Linux is a popular operating system that is widely used for networking purposes. Linux offers many advantages such as stability, security, flexibility, and scalability for network administrators and users. However, Linux users may also encounter some network performance issues that can affect the quality and efficiency of their network communication and services. These issues can be caused by various factors such as hardware, software, configuration, traffic, environment, etc.
In this article, we will show you how to troubleshoot Linux network performance issues using some common tools and commands. We will cover 12 steps that can help you diagnose and resolve the network performance issues on your Linux system. By following these steps, you will be able to identify the root cause of the problem, find the best solution, and optimize your network performance on Linux.
Step 1: Check the Network Configuration
The first step to troubleshoot Linux network performance issues is to check the network configuration and status on your Linux system. You can use commands like ip
, ifconfig
, route
, netstat
, etc. to check the network configuration and status.
These commands can show you information such as the IP address, subnet mask, gateway, DNS server, interface name, link status, routing table, socket statistics, etc.
For example, you can use the ip
command to check the IP address and link status of your network interface:
ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc mq state UP group default qlen 1000
link/ether 42:01:0a:80:0f:e9 brd ff:ff:ff:ff:ff:ff
inet 10.128.15.233/32 metric 100 scope global dynamic ens4
valid_lft 2446sec preferred_lft 2446sec
inet6 fe80::4001:aff:fe80:fe9/64 scope link
valid_lft forever preferred_lft forever
You can see that the network interface ens4
has an IP address of 10.128.15.233/32
and is in the state of UP
.
You can also use the route
command to check the routing table on your Linux system:
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.128.0.1 0.0.0.0 UG 100 0 0 ens4
10.128.0.1 0.0.0.0 255.255.255.255 UH 100 0 0 ens4
169.254.169.254 10.128.0.1 255.255.255.255 UGH 100 0 0 ens4
You can see that the default gateway for your Linux system is 10.128.0.1
and the network interface ens4
is used for the local network
.10.128.0.0/32
You should check the output of these commands and make sure that the network configuration and status are correct and complete. If you find any errors or missing information, you should fix them accordingly.
For example, you may need to assign a valid IP address, configure a proper gateway, enable or disable an interface, etc.
Step 2: Ping the Destination Host
The second step to troubleshoot Linux network performance issues is to ping the destination host that you want to communicate with. You can use the ping
command to test the connectivity and latency to the destination host.
The ping
command sends a series of ICMP echo requests to the destination host and measures the time and success rate of the ICMP echo replies.
For example, you can use the ping
command to ping the Google DNS server at 8.8.8.8
:
ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=115 time=0.778 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=115 time=0.320 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=115 time=0.310 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=115 time=0.369 ms
You can see that the ping is successful and the latency is around 15.6 ms.
You should check the output of the ping
command and make sure that the connectivity and latency are acceptable and consistent. If you find any errors or anomalies, you should investigate them further. For example, you may need to check the network configuration, the firewall rules, the network route, the DNS resolution, etc.
Step 3: Trace the Network Route
The third step to troubleshoot Linux network performance issues is to trace the network route to the destination host. You can use the traceroute
or tracepath
command to trace the network route to the destination host.
These commands can show you the number of hops, the IP address, and the latency of each intermediate router or device along the network path.
For example, you can use the traceroute
command to trace the network route to the Google DNS server at 8.8.8.8
:
traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * dns.google (8.8.8.8) 0.422 ms
You can see that the network route to the Google DNS server has 30 hops and the latency increases as the distance increases.
You should check the output of these commands and make sure that the network route is not broken or inefficient. If you find any errors or anomalies, you should investigate them further. For example, you may need to check the network configuration, the firewall rules, the DNS resolution, the network congestion, etc.
Step 4: Check the DNS Resolution
The fourth step to troubleshoot Linux network performance issues is to check the DNS resolution of the destination host. DNS stands for Domain Name System, which is a service that translates human-readable domain names (such as www.google.com) into machine-readable IP addresses (such as 8.8.8.8).
You can use the nslookup
or dig
command to check the DNS resolution of the destination host. These commands can show you information such as the IP address, the name server, the TTL (time to live), etc.
For example, you can use the nslookup
command to check the DNS resolution of the Google DNS server at 8.8.8.8
:
nslookup 8.8.8.8
8.8.8.8.in-addr.arpa name = dns.google.
Authoritative answers can be found from:
You can see that the domain name of the IP address 8.8.8.8 is dns.google
.
You can also use the dig
command to check the DNS resolution of the Google DNS server at 8.8.8.8
:
dig -x 8.8.8.8
; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> -x 8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6788
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;8.8.8.8.in-addr.arpa. IN PTR
;; ANSWER SECTION:
8.8.8.8.in-addr.arpa. 7022 IN PTR dns.google.
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Thu Jan 18 05:36:34 UTC 2024
;; MSG SIZE rcvd: 73
You can see that the domain name of the IP address 8.8.8.8 is dns.google
and the TTL is 7022 seconds.
You should check the output of these commands and make sure that the DNS resolution is successful and fast. If you find any errors or delays, you should investigate them further. For example, you may need to check the network configuration, the firewall rules, the DNS server, the DNS cache, etc.
Step 5: Check the Firewall Rules
The fifth step to troubleshoot Linux network performance issues is to check the firewall rules on your Linux system. A firewall is a software or hardware device that filters the incoming and outgoing network traffic based on a set of rules. A firewall can protect your Linux system from unauthorized access, malicious attacks, or unwanted traffic.
However, a firewall can also block or limit the network traffic that you want to allow or optimize. You can use the iptables
or firewalld
command to check the firewall rules on your Linux system. These commands can show you information such as the chain, the policy, the target, the protocol, the port, the source, the destination, etc.
For example, you can use the iptables
command to check the firewall rules on your Linux system:
sudo iptables -L -n -v
...
Chain ufw-before-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ufw-user-forward all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-input (1 references)
pkts bytes target prot opt in out source destination
809M 747G ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
35M 16G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
381 33234 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
381 33234 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
25972 1105K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
1620K 97M ufw-not-local all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
1620K 97M ufw-user-input all -- * * 0.0.0.0/0 0.0.0.0/0
...
You can see that the firewall rules on your Linux system allow some common protocols and ports such as ICMP, SSH, HTTP, HTTPS, DNS, DHCP, etc. and drop all other traffic.
You should check the output of these commands and make sure that the firewall rules are not blocking or limiting the network traffic that you want to allow or optimize. If you find any errors or anomalies, you should investigate them further. For example, you may need to add, delete, modify, or reorder the firewall rules, enable or disable the firewall service, etc.
Step 6: Check the Network Interface Statistics
The sixth step to troubleshoot Linux network performance issues is to check the network interface statistics on your Linux system. The network interface statistics can show you information such as the speed, duplex, link, errors, drops, etc. of your network interface.
You can use the ethtool
or ip
command to check the network interface statistics on your Linux system. These commands can show you information such as the speed, duplex, link, errors, drops, etc. of your network interface.
For example, you can use the ethtool
command to check the network interface statistics of your network interface ens4
:
sudo ethtool ens4
Settings for ens4:
Supported ports: [ ]
Supported link modes: Not reported
Supported pause frame use: No
Supports auto-negotiation: No
Supported FEC modes: Not reported
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Advertised FEC modes: Not reported
Speed: 1000Mb/s
Duplex: Unknown! (255)
Auto-negotiation: off
Port: Other
PHYAD: 0
Transceiver: internal
Link detected: yes
You can see that the network interface ens4
has a speed of 1000Mb/s, a duplex of full, a link of yes, and no errors or drops.
You can also use the ip
command to check the network interface statistics of your network interface ens4
:
ip -s link show ens4
2: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1460 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 42:01:0a:80:0f:e9 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped missed mcast
17103762921 36663130 0 0 0 0
TX: bytes packets errors dropped carrier collsns
23349346782 30128075 0 0 0 0
You can see that the network interface ens4
has no errors or drops in the RX (receive) or TX (transmit) direction.
You should check the output of these commands and make sure that the network interface statistics are normal and error-free. If you find any errors or drops, you should investigate them further. For example, you may need to check the network configuration, the network cable, the network switch, the network driver, etc.
Step 7: Check the TCP/IP Parameters
The seventh step to troubleshoot Linux network performance issues is to check the TCP/IP parameters on your Linux system. TCP/IP stands for Transmission Control Protocol/Internet Protocol, which is a set of protocols that governs the communication and data transfer between devices on the internet.
TCP/IP parameters are the values or settings that affect the behavior and performance of the TCP/IP protocols. You can use the sysctl
command to check the TCP/IP parameters on your Linux system. This command can show you information such as the TCP window size, the TCP congestion control algorithm, the TCP keepalive time, etc.
For example, you can use the sysctl
command to check the TCP window size on your Linux system:
sysctl net.ipv4.tcp_wmem
net.ipv4.tcp_wmem = 4096 16384 4194304
You can see that the TCP window size on your Linux system is a range of values from 4096 bytes to 4194304 bytes.
You can also use the sysctl
command to check the TCP congestion control algorithm on your Linux system:
sysctl net.ipv4.tcp_congestion_control
net.ipv4.tcp_congestion_control = cubic
You can see that the TCP congestion control algorithm on your Linux system is cubic
.
You should check the output of this command and make sure that the TCP/IP parameters are optimal or need tuning. If you find any errors or anomalies, you should investigate them further. For example, you may need to adjust the TCP window size, change the TCP congestion control algorithm, enable or disable the TCP features, etc.
Step 8: Check the Network Bandwidth Usage
The eighth step to troubleshoot Linux network performance issues is to check the network bandwidth usage on your Linux system. The network bandwidth usage is the amount of data that is transferred over the network in a given period of time. The network bandwidth usage can affect the speed and quality of your network communication and services.
You can use the nload
or iftop
command to check the network bandwidth usage on your Linux system. These commands can show you information such as the current, average, and peak bandwidth usage, the source and destination IP addresses and ports, the protocol, etc.
For example, you can use the nload
command to check the network bandwidth usage of your network interface ens4
:
$ nload ens4
You will see a graphical display of the network bandwidth usage of your network interface eth0
in the terminal. You can use the arrow keys to switch between different network interfaces, and press Ctrl+C to exit.
You can also use the iftop
command to check the network bandwidth usage of your network interface ens4
:
sudo iftop -i ens4
You will see a textual display of the network bandwidth usage of your network interface eth0
in the terminal. You can use the keyboard shortcuts to change the display options, and press Q to exit.
You should check the output of these commands and make sure that the network bandwidth usage is not too high or uneven. If you find any errors or anomalies, you should investigate them further. For example, you may need to check the network configuration, the network traffic, the network congestion, the network quality of service, etc.
Step 9: Check the Network Latency and Jitter
The ninth step to troubleshoot Linux network performance issues is to check the network latency and jitter on your Linux system. The network latency is the time it takes for a packet of data to travel from one point to another on the network. The network jitter is the variation in the network latency over time.
The network latency and jitter can affect the quality and reliability of your network communication and services. You can use the mtr
or iperf
command to check the network latency and jitter on your Linux system. These commands can show you information such as the average, minimum, maximum, and standard deviation of the network latency and jitter, the packet loss, the bandwidth, etc.
For example, you can use the mtr
command to check the network latency and jitter to the Google DNS server at 8.8.8.8
:
mtr -r -c 10 8.8.8.8
Start: 2024-01-18T05:47:09+0000
HOST: linux-server Loss% Snt Last Avg Best Wrst StDev
1.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
2.|-- Google-level3-Denver1.Lev 0.0% 10 10.4 10.3 10.2 10.4 0.1
3.|-- 216.239.56.151 0.0% 10 11.4 11.4 11.2 11.7 0.1
4.|-- 209.85.142.171 0.0% 10 10.2 10.3 10.2 10.3 0.0
5.|-- dns.google 0.0% 10 10.3 10.3 10.2 10.3 0.1
You can see that the network latency and jitter to the Google DNS server are around 10.2 ms and 0 ms, respectively.
You should check the output of these commands and make sure that the network latency and jitter are not too high or variable. If you find any errors or anomalies, you should investigate them further. For example, you may need to check the network configuration, the network route, the network congestion, the network quality of service, etc.
Step 10: Check the Network Packet Loss and Retransmission
The tenth step to troubleshoot Linux network performance issues is to check the network packet loss and retransmission on your Linux system. The network packet loss is the percentage of packets that are lost or discarded during the network transmission. The network retransmission is the process of resending the lost or corrupted packets.
The network packet loss and retransmission can affect the speed and reliability of your network communication and services. You can use the tcpdump
or wireshark
command to check the network packet loss and retransmission on your Linux system. These commands can capture and analyze the network traffic and show you information such as the source and destination IP addresses and ports, the protocol, the sequence number, the acknowledgment number, the flags, the payload, etc.
For example, you can use the tcpdump
command to check the network packet loss and retransmission of your network interface eth0
:
sudo tcpdump -i eth0 -n -v
You can see that the TCP connection between your Linux system and the Google DNS server is established and terminated without any packet loss or retransmission.
You should check the output of these commands and make sure that the network packet loss and retransmission are not too high or frequent. If you find any errors or anomalies, you should investigate them further. For example, you may need to check the network configuration, the network route, the network congestion, the network quality of service, etc.
Step 11: Check the Application Performance
The eleventh step to troubleshoot Linux network performance issues is to check the application performance on your Linux system. The application performance is the measure of how well an application performs its intended function and meets the user’s expectations.
The application performance can affect the quality and efficiency of your network communication and services. You can use the top
or htop
command to check the application performance on your Linux system. These commands can show you information such as the CPU usage, the memory usage, the process ID, the process name, the process state, the process priority, etc.
For example, you can use the top
command to check the application performance on your Linux system:
top
top - 05:50:35 up 5 days, 12:45, 1 user, load average: 0.42, 0.40, 0.43
Tasks: 112 total, 1 running, 111 sleeping, 0 stopped, 0 zombie
%Cpu(s): 35.1 us, 4.5 sy, 0.0 ni, 59.0 id, 0.0 wa, 0.0 hi, 1.3 si, 0.0 st
MiB Mem : 7930.4 total, 3317.8 free, 1103.8 used, 3508.8 buff/cache
MiB Swap: 0.0 total, 0.0 free, 0.0 used. 6318.7 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1612961 www-data 20 0 382744 137800 93576 S 23.3 1.7 0:14.36 php-fpm8.2
1612998 www-data 20 0 369160 119648 85896 S 20.6 1.5 0:14.16 php-fpm8.2
1613000 www-data 20 0 369352 121280 87048 S 16.9 1.5 0:13.68 php-fpm8.2
1612959 www-data 20 0 367240 118636 86792 S 14.0 1.5 0:14.49 php-fpm8.2
14 root 20 0 0 0 0 I 0.3 0.0 4:58.99 rcu_sched
77 root 20 0 0 0 0 S 0.3 0.0 0:20.31 jbd2/sda1-8
759905 www-data 20 0 98308 15720 7936 S 0.3 0.2 15:00.70 nginx
1613232 pappinv+ 20 0 10912 3840 3200 R 0.3 0.0 0:00.03 top
1 root 20 0 167580 12916 8180 S 0.0 0.2 0:31.54 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.06 kthreadd
3 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 rcu_gp
4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 rcu_par_gp
5 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 slub_flushwq
6 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 netns
8 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/0:0H-events_highpri
10 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 mm_percpu_wq
11 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_tasks_rude_kthread
12 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_tasks_trace_kthread
13 root 20 0 0 0 0 S 0.0 0.0 0:30.18 ksoftirqd/0
15 root rt 0 0 0 0 S 0.0 0.0 0:01.55 migration/0
16 root -51 0 0 0 0 S 0.0 0.0 0:00.00 idle_inject/0
18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/0
You can see that the application performance on your Linux system is normal and stable.
You should check the output of these commands and make sure that the application performance is not poor or unstable. If you find any errors or anomalies, you should investigate them further. For example, you may need to check the application configuration, the application logs, the application resources, the application dependencies, etc.
Step 12: Check the System Logs
The twelfth and final step to troubleshoot Linux network performance issues is to check the system logs on your Linux system. The system logs are the records of events and messages that occur on your Linux system.
The system logs can provide you with useful information such as the date and time, the severity level, the source and destination, the error code, the error message, etc. You can use the journalctl
or dmesg
command to check the system logs on your Linux system. These commands can show you information such as the timestamp, the hostname, the unit, the message, etc.
For example, you can use the journalctl
command to check the system logs on your Linux system:
journalctl -f
You can see that the system logs on your Linux system show the events and messages related to the SSH login and logout of the user user
.
You can also use the dmesg
command to check the system logs on your Linux system:
dmesg
Conclusion
In this article, we have learned how to troubleshoot Linux network performance issues using various commands and tools.
By following the above steps, you can certainly identify and resolve the common and uncommon network performance issues on your Linux system. You can also use these steps to monitor and optimize your network performance on a regular basis.
Frequently Asked Questions
How can I measure the network performance between two Linux systems?
You can use the iperf
or iperf3
command to measure the network performance between two Linux systems. You need to install the iperf
or iperf3
package on both systems, and run one system as the server and the other as the client.
How can I troubleshoot the network performance issues caused by external factors?
You can use the traceroute
or mtr
command to troubleshoot the network performance issues caused by external factors, such as the network route, the network congestion, the network quality of service, etc. These commands can show you the network hops and the network latency and jitter along the path to a destination.
Leave your Reply