playbooks

home / skills / htlin222 / dotfiles / network

network skill

/claude.symlink/skills/network

npx playbooks add skill htlin222/dotfiles --skill network

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
3.4 KB
---
name: network
description: Debug network connectivity, configure load balancers, and analyze traffic. Use for connectivity issues, network optimization, or protocol debugging.
---

# Network Engineering

Debug connectivity and configure network infrastructure.

## When to use

- Connectivity issues
- Load balancer setup
- SSL/TLS problems
- DNS debugging
- Network performance

## Diagnostic commands

### Connectivity testing

```bash
# Basic connectivity
ping -c 4 host.example.com
traceroute host.example.com

# Port check
nc -zv host.example.com 443
telnet host.example.com 80

# DNS lookup
dig +short example.com
dig +trace example.com
nslookup -type=MX example.com

# HTTP testing
curl -v https://api.example.com/health
curl -w "@curl-format.txt" -o /dev/null -s https://example.com
```

### curl-format.txt

```
     time_namelookup:  %{time_namelookup}s\n
        time_connect:  %{time_connect}s\n
     time_appconnect:  %{time_appconnect}s\n
    time_pretransfer:  %{time_pretransfer}s\n
       time_redirect:  %{time_redirect}s\n
  time_starttransfer:  %{time_starttransfer}s\n
                     ----------\n
          time_total:  %{time_total}s\n
```

### SSL/TLS debugging

```bash
# Check certificate
openssl s_client -connect example.com:443 -servername example.com

# Verify certificate chain
openssl s_client -connect example.com:443 -showcerts

# Check expiry
echo | openssl s_client -connect example.com:443 2>/dev/null | openssl x509 -noout -dates

# Test specific TLS version
curl --tlsv1.2 --tls-max 1.2 https://example.com
```

## Load balancer config

### Nginx

```nginx
upstream backend {
    least_conn;
    server backend1.example.com:8080 weight=5;
    server backend2.example.com:8080 weight=3;
    server backend3.example.com:8080 backup;

    keepalive 32;
}

server {
    listen 443 ssl http2;
    server_name api.example.com;

    ssl_certificate /etc/ssl/certs/api.crt;
    ssl_certificate_key /etc/ssl/private/api.key;

    location / {
        proxy_pass http://backend;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_connect_timeout 5s;
        proxy_read_timeout 60s;
    }

    location /health {
        access_log off;
        return 200 "OK";
    }
}
```

## Traffic analysis

```bash
# Capture packets
tcpdump -i eth0 -w capture.pcap port 443

# Read capture
tcpdump -r capture.pcap -n

# Filter by host
tcpdump -i any host 10.0.0.1 and port 80

# Show HTTP requests
tcpdump -i any -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
```

## Common issues

| Symptom            | Check                       | Fix                               |
| ------------------ | --------------------------- | --------------------------------- |
| Connection refused | Port open? Service running? | Start service, open firewall      |
| Connection timeout | Firewall? Route?            | Check security groups, routing    |
| SSL error          | Cert valid? Chain complete? | Renew cert, fix chain             |
| DNS failure        | Resolver? Record exists?    | Check DNS config, add record      |
| Slow response      | Latency? Bandwidth?         | Optimize route, increase capacity |

## Examples

**Input:** "API calls timing out"
**Action:** Test connectivity, check DNS, verify SSL, analyze latency

**Input:** "Set up load balancer"
**Action:** Configure nginx/HAProxy, add health checks, test failover