Network_diagnostics
Chapter 39: Network Diagnostics Scripts
Section titled “Chapter 39: Network Diagnostics Scripts”Overview
Section titled “Overview”This chapter covers network diagnostics scripts for testing connectivity, analyzing network traffic, and troubleshooting network issues - essential skills for DevOps engineers.
Network Basics
Section titled “Network Basics”Understanding Network Tools
Section titled “Understanding Network Tools”# Common network toolsip # Modern network configurationss # Socket statisticsping # Test connectivitytraceroute # Trace network pathdig # DNS queriesnetstat # Network statisticstcpdump # Packet capturenmap # Network scanningConnectivity Testing
Section titled “Connectivity Testing”Ping Tests
Section titled “Ping Tests”#!/usr/bin/env bash# ping_test.sh - Test network connectivity
HOST="${1:-google.com}"COUNT="${2:-4}"
echo "Testing connectivity to $HOST..."ping -c "$COUNT" "$HOST"Multiple Host Monitoring
Section titled “Multiple Host Monitoring”#!/usr/bin/env bash# monitor_hosts.sh - Monitor multiple hosts
HOSTS=( "8.8.8.8" "google.com" "cloudflare.com" "1.1.1.1")
echo "=== Network Monitoring ==="for host in "${HOSTS[@]}"; do if ping -c 1 -W 2 "$host" &>/dev/null; then echo "✓ $host is reachable" else echo "✗ $host is unreachable" fidonePort Analysis
Section titled “Port Analysis”Port Scanning
Section titled “Port Scanning”#!/usr/bin/env bash# port_scan.sh - Scan ports on localhost
set -euo pipefail
HOST="${1:-localhost}"START_PORT="${2:-1}"END_PORT="${3:-1024}"
echo "Scanning $HOST ports $START_PORT-$END_PORT..."
for port in $(seq $START_PORT $END_PORT); do if timeout 0.1 bash -c "echo >/dev/tcp/$HOST/$port" 2>/dev/null; then echo "Port $port: OPEN" fidoneCheck Specific Ports
Section titled “Check Specific Ports”#!/usr/bin/env bash# check_ports.sh - Check if specific ports are open
set -euo pipefail
HOST="${1:-localhost}"PORTS=(22 80 443 3306 5432 6379 8080)
echo "Checking common ports on $HOST..."
for port in "${PORTS[@]}"; do if timeout 0.5 bash -c "echo >/dev/tcp/$HOST/$port" 2>/dev/null; then echo "Port $port: OPEN" else echo "Port $port: CLOSED" fidoneDNS Analysis
Section titled “DNS Analysis”DNS Lookup
Section titled “DNS Lookup”#!/usr/bin/env bash# dns_lookup.sh - Perform DNS lookups
set -euo pipefail
DOMAIN="${1:-google.com}"
echo "=== DNS Lookup for $DOMAIN ==="
# A recordecho "A record:"dig +short "$DOMAIN" A
# AAAA record (IPv6)echo "AAAA record:"dig +short "$DOMAIN" AAAA
# MX recordecho "MX record:"dig +short "$DOMAIN" MX
# NS recordecho "NS record:"dig +short "$DOMAIN" NS
# TXT recordecho "TXT record:"dig +short "$DOMAIN" TXTReverse DNS
Section titled “Reverse DNS”#!/usr/bin/env bash# reverse_dns.sh - Reverse DNS lookup
set -euo pipefail
IP="${1:-8.8.8.8}"
echo "Reverse DNS for $IP:"dig +short -x "$IP"Network Statistics
Section titled “Network Statistics”Connection Analysis
Section titled “Connection Analysis”#!/usr/bin/env bash# network_stats.sh - Show network statistics
echo "=== Network Statistics ==="echo ""
echo "--- Established Connections ---"ss -tun | grep ESTAB
echo ""echo "--- Listening Ports ---"ss -tunl | grep LISTEN
echo ""echo "--- Connection States ---"ss -tan | awk '{print $1}' | sort | uniq -c | sort -rnInterface Statistics
Section titled “Interface Statistics”#!/usr/bin/env bash# interface_stats.sh - Show network interface statistics
set -euo pipefail
INTERFACE="${1:-}"
echo "=== Network Interface Statistics ==="
if [[ -z "$INTERFACE" ]]; then ip -s link showelse ip -s link show "$INTERFACE"fiBandwidth Testing
Section titled “Bandwidth Testing”Speed Test
Section titled “Speed Test”#!/usr/bin/env bash# speed_test.sh - Test network speed
set -euo pipefail
# Test download speedecho "Testing download speed..."download_speed=$(curl -s -o /dev/null -w '%{speed_download}' https://speed.cloudflare.com/__down?bytes=10000000)echo "Download: $((download_speed/1024/1024)) MB/s"
# Test upload speedecho "Testing upload speed..."upload_speed=$(curl -s -o /dev/null -w '%{speed_upload}' https://speed.cloudflare.com/__up -X POST -d "test")echo "Upload: $((upload_speed/1024/1024)) MB/s"Troubleshooting Scripts
Section titled “Troubleshooting Scripts”DNS Troubleshooting
Section titled “DNS Troubleshooting”#!/usr/bin/env bash# troubleshoot_dns.sh - Troubleshoot DNS issues
set -euo pipefail
DOMAIN="${1:-google.com}"
echo "=== DNS Troubleshooting for $DOMAIN ==="echo ""
# Check if DNS server is reachableecho "1. Checking DNS server..."ping -c 1 8.8.8.8 &>/dev/null && echo "✓ DNS server reachable" || echo "✗ DNS server unreachable"
# Test DNS resolutionecho ""echo "2. Testing DNS resolution..."if dig +short "$DOMAIN" | grep -q '[0-9]'; then echo "✓ DNS resolution working" dig +short "$DOMAIN"else echo "✗ DNS resolution failed"fi
# Test with different DNS serversecho ""echo "3. Testing with different DNS servers..."for dns in "8.8.8.8" "1.1.1.1" "208.67.222.222"; do result=$(dig +short @"$dns" "$DOMAIN" A | head -1) echo "DNS $dns: $result"doneNetwork Path Analysis
Section titled “Network Path Analysis”#!/usr/bin/env bash# trace_route.sh - Trace network path
set -euo pipefail
HOST="${1:-google.com}"
echo "=== Traceroute to $HOST ==="traceroute -m 15 "$HOST"Firewall Rules
Section titled “Firewall Rules”List iptables Rules
Section titled “List iptables Rules”#!/usr/bin/env bash# list_iptables.sh - List iptables rules
echo "=== iptables Rules ==="echo ""
echo "--- Filter Table ---"sudo iptables -L -n -v
echo ""echo "--- NAT Table ---"sudo iptables -t nat -L -n -vHTTP/HTTPS Analysis
Section titled “HTTP/HTTPS Analysis”Test HTTP Endpoints
Section titled “Test HTTP Endpoints”#!/usr/bin/env bash# test_endpoint.sh - Test HTTP/HTTPS endpoints
set -euo pipefail
URL="${1:-http://localhost:8080/health}"
echo "Testing: $URL"echo ""
# HTTP status codestatus_code=$(curl -s -o /dev/null -w "%{http_code}" "$URL")echo "HTTP Status: $status_code"
# Response timetime_total=$(curl -s -o /dev/null -w "%{time_total}" "$URL")echo "Response Time: ${time_total}s"
# Content typecontent_type=$(curl -s -I "$URL" | grep -i "content-type" | cut -d: -f2 | xargs)echo "Content-Type: $content_type"
# Check SSL certificate (for HTTPS)if [[ "$URL" =~ ^https ]]; then echo "" echo "SSL Certificate:" echo "$URL" | openssl s_client -connect "${URL#https://}" 2>/dev/null | \ openssl x509 -noout -dates -subjectfiAdvanced Diagnostics
Section titled “Advanced Diagnostics”Packet Capture
Section titled “Packet Capture”#!/usr/bin/env bash# capture_packets.sh - Capture network packets
set -euo pipefail
INTERFACE="${1:-eth0}"COUNT="${2:-100}"OUTPUT_FILE="${3:-/tmp/capture.pcap}"
echo "Capturing $COUNT packets on $INTERFACE..."sudo tcpdump -i "$INTERFACE" -c "$COUNT" -w "$OUTPUT_FILE"
echo "Capture saved to: $OUTPUT_FILE"Network Latency Analysis
Section titled “Network Latency Analysis”#!/usr/bin/env bash# latency_test.sh - Test network latency
set -euo pipefail
HOST="${1:-google.com}"COUNT="${2:-10}"
echo "Testing latency to $HOST..."echo ""
# Measure latencyping -c "$COUNT" "$HOST" | tail -1
# Show RTT statisticsping -c "$COUNT" "$HOST" | grep "rtt"Summary
Section titled “Summary”In this chapter, you learned:
- ✅ Connectivity testing with ping
- ✅ Port scanning and analysis
- ✅ DNS lookup and troubleshooting
- ✅ Network statistics
- ✅ Bandwidth testing
- ✅ DNS troubleshooting
- ✅ Route tracing
- ✅ Firewall rules
- ✅ HTTP endpoint testing
- ✅ Packet capture
- ✅ Latency analysis
Next Steps
Section titled “Next Steps”Continue to the next chapter to learn about Container Automation Scripts.
Previous Chapter: Log Analysis Scripts Next Chapter: Container Automation Scripts