wabdewleapraninub
In modern DevOps environments, network reliability is everything. Even the most well-designed systems can grind to a halt if traffic doesn’t flow properly. That’s why debugging network issues isn’t just a technical extra—it’s a core skill for keeping services available and resilient.
To work effectively, DevOps teams rely on a toolbox of commands and utilities that expose what’s happening at different layers of the network. Below are seven powerful tools and examples of how to use them in real scenarios.
1. tcpdump
Capture Live Traffic
tcpdump -i eth0
This command records all packets traveling through the eth0 interface. It’s like turning on a surveillance camera for your network.
Filter for HTTP Only
tcpdump -i eth0 port 80
This limits output to web traffic, helping you diagnose HTTP-specific issues.
Save for Later Review
tcpdump -i eth0 -w traffic.pcap
Instead of watching live, you can store traffic in a file to analyze later or share with teammates.
Spot Port Scans
tcpdump 'tcp[tcpflags] & (tcp-syn) != 0 and tcp[tcpflags] & (tcp-ack) = 0'
This captures suspicious SYN requests, which often indicate someone scanning your system for open ports.
2. netstat
View Listening Ports
netstat -tulpn
Shows which processes are listening for connections—useful for both troubleshooting and security checks.
See Active Connections
netstat -an | grep ESTABLISHED
Lists current conversations between your system and others in real time.
Summarize by State
netstat -n | awk '/^tcp/ {print $6}' | sort | uniq -c
Groups connections by status (like TIME_WAIT or ESTABLISHED), making it easier to spot abnormal patterns.
3. dig
Basic Lookup
dig example.com
Resolves a domain to its IP address. If a site isn’t loading, this tells you whether DNS is the culprit.
Trace Resolution Path
dig +trace example.com
Follows the full DNS chain from root servers down, helping you locate failures along the path.
4. docker network
Inspect Networks
docker network ls
docker network inspect bridge
Shows available Docker networks and details of how containers connect. Perfect when containers can’t communicate.
Check Container IP
docker inspect -f '{{.NetworkSettings.IPAddress}}' container_name
Reveals the exact IP assigned to a container, useful for verifying internal communication.
5. iperf
Measure Bandwidth
Run the server:
iperf -s
Run the client:
iperf -c server_ip
This pair of commands tests throughput between two systems, letting you measure real-world network speed.
6. conntrack
List Tracked Connections
conntrack -L
Displays all network sessions the kernel is tracking. This is especially useful for diagnosing firewall or NAT issues where connections drop unexpectedly.
7. ip route
Show Routing Table
ip route show
Reveals all the paths available for traffic leaving your system—crucial when debugging connectivity problems.
Test a Specific Route
ip route get 8.8.8.8
Shows which route your system will take to reach a given IP, helping confirm that packets follow the expected path.
Final Thoughts
Debugging networks in a DevOps setting isn’t about memorizing every command—it’s about knowing where to start and having reliable tools at hand. Mastering these seven utilities will give you a solid foundation for diagnosing connectivity problems, tracing bottlenecks, and improving system reliability.
Think of it as building muscle memory: begin with basic commands, expand to advanced scenarios, and refine your approach over time. The more you practice, the faster and more confidently you’ll resolve issues when they arise.
