Network Troubleshooting on macOS: A Step-by-Step Guide

Introduction / Why This Is Needed

Network diagnostics on macOS often boil down to restarting the router or toggling Wi-Fi. However, when simple methods fail, a systematic approach is required. This guide will walk you through a chain of checks—from the physical layer to configuration files. You'll learn how to independently determine where the connection breaks: on your Mac, in the local network, or with your ISP. This will save time on support calls and allow you to articulate the problem precisely.

Requirements / Preparation

Before you begin, ensure:

1. You have access to an account with administrator privileges (for sudo commands).
2. Terminal is available in Applications -> Utilities or via Spotlight (Cmd+Space, type "Terminal").
3. You know your router's IP address (usually 192.168.1.1 or 192.168.0.1). If you don't know it, find it on any other device on the network (e.g., in Wi-Fi settings on an iPhone: Network -> [your network] -> router).
4. You have stable power (especially during the step of renaming system files).

Step-by-Step Instructions

Step 1: Basic Check of Physical Connection and Interfaces

First, determine which network interfaces are active and visible to the system.

1. Open Terminal.
2. Run the command:

ifconfig

It will list all network interfaces. We are interested in:

• en0 (usually Ethernet)
• en1 (may be a second Ethernet or Wi-Fi)
• utun (VPN tunnels)
• awdl0 (Apple Wireless Direct Link, for AirDrop, etc.)

3. Find the active interface (it will have an IP address after inet, e.g., inet 192.168.1.102). If the needed interface (e.g., en0 for wired connection) has no inet address, it means it didn't get an IP from the DHCP server (router). If the interface isn't in the list at all, the problem might be at the driver or hardware level.

Step 2: Checking the Chain: Local Network -> Gateway -> Internet

This is the key test that categorizes problems into three.

1. Ping the router (local segment):

ping -c 5 192.168.1.1

(replace 192.168.1.1 with your router's IP).

• Success (0% packet loss): connection to the router exists, the problem is further along.
• Failure (100% packet loss): either the router doesn't respond to ping (this is normal for some models if ICMP response is disabled), or the physical/link-layer connection isn't working.

2. Ping a public DNS (internet):

ping -c 5 8.8.8.8

• Success: internet works, the problem is DNS (see Step 3).
• Failure: either there's no route to the gateway, the gateway isn't working, or your ISP has issues.

3. Ping a domain name (DNS check):

ping -c 5 google.com

• Success: DNS is working.
• Failure (but ping 8.8.8.8 works): the problem is definitely name resolution. Proceed to Step 3.

Step 3: Analyzing the Routing Table and DNS Servers

If ping to 8.8.8.8 fails but ping to the router succeeds, check the routing table.

netstat -nr

In the output, find the line with default (default gateway). Ensure the Gateway column shows your router's IP (e.g., 192.168.1.1). If it shows -- or a different IP, the route isn't configured.

Next, check DNS:

scutil --dns

In the resolver section, find nameserver[0]. This should be your router's IP or a public DNS (8.8.8.8, 1.1.1.1). If it's empty or shows a non-working address, that's the cause.

To quickly switch to Google Public DNS for testing (if needed), you can temporarily add:

sudo networksetup -setdnsservers Wi-Fi 8.8.8.8 8.8.4.4

(replace Wi-Fi with Ethernet for a wired connection). After testing, revert to automatic: sudo networksetup -setdnsservers Wi-Fi Automatic.

Step 4: Overwriting Network Configuration Files

If the settings seem correct but the problem persists, the configuration files might be corrupted. This is a safe operation: the system will recreate them with default values.

1. Open Terminal.
2. Rename the configuration folder (this requires sudo):

sudo mv /Library/Preferences/SystemConfiguration /Library/Preferences/SystemConfiguration.bak

3. Restart your Mac ( -> Restart).

After booting, the system will create a new SystemConfiguration folder with clean files (e.g., com.apple.airport.preferences.plist, NetworkInterfaces.plist). You may need to reconnect to your Wi-Fi network (enter the password).

Step 5: Flushing DNS and Network Service Caches

Sometimes a forced cache flush helps.

1. Clear the DNS cache:

sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder

2. Restart the network service (a rougher method):

sudo ifconfig en0 down  # replace en0 with your interface
sudo ifconfig en0 up

Or restart your Mac.

Checking the Result

After each step (especially after Steps 4 and 5), run the tests from Step 2:

1. ping -c 4 192.168.1.1 (router)
2. ping -c 4 8.8.8.8 (internet)
3. ping -c 4 google.com (DNS)

A successful result means 0% packet loss on all three stages. Also check if websites load in your browser.

If the problem remains, move to the next step or the "Possible Issues" section.

Possible Issues

Error: ping: sendto: Operation not permitted

Cause: Firewall or parental controls are blocking outgoing ICMP requests. Solution: Temporarily disable the firewall in System Preferences -> Security & Privacy -> Firewall. Or run sudo pfctl -d (if using PF).

Error: ifconfig: interface en0 does not exist

Cause: The interface was renamed (often after a macOS update) or the driver failed to load. Solution: Find the exact interface name via ifconfig | grep status. Or check if the adapter is visible in System Preferences -> Network. If not—restart your Mac.

Wi-Fi doesn't appear in settings after renaming the SystemConfiguration folder

Cause: The system didn't have time to create new files, or there are permission issues. Solution: Check that the SystemConfiguration folder now exists (ls /Library/Preferences/SystemConfiguration). If not—rename it back: sudo mv /Library/Preferences/SystemConfiguration.bak /Library/Preferences/SystemConfiguration and restart. Then try creating a new network via the interface.

Ping to router works, but browser doesn't load pages

Cause: Problem at the HTTP/HTTPS layer (port 80/443), possibly ISP blocking or incorrect proxy settings. Solution: Check proxies: scutil --proxy. It should show HTTP Proxies: <null>. If proxies are set, disable them in network settings. Also try curl -I https://google.com to check headers.

Network works, but Mac doesn't connect after sleep

Cause: Outdated or conflicting power-saving settings for Wi-Fi. Solution: In Terminal run:

sudo pmset -a womp 1  # Wake on Wi-Fi
sudo pmset -a networkoversleep 0

Or reset Wi-Fi settings (Step 4)—this often solves the issue.

FAQ

What if all steps fail and the problem is only on this Mac? Likely a hardware failure of the network card (especially for Ethernet) or a conflict with third-party software (antivirus, VPN client). Try booting into Safe Mode (hold Shift during boot) and check the network. If it works in Safe Mode—the problem is a third-party kernel extension (KEXT).

How to diagnose if I only have Wi-Fi and can't connect via cable? Use the airport utility for detailed Wi-Fi info. In Terminal:

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s

(list of networks) and

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I

(current stats: RSSI, speed, BSSID). Low RSSI (< -70 dBm) indicates a weak signal.

Can I automate the diagnostics? Yes, there are scripts like netdiag (from Apple in the Additional Tools for Xcode package), but built-in tools are sufficient. You can create your own bash script combining ping, ifconfig, and netstat.

Are the sudo commands in this guide safe? Yes, all commands (mv, networksetup, dscacheutil) are safe when used correctly. However, carefully check paths and interface names (en0, en1). Accidentally deleting system files outside the SystemConfiguration folder could harm the system.