🧠 Introduction
Linux provides powerful, modular tools for diagnosing network issues. Rather than bundling everything into a single command, Linux gives sysadmins a variety of highly focused utilities, each perfect for a different aspect of network testing: connectivity, port access, routing, interface binding, latency, and more.
This guide is a deep-dive into the practical use of those tools, offering examples, scripts, and real-world sysadmin tips.
🛠 Core Tools You Will Use
| Tool | Purpose |
|---|---|
ping | Basic reachability and latency |
traceroute | Path discovery and hop tracking |
nc (netcat) | TCP/UDP port testing |
mtr | Live route monitoring with stats |
curl | HTTP/S endpoint test & header tracing |
ss | Check open/listening ports |
ip, ip route get | Interface binding/testing |
nmap | Service and port scanning |
telnet | Legacy TCP check fallback |
1. ✅ Basic Reachability Test
ping -c 4 google.com-c 4: Send 4 packets- Output includes latency, packet loss
Also test raw IPs:
ping -c 4 8.8.8.82. 🌐 Tracing the Network Path
traceroute google.com- Add
-nto skip DNS for faster output - Add
-m 20to limit max hops
Alternative:
mtr -rwzbc 50 google.com- Real-time hop analysis with loss and jitter
3. 🔌 TCP Port Test (Reachability)
nc -zv example.com 443-z: Zero I/O mode-v: Verbose
To test multiple ports:
nc -zv example.com 22 80 443Or with timeout:
nc -zvw5 example.com 254. 🌍 Testing via Interface or Source IP
ip aFind your IP or interface name, then:
curl --interface eth0 https://example.comWith netcat:
nc -s 192.168.0.10 -zv example.com 225. 🔍 Inspect HTTP/TLS with curl
curl -v --connect-timeout 5 https://example.com- Check DNS, TLS, headers, redirects
Headers only:
curl -I https://example.comSend custom Host header:
curl -H "Host: example.com" https://1.2.3.46. 🔎 Local Listening Ports
ss -tuln- Shows listening TCP/UDP ports
Active connections:
ss -tnp7. 📦 Port Scanning with nmap
nmap -p 22,80,443 example.comService version detection:
nmap -sV example.comFull network scan:
nmap -Pn 192.168.1.0/248. 🌐 IPv4 and IPv6 Testing
IPv4:
ping -c 4 1.1.1.1IPv6:
ping6 -c 4 2606:4700:4700::1111Curl IPv6:
curl -g -6 http://[2606:4700:4700::1111]9. 🧰 Bulk Port Testing Script
#!/bin/bash
servers=("google.com" "example.com" "192.168.1.1")
port=443
for server in "${servers[@]}"; do
if nc -z -w3 "$server" "$port"; then
echo "[OK] $server port $port reachable"
else
echo "[FAIL] $server port $port unreachable"
fi
done10. 🧭 Diagnose Latency
mtr -rwzbc 100 mysite.comGraph:
11. 📡 Check DNS with dig/host
dig example.comhost example.com12. 🔁 Trace Outgoing Interface
ip route get 1.1.1.1- Shows which interface/IP would be used to reach 1.1.1.1
13. 🧪 Legacy Method: telnet
telnet example.com 80If successful, you’ll see a blank screen or banner.
🛡️ Best Practices
| Practice | Why it Matters |
Use mtr regularly | Monitor real-time issues across hops |
| Always test DNS + IP | Rule out resolution issues |
| Log outputs | Helps with troubleshooting and SLA checks |
| Automate via cron | Schedule checks + alerting |
| Multi-interface testing | Troubleshoot VPNs, VLANs, or tunnels |
🔚 Conclusion
By combining ping, nc, curl, traceroute, mtr, nmap, and ss, Linux admins gain unmatched flexibility in diagnosing networking issues. With scripting and automation, these tools become the backbone of robust infrastructure monitoring.
