprecated, ss is the modern standard for dumping socket statistics. It is faster and provides more detailed TCP information.

bash

3. DNS Diagnostics: dig & nslookup

dig (Domain Information Groper) is preferred over nslookup for its verbose output and flexibility in querying specific DNS records.

bash

4. Application Layer & Raw Connectivity: curl, nc, openssl

curl is essential for debugging HTTP/S. nc (netcat) acts as a raw TCP/UDP tool.

bash

netcat (nc) is the "Swiss Army knife" for networking.

bash

openssl is crucial for debugging HTTPS/TLS certificate chains.

bash