The 9 Best Linux Network Troubleshooting Commands

The routine responsibilities of a network administrator such as management, monitoring, configuration, and troubleshooting don’t require you to learn complicated third-party tools. Instead, you can perform all of these tasks with readily available tools that come preinstalled with most Linux distributions.

This article focuses on the network troubleshooting part of a network administrator’s responsibilities and covers tools that resolve these issues in different categories. It further explains how these utilities help in practical scenarios.


ifconfig is a popular command line utility for interface configuration in Linux/Unix operating systems. Network administrators also use it to query and manage interface settings using configuration scripts.

It helps you enable or disable a network interface and lets you assign an IP address and netmask to the selected interface. You can also view all available interfaces, IP addresses, hardware addresses, and maximum transmission unit size for active interfaces.

You can enable/disable any interface using the up/down parameters, as follows:

sudo ifconfig up eth0
sudo ifconfig down eth0

To assign an IP address to an interface:

sudo ifconfig eth0 netmask

However, this utility is not readily available in Linux distributions and you may receive an error “ifconfig: command not found“. You can solve the problem by installing the net-tools package using your distro’s package manager.


On Ubuntu/Debian:

sudo apt-get install net-tools

On Fedora, CentOS, and other RPM-based distributions:

yum install net-tools

On Arch Linux:

sudo pacman -S net-tools


ip is an alternative to the good old ifconfig. However, the scope of its functionality covers two layers of the TCP/IP protocol, the data link layer and the network layer.

It displays network interfaces and configures network devices, much like the ifconfig utility. It also displays and modifies kernel routing tables with adding/removing ARP cache entries.

To view all interfaces and their details:

ip addr show

To add and remove interfaces:

ip a add dev eth0
ip a del dev eth0

To enable/disable ARP for the interface, use the on/off options:

ip link set dev eth0 arp on
ip link set dev eth0 arp off

The ping utility helps you identify network and host availability. It checks if the host is reachable or if a service is running. You can also check for network connectivity issues such as high latency and dropping packages using the ping command.

ping sends Internet Control Message Protocol (ICMP) echo request messages and waits for ICMP echo reply packets to verify host availability. The output contains the total number of messages sent and received along with the time a packet takes to reach its destination.



netstat is a command line utility that helps discover connected and listening TCP, UDP, and UNIX sockets. It displays information about routing tables, listening ports and information statistics.

You can list listening or closed connections by typing:

netstat -a

To list only listening TCP connections:

netstat -tl

Netstat Enable TCP
Author screenshot

It also allows you to list the PID of processes and program names using TCP connections:

netstat -ptl 

5. host

host is a minimal but very powerful CLI utility that performs DNS lookups and resolves hostname to IP addresses and vice versa. In addition to troubleshooting DNS server issues, it also displays and checks NS and MX DNS record types and ISP DNS servers.

To find NX for Google website:

host -t ns

You can also search for MX records by running:

host -n -t mx

6. arpeggio

The arp command manipulates the ARP system table cache by adding/removing addresses and displaying them. ARP stands for Address Resolution Protocol and maps the IP address to the MAC address of the machine. Therefore, the arp command performs the task and is one of the tools available inside the net-tools wrap.

Run the command without any parameters to display the contents of the array:


Arp Command
Author screenshot

You can also find the MAC address mapped to a specific IP address by providing the IP address:



Once the ping utility provides information about network connectivity and the total time it takes for a packet to reach the destination, you can use the traceroute command to determine in detail the path taken by the packet to the destination host and solve this problem.

The output shows the packet route and all intermediate hosts between source and destination with their response times.

For example, the following command generates all hops to destination host (Google) from the local machine:


The utility uses the TTL field of the IP packet, which indicates its lifetime in the network as it decreases by one digit when the packet hits the hop.

The utility also uses the concept of round-trip time (RTT), which ensures that each intermediate node drops the packet and returns the ICMP error message which helps traceroute measure the time a packet takes to reach each hop in road course.

This feature helps network administrators identify the root cause of internet connectivity issues and troubleshoot the exact route issue.

8. dig

dig, an acronym for Domain Information Groper gathers DNS-related information and resolves DNS issues.

The output of the dns command displays the information available in the files containing the DNS records and helps network administrators verify if host name to IP address resolution is working properly.

You can perform the DNS lookup query as follows:


Similarly, you can query all types of DNS records associated with a domain using the ANY option:

dig ANY

9. Wireshark

Wireshark is a powerful and versatile open source packet analysis tool. It captures traffic from your selected interface card in real time. It allows network administrators to capture traffic based on protocol/port for monitoring and troubleshooting purposes.

Apart from the capture filter, it also has a display filter with various options that help you visualize the relevant traffic.

Troubleshooting Networks in Linux

Network troubleshooting is part of the daily activities of a network administrator. Knowing which tool to use in the absence of one or with broader functionality is equally important for effective troubleshooting of a variety of network conditions.

You can learn more about analyzing network traffic with Wireshark and network connections with the ss command.

a socket and a plug

How to Monitor Network Connections in Linux with ss

Read more

About the Author

Previous Used Car Market in Sioux City Evolves to Address Supply Chain Issues | Local company
Next 7 Troubleshooting Options for "Host Needs Attention" Issues in VMM