No one wants their server to go down without knowing how to fix it quickly. Fortunately, this article explains network troubleshooting commands Linux VPS users need to know.
Learning these command-line tools will help you fix network issues such as connectivity, routing, DNS, and more. It’ll save you time, increase uptime, and keep your Linux VPS hosting server accessible.
Effective network troubleshooting starts with a VPS that delivers consistent connectivity and low packet loss. The comparison table below highlights VPS hosting providers known for reliable routing and strong uptime performance. Explore our recommended VPS hosting options.
VPS Hosting Providers With Fast and Stable Network Infrastructure
| Provider | User Rating | Recommended For | |
|---|---|---|---|
 | 4.8 | Scalability | Visit Kamatera |
 | 4.6 | Affordability | Visit Hostinger |
 | 4.7 | Developers | Visit IONOS |
The Shift to Modern Linux Network Tools
Modern Linux network tools work better than net tools, helping developers work smarter.
Why Legacy Commands Are Obsolete
Legacy commands have been replaced by modern programs that simplify things. Imagine having one command tool that handles several related tasks; that’s how modern Linux networking commands work. Conversely, old tools will require you to master several commands for these tasks.
Many of these tools, like ifconfig, netstat, and traceroute, are now outdated in modern distributions. Linux distributions like RHEL, CentOS, and Ubuntu no longer install them by default.
IPRoute2 tools provide better IPv6 support, clearer output, and easier scripting for the Linux network. For instance, the ip command handles interfaces, addresses, and routing, replacing several legacy tools.
Mastering the ip command for Interface and Routing
Below are the Linux troubleshooting commands for the network interface and routing:
View Interface Settings with ip link
Use ip link show or ip l to check device status (UP/DOWN/LOWER_UP). This command shows network device details without root access.
You’ll see that loopback (lo) MTU is 65536, while Ethernet (enp1s0) MTU is 1500. These numbers affect the size of packets and how your network performs.
The DOWN or NO-CARRIER status indicates physical disconnections. A DOWN state means the interface is switched off, while NO-CARRIER means cable or link issues.
Use ip -s -h l to see packet stats in easy-to-read form. Look for RX: dropped 182k or TX: errors 0 to spot interfaces with packet loss.
Verify IP Address Assignments
Verifying your IP addresses can help you quickly troubleshoot network connectivity issues.
The ip a or ip address command displays all assigned IPv4/IPv6 addresses on your Linux system.
The result is something like inet 192.168.122.169/24 on interface enp1s0. The /24 notation represents the subnet mask (255.255.255.0).
Use sudo ip a add 192.168.122.170/24 dev enp1s0 to add a secondary ip address. This setup lets you test network connectivity and check for routing issues without taking any permanent action. The address disappears after a reboot.
Your routing or firewall settings are likely at fault if only one IP address works.
Troubleshooting Routing Tables
The ip route or ip r displays the Linux kernel routing table. It shows how your system chooses where to send packets based on destination addresses.
You’ll recognize a missing default gateway with a “Network is unreachable” error message. It indicates that your system doesn’t know how to route packets to addresses outside your local subnet.
Use sudo ip route add default via 192.168.122.1 dev enp1s0 to fix it. This command instructs your operating system to send all non-local traffic through the defined gateway.
If several interfaces exist, use metric 100 to set priority. Lower metric values are preferred, allowing you to control the path packets take.
Analyzing Sockets and Ports with ss and lsof
The ss and Isof are essential Linux commands for troubleshooting network connectivity issues.
Monitoring Sockets with the ss Command
The ss command reads socket statistics from the Linux kernel rather than parsing /proc files. It’s a faster utility than the legacy netstat.
ss -ltn command lists listening TCP sockets with numeric ports.
0.0.0.0:22 means the SSH service accepts connections from any network interface.
Use ss dst 192.168.122.1 to show only the connections communicating with a particular remote host.
sudo ss -tnlp shows which process owns a socket. Output like users:((“sshd”,pid=919,fd=5)) shows exactly which daemon is listening on each TCP port.
Identifying Open Files and Ports with lsof
lsof( List Open Files) shows all active files and network connections, identifying tasks that lock network resources.
lsof -i shows all network connections. But lsof -Pi:25 targets specific ports, like SMTP, without resolving network service names.
Run lsof -u (username) to find the specific user, files, and network activity that are slowing down the system.
For example, a Redis server may bind to localhost (127.0.0.1:6379), blocking external connections. The configuration file uses the loopback address, stopping remote access. Use lsof -i to identify the problem and update the address to 0.0.0.0.
Diagnosing Connectivity and Path Issues
The ping command is another vital tool for ensuring a reliable network stack on your Linux server.
Testing Reachability with ping
The ping command uses the ICMP protocol to measure how long it takes packets to travel to the host and return. At the same time, it checks for packets that drop on the way. It’s ideal for checking basic IP connectivity to a destination host.
Local LAN RTT (Round Trip Time) is often under 1ms (like 0.157 ms), while external servers (1.1.1.1) can take 3-4 ms. A much longer time means network problems.
Use Ping 127.0.0.1 (TCP stack), then 192.168.100.1 (gateway), then google.com (internet access) to find where the problem is. Issues could be on your host system, local network, or internet connection.
The ping command tests also reveal DNS issues. If you can ping an IP but not a hostname, your DNS settings may be the culprit.
Tracing the Network Path
The command, tracepath (UDP, no root needed) or traceroute, shows you the path between your computer and a remote server. You’ll see every router your packets pass through.
Output shows delay at every hop, e.g, 1: 192.168.122.1 0.415ms pmtu 1500. The PMTU (Path MTU) value is the largest packet size that can traverse the path.
The MTR tool combines the ping and traceroute command functions. It shows current stats to help identify packet loss or routing issues at each hop.
Namecheap
DNS Troubleshooting and Lookup Tools
DNS configuration failures can significantly slow your VPS network connection, affecting many processes.
The following commands will help fix it:
Checking Records with nslookup
The nslookup command helps you quickly check if the Domain Name System (DNS) is working fine.
Adding nslookup redhat.com shows Address: 209.132.183.105. This command confirms your DNS server can resolve the hostname to an IP address.
Reverse lookup with nslookup 209.132.183.105 confirms the hostname (redirect.redhat.com). This tool verifies that DNS entries are configured correctly in both directions.
Advanced Queries with the dig command
You can perform advanced tasks with the domain information groper command-line utility.
Use the dig command to see the complete DNS lookup process, including query and response.
Run dig +short google.com @1.1.1.1 to test DNS resolution. This command queries Cloudflare directly to confirm if the problem is with your DNS cache. The +short flag shows only the IP address.
If local resolution fails but @8.8.8.8 works, it means there are problems with/etc/resolv.conf or your local DNS service.
Managing systemd-resolved
Modern Linux systems use systemd-resolved, which runs a local DNS cache at 127.0.0.53. Caching improves DNS performance but makes network troubleshooting more difficult.
Use resolvectl status to see which DNS servers your system is using, like 192.168.122.1.
Fix DNS failures by adding DNS=1.1.1.1 8.8.8.8 to /etc/systemd/resolved.conf. Then, run systemctl restart systemd-resolved to apply the edit.
Hardware and Physical Link Analysis
Your Linux VPS may be a virtual server, but it still uses physical resources. Here are ways to inspect and fix hardware issues:
11. Inspecting Hardware with ethtool
The ethtool command diagnoses physical link issues, like incorrect speed and duplex settings. These mismatches cause connectivity problems that other tools can’t detect.
Use ethtool ens3f1 to show the physical link status, like “Link detected: no” or “Speed: 10000Mb/s”. This message confirms whether the physical link is connected and working correctly.
For example, a 25Gb link failure can occur due to a mismatch in FEC (Forward Error Correction) between network devices. Run sudo ethtool –set-fec ens3f1 encoding auto to enable symmetric advertised auto negotiation.
Check supported link modes with ethtool ens3f1 to see the advertised link modes and actual negotiated settings. If they don’t match, the link may run slowly or fail to run at all.
Configuration Management via NetworkManager
Use these Linux VPS networking commands to manage network configuration:
Checking Status with nmcli
The nmcli command performs several functions in the Linux network manager. It manages network connections, controls network devices, and sets IP addresses.
Run nmcli device status to inspect which specific network interfaces are active. It lists devices like enp1s0 connected and enp7s0 disconnected.
Use nmcli -g ip4.address,ip4.dns connection show enp1s0 to get specific configs like 192.168.122.169/24. The -g flag gives script-friendly output.
For more examples, check the NetworkManager documentation for advanced usage.
Modifying the configuration file via CLI
Use nmcli con mod to update network settings and let NetworkManager track them correctly.
Switch from DHCP to a manual static ip address with these settings:
- ipv4.method manual
- ipv4.addresses 192.168.122.169/24
- ipv4.gateway 192.168.122.1
Use nmcli con up enp1s0 to apply the new interface configuration and keep it after reboots.
Security and Firewall Settings
Incorrect firewall configurations can harm your system.
Managing Rules with iptables and UFW
Incorrect firewall settings can look like network problems. “Connection timed out” means the firewall is blocking packets. “Connection refused” means no service is running on that TCP port.
With UFW, run sudo ufw status numbered to see active rules and their evaluation order.
Allow Redis traffic through the firewall with sudo ufw allow to 192.168.122.44 proto tcp port 6379. Always include both protocol and port.
Test firewall changes to avoid locking yourself out. Keep a backup SSH connection when working remotely.
Comparison of Core Troubleshooting Tools
Below is a table showing important network troubleshooting commands on Linux VPS:
Command | Function | Key Flags | VPS Use Case |
| ip | Interfaces/Routes | link, addr, route | Fix routing, check link status |
| ss | Sockets | -ltnp, -t | Check listening ports (SSH, SQL) |
| ethtool | Hardware Driver | –show-fec | Diagnose speed/duplex mismatch |
| nmcli | Network Manager | device status | Manage static IPs via CLI |
| dig | DNS Analysis | +short @server | Debug resolution failures |
| lsof | Open Files | -i, -u, -P | Map processes to network ports |
Advanced Troubleshooting Scenarios
These steps will help you identify and fix more complex cases:
Resolving DNS Conflicts
DNS problems are often a common cause of network failures. You might have multiple DNS entries from DHCP, static configuration, and VPN connections.
Use cat /etc/resolv.conf and resolvectl status to check all DNS sources. Clashes between them can cause occasional DNS failures that are tricky to find.
Clear DNS caches with sudo systemd-resolve –flush-caches if using systemd-resolved. You can also restart your DNS service for other resolvers.
Interface Configuration Problems
Sometimes your problem stems from using multiple tools to solve a single issue. Using NetworkManager and manual configuration file edits creates confusion.
Use nmcli device status to check which tool controls your specific network interface. If NetworkManager shows “unmanaged,” nmcli won’t be able to change it.
For systems without NetworkManager, edit /etc/network/interfaces on Debian-based systems or /etc/sysconfig/network-scripts/ifcfg-* on RHEL-based systems. Always back up configuration files before making changes.
Socket and Port Conflicts
Port conflicts are another common cause of network service failures. It occurs when multiple services attempt to bind to the same port simultaneously, resulting in improper communication.
Use sudo ss -tlnp | grep :80 to spot where the conflict is and what’s using port 80. The output shows process IDs and names.
Stop the process or change one service to use a different port. Also, check why multiple services use the same port.
Understanding Network Packet Flow
Understanding how data packets move from one source to a destination will help you identify problem areas.
At Layer 1, ethtool verifies physical connectivity. Layer 2 uses the Address Resolution Protocol (ARP) to map IP addresses to MAC addresses.
Use ip neigh to view ARP entries. This command replaced the old arp command. If entries are missing or incomplete, there’s a Layer 2 issue stopping the system from reaching the default gateway.
Layer 3 routing uses ip route to see how packets are forwarded. Layer 4 port binding uses ss to check which services are listening. Layer 7 app issues require attention to specific services to fix.
Diagnosing MTU Issues
MTU (Maximum Transmission Unit) issues are usually weird, which makes them annoying. You’ll notice signs like pages taking forever to load, or working ping but SSH or HTTP failure.
Test MTU with ping -M do -s 1472 google.com on Linux. The -M do option prevents packet splitting, and -s sets its size. If large packets fail but smaller ones work, you have an MTU issue.
Use sudo ip link set dev enp1s0 mtu 1400 to change MTU temporarily. To make it permanent, edit your network configuration in NetworkManager or interface setting files.
Monitoring Established Connections
Monitoring your active connections makes troubleshooting easier. It will help you spot performance and security threats early.
Run ss -tn state established to see all established connections.
Use ss dst 203.0.113.0/24 to see connections to a specific subnet. This step helps spot unusual traffic.
Use watch -n 1 ‘ss -tn state established’ to see active connections as they update every second.
Practical Troubleshooting Workflows
Explore more troubleshooting steps:
Systematic Problem Isolation
These steps confirm whether your local computer, local network, ISP connection, or DNS settings have issues.
- Test localhost: ping 127.0.0.1 (checks your TCP/IP stack)
- Test gateway: ping your default gateway IP
- Test external IP: ping 8.8.8.8 (confirms there’s internet connectivity)
- Test DNS: ping google.com (verifies if domain names are working).
Checking Service Availability
Ensure your service is active before checking for network connectivity. Run systemctl status servicename to check the status.
Use sudo ss -tlnp | grep servicename also to check the ports and addresses the service has attached to.
Run telnet localhost port or nc -zv localhost port to test local connectivity. Your firewall rules and binding addresses may be at fault if local connections are fine but remote ones fail.
Verifying Network Connection Quality
Linux network connection quality matters. Run ping -c 100 remote-host to send 100 packets to the host. It’ll measure network performance.
Check for packet loss and RTT changes. High variation (jitter) shows network overload or unstable routing.
Use mtr remote-host to continuously monitor the network path. This command shows which hop causes delays or packet loss, helping determine whether the issue is local or on the source side.
Understanding VPS Networking Fundamentals
The basics of VPS networking keep things running smoothly.
Common VPS Network Architectures
Understanding your VPS network structure is another factor that simplifies troubleshooting.
VPS providers usually assign your virtual machine a public IP or share one using NAT with port forwarding. A direct public IP means your VPS’s network interface uses the IP address. Use ip a to see it.
NAT setups show private IP addresses (such as 10.x.x.x or 192.168.x.x) on your VPS. The provider’s router converts them to public IPs, which can make troubleshooting more difficult.
Virtual Network Interfaces
VPSs often use virtual network devices, like virtio drivers. They appear as ens3, enp1s0, or other similar names.
Use ethtool -i enp1s0 to see the driver name and version. Virtual drivers mostly have performance problems.
Check virtual interface statistics with ip -s link show enp1s0. Many dropped packets usually mean the host is overworked.
Advanced Network Diagnostics
Here are further ways to diagnose network problems on Linux VPS:
Using tcpdump for Packet Analysis
Using basic tools may not always help, and that’s where tcpdump comes in. This tool captures network packets for in-depth evaluation.
Run sudo tcpdump -i enp1s0 -n to display all interface packets. The -n option prevents DNS lookups, speeding up display.
Use sudo tcpdump -i enp1s0 port 22 to capture only SSH traffic, reducing noise.
Analyzing Unix Socket Connections
Some services communicate locally via Unix sockets rather than network connections.
Use ss -x or lsof -U to list Unix sockets, which show as file paths instead of IP addresses and ports.
Unix sockets perform better for local connections, but you must reconfigure your service for remote access.
Network Statistics and Performance
The old netstat command is still useful for checking network stats. Use it alongside ss for more details. ss -s summarizes the results.
This command shows counts of TCP connections in various states, UDP sockets, and other statistics. Sudden changes can signal problems or attacks.
Use ip -s link to track bytes, packets, errors, and drops. Rising error counts suggest hardware or driver problems.
Troubleshooting Specific Scenarios
Below are command-line tools for specific cases:
DNS Resolution Failures
If DNS fails, apps can’t resolve hostnames to IPs. Test with nslookup google.com or dig google.com.
If these steps fail, check /etc/resolv.conf for valid DNS servers, like 8.8.8.8 or your provider’s DNS servers.
Use ping 8.8.8.8 to test if your DNS server is reachable. If it’s unreachable, you have a routing or connectivity problem, not a DNS issue.
Gateway Connectivity Problems
If you can ping localhost but not the gateway, check your local network setup. Validate the gateway with ip route show default.
Use ip link show to see if your interface is up. If it’s DOWN, it can’t send packets.
Make sure your IP and gateway are on the same subnet. Different subnets need extra configuration for routing to work.
Service Binding Issues
If a service fails to accept connections, it may be bound to the wrong address. Check that address with sudo ss -tlnp.
A service bound to 127.0.0.1:3306 only accepts local connections. Use 0.0.0.0:3306 or your network IP to allow remote access.
Edit the service’s configuration file to change the binding address. Common locations include /etc/mysql/my.cnf, /etc/redis/redis.conf, or application-specific config directories.
Establishing Your Online Presence
With a stable network, development becomes easier. But what if you can make things even easier?
Create a website to position yourself better online. Use Hostinger or IONOS platforms; they’re reliable and easy to use.
For more specific needs, check out the best VPS hosting provider.
You can also check Fiverr for professional help.
Conclusion
The network troubleshooting commands for Linux VPS will save you time and stress. Follow this guide to master the ip, ss, ping, and other essential command-line utilities. Remember to check firewall settings, DNS records, and other configurations before faulting hardware.
Finally, learn how to troubleshoot problems on your Linux web server to improve performance.
Next Steps: What Now?
You can start troubleshooting network issues on your Linux VPS if you:
- Master the essential Linux network troubleshooting tools.
- Understand how to manage network configuration.
- Understand your VPS network structure.
- Monitor network performance.
- Choose the best VPS hosting service to set a good foundation.
