Troubleshooting Network Connectivity in Linux

Short introduction (2–3 sentences)

Networks fail for all sorts of reasons, from a simple unplugged cable to misconfigured DNS or firewall rules. This guide walks through practical steps and commands to identify and fix common connectivity problems on Linux, with examples you can run immediately.

Check physical and link-layer status

Start by confirming the interface is up and the physical link is detected. On laptops you may need to enable Wi‑Fi or plug in an Ethernet cable; on servers check the switch port and LEDs.

Example: list interfaces and link state

# show interfaces and addresses
ip addr show

# or a concise list of links
ip link show

Look for lines like "state UP" and a valid MAC address. If an interface is DOWN, bring it up:

sudo ip link set dev eth0 up

For wired interfaces, ethtool can reveal link speed and whether a carrier is present:

sudo apt install ethtool   # Debian/Ubuntu
sudo ethtool eth0
# look for "Link detected: yes" and speed/duplex

If using NetworkManager, you can query status:

nmcli device status

If the interface still shows no link: check the cable, try a different switch port, or test with a known-working NIC.

Verify IP configuration

A common cause of no connectivity is an incorrect IP, netmask, or missing gateway. Confirm the IP settings and ensure they match your network.

Show current IP, routes, and DNS:

ip addr show eth0
ip route show
cat /etc/resolv.conf

If the interface has no IP (or an APIPA/auto-assigned address like 169.254.x.x), try requesting a DHCP lease:

sudo dhclient -v eth0

To set a static IP temporarily:

sudo ip addr add 192.168.1.50/24 dev eth0
sudo ip route add default via 192.168.1.1

If your route table lacks a default route, you won't reach the internet. Add or correct the default route as shown above. For persistent configuration, use your distro’s network config (Netplan, /etc/network/interfaces, NetworkManager profiles, or systemd-networkd).

Test name resolution and connectivity

Differentiate between DNS issues and general connectivity by testing both numeric and hostname destinations.

Ping a known public IP to test basic IP-level reachability:

ping -c 4 8.8.8.8

If that works but hostname resolution fails, test DNS directly:

# check DNS resolution
dig +short www.example.com @8.8.8.8
# or
nslookup www.example.com 8.8.8.8

If DNS queries to a public resolver succeed but standard lookups do not, inspect /etc/resolv.conf and any local DNS services (systemd-resolved, dnsmasq). For systemd-resolved:

systemd-resolve --status

Use curl or wget to test HTTP access:

curl -I http://example.com

If ICMP pings fail to the IP, use traceroute to see where packets are dropped:

traceroute 8.8.8.8
# or if traceroute not installed
sudo apt install traceroute

Traceroute output reveals the hop where connectivity stops, which helps identify if the issue is local, at the ISP, or beyond.

Diagnose routing, ARP, and neighbor problems

Routing and ARP issues prevent correct packet delivery on LANs and across networks. Verify ARP/neighbor resolution and routing.

Check ARP/neighbor table:

ip neigh show
# to flush and re-learn
sudo ip neigh flush dev eth0

If other devices on the LAN can't reach your machine, ensure your MAC address and ARP entries are correct. Use arping to test ARP directly:

sudo apt install arping
sudo arping -I eth0 192.168.1.1

Inspect routing table and metrics:

ip route show
ip -4 route list match 0/0

Look for multiple default routes or wrong metrics that cause traffic to use the wrong interface. Remove an incorrect default route:

sudo ip route del default via 10.0.0.1

For complex route debugging (policy routing, multiple NICs), show rules:

ip rule list
ip route show table all

Check firewall and security settings

Local firewalls or iptables/nftables rules can block traffic even if link and IP are correct. Also check host-based security services (fail2ban, SELinux/AppArmor in some contexts).

List active listening sockets and firewall services:

ss -tuln
sudo ufw status verbose    # if using UFW
sudo iptables -L -v -n     # legacy iptables
sudo nft list ruleset       # nftables

Temporarily allow all traffic to test whether the firewall is the cause:

# UFW
sudo ufw disable

# iptables (flush rules) — use with caution
sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t mangle -F

If disabling the firewall fixes the issue, re-enable and add a minimal set of rules to permit required traffic instead of keeping it off.

For machines acting as routers or NAT gateways, ensure ip_forward is enabled:

sysctl net.ipv4.ip_forward
# to enable temporarily
sudo sysctl -w net.ipv4.ip_forward=1

Also check cloud provider security groups and host-level firewalls that might override local settings.

Capture packets for deeper inspection

When basic checks don’t reveal the problem, packet capture helps. Use tcpdump to observe traffic and confirm whether requests and responses appear on the wire.

Capture ICMP or TCP traffic on an interface:

sudo tcpdump -i eth0 icmp -n -vv
# or capture host and port 80 traffic
sudo tcpdump -i eth0 host 8.8.8.8 and port 53 -w dns-query.pcap

Open the pcap in Wireshark or read it with tcpdump:

tcpdump -r dns-query.pcap -nn -tt

Look for ARP requests without replies, TCP SYNs without SYN-ACKs, or RSTs that indicate resets. Packet captures are especially useful when troubleshooting NAT, asymmetric routing, or broken path MTU issues (look for ICMP fragmentation-needed messages).

Common Pitfalls

• Interface appears up but is administratively down in NetworkManager or disabled radio (Wi‑Fi hardware switch).
• DNS is misconfigured (wrong /etc/resolv.conf or interfering resolver like systemd-resolved), causing hostnames to fail while IP-level connectivity works.
• Firewall or cloud security group blocking traffic — local tests pass but services are inaccessible from outside.

Next Steps

• Reproduce the problem with a packet capture and share it (redact sensitive data) before asking for help.
• Make configuration changes incrementally and document commands so you can roll back if needed.
• Learn a few core tools (ip, ss, tcpdump, traceroute, dig) and keep a cheat-sheet for quick diagnostics.

This workflow should help you systematically identify where a connectivity problem originates — link, IP configuration, DNS, routing, or filtering — and apply a focused fix rather than guessing.

👉 Explore more IT books and guides at dargslan.com.