clawdie/layered-soul
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
layered-soul/skills/systematic-debugging/references/network-ssh-wifi-diagnostics.md
Sam & Claude c3056ac489 fix(docs): mask Tailscale IPs with placeholder variables 
Replace live 100.x IPs with ,
per SOUL.md convention. Removed stale device IP from
network-ssh-wifi-diagnostics reference.
2026-06-21 20:12:58 +02:00

3.1 KiB
Raw Blame History

Network / SSH / Wi-Fi diagnostic notes

Use this reference when investigating SSH/tmux lag, Wi-Fi jitter, hotspot switching, Tailscale reachability, or projector/network interference.

Logging convention for this user

The user dislikes Desktop clutter. For repeated diagnostics, prefer one timestamped logfile under:

mkdir -p "$HOME/.local/state/hermes/net-tests"
LOG="$HOME/.local/state/hermes/net-tests/net-test-$(date +%Y%m%d-%H%M%S).log"
{ ...diagnostics...; } | tee "$LOG"

Use /tmp only for throwaway scratch output. Do not create multiple Desktop files unless explicitly requested.

Network-switch pitfall: stale SSH sessions

When a host switches Wi-Fi networks, existing public SSH sessions may break even if the server is still reachable. Inspect live sockets before concluding the remote is down:

ss -nti '( sport = :22 or dport = :22 )'
ip -brief addr
ip route

Signs of a stale/broken old path include:

  • socket local address from previous network, or FIN-WAIT state
  • nonzero Send-Q / notsent data
  • retrans/backoff
  • weird PMTU collapse

A Tailscale SSH session to another host may survive the same switch if it is bound to the Tailscale path, while a public SSH session to the same or another host may die.

Always compare public vs tailnet identities

For hosts with both public DNS and MagicDNS/tailnet DNS, resolve and test both forms:

getent ahosts osa.smilepowered.org
getent ahosts osa.taile682b7.ts.net
ip route get <public-ip>
ip route get <tailscale-ip>
tailscale ping --timeout=5s --c 5 <name>
timeout 6 bash -c '</dev/tcp/<host>/22' && echo TCP/22-open || echo TCP/22-failed

ICMP ping may fail while TCP/22 and tailscale ping work, so do not use ICMP alone as the availability test.

Hotspot/router gateway test

Do not hardcode the gateway when comparing Wi-Fi vs phone hotspot. Derive it from the current route:

GW=$(ip route show default | awk '{print $3; exit}')
ping -c 80 -i 0.1 "$GW"
ping -c 80 -i 0.1 1.1.1.1

For the user's tested setup, home Wi-Fi used 192.168.1.1, while phone hotspot osa used 10.91.179.29. A script hardcoded to 192.168.1.1 falsely reports gateway loss after switching to the hotspot.

Useful single-log command skeleton

mkdir -p "$HOME/.local/state/hermes/net-tests"
LOG="$HOME/.local/state/hermes/net-tests/ssh-wifi-$(date +%Y%m%d-%H%M%S).log"
{
  date
  echo '## wifi/default route'
  ip -brief addr show wlp1s0 || true
  ip route || true
  nmcli -f GENERAL.CONNECTION,GENERAL.DEVICE,GENERAL.STATE,GENERAL.METERED,IP4.ADDRESS,IP4.GATEWAY,IP4.DNS device show wlp1s0 2>/dev/null || true
  nmcli -f IN-USE,SSID,BSSID,CHAN,FREQ,RATE,SIGNAL,BARS,SECURITY dev wifi list --rescan no 2>/dev/null || true

  echo '## tailscale'
  tailscale status 2>&1 || true
  tailscale netcheck 2>&1 || true

  echo '## routes and sockets'
  ss -nti '( sport = :22 or dport = :22 )' 2>/dev/null || true

  GW=$(ip route show default | awk '{print $3; exit}')
  for target in "$GW" 1.1.1.1 ${DOMEDOG_TS_IP}; do
    echo "--- ping $target"
    ping -c 30 -i 0.2 "$target" 2>&1 | tail -8 || true
  done
} | tee "$LOG"
echo "$LOG"