5.5 Network Problems

Many of your NLD system problems might be network related, even though they don't seem to be at first. For example, the reason for a system not allowing users to log in as mentioned in The machine loads the GRUB boot loader properly and boots Linux, but presents a text-based console with a login prompt rather than a graphical desktop login manager. might be a network problem of some kind.

This section presents a simple step list you can apply to identify the cause of any network problem you encounter.

When checking the network connection of your NLD machine, proceed as follows:

  1. If using an Ethernet connection, check the hardware first. Make sure your network cable is properly plugged in to your computer. The control lights right next to your Ethernet connector should both be active.

    If the connection fails, check whether your network cable works with another machine. If it does, your network card causes the failure. If hubs or switches are included in your network setup, suspect them to be the culprits as well.

  2. If using a wireless connection, check whether the wireless link can be established by other machines. If not, contact the wireless network's administrator.

  3. After you have checked your basic network connectivity, try to find out which service is not responding.

    Gather the address information of every network server needed in your NLD setup. Either look them up in the appropriate YaST module or ask your system administrator. The following list gives you some of the typical network servers involved in an NLD setup together with the symptoms an outage of these servers would have on your NLD machine.

    Server/Outage

    Symptoms

    DNS (name service)

    A broken or malfunctioning name service affects the network's functioning in many ways. If the local NLD machine relies on any network servers for authentication and these servers cannot be found due to a broken DNS, users cannot even lo in. Machines in the network managed by a broken name server are not able to “see” each other and communicate.

    NTP (time service)

    A malfunctioning or completely broken NTP service could affect Kerberos authentication and X server functionality.

    NFS (file service)

    If any application needs data stored in an NFS mounted directory, it cannot start up or function properly if this service is down or misconfigured. In a worst case scenario, a user's personal desktop configuration does not come up if his home directory containing his .gconf or .kde subdirectories cannot be found due to an outage of the NFS server.

    Samba (file service)

    If any application needs data stored in a directory stored on a Samba server, it cannot start up or function properly if this service is down.

    NIS (user management)

    If your NLD system relies on a NIS server to provide user data, users cannot log in to this machine if the NIS service is down.

    LDAP (user management)

    If your NLD system relies on an LDAP server to provide user data, users cannot log in to this machine if the LDAP service is down.

    Kerberos (authentication)

    Authentication does not work and login to any machine fails.

    CUPS (network printing)

    Users cannot print.

  4. Check whether the network servers are running and whether your network setup allows you to establish a connection.

    1. Use ping hostname (hostname being the hostname of the server you want to connect to) to check whether each server is up and responding to the network.

      If this command is successful, it tells you that the host you are looking for is up and running and that the name service for your network is configured correctly.

      If ping fails with destination host unreachable, either your system or the server you are trying to connect to is not properly configured or is down. Check whether your system is reachable by issuing ping your_hostname at another machine. If you succeed in reaching your machine at another machine, it is the server which is either not running at all or not configured correctly.

      If ping fails with unknown host, the name service is not configured correctly or the hostname you used is incorrect. Use ping -n ipaddress to try to connect to this host without name service. If this is successful, check the spelling of the hostname and look for a misconfigured name service in your network. For further checks on this matter, refer to Step 4.b. If ping still fails, either your network card is not configured correctly or your network hardware is faulty. Refer to Step 4.c for information on this.

    2. Use host hostname to check whether the hostname of the server you are trying to connect to is properly translated into an IP address and vice versa.

      If this command returns the IP address of this host, the name service is up and running. If the host command fails, check all network configuration files relevant to name/address resolution on your host:

      File

      Description

      /etc/resolv.conf

      Keeps track of the name server and domain you are currently using. It can either be modified manually or be automatically adjusted by YaST. The latter option is preferable. However, make sure this file has the following structure and all network addresses and domain names are correct:

      search fully_qualified_domain_name

      nameserver ipaddress_of_nameserver

      This file can contain more than one name server address, but at least one of them must be correct to provide name resolution to your host. If needed, adjust this file via the YaST Hostname and Nameserver Module.

      If your network connection is handled via DHCP, let YaST change these parameters for you by selecting Change host name via DHCP and Change name servers and search list via DHCP in the Host name and name server configuration dialog of the YaST network module.

      /etc/nsswitch.conf

      Directs Linux where to look for name service information. The file should look like this:

      ...hosts:	files dnsnetworks: 	files dns...

      The dns entry is vital, because it tells Linux to make use of an external name server. Normally, these entries are automatically made by YaST, but it never hurts to check.

      If all the relevant entries on the host are correct, check the DNS server configuration for the correct zone information. For detailed information on DNS, see “Section 27.1, DNS—Domain Name System” in the SUSE LINUX Enterprise Server 9 Administration Guide.

      If you have made sure that the DNS configuration of your host and the DNS server are correct, proceed with checking the configuration of your network and network card in Step 4.c.

    3. If your system cannot establish a connection to a network server and you have excluded name service problems from the list of possible culprits, check the configuration of your network card.

      Use ifconfig network_device (executed as root) to check whether this device was properly configured. Make sure both inet address and Mask are configured correctly. A typo in the IP address or a missing bit in your network mask would render your network configuration unusable. If necessary, perform this check on the server machine as well.

    4. If name service and network hardware are properly configured and running, but some (external) network connections still get long timeouts or fail entirely, use traceroute fully_qualified_domain_name (executed as root) to track the network route these requests are taking.

      This command lists any gateway (hop) a request from your machine passes on its way to its destination. It also lists the response time of any hop and whether this hop is reachable at all. Use a combination of traceroute and ping to track down the culprit and, if this machine is in your company's network, let the administrators know.

After you have identified the cause of your network trouble, you can resolve the problem either yourself (if the problem is located on your machine) or let the system administrator of your network know about your findings so he can reconfigure the services or repair the machine they are running on.