9 Tips to diagnose remote GNU/Linux server network connectivity issues

Many new admin or Linux users get frustrated when their remote Linux box is not accessible dues to network connectivity.

In this article I will try to provide tools and information about how to diagnose network configurations. You can try these tips/tools to diagnose an issue of Linux network connectivity to remote or local servers.

Steps to diagnose the problem:

#1: Use ping command

Always ping the IP address of server and then try hostname. For example:
$ ping
$ ping cyberciti.biz

If you can ping by IP address but not by hostname, then make sure you have correct DNS name servers setup in /etc/resolv.conf file.
$ less /etc/resolv.conf


Make sure your own DNS server running.

#2: Use traceroute command

If you cannot ping your server at all, use traceroute to trace network problem. traceroute provides the detailed information about path to a network server. You can always find out if server is down from your own workstation or gateway router.
$ traceroute cyberciti.biz

#3: Look for default route / gateway IP

If traceroute point out that you cannot reach to your own gateway, then check routing setting on your own workstation. Add default route.
# route
# route add default gw eth0

#4: Look for IP address

Make sure you have correct IP address assigned by DHCP server. Some time network admin make changes to DHCP server or changes IP routing or other stuff. It is a good idea to restart network interface:
# /etc/init.d/network restart
# tail -f /var/log/message
# ifconfig -a
# route

#5: Check for network cables and power supply

Make sure the network cable is plugged into interface as well as into network switch/hub. It is possible that someone may have pulled out network cable from switch/workstation.

#6: Check firewall log

Make sure your own firewall is not blocking access to remote server. Just try to stop your firewall.
# iptables -L -n
# tail -f /var/log/messages
# /etc/init.d/iptables stop

If you are using Cisco PIX or dedicated Linux / OpenBSD box as firewall, check logs for more information.

#7: Connect to correct ports

Most service connects to default port such as
HTTP – port 80
Proxy – port 3128
SSH – port 22
FTP – port 21

Sometime you change default ports to increase security, so make sure you are connecting to correct remote port.

#8 Network analysis

Besides above tools you must use network analysis tools such as Wireshark aka Ethereal sniffer, netwatch, tcpdump and others. These tools are commonly known as a network protocol analyzer. They can watch routing, client and server communication, packets and much more.

Install Wireshark.
# apt-get install wireshark
$ sudo wireshark &

wireshark  network analysis tools
(click to enlarge)

For detailed usage please refer to official documentation


tcpdump is one my favorite tool. For example to print all packets arriving at router, use:
# tcpdump host router

Read man page of tcpdump for more examples and usage. I recommend you to read tcpdump recipes for more information.

If all of the above test fails contact remote IDC staff. Remote server may be down due any one of the following causes:

  • Remote network/gateway down (traceroute will tell this)
  • Your server is down (cable is not plugged or power is down or hardware failure etc)
  • Your server is under heavy load (Slashdotted or dugg to death)
  • Your server is under attack ( DoS/DDoS )
  • Your server is rooted (read as cracked or hacked)
  • Misconfiguration (server software – firewall, apache, mysql config issues)

#9: Some common question (FAQ)

I can ping a server by its ip address, but I can not “ping” it by name
Setup correct nameserver

I can connect to a Web or FTP server directly, but if I “ping” the server it always returns “Request Timed Out”
Many net/server admins block ICMP ping request as a security measure. So it is not possible to use ping or traceroute command. However you can try out tcptraceroute to bypass the firewall filters policy to run traceroute.

Can I use GUI tools?
You can use cheops – a network monitor tools for same purpose. It’s a combination of a variety of network tools to provide system administrators and users with a simple interface to managing and accessing their networks. Install cheops with apt-get command:
# apt-get install cheops
$ sudo cheops &

7 Tips to diagnosing remote GNU/Linux server network connectivity issues
Now just add your domains and hosts. You can select any of your host by right clicking and run ping, traceroute, DNS lookup etc.

You can also use mtr for finding out a bad or simply overloaded network link with Linux/UNIX oses.

Please note that you can use these tools to diagnose any operating system such as Sun Solaris or Microsoft Window server 🙂

That’s all my brain can remember. Feel free to share any other tips in the comments.

Updated for accuracy.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 15 comments so far... add one
CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
15 comments… add one
  • Sean Feb 20, 2007 @ 13:42

    Also check the arp table… Good for finding out if the problem is fw related, layer2, or layer 3.


  • gregf Feb 20, 2007 @ 15:13

    Great article. Sure this will help a bunch of people. Keep up the great work on the site. Have it in liferea.

  • mangoo Feb 21, 2007 @ 23:00

    “arping” command is sometimes useful, too (mainly for local problems).

  • Joe Feb 22, 2007 @ 10:18
  • Sven Hoexter Feb 22, 2007 @ 15:36

    When you’re at #5 you might have a serial console to access (ok that’s lokal network debugging then) the system and ask mii-tool for informations. Sometimes that’s a fast option to check if someone pluged off the network cable or the port on the patch panel is dead etc. pp.

  • Chris Dos Feb 27, 2007 @ 0:12

    Don’t forget that tcptraceroute can also help diagnose if there is a transparent proxy between your and your server. mii-tool doesn’t work with all network cards, ethtool seems to work with everything at this point.

  • raj Feb 27, 2007 @ 6:03

    99% time the cause of network connection problems are environmental and IDC staff, stemming from someone inadvertantly pulling out a network cable.

  • Tim Archer Apr 10, 2007 @ 0:11

    In case you want some details on how to change the default port for SSH on your server, making it a little more secure, check out the writeup at:

  • vikram Sep 3, 2007 @ 11:13

    please send me linux networking command

  • Vince Sep 12, 2007 @ 17:39

    Great article. Can you suggest any other resources? I have a server I’ve setup with Fedora7 and it keeps going offline seemingly randomly. None of the items you mentioned appear to be the issue.

    Here are suspicious logs, but I’m not sure what this means:
    Sep 12 08:26:40 localhost kernel: NETDEV WATCHDOG: eth0: transmit timed out
    Sep 12 08:26:40 localhost kernel: sky2 eth0: tx timeout
    Sep 12 08:26:40 localhost kernel: sky2 eth0: disabling interface
    Sep 12 08:26:40 localhost kernel: sky2 eth0: enabling interface
    Sep 12 08:26:40 localhost kernel: sky2 eth0: ram buffer 0K
    Sep 12 08:26:43 localhost kernel: sky2 eth0: Link is up at 1000 Mbps, full duplex, flow control both

  • Andy Jan 16, 2008 @ 3:55

    Yeah, this was a nice article to refer to.

  • arti ajans Apr 4, 2008 @ 19:23

    thanks you much.

  • Server Support Jun 18, 2009 @ 4:01

    I am agree with Chris Dos that Don’t forget that tcptraceroute can also help diagnose if there is a transparent proxy between your and your server.

    Ya it helps to diagnose your server error. MTR also play a important role in finding network..

    Thanks for such a nice stuff.

  • Shreyas Mar 11, 2017 @ 19:01

    how to troubleshoot when ICMP is turned off on router..?

  • mahesh Sep 16, 2017 @ 17:49

    I can’t able to ping the switch with my linux laptop which is connected to the same network. But I could ping the same switch with other laptop. If it is the laptop problem what would be the problem on the laptop to solve this issue? Can anyone help to sort this problem?

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum