Sign in to follow this  
Followers 0
iceni

what do you use for network troubleshooting?

11 posts in this topic

hi, afew days ago i was having some network problems - timeouts to acouple of forums. with windows i'd use Pingplotter to see what was going on, it's a beautiful program! it graphically shows you what's happening at each hop, and in real time too, i just love it. anyway, what can i use for Linux?

i did find a nice CLI program called traceproto - example here, but i just wondered if anyone can recommend anything else? thanks.

0

Share this post


Link to post
Share on other sites

There's lots. Personally I stick with the old command line tools. Traceroute. Whois. Ping, netstat, whatever. It depends on what you're actually trying to do. Might want to be a little more specific.

0

Share this post


Link to post
Share on other sites
There's lots.  Personally I stick with the old command line tools.  Traceroute.  Whois.  Ping, netstat, whatever.  It depends on what you're actually trying to do.  Might want to be a little more specific.

i'm losing packets on the third hop, that's about all i know because i'm so cluless without pingplotter :roll: i haven't checked for a few days because everything seems OK now.

i'd like to be able to run a traceroute to a site, pinging every 5 seconds and do it 60 times. then be able to save a log with all the information - lactency, how many dropped packets there were and the average times for every hop, with all the addresses.

i just want to know what's going on so if it's my ISP's fault i can show them it's their fault.

i did find something called Layer Four Traceroute, but i had a couple of dependency problems.

maybe it would be a good idea for me to use the programs you mentioned, i hadn't thought of it :(

i'll have to try and work out what i need to do. thanks.

0

Share this post


Link to post
Share on other sites

Traceroute using ICMP, and a some places block that. If you're tracerouting from you to say, google.com, and you (cli command would be traceroute google.com on linux/unix) you'll see the results per hop. If you see something like asterisks along the way, it's usually dropping all ICMP.

0

Share this post


Link to post
Share on other sites
Traceroute using ICMP, and a some places block that.  If you're tracerouting from you to say, google.com, and you (cli command would be traceroute google.com on linux/unix) you'll see the results per hop.  If you see something like asterisks along the way, it's usually dropping all ICMP.

thanks, i hadn't thought of that, is it common for a router on the 3rd hop to drop ICMPs? it can't be, but, i'm not sure, anyway i hadn't thought of that so thanks.

i've got hping3, so i can use that i think. i think it must use TCP or UDP, anyway, i'm glad i started this thread so i can learn about the basics instead of using a tool to do it all for me thanks for the help. :)

0

Share this post


Link to post
Share on other sites

Alot of routers switches etc drop icmp packets. They can

be used to carry a payload, as well as be part of DoS attacks

My fav is ICMP for 'telnet' like connetions ^_^ using control

messages such as echo request/echo reply.

Off topic i know but thought i'd mention it

Edited by n00dles
0

Share this post


Link to post
Share on other sites

There isn't much that traceroute and ping won't tell you about a funky connection. When you log the point at which your packets are falling into the bit bucket, a simple whois can give you all the docs you need to contact the affected party.

Yes, a graphical tool may help you to visualize what's going on, but REAL MEN can see the world thru the CLI. :P j/k

For what it's worth, it's always fun to traceroute the source of a bad connection, run a whois to grab the technical contact's phone #, and give them a call to find out what's happening. Sometimes they'll chit chat about the problem, and divulge a good amount of info about the situation.

0

Share this post


Link to post
Share on other sites

excellent, thanks for all the help. you know i think it it better to use the CLI because that way you really have to understand what's happening. i know the basics so it's the right direction to go. although i installed EtherApe yesterday and that's pretty cool ;)

0

Share this post


Link to post
Share on other sites

I tend to use a combination of CLI tools. My favorites are the standard traceroute, ping, bing, dig, etc. but I've really been digging the paketto keiretsu tool suite, I like how it uses things like inverse syn cookies to scan a network.

--ed

0

Share this post


Link to post
Share on other sites
I tend to use a combination of CLI tools.  My favorites are the standard traceroute, ping, bing, dig, etc. but I've really been digging the paketto keiretsu tool suite, I like how it uses things like inverse syn cookies to scan a network.

--ed

thanks, ed. i'll check it out. maybe you'll like Layer Four Traceroute too??

http://pwhois.org/lft/

0

Share this post


Link to post
Share on other sites

Personally I hate pingplotter, but thats just me. Traceroute is handy, but as you experianced, lots of site block ICMP. Linux traceroute uses UDP, which may not be blocked. For troubleshooting a faulty WAN connection SmokePing is really nice, especially from something like Broadbandreports, which will give you information from three geographically disparate locations. For troubleshooting LAN connections just ping, and diagnose your routers and switches with their internal utilities/SNMP.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0