27
Jul

Troubleshooting Network Connection with ‘tcpdump’ and ‘arp’

A quick and easy way to troubleshoot network connections in an embedded Linux environment is to use the ping, tcpdump, and arp commands. This will allow you to see what might be happening with the traffic on your network at the packet level. Once scenario would be that you’re not getting a successful ping between two computers on the network. All reason tells you that it should be working, but maybe there’s something wrong at the driver level? To start troubleshooting, fire up tcpdump on the box being pinged (ip: 192.168.1.100) and specify the network interface and IP address of the machine doing the pinging (ip: 192.168.1.101):

tcpdump -i eth0 host 192.168.1.101

Now, run the ping test:

ping 192.168.1.100

At this point, if you get an output from tcpdump, you’ll know that the packet has made its way to the target machine (192.168.1.100). The next step would be to see if you ever received an acknowledgment from the target machine. Run arp on the machine doing the pinging (192.168.1.101):

arp -an

If you see something like ? (192.168.1.112) at (incomplete) on en1 [ethernet], that means you never got an acknowledgment back from the target machine (192.168.1.100).

At this point in this scenario, we would start to dive into what could be wrong. In this particular situation, it was a driver issue with assigning a MAC address to the interface.

This is just one scenario to get you familiar with how to use tcpdump and arp and gather information about the networking issue. Please refer to the utility man pages for more information.

Feel free to donate if this post prevented any headaches! Another way to show your appreciation is to take a gander at these relative ads that you may be interested in:


There's 0 Comment So Far

Share your thoughts, leave a comment!