Day 12: Linux Network Services | 100 Days of DevOps
Content:
Today I worked on troubleshooting a real-world Linux network issue where an Apache service was not accessible on port 8088. The issue required debugging at multiple levels including network connectivity, service conflicts, and firewall rules.
What I Learned
Through this task, I understood:
- How to approach troubleshooting step by step
- How port conflicts can break services
- How to identify which process is using a port
- How to adjust configurations safely
- How firewall rules impact service accessibility
Steps I Followed :
1. Checked Connectivity from Jump Host
telnet stapp01 8088
telnet stapp02 8088
telnet stapp03 8088
๐ I started by testing connectivity from the jump host to all app servers.
stapp02andstapp03were reachablestapp01failed
โก๏ธ This confirmed the issue was specific to stapp01, not a global problem.
2. Logged into the Problem Server
ssh tony@stapp01
๐ After identifying the problematic server, I logged in to investigate further.
3. Checked Apache Service Status
sudo systemctl status httpd
๐ The Apache service was not running. ๐ The error message showed: "Address already in use"
โก๏ธ This indicated that another service was already using port 8088.
4. Installed netstat Tool
sudo yum install -y net-tools
๐ The netstat command was not available, so I installed net-tools to inspect open ports.
5. Identified Port Conflict
sudo netstat -tlnup
๐ I checked which service was using port 8088. ๐ Found that sendmail was running on that port.
โก๏ธ This was the root cause โ Apache couldn't start because the port was already occupied.
6. Modified Sendmail Configuration
cd /etc/mail
sudo vi sendmail.mc
๐ I edited the sendmail configuration file and changed its port from 8088 to another unused port.
โก๏ธ This ensured there would be no conflict with Apache.
7. Restarted Sendmail
sudo systemctl restart sendmail
๐ Restarted the service to apply the configuration changes.
8. Verified Port Availability
sudo netstat -tlnup
๐ Checked again to confirm that port 8088 was now free.
9. Tested Apache Before Fix
curl http://localhost:8088
๐ Apache was still not accessible .
10. Checked Firewall Rules
sudo iptables -L -n
๐ I inspected firewall rules and noticed that port 8088 was not explicitly allowed.
โก๏ธ Even if Apache runs, firewall could block access.
11. Allowed Port 8088 in Firewall
sudo iptables -I INPUT 4 -p tcp --dport 8088 -j ACCEPT
๐ Added a rule to allow incoming traffic on port 8088.
12. Restarted Apache Service
sudo systemctl restart httpd
๐ Now that:
- Port conflict was resolved โ
- Firewall rule added โ
I restarted Apache.
13. Final Verification
curl http://localhost:8088
๐ Successfully received a response
โก๏ธ This confirmed Apache is running and accessible locally.
My Understanding
This task taught me that service failures are often caused by multiple layered issues โ not just one. Here, both port conflict and firewall rules had to be resolved to fully fix the problem.
What I Found Interesting
It was interesting to see how a background service like sendmail can unintentionally block a web server. Also, the importance of checking firewall rules after fixing the service was a great real-world lesson.
๐ Full notes: GitHub link