Helping Out the Server Teams - Linux Edition

AllLinux
A lot of my time lately has been fielding complaints from server teams. They blame my network with the following super descriptive complaints:
  1. I can't connect to my server
  2. It used to work
  3. You changed something
  4. You're firewall is blocking it
  5. I'm getting a network error, so I need the network teams help
These used to make me crazy... Sometimes they still do, but I've been taking a different approach to helping these folks out.

They should always open a request by providing you some relevant details, so the initial request is asking for exactly that.

The second piece is asking for some common Linux commands to be ran. I've thrown together a quick reference on what exactly these commands do at the bottom of the email, along with why you're requesting this information.

Honestly 1/2 the time I ask for this information, the teams respond with "we've resolved the issue". I like to think its because they ran the commands that lead them to the root cause.Wishful thinking perhaps, but I hope this can help others out!


Team,
     I'm happy to help, but I'm going to need some more information to assist. Please replace the red text below with the requested information.

Source/Destination Information
Source IP: <Source_IP>
Destination IP: <Destination_IP>
Destination Port: <Port_Number> 
Ticket Number: <If ports we're requested previously, provide the ticket Number referencing the approved change>
Date this was last known to be working:  <Date> 
Application Name:  <Name> 

Additionally, I'll need the following command outputs from the affected server. Please run these commands save attach them in a text file as the output can sometimes be lengthy.

Commands Outputs Requested
  • ifconfig
  • netstat –an
  • netstat –rn
  • ps aux
  • ls /etc
  • service --status-all
  • sudo systemctl status firewalld
  • sudo firewall-cmd --list-all
  • sudo systemctl status iptables
  • sudo iptables -L
  • traceroute 1.1.1.1

 General Network Commands
Ifconfig
  • Interface output
netstat –an
  • Shows ports listening
netstat –rn
  • Show routes
traceroute 1.1.1.1
  • provides the network path toward the internet


 System Services information

ps aux
  • Shows all running services.
    • This provides more information which may be helpful
    • (e.g. 'it looks like you have xxx service listening on port 8080, and not apache. Please review your application configurations')
ls /etc
  • prints the system config directory. Mainly in case some of the other commands dont work. This one works on pretty much every version of linux.
service --status-all
  • Shows all running services.

Software Firewall Commands 
(Commands for the two most popular linux software firewalls. Only expect 2 of the 4 commands to work)
sudo systemctl status firewalld
  • Shows that the firewall is active
sudo firewall-cmd --list-all
  • Displays firewall policies
sudo systemctl status iptables
  • Shows that the firewall is active
sudo iptables -L
  • Displays firewall policies



Categories: All, Linux