CloudsArk
Networking Linux

tcpdump Basic Usage Linux

Learn practical tcpdump basic usage linux with Linux commands, verification steps, common mistakes, and related administrator guidance.

8 min read Updated 2026-05-30
linux tcpdump basic

tcpdump Basic Usage Linux

Introduction

This guide focuses on tcpdump basic usage linux from an administrator's terminal. The goal is to configure or verify networking without guessing which layer is broken.

When You Need This

Use this workflow when a host cannot reach another system, name resolution fails, a route is missing, a port is blocked, or NetworkManager configuration needs to be persistent.

Key Files and Commands

hostnamectl
uname -r
systemctl --failed
journalctl -p warning -n 25 --no-pager

Important areas to check are service state, logs, permissions, network reachability, and recent changes. On RHEL-style systems, NetworkManager and firewalld are usually part of the answer.

Step-by-Step Configuration

Start by viewing live state, then change the persistent connection profile if needed. For NetworkManager-managed systems, prefer persistent profiles over runtime-only changes.

hostnamectl
uname -r
systemctl --failed

Verification

journalctl -p warning -n 25 --no-pager
ss -tulpn

A healthy result should look similar to:

0 loaded units listed.
Linux server1 5.14.0-427.el9.x86_64

Troubleshooting

Check interface state, IP address, default route, DNS server, firewall zone, and listening process. If a connection works by IP but not by name, focus on DNS. If DNS works but traffic fails, focus on routes, firewall, and service binding.

Common Mistakes

  • Making several changes at once, which hides the real cause.
  • Skipping logs or verification commands after a change.
  • Assuming the problem is fixed because one command returned successfully.

Quick Checklist

  • Confirm link state and IP address.
  • Confirm default gateway and specific routes.
  • Confirm DNS separately from IP connectivity.
  • Check listening sockets and firewall zones.
  • Make persistent changes through NetworkManager when appropriate.

Summary

Good Linux networking work separates address, route, DNS, firewall, and service checks. Verify each layer before moving to the next one.

Keep exploring

More Linux

All articles
Networking

tcpdump Troubleshooting Examples

8 min read Networking

ss Command Networking Guide

8 min read Networking

nmcli Command Examples

8 min read