Navigating WTF Moments in Linux
The following is a series of some WTF moments in Linux boxes and how to deal with them.
I can't connect to the Internet!
Try, ping 184.108.40.206, which tries to send a packet via Internet Control Message Protocol (ICMP), to Google's DNS Servers. If this works, your box is connected to the Internet. ICMP runs on port 1, not 80 or 443, so it will not tell you if a server is running on these ports.
I need to check the network interfaces!
A network interface is where a certain computer connects to a network, which can be the Internet or a private network. eth0 is a special network interface because it's the first and is usually connected to the network by a network interface controller, or a NIC. You can get the current IP address of your host by using hostname -I, seeing the output of eth0 from /sbin/ifconfig, or using the command ip addr show.
I can't connect to a website!
Websites usually run on port 80 for HTTP or port 443 for HTTPS, and use the TCP protocol. TCP is different than UDP because it depends on a connection first, and the packets are sent in a numeric ordered and error-checked stream. Error-checking occurs when the sender expects a response back from the recipient stating that it has received the message. UDP, on the other hand, does not have error-checking and therefore if a few packets are lost in transmission, the sender will not try to resend those packets, or even know those packets were lost. UDP is commonly used in live broadcasts, such as Facebook Live.
The system is slow!
This could be caused by the filesystem being out of space, the memory is too high, too many processes running jamming ports or countless other ways.
The filesystem is out of space!
df command, which stands for "disk filesystem" is often used in Linux
environments to determine if how much space a filesystem is using. With the
flag, -h, df -h prints out the information in a human-readable format - this
format generally uses gigabytes to denote how much space is being used. To
get information about the home directory, you can type df -hT /home, which
well tells you the filesystem mount used.
There is a deadlock!
A deadlock occurs when a non-preemptible resource, which can be memory a process cannot release, is unavailable for another process to complete. A semaphore in a system, which is an integer variable dictating sleep, wake, and access patterns system-wide, can be used to determine the current state of the deadlock. A mutex is a simplified version of a semaphore and can only be 1 or 0. In Linux, you can typically find semaphores mounted under /dev/shm, or perhaps they're in memory that's shared by multiple processes.
Someone just dumped me a core dump!
A core dump is a recording of the computer's memory when a given process or the whole computer itself crashed. You can read a core dump using gdb which stands for the GNU Debugger. You can use it with gdb /path/to/the/binary /path/to/the/core. In the core dump and reading that file with the debugger, you can see how memory was allocated in a given program, and see if there are leaks in your program.
There are a lot of system-interrupts, what is the issue?
There could be many I/Os, page faults, or incoming network packets.
I don't know what traffic is coming in based on the ports!
HTTP uses port 80. HTTPS uses port 443. FTP uses port 21. DNS unen port 53. Telnet uses port 23. SSH uses port 22.
DNS is Slow!
This could be because you're not using authoritative DNS, which is a way of distributing the load geographically. All apps with a lot of traffic should consider this approach because DNS like everything else should have load-balancing.
Too many Zombie Processes!
A zombie process is a subprocess that finished (normally or otherwise), but
it's not yet reaped by its parent. You can find them via
ps axo stat,ppid,pid,comm | grep -w defunct and kill them via