L N I U N X U N E N T E WORK R I K N I G N

LINUX NETWORKING By VIKAS DEBNATH OPEN PATH EDUCATIONS 39 A , 3rd Floor , Near Ram Mandir,Opp. Bhikaji Cama Place Mohammadpur , New Delhi -110066 P...
Author: Alban Russell
1 downloads 2 Views 1MB Size
LINUX NETWORKING By VIKAS DEBNATH

OPEN PATH EDUCATIONS

39 A , 3rd Floor , Near Ram Mandir,Opp. Bhikaji Cama Place Mohammadpur , New Delhi -110066 Ph: 011-41097448,9810028374 [email protected] http://www.linuxsolutions.org.in

Though you can usually ally manage your network settings via the GUI in most Linux distros these days, it's always good to be familiar with the command command-line line tools. So we're going to review some select commands from a couple of tools that are typically included in the popular Lin Linux ux distros. As we are learning Industrial Linux , We use to support client through remote connections like ssh, telnet etc, most of the time cli – command line interface ins available , so that we must line CLI to handle the task

ifconfig : [root@mail ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:26:5A:70:E4:31 inet addr:10.160.38.26 Bcast: Bcast:10.160.38.255 Mask:255.255.255.0 inet6 addr: fe80::226:5aff:fe70:e431/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:947046180 errors:0 dropped:0 overruns:0 frame:0 TX packets:1070906494 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:407225458148 (379.2 GiB) TX bytes:944059150712 (879.2 GiB) Interrupt:74 eth1

Link encap:Ethernet HWaddr 00:21:5E:67:6C:87 inet addr:203.90.65.203 Bcast:203.90.65.207 Mask:255.255.255.248 inet6 addr: fe80::221:5eff:fe67:6c87/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:52492236 errors:0 dropped:0 overruns:0 frame:0 TX packets:152779024 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:15251356854 :15251356854 (14.2 GiB) TX bytes:176092599911 (163.9 GiB) Memory:91b80000-91ba0000 91ba0000

lo

Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:164 MTU:16436 Metric:1 RX packets:24201668 errors:0 dropped:0 overruns:0 frame:0 TX packets:24201668 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0

OPEN PATH EDUCATIONS

RX bytes:41842433924 (38.9 GiB) TX bytes:41842433924 (38.9 GiB)

Provide basic information of network interface • • • • •

Ipaddress Subnet Mask Broadcast Address MAC Address No of Interfaces like eth0 , eth1, lo

What is lo ? The Loopback Interface As you ou can see, the loopback interface has been assigned a netmask of 255.0.0.0, since 127.0.0.1 is a class-A A address. As you can see, the interface doesn't have a broadcast address set, which isn't normally very useful for the loopback anyway. However, if you run the rwhod daemon on your host, you may have to set the loopback device's broadcast address in order for rwho to function properly.

Ifconfig : This command is number one command in the alphabet of Linux networking. It configures network interfaces. Itt features include • • • •

Turning certain network interface on and off. Changing interface IP address. Changing netmask, MTU and other network parameters of the interface. Putting interface into promiscuous mode.

Promiscuous mode ? 1) In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that captures and saves all packets for analysis (for example, exam for monitoring network usage). 2) In an Ethernet local area network (LAN), promiscuous mode is a mode of operation in which every data packet transmitted can be received and read by a network adapter. Promiscuous

OPEN PATH EDUCATIONS

mode must be supported by each networ networkk adapter as well as by the input/output driver in the host operating system. Promiscuous mode is often used to monitor network activity. Promiscuous mode is the opposite of non non-promiscuous promiscuous mode. When a data packet is transmitted in non-promiscuous promiscuous mode, all the LAN devices "listen to" the data to determine if the network address included in the data packet is theirs. If it isn't, the data packet is passed onto the next LAN device until the device with the correct network address is reached. That device then en receives and reads the data.

Define network parameters in configuration files: Define new device in folder /etc/sysconfig/network /etc/sysconfig/network-scripts/ Files like ifcfg-eth0 ifcfg-eth1 eth1 ifcfg ifcfg-eth2

/etc/sysconfig/network-scripts/ifcfg-eth1 eth1 # Intel Corporation ation 82574L Gigabit Network Connection DEVICE=eth1 BOOTPROTO=static HWADDR=00:21:5e:67:6c:87 ONBOOT=yes IPADDR=203.90.65.203 NETMASK=255.255.255.248 TYPE=Ethernet

View the above file carefully content LHS of sign = are in CAPITAL letter and content in the RHS are in SMALL letter

• • • • • • •

DEVICE= information for devices i.e eth0,eth1,eth0:1,eth0:2 BOOTPROTO= information for boot protocol i.e. static or dhcp HWADDR= MAC Address information of NIC ONBOOT= information for enable /disable interface at boot time i.e yes/no IPADDR= Information IPADDRESS NETMASK= Information SUBNET MASK TYPE= Encapsulation type ( ETHERNET )

Virtually we can provide ipaddress to interface using command like

OPEN PATH EDUCATIONS

ifconfig eth1 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255 ifconfig eth1:1 192.168.10.13 netmask 255.255.255.0 ifconfig eth1:2 10.0.0.1

but by restarting network work service or reboot , all result of this commands will vanish , this is for temporary use only . to make this permanent you should make files in directory /etc/sysconfig/network /etc/sysconfig/network-script

To provide multiple ipaddress in a single Ethernet card :: ifconfig config eth1:1 192.168.10.13 netmask 255.255.255.0 ifconfig eth1:2 172.16.0.13 netmask 255.255.0.0 ifconfig eth1:3 10.0.0.13 netmask 255.0.0.0

to make this permanent make like below in directory /etc/sysconfig/network /etc/sysconfig/network-script script and restart network service

/etc/sysconfig/network-scripts/ifcfg-eth1 eth1:1 DEVICE=eth1:1 BOOTPROTO=static HWADDR=00:21:5e:67:6c:87 ONBOOT=yes IPADDR=192.168.10.13 NETMASK=255.255.255.0 TYPE=Ethernet /etc/sysconfig/network-scripts/ifcfg-eth1 eth1:2 DEVICE=eth1:2 BOOTPROTO=static HWADDR=00:21:5e:67:6c:87 ONBOOT=yes IPADDR=172.16.0.13 NETMASK=255.255.0.0 TYPE=Ethernet /etc/sysconfig/network-scripts/ifcfg-eth1 eth1:3 DEVICE=eth1:3 BOOTPROTO=static HWADDR=00:21:5e:67:6c:87 ONBOOT=yes

OPEN PATH EDUCATIONS

IPADDR=10.0.0.13 NETMASK=255.0.0.0 TYPE=Ethernet

Provide range of IP Address:: /etc/sysconfig/network-scripts/ifcfg scripts/ifcfg-eth1-range0 IPADDR_START=192.168.1.1 IPADDR_END=192.168.1.200 CLONENUM_START=10

CLONENUM_START ? CLONENUM_START value specifies starting identifier of alias that will be applied to eth1 interface, in above example the first 192.168.1.1 will be assigned to eth1:10 alias. The last IP of the range 192.168.1.200 will be applied to eth:210 sub-interface. This is totally easy approach.

Link Status: • •

ethtool mii-tool

mii-tool eth0: negotiated 100baseTx-FD, FD, link ok eth1: negotiated 100baseTx-FD FD flow flow-control, link ok eth2: negotiated 100baseTx-FD FD flow flow-control, link ok

ethtool eth0 Settings for eth0: Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Half 1000baseT/Full Supports auto-negotiation: Yess Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Half 1000baseT/Full

OPEN PATH EDUCATIONS

Advertised auto-negotiation: negotiation: Yes Speed: 100Mb/s Duplex: Full Port: Twisted Pair PHYAD: 0 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Current message level: 0x00000037 (55) Link detected: yes

By using shell: try this command ifconfig $1 | egrep 'UP |DOWN ' | sed "s/ "s/\s*\(\w*\)\s*.*/$1: \1/" Turn on/off network interface

Here are few simplest use scenarios ifconfig down or ifdown Will turn off specified network interface

Ifconfig eth0 down Or Ifdown eth0

ifconfig up or ifup Will turn specified network interface on.

Ifconfig eth0 up Or Ifup eth0

GATEWAY INFORMATION: To configure default gateway edit file /etc/sysconfig/network NETWORKING=yes NETWORKING_IPV6=no

OPEN PATH EDUCATIONS

HOSTNAME=mail.geodis.co.in GATEWAY=220.227.13.153

This file shows very important parameter like HOSTNAME,GATEWAY,NETWORKING

TESTING A GATEWAY :: netstat –rn or route –n

netstat -rn Kernel IP routing table Destination 220.227.13.154 203.90.65.200 220.227.13.152 0.0.0.0

Gateway 220.227.13.153 0.0.0.0 0.0.0.0 220.227.13.153

Genmask 255.255.255.255 255.255.255.248 255.255.255.248 0.0.0.0

Flags UGH U U UG

MSS Window irtt 00 0 eth2 00 0 eth1 00 0 eth2 00 0 eth2

These lines are showing routing tables of this machine , very la last st line shows default gateway option. Once you configure your gateway in /etc/sysconfig/network file , should verify with this command after restarting network service.

CONFIGURE DNS: To configure DNS server information , you have to make entry in file /e /etc/resolv.conf tc/resolv.conf for ( primary, secondary .. DNS Server ) /etc/resolv.conf nameserver 203.90.66.79 nameserver 220.88.103.100 nameserver 8.8.8.8

OPEN PATH EDUCATIONS

Note: DNS 4.2.2.2 is open DNS , 8.8.8.8 is DNS service provides by GOOGLE , We should not use this on commercial setup because these server are heavy loaded and slow sometimes effect our internal services. You should use DNS server of respective ISP or build your own DNS Server.

Routing : IP Routing

Linux IP Routing Fundamentals probably you know how to check the existing routes (or even add/modify routes) on Linux using route or netstat command. You migh’ve done that without understanding much about how IP routing works. This article will help you understand the principles behind the IP routing and ho how w it works. This is the 1st part in the IP Routing series of articles. IP routing involves forwarding of IP datagrams. Its a simple process in which the host sends the IP datagram directly to the destination if the destination host is connected. For example, examp through a point to point link or through a shared network. If the destination host is not directly connected then the host sends the IP datagram to the default router and lets the router decide where to send the IP datagram further. The data in routing table is generally in the form of entries. A typical routing table entry contains the following main entries : •





Destination IP address : This field represents the IP address of the destination. This IP address could be the address of a single host or coul could d that be of a network. If this entry contains the IP address of a host then it is signified by a non zero host ID in the address while if the entry contains the IP address of a network then it is signified by a host ID value of 0. IP address of next route router : Why have we used the term ‘next’ is because this is not always the final router but it could very well be an intermediate router. This entry gives the IP address of the next router which decides how to further send an IP data gram received on its interface. Flags : This field provides another set of vital information like destination IP address (specified above) is a host address or a network address. Also, flags convey whether the next router (specified above) is really a next router or a directly conn connected ected interface.

OPEN PATH EDUCATIONS



Network interface specs : Some specification about the network interface the datagram should be passed for further transmission.

How Basic Routing Works?

So if we briefly try to visualize the routing process now, then we see that as soon as a a datagram from a network is received at the IP layer of a host (which is configured to act like a router) then after verifying that the destination IP address in the packet is not that of this host the routing tables are consulted. Any entry whose firstt field matches the destination IP address completely(a host) or partially (a network) would signal the IP address of the next router. This is the vital information that a host (acting like a router) would require to forward a packet as this information di directly rectly tells on which next router the datagram should be forwarded to. All the other fields in the entry support the decision making by providing more information for routing. In the paragraph above we build a basic understanding but if we try to get a lev level el deeper then the following points give the detailed information about the routing table algorithm: •



• •

First the routing table is searched for an entry whose ‘Destination IP address’ field matches the datagram destination IP address completely. By completely, it is meant that the host ID and network ID of the IP addresses match. If found, then the datagram is sent to that interface or to the intermediate router. If a complete match is not found then a search for matching network ID is done. If found then the datagram is forwarded to the indicated router. So we see that all the hosts on this network are managed by this single entry in the routing table. If none of the above two is true then the datagram is forwarded to a ‘default router’. If the above step also fails ie there is not default router then the datagram ends up being undeliverable. Any undeliverable datagram would produce an ICMP host unreachable or ICMP network unreachable error and this error is returned to the application that generated this datagram.

Sometimes one would ask as to why there are two types of entries in the routing table or to be more precise why network related entries are needed in a router? Well, having entries in routing table corresponding to networks has a big advanta advantage. ge. The advantage is that by having an entry related a complete network avoids the need to have a huge number of separate entries of each host on that network. This brings down the size of the routing table to a significant level which is always good. Command to list routing tables

You can use netstat command to list the routing tables as shown below. $ netstat -rn Kernel IP routing table

OPEN PATH EDUCATIONS

Destination 192.168.2.0 169.254.0.0 0.0.0.0

Gateway 0.0.0.0 0.0.0.0 192.168.2.1

Genmask 255.255.255.0 255.255.0.0 0.0.0.0

Flags U U UG

MSS 0 0 0

Window 0 0 0

irtt Iface 0 eth0 0 eth0 0 eth0

The output provides a detailed information in the destination IP addresses and their gateways. The flag ‘U’ suggests that the route is up and the flag ‘G’ suggests that the router is to a gateway (router). If this flag is not set then it can be assumed that the destination is directly connected.

Routing Principles

A fundamental difference between a normal host and a router is that a host never forwards a datagram from one interface to other while a router can forward a datagram. Today, most of the multiuser tiuser systems can be configured to act as a router. So, a common routing algorithm can be specified that can be used by the router as well as by a host. When a host can act like a router, it is generally said that the host has an embedded router functionality. functiona Such a host which has an embedded router functionality should never forward datagrams until and unless configured to do so ie configured to act like a router. IP layer maintains a routing table which it uses while making decisions about what to do with wi the datagram received. When the data gram is received from the network then IP layer first checks its IP address to see if the IP address is of its own or not. In case the destination IP address in the datagram is of its own then the datagram is sent to t the appropriate protocol at the transport layer but if the destination address is not of its own then the datagram is forwarded if the host was configured to act like a router otherwise the datagram is discarded. This is another one of the most useful co commands mmands available for you in your toolbox. It manages routes between your computer and other computers and networks. Configure default gateway One of the most important task that you can accomplish with this command is setting default gateway. This is how you do it.

route add default gw

Here, ip address is the address of the default gateway.

OPEN PATH EDUCATIONS

Add routing table entry for specified network With following command you can add a static route to either a network or a specified host. This is how you do it. route add -net net netmask gw route add -net net netmask dev

These two commands add a new static route to a network. The network address should end with 0 e.g 192.168.10.0. Otherwise route will return an error. Another way to specify the sub sub-network network is by using the CIDR notation.** In this case you don’t need to specify the netmask. For example Using network interface name instead of gateway nteresting thing to notice here is that you can specify that packets to given IP address should be transmitted via certain network interface. This works with conjunction with ARP table. For example. route add -net net 192.168.101.0/24 dev eth1

Add routing table entry for specified host

Another kind of routes that you can add with route command is route to certain host. This is how you do it. route add -host host gw route add -host host dev

The principle is the same, although instead of spec specifying ifying the network you specify a single host. For example. route add -host host 192.168.100.100 gw 192.168.102.5

Removing routing table entries When you want to remove a route, you can do it by specifying del instead of add. Here are several examples of commands ds removing routes. route del -host 192.168.100.100 route del -net 192.168.101.0/24 route del -net net 192.168.101.0 netmask 255.255.255.0

Note that when removing a route, there is no need to specify the gateway or the network interface that being used to reach that network or a host. The network or a host identifiers are enough to remove the route.

OPEN PATH EDUCATIONS

**What Is CIDR ?

Internet is a network of sub-networks. networks. Netmask is a way to describe your sub sub-network. network. I.e. one uses netmask to describe range of IP addresses that are part of the network. If you do logical AND between IP address and the netmask and you end up with a so called base network address. Base network address is the same for all subnet participants. Although netmask allows you to declare subnets where for instance 192.168.0.100 and 193.168.23.129 are in the same subnet, the common practice is significantly different. Instead of tinkering higher bits of the netmask, people usually change lower bits of the netmask, one by one. As a result, most of the timee we can identify a subnet by simply counting number of most significant ones in the netmask. I.e. netmask 255.255.255.0 contains 24 ones, out of 32. You may count least significant zeros in the netmask. In that case you’ll have to subtract the result from 32. To write subnet specification in CIDR notation, just write subnet base address followed by / and number of ones in the netmask. For instance, 192.168.0.0 netmask 255.255.255.0 in CIDR will look like this: 192.168.0.0/24. And if the netmask is 255.255. 255.255.0.0, 0.0, we will write 192.168.0.0/16. Finally, a more complex example, if netmask is 255.255.252.0, we will write 192.168.0.0/22. 192.168.0.0 Subnet Mask 255.255.255.0 IN CIDR 192.168.0.0/24 172.16.0.0 Subnet Mask 255.255.0.0 IN CIDR 172.16.0.0/16 10.0.0.0 Subnet Mask 255.0.0.0 IN CIDR 10.0.0.0/8

This is very useful on our routing PC ( Gateway or proxy ) when we working on MPLS like environment. We have to connect different network to provide service from one server.

How to configure Linux machin machine as router? Here are some simple steps to do it, using Network Address Translation (NAT)

1. Enable packet forwarding . Make it permanent by adding "net.ipv4.ip_forward = 1" to /etc/sysctl.conf echo "1" > /proc/sys/net/ipv4/ip_forward

2. Enable iptables to handle ndle NAT. ( eth0 is the public connection ) /sbin/iptables -t nat -A A POSTROUTING -o eth0 -j MASQUERADE

OPEN PATH EDUCATIONS

3. Save iptables settings service iptables save

4. Done. Check by routing table by verifying "netstat -nr" and iptables rules by "iptables -L" -

A Sample Network Architecture (to understand routing) Let us use the following sample network architecture for the rest of the examples. In the diagram below, we have 2 individual networks ( 192.168.1.0 and 192.168.3.0, with subnet mask of 255.255.255.0 ). We also have a “GATEWAY” machine with 3 network cards. 1st card is connected to 192.168.1.0, 2nd card is connected to 192.168.3.0, and the 3rd card is connected to the external world.

5. Make 192.168.3.* Accessible from 192.168.1.*

Now we need to add a routing entry ntry such that we are able to ping 192.168.3. series ip-addresses ip from 192.168.1. series. The common point we have is the GATEWAY machine. So, on each machine in 192.168.1.* network a default gateway will be added as shown below.

OPEN PATH EDUCATIONS

$ route add default gw 192.168.1.10 .168.1.10

Now when 192.168.1.1 pings 192.168.3.1, it will go to the GATEWAY via 192.168.1.10. In GATEWAY, add the following routing entry. $ route add -net net 192.168.3.0 netmask 255.255.255.0 gw 192.168.3.10

Now all the packets addressed to 192.168.3.* netwo network rk will be forwarded via the 192.168.3.10 interface, which then delivers the packets to the addressed machine. 6. Make 192.168.1.* Accessible from 192.168.3.*

It is very similar to what we did earlier. So, on each machine in 192.168.3.* network a default ggateway ateway will be added as shown below. $ route add default gw 192.168.3.10

In GATEWAY, add the following routing entry. $ route add -net net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.10

Now 192.168.3.* machines can ping 192.168.1.* machines. 7. Allow Internet et Access ( External World )

In the previous two example, we have interconnected the 2 different networks. Now we need to access the internet from these 2 different networks. For that, we can add a default routing ( when no routing rule matches ) to the 12 125.250.60.59 5.250.60.59 which is connected to the external world as follows. $ route add default gw 125.250.60.59

This is how it works: 1. Now when you try to access the internet (for example: ping google.com) from any of these machines (for example, from 192.168.3.2), the following is the sequence of events that happens. 2. Since the destination (google.com) is not within 3.* series, it will be forwarded to GATEWAY via 3.10 interface 3. In GATEWAY, it checks whether the destination is within 1.* range. In this example, it is not. 4. It then checks whether the destination is within 2.* range. IN this example, it is not 5. Finally, it takes the default route to forward the packets (i.e using the 125.250.60.59 interface, which is connected to the external world).

OPEN PATH EDUCATIONS

Network Tools: PING in depth :: Ping Tutorial

15 Effective Ping Command As you already know, ping command is used to find out whether the peer host/gateway is reachable. If you are thinking ping is such a simple command and why do I need 15 examples, you should read the rest of the article. Ping command provides lot more options than what you might already know. Ping Example 1. Increase or Decrease the Time Interval Between Packets

By default ping waits for 1 second before sending the next packet. You can increase or decrease de this using option -ii as shown below. Increase Ping Time Interval

Example: Wait for 5 seconds before sending the next packet. $ ping -i 5 IP

Decrease Ping Time Interval Exam # ping -i 0.1 IP

Note: Only super user can specify interval less than 0.2 seconds. If not, you’ll get the following error message. $ ping -i 0.1 127.0.0.1 PING 0 (127.0.0.1) 56(84) bytes of data. ping: cannot flood; minimal interval, allowed for user, is 200ms

OPEN PATH EDUCATIONS

Ping Example 2. Check heck whether the local network interface is up and running

Before checking whether the peer machine is reachable, first check whether the local network network is up and running using any one of the following 3 methods. Ping localhost using zero (0)

This is probably the easiest and simplest way to ping a local host $ ping 0 PING 0 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.024 ms ^C

Ping localhost using name $ ping localhost PING localhost (127.0.0.1) 56(84) bytes o of data. 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.051 ms 64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.055 ms ^C --- localhost ping statistics --2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev /max/mdev = 0.051/0.053/0.055/0.002 ms

Ping localhost using ip $ ping 127.0.0.1

To quit the ping command, send SIGINT signal by pressing CTRL+C. If you have not specified any option to make the ping to exit automatically, then you will be terminating using CTRL+C ( SIGINT ) which will show the statistics and then terminate the ping process. When everything is working properly, it should say ’0% packet loss’ 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.051/0.053/0.05 0.051/0.053/0.055/0.002 ms

Ping Example 3. Send N packets and stop

Send N packets specified with -cc option and then stop. This way the ping command can exit automatically instead of pressing CTRL+C to exit. In the following example, ping command sends 5 packets, and waits for response from the destination host. Ping will exit after receiving the response or error. $ ping -c 5 google.com PING google.com (74.125.45.100) 56(84) bytes of data. 64 bytes from yx-in-f100.google.com f100.google.com (74.125.45.100): icmp_seq=1 ttl=44 time=731 ms

OPEN PATH EDUCATIONS

64 bytes from yx-in-f100.google.com f100.google.com (74.125.45.100): icmp_seq=2 ttl=44 time=777 ms 64 bytes from yx-in-f100.google.com f100.google.com (74.125.45.100): icmp_seq=3 ttl=44 time=838 ms 64 bytes from yx-in-f100.google.com f100.google.com (74.125.45.100): icmp_seq=4 ttl=44 time=976 ms 64 bytes from yx-in-f100.google.com f100.google.com (74.125.45.100): icmp_seq=5 ttl=44 time=1071 ms --- google.com ping statistics --5 packets transmitted, 5 received, 0% packet loss, time 4216ms rtt min/avg/max/mdev = 731.039/879.129/1071.050/126.625 ms

Ping Example 4. Show Version ersion and Exit

Display the current version of ping program using -V option. $ ping -V ping utility, iputils-sss20071127

Ping Example 5. Flood the network

Super users can send hundred or more packets per second using -ff option. It prints a ‘.’ when a packett is sent, and a backspace is printed when a packet is received. As shown below, ping -ff has sent more than 400,000 packets in few seconds. # ping -f localhost PING localhost (127.0.0.1) 56(84) bytes of data. .^C --- localhost ping statistics --427412 packets transmitted,, 427412 received, 0% packet loss, time 10941ms rtt min/avg/max/mdev = 0.003/0.004/1.004/0.002 ms, ipg/ewma 0.025/0.004 ms

Ping Example 6. Audible ping: Give beep when the peer is reachable

This option is useful for sysadmin during trouble troubleshooting. shooting. There is no need for you to look at the ping output after each and every change. You can continue working with your changes, and when the remote machine become reachable you’ll hear the beep automatically. $ ping -a IP

Note: It can give beep only from terminal number 1 through 7 and gnome gnome-terminal terminal ( It will not work in console ). Ping Example 7. Find out the IP address

You can identify the ip-address address using the host name as shown below. $ ping -c 1 google.com PING google.com (74.125.67.100)) 56(84) bytes of data.

OPEN PATH EDUCATIONS

64 bytes from gw-in-f100.google.com f100.google.com (74.125.67.100): icmp_seq=1 ttl=43 time=287 ms --- google.com ping statistics --1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 287.903/287.903/287.903/0.000 ms

Ping Example 8. Print Only Ping Command Summary Statistics

Use option -q q to view only the ping statistics summary as shown below. $ ping -c 5 -q 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. --- 127.0.0.1 ping statistics --5 packets transmitted, 5 received, 0% packet loss, time 3998ms rtt min/avg/max/mdev = 0.047/0.053/0.061/0.009 ms

Ping Example 9. Change Ping Packet Size

You can change the packet size of ping command using -s option. Example: Change the default fault packet size from 56 to 100. $ ping -s 100 localhost PING localhost (127.0.0.1) 100(128) bytes of data. 108 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.022 ms 108 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.021 ms 108 bytes es from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.020 ms ^C --- localhost ping statistics --3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.020/0.021/0.022/0.000 ms

Ping Packet Size

In the above example, when we set the packet size to 100, it displays ’128 bytes’ in the output. This is because of the Ping packet header size, which is 28 bytes. So, if you specify the packet size as 100, 28 bytes for header will be added to it and 128 bytes will be sent. Ping Bytes tes Sent = Ping Packet Size + Ping Header Packet Size (28 bytes) Ping Example 10. Timeout -w

Ping -w w option specifies the deadline to terminate the ping output. This specifies the total number of seconds the ping command should send packets to the remote h host. ost.

OPEN PATH EDUCATIONS

The following example will ping for 5 seconds. i.e ping command will exit after 5 seconds irrespective of how many packets are sent or received. $ ping -w 5 localhost

Note: When you specify both -w, w, and -c, c, whichever comes first will terminate the ping pin command. Ping Example 11. Online ping

Ping from different locations and check the reachability (availability or time for reaching) of your server from different locations. If you want to do an online ping, try just ping. Ping Example 12. Option -w or -cc Exits Ping $ ping -c 4 0 -w 2 PING 0 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.064 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.060 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.058 ms --- 0 ping statistics --3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.058/0.060/0.064/0.009 ms $ ping -c 4 0 -w 10 PING 0 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=11 ttl=64 time=0.063 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.060 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.055 ms 64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.061 ms --- 0 ping statistics --4 packets transmitted, 4 received, 0% packet loss, time 2997ms rtt min/avg/max/mdev = 0.055/0.059/0.063/0.009 ms

Ping Example 13. Shorter statistics with SIGQUIT

While ping is printing the individual packet status, when you want to view the shorter statistics you can use this technique. Pressing CTRL+| (Control key followed by pipe symbol) for the shows the summary in between, and continues with it packet sending and receiving process. $ ping -w 100 localhost PING localhost (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost (127.0.0.1): ): icmp_seq=10 ttl=64 time=0.021 ms

OPEN PATH EDUCATIONS

64 bytes from localhost (127.0.0.1): icmp_seq=11 ttl=64 time=0.022 ms 11/11 packets, 0% loss, min/avg/ewma/max = 0.020/0.022/0.022/0.024 ms 64 bytes from localhost (127.0.0.1): icmp_seq=12 ttl=64 time=0.021 ms 64 bytes from rom localhost (127.0.0.1): icmp_seq=13 ttl=64 time=0.022 ms 64 bytes from localhost (127.0.0.1): icmp_seq=14 ttl=64 time=0.021 ms 64 bytes from localhost (127.0.0.1): icmp_seq=15 ttl=64 time=0.021 ms 19/19 packets, 0% loss, min/avg/ewma/max = 0.020/0.022/0 0.020/0.022/0.022/0.024 ms 64 bytes from localhost (127.0.0.1): icmp_seq=31 ttl=64 time=0.022 ms 64 bytes from localhost (127.0.0.1): icmp_seq=32 ttl=64 time=0.022 ms 32/32 packets, 0% loss, min/avg/ewma/max = 0.020/0.022/0.022/0.027 ms 64 bytes from localhost (127.0.0.1): .1): icmp_seq=33 ttl=64 time=0.023 ms ..

Ping Example 14. Specify path for ping to send the packet

You can also specify through which path the ping should send the packet to destination. $ ping hop1 hop2 hop3 .. hopN destination $ ping 192.168.3.33 192.168.7.1 192.168.4.45

Note: If one of the hop in the path is not reachable then you will have failure in pinging. Ping Example 15. Record and print route of how ECHO_REQUEST sent and ECHO_REPLY received

It records, and prints the network route through w which hich the packet is sent and received. This is useful for network engineers who wish to know how the packet is sent and received. $ ping -R 192.168.1.63 PING 192.168.1.63 (192.168.1.63) 56(84) bytes of data. 64 bytes from 192.168.1.63: icmp_seq=1 ttl=61 tim time=2.05 ms RR: 192.168.9.118 192.168.3.25 192.168.10.35 192.168.1.26 192.168.1.63 192.168.1.63 192.168.10.4 192.168.3.10 192.168.4.25 64 bytes from 192.168.1.63: icmp_seq=2 ttl=61 time=2.00 m ms

(same route)

ple: Wait 0.1 seconds before sending the next packet.

OPEN PATH EDUCATIONS

NETSTAT : 10 Netstat Command Examples Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc., In this article, let us review 10 practical unix netstat command examples.

1. List All Ports (both listening and non listening ports) List all ports using netstat -a # netstat -a | more Active Internet connections (servers and established) Proto Recv-Q Send-Q Q Local Address Foreign Address tcp 0 0 localhost:30037 *:* LISTEN udp 0 0 *:bootpc *:*

State

Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State II-Node Path unix 2 [ ACC ] STREAM LISTENING 6135 /tmp/.X11 /tmp/.X11-unix/X0 unix 2 [ ACC ] STREAM LISTENING 5140 /va /var/run/acpid.socket

List all tcp ports using netstat -at # netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Q Local Address Foreign Address tcp 0 0 localhost:30037 *:* LISTEN tcp 0 0 localhost:ipp *:* LISTEN tcp 0 0 *:smtp *:* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN

State

List all udp ports using netstat -au # netstat -au Active Internet connections (servers and established) Proto Recv-Q Send-Q Q Local Address Foreign Address udp 0 0 *:bootpc *:* udp 0 0 *:49119 *:* udp 0 0 *:mdns *:*

State

OPEN PATH EDUCATIONS

2. List Sockets which are in Listening State List only listening ports using netstat -l # netstat -l Active Internet connections (only servers) Proto Recv-Q Send-Q Q Local Address Foreign Address tcp 0 0 localhost:ipp *:* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN udp 0 0 *:49119 *:*

State

List only listening TCP Ports using netstat -lt # netstat -lt Active Internet connections (only servers) Proto Recv-Q Send-Q Q Local Address Foreign Address tcp 0 0 localhost:30037 *:* LISTEN tcp 0 0 *:smtp *:* :* LISTEN tcp6 0 0 localhost:ipp [::]:* LISTEN

State

List only listening UDP Ports using netstat -lu # netstat -lu Active Internet connections (only servers) Proto Recv-Q Send-Q Q Local Address Fo Foreign Address udp 0 0 *:49119 *:* udp 0 0 *:mdns *:*

State

List only the listening UNIX Ports using netstat -lx # netstat -lx Active UNIX domain sockets (only servers) Proto RefCnt Flags Type State II-Node Path unix 2 [ ACC ] STREAM LISTENING 6294 private/maildrop unix 2 [ ACC ] STREAM LISTENING 6203 public/cleanup unix 2 [ ACC ] STREAM LISTENING 6302 privat private/ifmail unix 2 [ ACC ] STREAM LISTENING 6306 private/bsmtp

3. Show the statistics for each protocol Show statistics for all ports using netstat -s # netstat -s Ip: 11150 total packets received 1 with invalid addresses 0 forwarded 0 incoming packets discarded 11149 incoming packets delivered 11635 requests sent out Icmp: 0 ICMP messages received 0 input ICMP message failed. Tcp: 582 active connections openings

OPEN PATH EDUCATIONS

2 failed connection attempts 25 connection resets received Udp: 1183 packets received 4 packets to unknown port received. .....

Show statistics for TCP (or) UDP ports using netstat -st (or) -su # netstat -st # netstat -su

4. Display PID and program names in netstat output using netstat -p

netstat -p p option can be combined with any other netstat option. This will add the “PID/Program Name” to the netstat output. This is very useful while debugging to identify which program is running on a particular port. # netstat -pt Active Internet connections (w/o servers) Proto Recv-Q Send-Q Q Local Address Foreign Address State PID/Program name tcp 1 0 ramesh-laptop.loc:47212 laptop.loc:47212 192.168.185.75:www CLOSE_WAIT 2109/firefox tcp 0 0 ramesh-laptop.loc:52750 laptop.loc:52750 lax:www ESTABLISHED 2109/firefox

5. Don’t resolve host, port and user name in netstat output

When you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of res resolving olving the host name, port name, user name. This also speeds up the output, as netstat is not performing any look look-up. # netstat -an

If you don’t want only any one of those three items ( ports, or hosts, or users ) to be resolved, use following commands. # netsat -a --numeric-ports # netsat -a --numeric-hosts # netsat -a --numeric-users

OPEN PATH EDUCATIONS

6. Print netstat information continuously

netstat will print information continuously every few seconds. # netstat -c Active Internet connections (w/o servers) Proto Recv-Q Send-Q Q Local Address Foreign Address State tcp 0 0 ramesh-laptop.loc:36130 laptop.loc:36130 101 101-101-181-225.ama:www ESTABLISHED tcp 1 1 ramesh-laptop.loc:52564 laptop.loc:52564 101.11.169.230:www CLOSING tcp 0 0 ramesh-laptop.loc:43758 43758 server server-101-101-43-2:www ESTABLISHED tcp 1 1 ramesh-laptop.loc:42367 laptop.loc:42367 101.101.34.101:www CLOSING ^C

7. Find the non supportive Address families in your system netstat --verbose

At the end, you will have something like this. netstat: no support for `AF IPX' on this system. netstat: no support for `AF AX25' on this system. netstat: no support for `AF X25' on this system. netstat: no support for `AF NETROM' on this system.

8. Display the kernel routing information using netstat -r # netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 * 255.255.255.0 U 00 0 eth2 link-local local * 255.255.0.0 U 00 0 eth2 default 192.168.1.1 0.0.0.0 UG 00 0 eth2

Note: Use netstat -rn rn to display routes in numeric format without resolving for host host-names. names. 9. Find out on which port a program is running # netstat -ap | grep ssh (Not ot all processes could be identified, non non-owned process info will not be shown, you would have to be root to see it all.) tcp 1 0 dev-db:ssh db:ssh 101.174.100.22:39213 CLOSE_WAIT tcp 1 0 dev-db:ssh db:ssh 101.174.1 101.174.100.22:57643 CLOSE_WAIT -

Find out which process is using a particular port: # netstat -an | grep ':80'

OPEN PATH EDUCATIONS

10. Show the list of network interfaces # netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP DRP RX RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 0 0 00 0 0 0 0 BMU eth2 1500 0 26196 0 0 0 26883 6 0 0 BMRU lo 16436 0 4 0 00 4 0 0 0 LRU

Display extended information on the interfaces (similar to ifconfig) using netstat -ie: # netstat -ie Kernel Interface table eth0 Link encap:Ethernet HWaddr 00:10:40:11:11:11 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 ets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Memory:f6ae0000-f6b00000

DIG: IN DEPTH

10 Linux DIG Command Examples for DNS Lookup Dig stands for domain information groper. Using dig command you can query DNS name servers for your DNS lookup related tasks. This article explains 10 examples on how to use dig command.

1. Simple dig Command Usage (Understand dig Output)

When you pass a domain name to the dig command, by default it displays the A record (the ipip address of the site that is queried) as shown below. In this example, it displays the A record of redhat.com in the “ANSWER SECTION” of the dig command output.

OPEN PATH EDUCATIONS

$ dig redhat.com 2.el6 redhat.com ; DiG 9.7.3-RedHat-9.7.3-2.el6 ;; global options: +cmd ;; Got answer: ;; ->>HEADERHEADERHEADER