diagnosticate network problem
Manuel Aróstegui
manuel at todo-linux.com
Fri May 22 06:20:45 UTC 2009
On Fri, 2009-05-22 at 11:27 +0800, Tech W. wrote:
> Hello,
>
>
> I just found my host (linux with kernel 2.6.24) has problems on connecting to the local gateway.
>
> When I ping gateway, some packages are lost, this is the ping result:
>
>
> --- 211.66.80.xx ping statistics ---
> 100 packets transmitted, 98 received, 2% packet loss, time 99248ms
> rtt min/avg/max/mdev = 16.582/27.441/51.152/5.844 ms
>
>
> And average RTT is too large (27 ms).
> >From my host to gateway there is only 1 hop by traceroute.
>
> How can I diagnosticate this type of network problem? use tcpdump? what's the correct syntax? Thanks.
Usually this is a problem regarding your cable, did you try to change
it? Are this packets lost just randomly? Did you see if there's any
pattern?.
Anyways, you should set up a tcpdump in the gateway side and analyse its
results, the syntax is kinda:
tcpdump -i eth0 (or eth1, eth2..)
You'll see load of data coming through so you might want to filter just
to get the ICMP stuff, just add these two filters which will likely help
you to isolate the problem:
This will display only the "echo requests"
tcpdump -i ethX icmp[icmptype]=icmp-echo -v -X
And you will get something like:
root at life:~# tcpdump -i eth0 icmp[icmptype]=icmp-echo -v -X
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96
bytes
08:16:39.705180 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
ICMP (1), length 84) life.local > 192.168.50.121: ICMP echo request, id
56638, seq 1, length 64
0x0000: 4500 0054 0000 4000 4001 5478 c0a8 3267 E..T.. at .@.Tx..2g
0x0010: c0a8 3279 0800 cf6e dd3e 0001 4743 164a ..2y...n.>..GC.J
0x0020: f8c0 0a00 0809 0a0b 0c0d 0e0f 1011 1213 ................
0x0030: 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 .............!"#
0x0040: 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 $%&'()*+,-./0123
0x0050: 3435 45
And now if you only want to get the "echo reply" packets:
tcpdump -i eth0 icmp[icmptype]=icmp-echoreply -v -X
Hope this helps.
Manuel.
More information about the redhat-list
mailing list