linux网络问题排查 - Thu, Sep 4, 2025
linux网络问题排查
1. ping查看链路是否通
ping -v -I enp4s0 192.168.1.118
pana@pana-Z2:~$ ping -v -I enp4s0 192.168.1.118
ping: sock4.fd: 3 (socktype: SOCK_RAW), sock6.fd: 4 (socktype: SOCK_RAW), hints.ai_family: AF_UNSPEC
ai->ai_family: AF_INET, ai->ai_canonname: '192.168.1.118'
PING 192.168.1.118 (192.168.1.118) from 192.168.1.131 enp4s0: 56(84) bytes of data.
64 bytes from 192.168.1.118: icmp_seq=1 ident=9017 ttl=64 time=1.54 ms
64 bytes from 192.168.1.118: icmp_seq=2 ident=9017 ttl=64 time=0.318 ms
64 bytes from 192.168.1.118: icmp_seq=3 ident=9017 ttl=64 time=0.283 ms
64 bytes from 192.168.1.118: icmp_seq=4 ident=9017 ttl=64 time=0.330 ms
64 bytes from 192.168.1.118: icmp_seq=5 ident=9017 ttl=64 time=0.333 ms
64 bytes from 192.168.1.118: icmp_seq=6 ident=9017 ttl=64 time=0.278 m
2. arp查看ip和mac地址绑定表
arp -a
? (192.168.1.201) at xx:xx:xx:xx:xx:xx [ether] on enp4s0
? (192.168.1.58) at xx:xx:xx:xx:xx:xx [ether] on enp4s0
? (192.168.1.8) at xx:xx:xx:xx:xx:xx [ether] on wlo1
? (192.168.1.175) at xx:xx:xx:xx:xx:xx [ether] on enp4s0
3. 查看路由表
ip route
default via 192.168.1.1 dev enp4s0 proto static metric 100
default via 192.168.1.1 dev wlo1 proto dhcp src 192.168.1.108 metric 600
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
172.18.0.0/16 dev br-2e1addc416c9 proto kernel scope link src 172.18.0.1 linkdown
172.19.0.0/16 dev br-8c5ed96eaa7f proto kernel scope link src 172.19.0.1
192.168.1.0/24 dev enp4s0 proto kernel scope link src 192.168.1.131 metric 100
192.168.1.0/24 dev wlo1 proto kernel scope link src 192.168.1.108 metric 600
- default: 默认路由,没有匹配到路由之后,走默认路由。
- via 192.168.1.1: 指定下一条的路由地址
- dev wlo1: dev是设备,从wlo1的设备发出数据包。
- proto dhcp: 该路由是DHCP 协议配置
- dhcp:由 DHCP 设置
- static:手动配置
- kernel:内核自动生成(如直连网络)
- ra:IPv6 路由通告
- src 192.168.1.108: 当从此路由发送数据包时,使用 192.168.1.108 作为源 IP
- metric 600: 路由优先级,越小优先级越高。
删除路由
ip route del 192.168.1.0/24 dev wlo1 proto kernel scope link src 192.168.1.108 metric 600
添加路由
ip route add 192.168.1.0/24 dev wlo1 proto kernel scope link src 192.168.1.108 metric 600
4. tcpdump抓包
sudo tcpdump -i any -vvv -X -s 0 -n
14:23:15.123456 IP (tos 0x0, ttl 64, id 12345, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.108.54321 > 8.8.8.8.443: Flags [S], seq 123456789, win 65535, options [mss 1460,sackOK,TS val 123456 ecr 0,nop,wscale 7], length 0
0x0000: 4500 003c 3099 4000 4006 0000 c0a8 016c E..<0.@.@......l
0x0010: 0808 0808 d431 01bb 075b cdbd 0000 0000 .....1...[......
0x0020: a002 ffff 63a0 0000 0204 05b4 0402 080a ....c...........
0x0030: 0001 e240 0000 0000 0103 0307 ...@........
5. 查看端口状态
sudo netstat -tulnp
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1234/sshd
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 5678/mysqld
tcp6 0 0 :::80 :::* LISTEN 9012/httpd
udp 0 0 0.0.0.0:5353 0.0.0.0:* 4321/avahi-daemon
- -t 显示 TCP 连接
- -u 显示 UDP 连接
- -l 只显示监听中(listening)的端口
- -n 以数字形式显示地址和端口(不解析主机名、服务名)
- -p 显示占用端口的 进程 PID 和进程名
6. 检测远端端口是否开放
telnet 192.168.1.118 8080
Trying 192.168.1.118...
Connected to 192.168.1.118.
Escape character is '^]'.