RHEL7: Debug network services.

Last updated on (17,915 views) - CertDepot No Comments ↓
Share this link
Google+0
LinkedIn0

Standard process

When you’ve got a service problem between two servers (here local and remote), follow these steps.

Here we assume the local configuration is OK (working DNS or /etc/hosts file).

Start by checking the connectivity:

local# ping remote

If you don’t get any result, connect to the remote server through a console (see the RHEL 7 virtual console page) and check the basic system & network configuration (run level, ip address, default gateway, etc).

If the remote server replies, install nmap and check the remote services (see my previous post about nmap):

local# yum install -y nmap
local# nmap remote

At this point, it can be useful to stop Firewalld locally or remotely in case communications can’t go through because of it:

local# systemctl stop firewalld
remote# systemctl stop firewalld

If you don’t get any progress, it could also be useful to bring the SELinux configuration of the remote server in permissive mode:

remote# setenforce Permissive

Useful tools for specific services

Some commands can be used to debug services like:

  • telnet to debug smtp (telnet remote 25), http (telnet remote 80),
  • elinks to debug http (elinks remote) but not https (doesn’t work well with TLS),
  • showmount to debug NFSv3 & NFSv2 (showmount -e remote) but not NFSv4 (=> mount remote:/ /mnt; cd /mnt; ls exports): if you want to use showmount with NFSv4, you need to stop Firewalld on the NFS server (or open the 111 udp and 20048 tcp ports on the NFS server).
  • rpcdebug to debug kernel RPC/NFS problems (rpcdebug -m rpc -s all; rpcdebug -m nfsd -s all).

Things to remember

Some services require NTP synchronization to work properly (Kerberos, etc), some others rely on a working DNS (smtp & the MX records, etc).

In addition, the TCP wrapper files (/etc/hosts.allow & /etc/hosts.deny) should be empty.

Finally, when connecting RHEL 7/CentOS 7 servers to RHEL 6/CentOS 6 servers, keep in mind that user id/group id start at 1000 in RHEL 7 by default when they start at 500 in RHEL 6.

Additional Resources

Digital Ocean provides an interesting tutorial about Nmap and Tcpdump.
TheGeekDiary website wrote an article on How to find if a network port is open or not?

(1 votes, average: 5.00 out of 5)
Loading...

Leave a Reply

Upcoming Events (Local Time)

There are no events.

Follow me on Twitter

Archives

xhampster
vceplus-200-125    | boson-200-125    | training-cissp    | actualtests-cissp    | techexams-cissp    | gratisexams-300-075    | pearsonitcertification-210-260    | examsboost-210-260    | examsforall-210-260    | dumps4free-210-260    | reddit-210-260    | cisexams-352-001    | itexamfox-352-001    | passguaranteed-352-001    | passeasily-352-001    | freeccnastudyguide-200-120    | gocertify-200-120    | passcerty-200-120    | certifyguide-70-980    | dumpscollection-70-980    | examcollection-70-534    | cbtnuggets-210-065    | examfiles-400-051    | passitdump-400-051    | pearsonitcertification-70-462    | anderseide-70-347    | thomas-70-533    | research-1V0-605    | topix-102-400    | certdepot-EX200    | pearsonit-640-916    | itproguru-70-533    | reddit-100-105    | channel9-70-346    | anderseide-70-346    | theiia-IIA-CIA-PART3    | certificationHP-hp0-s41    | pearsonitcertification-640-916    | anderMicrosoft-70-534    | cathMicrosoft-70-462    | examcollection-cca-500    | techexams-gcih    | mslearn-70-346    | measureup-70-486    | pass4sure-hp0-s41    | iiba-640-916    | itsecurity-sscp    | cbtnuggets-300-320    | blogged-70-486    | pass4sure-IIA-CIA-PART1    | cbtnuggets-100-101    | developerhandbook-70-486    | lpicisco-101    | mylearn-1V0-605    | tomsitpro-cism    | gnosis-101    | channel9Mic-70-534    | ipass-IIA-CIA-PART1    | forcerts-70-417    | tests-sy0-401    | ipasstheciaexam-IIA-CIA-PART3    | mostcisco-300-135    | buildazure-70-533    | cloudera-cca-500    | pdf4cert-2v0-621    | f5cisco-101    | gocertify-1z0-062    | quora-640-916    | micrcosoft-70-480    | brain2pass-70-417    | examcompass-sy0-401    | global-EX200    | iassc-ICGB    | vceplus-300-115    | quizlet-810-403    | cbtnuggets-70-697    | educationOracle-1Z0-434    | channel9-70-534    | officialcerts-400-051    | examsboost-IIA-CIA-PART1    | networktut-300-135    | teststarter-300-206    | pluralsight-70-486    | coding-70-486    | freeccna-100-101    | digitaltut-300-101    | iiba-CBAP    | virtuallymikebrown-640-916    | isaca-cism    | whizlabs-pmp    | techexams-70-980    | ciscopress-300-115    | techtarget-cism    | pearsonitcertification-300-070    | testking-2v0-621    | isacaNew-cism    | simplilearn-pmi-rmp    | simplilearn-pmp    | educationOracle-1z0-809    | education-1z0-809    | teachertube-1Z0-434    | villanovau-CBAP    | quora-300-206    | certifyguide-300-208    | cbtnuggets-100-105    | flydumps-70-417    | gratisexams-1V0-605    | ituonline-1z0-062    | techexams-cas-002    | simplilearn-70-534    | pluralsight-70-697    | theiia-IIA-CIA-PART1    | itexamtips-400-051    | pearsonitcertification-EX200    | pluralsight-70-480    | learn-hp0-s42    | giac-gpen    | mindhub-102-400    | coursesmsu-CBAP    | examsforall-2v0-621    | developerhandbook-70-487    | root-EX200    | coderanch-1z0-809    | getfreedumps-1z0-062    | comptia-cas-002    | quora-1z0-809    | boson-300-135    | killtest-2v0-621    | learncia-IIA-CIA-PART3    | computer-gcih    | universitycloudera-cca-500    | itexamrun-70-410    | certificationHPv2-hp0-s41    | certskills-100-105    | skipitnow-70-417    | gocertify-sy0-401    | prep4sure-70-417    | simplilearn-cisa    |
http://www.pmsas.pr.gov.br/wp-content/    | http://www.pmsas.pr.gov.br/wp-content/    |