Tag Archives: troubleshooting

How To Clear The SSSD Cache In Linux

SSSD

The System Security Services Daemon (SSSD) provides access to identity and authentication providers. Basically rather than relying on locally configured authentication, SSSD is used to lookup its local cache. The entries within this cache may come from different remote identity providers, such as an LDAP directory, FreeIPA, or Active Directory for example.

SSSD caches the results of users and credentials from these remote locations so that if the identity provider goes offline, the user credentials are still available and users can still login. This helps to improve performance and facilitates scalability with a single user that can login over many systems, rather than using local accounts everywhere.

The cached results can potentially be problematic if the stored records become stale and are no longer in sync with the identity provider, so it is important to know how to flush the SSSD cache to fix various problems and update the cache.

Here we’ll cover a couple of different methods to flush out the SSSD cache.

Read more »

How To Change Log Rate Limiting In Linux

How To Change Log Rate Limiting In Linux

By default in Linux there are a few different mechanisms in place that may rate limit logging. These are primarily the systemd journal and rsyslog rate limits that are in place by default.

Here we cover modifying or removing rate limiting for logging.

Read more »

Configure IPv6 Addresses And Basic Troubleshooting In Linux

How To Configure And Troubleshoot IPv6 Addresses In Linux

In the past many system administrators have simply resorted to disabling IPv6 rather than properly configuring it, continuing to rely on the older IPv4 which has worked just fine for a very long time. As the IPv4 address space has since become exhausted, administrators are starting to slowly take up IPv6 out of necessity.

Here we’re going to cover how to configure IPv6 addressing in Linux and provide some basic tips and advice for troubleshooting IPv6 network issues.

Read more »

How To Troubleshoot DNS Client Issues in Linux

Linux Dig

DNS resolution is an important service, without it functioning properly domain names will not be correctly resolved to IP addresses preventing other network services from working correctly. Therefore it is equally important to know how to troubleshoot DNS issues on a Linux client and fix any problems to reduce disruption.

There are multiple potential points of failure during the DNS lookup process such as at the system performing the lookup, at the DNS cache, or on an external DNS server. Here we will cover how to check these and perform various tests to identify where exactly the problem lies.

Read more »

How To Enable Telnet Client in Windows Server 2016

By default the telnet client in Microsoft’s Windows operating systems is disabled, this is unfortunate as it is an extremely useful tool which can be used for testing TCP connectivity to external hosts on a specified port.

This is great when you’re trying to troubleshoot network connectivity problems, for example, say we have a web server which should be listening on port 80 to serve HTTP traffic but we are not able to load a web page, by using telnet to connect to the web server on port 80 we can verify the connectivity.

It may be that the connectivity is fine but there is a problem with the web server, or that the web server is stopped and the port is not listening at all, for instance. With telnet we can get a better understanding of what’s going on.

Read more »

How to enable the Telnet Client in Windows 10

By default the telnet client in Microsoft’s Windows operating systems is disabled, this is unfortunate as it is an extremely useful tool which can be used for testing TCP connectivity to external hosts on a specified port.

This is great when you’re trying to troubleshoot network connectivity problems, for example, say we have a web server which should be listening on port 80 to serve HTTP traffic but we are not able to load a web page, by using telnet to connect to the web server on port 80 we can verify the connectivity.

It may be that the connectivity is fine but there is a problem with the web server, or that the web server is stopped and the port is not listening at all, for instance. With telnet we can get a better understanding of what’s going on.

Read more »

How to use the hosts file to fake DNS

The hosts file is stored on a computer or device to provide local entries for DNS lookup. Normally when you try to resolve a hostname or domain, your computer will consult your specified DNS server to discover the IP address that it points to. This requires that there is an existing DNS server out there with the record that you require, with the hosts file you can fake DNS entries that will resolve only on the local machine.

Why would you want to do this? It’s great for testing or troubleshooting. You may want to use a specific hostname that no DNS exists for, though ideally you should create DNS records where possible as they can be centrally managed. It can help you get around DNS propagation issues, for example if a DNS record has been updated but had a TTL of 24 hours you may have to wait up to this long (assuming the cache cannot be cleared) before the record will resolve to the new IP address. By adding a temporary host file entry you can resolve to the new IP address straight away as the hosts file takes precedence over external DNS.

Read more »

How to “ping” a port

Most of us would be familiar with the simple ICMP based ‘ping’ command which allows us to test for a basic response from some network connected device. While great for basic troubleshooting it does not allow us to confirm if the particular host at the other end is responding on TCP or UDP ports where the majority of services are likely to be provided.

Ping isn’t the be all and end all of network troubleshooting, if a firewall blocks inbound ICMP traffic then a ping will not succeed which can produce a false perception that the host is down as it is not responding to the ping, however other services could still be responding fine.

Alternatively while ping may come back fine with a response it doesn’t indicate if a web server is responding on port 80 for HTTP requests, the web server may have failed and no longer be responding.

So if ping is ICMP based, can we hit a TCP or UDP port for response instead? The answer is yes, let’s take a look.

Read more »

How to test network connectivity with telnet

This post is a follow on from my post last week regarding how to install the telnet client. The telnet client is simple yet extremely powerful in helping us gain a quick idea of where a problem may lie with TCP connectivity, it’s one of my first go to tools to use when testing a network connection to a server.

Read more »

How to enable the telnet client in Windows 8.1

By default the telnet client in Microsoft’s Windows operating systems is disabled, this is unfortunate as it is an extremely useful tool which can be used for testing TCP connectivity to external hosts on a specified port.

This is great when you’re trying to troubleshoot network connectivity problems, for example, say we have a web server which should be listening on port 80 to serve HTTP traffic but we are not able to load a web page, by using telnet to connect to the web server on port 80 we can verify the connectivity.

It may be that the connectivity is fine but there is a problem with the web server, or that the web server is stopped and the port is not listening at all, for instance. With telnet we can get a better understanding of what’s going on.

Read more »