5 Network Diagnostic Commands Every Linux Admin Should Know

Linux distribution systems are considered the gold standard in regard to networking. Mainly because they come with a vast array of network diagnostic tools. For times when turning it off and on again don't suffice, here are five network diagnostic tools that can  assist in networking. The five tools we will focus on are Ping, NSLookup, NetStat, Dig, and Host.

Before delving into the different tools, it's important to know that these tools are by and large for the Linux OS. For those who do not have access to a Linux environment, let's review how to access some of these tools from Windows and Mac. While it is great to access these diagnostic tools from Windows or Mac, it is highly recommended to use the real deal. The commands used on other operating systems may be the same, but will operate differently. Using a Linux distribution will best prepare you for CompTIA's Linux+ test and real-world applications.

How do I get to the Terminal on Mac?

The Mac terminal is a program that provides a low-level interface to your macOS operating system. It is known as a command-line interface, and will allow you to run most of the tools listed below. There are a couple of ways to get to the terminal. The first way is to press ⌘ + space. This will bring up the spotlight bar. Then simply type terminal and hit Return.

Another way is to find it in the Launchpad. The Launchpad defaults onto the Mac Dock on the bottom (or side) of the screen. It can be searched for there and launched. Next let's take a looks at how to access some of these commands on Windows.

How do I Access PowerShell in Windows?

PowerShell is a versatile command-line interface that gives users greater power over their Windows operating system. A few of the commands we will be looking at can be executed on PowerShell. Download instructions can be found here on Microsoft's website. The installation process is similar for any other executable, so if you have ever downloaded anything on Windows this should be familiar. Once PowerShell is downloaded, it should be searchable on the Run search bar. Double click the executable and you're in!

Now that we have an adequate environment for each operating system, let's start digging into the tools themselves. The compatible operating systems will be listed just below each header. For the remainder of this post, it will assume you have a Linux operating system.

1. Ping?

PowerShell: Available

Mac: Available

Ping is a tool used to determine whether or not a server is available. Think of a submarine using sonar to ping an object far away. The submarine can verify its existence by detecting sound waves bouncing from the object back to the boat. For example, open up the command prompt and type ping -c 4 www.google.com. This will ping the Google server four  times.

Alternatively, you can just type ping www.google.com. This will work on PowerShell and default to pinging four times. However, on Linux and MacOS, the user will have to cancel the ping by typing cmd+c on Mac or ctrl+c on Windows keyboard.

It is obvious we will get a response back from Google. The real reason to use ping is if you were getting some sort of HTTP error from the server such as a 500. This tool could be used to verify that the server is up and running. Here is an example of a server that is not responding to a Ping.

%start_cli_code%
Last login: Sun Apr 18 08:39:28 on ttys000

[][][][][][][][][][]ini ~ % ping 123.123.123.123
PING 123.123.123.123 (123.123.123.123): 56 data bytes
Request timeout for icmp_seq @
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
^C
--- 123.123.123.123 ping statistics ---
6 packets transmitted, 9 packets received, 100.0% packet loss
%end_cli_code%

2. NSLookup

PowerShell: Available

Mac: Available

Often one web address will have multiple IP addresses attached to it. For example www.google.com may have several. That is because IP addresses are often assigned dynamically, while the actual name of the website remains the same.

NSLookup assists the user in discovering which IP address a domain name resolve to. It is best used in the three following situations:

• Troubleshooting DNS resolution issues. I.E, your web address is going to the wrong IP or cannot be resolved.

• Using the IP address to discover a domain name, or vice versa.

• Discovering mail servers for a domain.

NSLookup can be used in two modes: interactive mode and non-interactive mode. To access interactive mode, just type nslookup into the CLI and a command prompt will appear. For non-interactive mode simply type nslookup <domain> and it will provide the IP address.

3. NetStat

PowerShell: Available

Mac: Available

So far, we have looked at Ping and NSLookup — both are related to diagnosing issues on remote machines. However, what if there is a problem on the very machine we are operating on? That is when netstat comes into play.

NetStat displays which ports are active on your machine, their status, and what they're connected to. Often netstat will be used when troubleshooting firewall issues.

Netstat comes with several useful options. For instance, if you only want to look at TCP ports, at -t to the end of the netstat command. This narrow down all of the ports to the ones that are (probably) the most important.

4. Dig

PowerShell: Not Available

Mac: Available

Dig stan

Mac: Not Available*

Dig stands for Domain Information Groper. As the name suggests, it is a tool to gather information about a particular domain. Similarly to NSLookup, Dig is used to troubleshoot DNS issues. Dig is not only good for troubleshooting, but for learning more about a particular server in general. Here is an example using the dig command on www.cbtnuggets.com, and then a breakdown of what the eight sections mean.

%start_cli_code%
; <<>> DIG 9.10.6 <<>> cbtnuggets.com

;; global options: +cmd

;; Got answer:

33 ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11623

3; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 7

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1400
;; QUESTION SECTION:
;cbtnuggets.com. IN A

;; ANSWER SECTION:

cbtnuggets.com. 60 IN A 52.1.58.132
cbtnuggets.com. 60 IN A 52.207.92.201

;; AUTHORITY SECTION:
cbtnuggets.com. 60 IN NS ns-118.awsdns-14.com.
cbtnuggets.com. 60 IN NS ns-1154.awsdns-16.org.
cbtnuggets.com. 60 IN NS ns-—764.awsdns-31.net.
cbtnuggets.com. 60 IN NS ns-1991.awsdns-56.co.uk.

;; ADDITIONAL SECTION:
ns-1154.awsdns-16.o0rg. 162314 IN A 205.251.196.130
ns-1154.awsdns-16.o0rg. 162314 IN AAAA 2600: 9000: 5304: 8200: :1
ns-118.awsdns-14.com. 166620 IN A 205.251.192.118
ns-1991.awsdns-56.co.uk. 76719 IN A 205.251.199.199
ns-—764.awsdns-31.net. 163182 IN A 205.251.194.252
ns—764.awsdns-31.net. 17183 IN AAAA 2600: 9000: 5302: fc@@: :1

7; Query time: 31 msec
;; SERVER: 206.225.75.226#53(206.225.75.226)
;; WHEN: Sun Apr 18 14:57:56 EDT 2021
7; MSG SIZE revd: 332
%end_cli_code%

• The first line on the dig command is the version and the domain name queried.

• The second line is “the answer” the Dig command received. In this instance, there was no error with the request, Thus, the status of NOERROR.

• The third section is the pseudosection. This section isn’t too important, it has to do with adding DNS security extensions and is not in the purview of this post. To omit this section, just +nedns to the dig command.

• The fourth section is “the question” that was asked. In this instance, we asked for cbtnuggets.com's A record.

• The fifth section is the answer. This is the actual answer that is received, as opposed to the second section, which just states whether or not the answer is valid or not.

• The sixth section is the authority. In other words, which domains have the authority to answer this query.

• The seventh section provides more information about the domain servers listed in the authority section. Notice how the names match.

• Lastly, dig provides statistics on the query itself. How long the response took, the origin of the query, etc.

5. Iproute

PowerShell: Not Available

Mac: Not Available*

Iproute is a powerful tool that allows a Linux administrator to bring network interfaces up or down, manage route tables, assign IP addresses, and much more.

While IP may not be available on PowerShell or Mac, it is pre-installed on all modern Linux distributions. However, there is a rough equivalent for Mac called iproute2mac. It can easily be installed using homebrew. One of the most common usages for iproute is configuring static routes. A static route, as opposed to a dynamically allocated route, is a route that is created by an administrator.

Static routes are fixed and will never change unless someone manually intervenes. Oftentimes, these will be configured as a default route for a router to exit through. They are great for small networks also, unfortunately they can be rather unwieldy as a network grows. Defining static IP addresses is just one of the many, many uses for iproute.

Final Thoughts

Throughout this post, we discussed five different network diagnostic tools. It is critical for anyone who is taking the Linux+ exam to have a good understanding of each of these tools.

Experiment and run different commands. Remember each one of these commands has a manual attached to them, and can be accessed by typing man before the command. For example, man ping, man netstat, etc. Now that you have a baseline understanding of the tools, start playing with them!