Network Troubleshooting Tools by OSI Layer

Date: July 17, 2020Author: MrN00b0t 0 Comments

A list of basic tools useful for troubleshooting network issues at each layer of the network OSI model.

Layer 1 – Physical

lspci | grep Ethernet
#Verify that a network card is detected on PCI systems

lsusb/lsmod
#Useful to identify devices on non-PCI systems (eg Raspberry Pi)

lsmod | grep rfkill
#Raspberry Pi specific module for Wireless device

ip link
#display interface information - look for NO CARRIER entries to determine network connectivity

Layer 2 – Data Link

ip neighbor (deprecating arp -a)
#display table of MAC address to IP translations (ARP table)

MAC addresses can be run through online Wireshark OUI tool to identify manufacturer.

ethtool eth0 | tail
#Displays connectivity and speed at Data Link layer

Layer 3 – Network Layer

ip address (deprecates ifconfig)
#ensure device has an IP address, gateway, etc

dhclient eth0 -v
#request IP address from DHCP server

ping -c 5 <gateway>
#determine connectivity to the gateway

ip route show
#display available routes

ip route get to 169.254.0.0/16 from 192.168.1.15
#determine if local interface can reach external interface 

tracepath -n -m 4 1.1.1.1
#make 4 hops towards 1.1.1.1 to confirm external access

nslookup mrnoobot.com / host mrnoobot.com
#ensure DNS lookups are being performed accurately.Requests may be filtered or /etc/hosts file may be inaccurate

ufw status (use gufw for GUI) / systemctl status firewalld
#check firewall status; check if firewall blocks connection

ifdown eth0 / ifup eth0
#bring down / up network interface
#if working remotely and only one network interface, use:
ifdown eth0; ifup eth0
#bring down eth0 then immediately bring back up

#where removing an interface completely, the entry should be edited in the /etc/network/interfaces file (comment out or remove) then restart service
/etc/init.d/networking restart

Layer 4 – Transport

ss -tln
#determine open ports by number

netcat 192.168.1.15 22
#probe port 22 of remote host

Layer 5 – Session

Layer 6 – Presentation

Layer 7 – Application

Remaining layers are handled by software. Check program settings; non-standard port configurations in config files or proxy settings, as examples.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this: