Red Hat Linux 9 Professional Secrets [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Red Hat Linux 9 Professional Secrets [Electronic resources] - نسخه متنی

Naba Barkakati

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید








TCP/IP Network Diagnostics


After you configure Ethernet and TCP/IP (during Red Hat Linux installation or by running netcfg later on), you should be able to use various networking applications without any problem. The TCP/IP protocol suite includes several tools that help you monitor and diagnose problems.


Looking at Network Interface Status


Use the

/sbin/ifconfig command to view the currently configured network interfaces. The

ifconfig command is used to configure a network interface (that is, to associate an IP address with a network device). If you run

ifconfig without any command-line arguments, the command displays information about the current network interfaces. The following is a typical invocation of

ifconfig and the resulting output:


/sbin/ifconfig
eth0 Link encap:Ethernet HWaddr 02:60:8C:8E:C6:A9
inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MTU:1500 Metric:1
RX packets:2738 errors:0 dropped:0 overruns:0 frame:0
TX packets:1397 errors:0 dropped:0 overruns:0 carrier:0
collisions:6
RX bytes:638288 (623.3 Kb) TX bytes:575658 (562.1 Kb)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:3148 (3.0 Kb) TX bytes:3148 (3.0 Kb)

This output shows that two interfaces—the loopback interface (

lo ) and an Ethernet card (

eth0 )—are currently active on this system. For each interface, you can see the IP address, as well as statistics on packets delivered and sent. If the Red Hat Linux system had a dial-up PPP link up and running, you’d also see an item for the

ppp0 interface in the output.


Viewing the IP Routing Table


The other network configuration command,

/sbin/route , also provides status information when it is run without any command-line argument. If you are having trouble checking a connection to another host (that you specify with an IP address), check the IP routing table to see whether a default gateway is specified. Then check the gateway’s routing table to ensure that paths to an outside network appear in that routing table.

A typical output from the

/sbin/route command looks like the following:


/sbin/route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

As this routing table shows, the local network uses the

eth0 Ethernet interface, and the default gateway is also that Ethernet interface. The default gateway is a routing device that handles packets addressed to any network, other than the one in which the Linux system resides. In this example, packets addressed to any network address other than ones that begin with 192.168.0 are sent to the gateway—192.168.0.1. The gateway forwards those packets to other networks (assuming, of course, that the gateway is connected to another network).


Checking Connectivity to a Host


To check for a network path to a specific host, use the

ping command. Ping is a widely used TCP/IP tool that uses a series of Internet Control Message Protocol (ICMP, often pronounced as eye-comp) messages. (ICMP provides for an Echo message to which every host responds.) Using the ICMP messages and replies, Ping can determine whether or not the other system is alive and can compute the round-trip delay in communicating with that system.

The following example shows how I run Ping to see whether or not one of the systems on my network is alive:

ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) from 192.168.0.4 : 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=0 ttl=254 time=2.116 msec
64 bytes from 192.168.0.1: icmp_seq=1 ttl=254 time=1.770 msec
64 bytes from 192.168.0.1: icmp_seq=2 ttl=254 time=1.759 msec
64 bytes from 192.168.0.1: icmp_seq=3 ttl=254 time=1.778 msec
--- 192.168.0.1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/mdev = 1.759/1.855/2.116/0.159 ms

In Red Hat Linux, Ping continues to run until you press Ctrl+C to stop it, then it displays summary statistics showing the typical time it takes to send a packet between the two systems. On some systems, Ping simply reports that a remote host is alive. However, you can still get the timing information with appropriate command-line arguments.

You can also use the

traceroute command to check connectivity to a host and more. The

traceroute command prints the route that packets take from your system to another system on the Internet. For example, here is an example of using

traceroute to print the route from a system to

www.noaa.gov :


traceroute www.noaa.gov
traceroute to www.noaa.gov (192.64.69.81), 30 hops max, 38 byte packets
1 192.168.0.1 (192.168.0.1) 1.509 ms 1.431 ms 4.980 ms
2 10.75.216.1 (10.75.216.1) 11.286 ms 11.882 ms 9.594 ms
3 172.30.103.65 (172.30.103.65) 11.734 ms 10.752 ms 9.883 ms
4 172.30.103.131 (172.30.103.131) 10.438 ms 10.372 ms 14.481 ms
5 172.30.100.186 (172.30.100.186) 11.101 ms 11.662 ms 12.423 ms
6 68.48.0.174 (68.48.0.174) 10.901 ms 9.610 ms 9.946 ms
7 12.126.168.5 (12.126.168.5) 11.715 ms 11.852 ms 11.880 ms
8 * * *
9 ggr1-p3100.wswdc.ip.att.net (12.122.11.238) 12.151 ms 12.659 ms 11.249 ms
10 dca-brdr-02.inet.qwest.net (205.171.1.137) 16.740 ms 28.900 ms 15.532 ms
11 dca-core-02.inet.qwest.net (205.171.9.57) 17.833 ms 14.777 ms 16.378 ms
12 dca-edge-03.inet.qwest.net (205.171.9.62) 17.521 ms 17.292 ms 17.737 ms
13 65.125.14.202 (65.125.14.202) 16.435 ms 15.841 ms 15.776 ms
14 140.90.76.106 (140.90.76.106) 15.904 ms 16.826 ms 17.882 ms
15 140.90.111.36 (140.90.111.36) 18.668 ms 17.289 ms 16.816 ms
16 rainbow.hpcc.noaa.gov (192.64.69.81) 17.532 ms 19.369 ms 19.142 ms


Checking Network Status


To check the status of the network, use the

netstat command. This command displays the status of network connections of various types (such as TCP and UDP connections). You can view the status of the interfaces quickly with the

-i option, as follows:


netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 2963 0 0 0 1531 0 0 0 BNRU
lo 16436 0 48 0 0 0 48 0 0 0 LRU

In this case, the output shows the current status of the loopback and Ethernet interfaces. Table 6-1 describes the meanings of the columns.

































Table 6-1: Columns in the Kernel Interface Table


Column


Meaning


Iface


Name of the interface


MTU


Maximum Transfer Unit—the maximum number of bytes that a packet can contain


RX-OK, TX-OK


Number of error-free packets received (RX) or transmitted (TX)


RX-ERR, TX-ERR


Number of packets with errors


RX-DRP, TX-DRP


Number of dropped packets


RX-OVR, TX-OVR


Number of packets lost due to overflow


Flg


A = receive multicast;

B = broadcast allowed;

D = debugging turned on;

L = loopback interface (notice the flag on lo);

M = all packets received;

N = trailers avoided;

O = no ARP on this interface;

P = point-to-point interface;

R = interface is running;

U = interface is up.


Another useful

netstat option is

-t , which shows all active TCP connections. Following is a typical result of

netstat -t on one of my Linux PCs:


netstat -t
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 dhcppc3:ftp 192.168.0.2:1454 ESTABLISHED
tcp 0 0 dhcppc3:ftp-data 192.168.0.2:1455 TIME_WAIT
tcp 0 138 dhcppc3:telnet 192.168.0.2:1250 ESTABLISHED
tcp 0 0 dhcppc3:1054 ftp25c.newaol.com:ftp ESTABLISHED
tcp 0 1 dhcppc3:1055 ftp25c.newaol.com:59095 LAST_ACK

In this case, the output columns show the protocol (

Proto ), the number of bytes in the receive and transmit queues (

Recv-Q ,

Send-Q ), the local TCP port in

hostname

:

service format (

Local Address ), the remote port (

Foreign Address ), and the state of the connection.






Insider Insight

If you want

netstat to display all addresses in numeric format, use the

-n option of

netstat , like this:

netstat -tn

Many of us prefer the numeric address format because the output looks cleaner and

netstat does not have to figure out the name corresponding to each address.



Using the ip Command


The Linux kernel comes with a powerful IP routing engine together with an

ip command that looks similar to the command with the same name that Cisco IOS supports (Cisco IOS is the operating system that runs on Cisco routers). You can use the

ip command to manage or get information about network objects. The general syntax of the

ip command is as follows:

ip [options] OBJECT [command [arg1 arg2 ...]]

where

options are flags that modify the behavior of the command,

OBJECT is the network object you want to manage or view, and

command is the action you want to perform. The command may take zero or more arguments, as indicated by

arg1, arg2, . . . in the syntax.

The objects you can manage or view with the

ip command are the following:



  • link—Refers to network devices such as

    eth0 and

    ppp0



  • address—Refers to the IP or IPv6 address of a network device



  • neighbor—Refers to an entry in the Address Resolution Protocol (ARP) that associates an IP address to a physical Ethernet address



  • route—Refers to entries in the routing table



  • rule—Refers to rules in the routing policy database



  • maddress—Refers to multicast address



  • mroute—Refers to entries in the multicast routing cache



  • tunnel—Refers to a tunnel over IP



To view information about the network interfaces, use the following

ip command:


ip address show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:08:74:e5:eb:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.7/24 brd 192.168.0.255 scope global eth0

This tells you that the

eth0 interface is associated with the

inet address

192.168.0.7/24 . The

/24 stands for the number of bits that are in the network address. There are 32 bits, of which 24 are network address, so there are 8 bits left for the hosts in this network.

To see routes, type ip route show. Here is a typical example of the output of that command:

192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.7
169.254.0.0/16 dev eth0 scope link
127.0.0.0/8 dev lo scope link
default via 192.168.0.1 dev eth0

You can try out

ip to view the other network objects, but the greatest power of

ip is in configuring the network objects to turn your Linux system into a sophisticated router.






Insider Insight

The

ip command’s capabilities are too extensive to cover in this chapter. To learn more about the

ip command and what you can do with it, visit

http://www.ibiblio.org/pub/Linux/docs/HOWTO/Adv-Routing-HOWTO , and consult the documentation in

/usr/share/doc/iproute* directory of your Red Hat Linux system.



/ 341