Network Debugging - PowerPoint PPT Presentation

About This Presentation
Title:

Network Debugging

Description:

H. John Heinz III School of Public. Policy and Management. Carnegie ... Output can be piped to other unix tools (grep, awk, sed) Can display selective frames ... – PowerPoint PPT presentation

Number of Views:26
Avg rating:3.0/5.0
Slides: 21
Provided by: andre4
Category:

less

Transcript and Presenter's Notes

Title: Network Debugging


1
Network Debugging
Organizational Communications and
Technologies Prithvi Rao H. John
Heinz III School of Public Policy and
Management Carnegie Mellon University
2
Objectives
  • Present some examples of debugging tools

3
Readings
Suggested reading Class notes Practical
Internetworking with TCP/IP and UNIX (not
required)
4
Tools for Debugging
  • Most tools are available for Unix based systems
    (most servers are likely to be UNIX)
  • Some tools are freely available (traceroute and
    dig)
  • Some proprietary tools exist (etherfind)

5
Ping
  • Simple yet valuable network debugging tool
  • Sends an ICMP echo request message to remote host
  • Remote host sends back an ICMP echo and reply
    message
  • Sending an echo is called pinging
  • Good baseline test of connectivity
  • Successful ping implies that IP packets can be
    exchanged
  • Network routing is also tested with
    pingExample
  • ping unix5.andrew.cmu.edu
  • unix5.andrew.cmu.edu is alive

6
Ping
  • Variant of first form of pingExample ping
    -s akasha.tic.com 5 no response from
    akasha.tic.com64 bytes from akasha.tic.com
    (192.12.23.130) icmp_seq 0, time 6 ms
  • 64 bytes from akasha.tic.com (192.12.23.130)
    icmp_seq 1, time 5 ms64 bytes from
    akasha.tic.com (192.12.23.130) icmp_seq 2, time
    5 ms
  • In this case command times out after 5
    seconds

7
Ping
  • Echo request and echo reply are part of ICMP
  • Ping does not rely on application server running
    on remote host
  • Relies on network interface card to be configured
    properly
  • Unix host in single-user-mode will respond to
    ping commands

8
Remote Script
  • Script that permits running of arbitrary command
    on remote machine
  • Uses the remote shell (rsh) protocolExample
  • remote uptime h unix5.andrew.cmu.edu
    Host unix5.andrew.cmu.edu 830 am up 5 days
    lttimegt ltusersgt ltload averagegt

9
Netstat
  • Netstat is jack-of-all-trades network tool
  • Can display connections, interfaces, routing
    tables and traffic statistics
  • Active connection display
  • Statistics display
  • Interfaces
  • Routing

10
Routing netstat -r
  • Displays kernel routing tableExample netstat
    r
  • Destination Gateway Flags
    Refcnt Use Interface
  • 127.0.0.1 127.0.01 UH 12
    244870 le0
  • default 192.12.23.132 UG 0
    51 le0
  • 192.12.23.128 192.12.23.129 U 16
    8248341 le0

11
Routing netstat -r
  • Gateway is the IP address of the next hop to
    which to send address
  • Flags is the status of each route
  • Refcnt is the current number of active TCP
    connections
  • Use is the total number of IP packets sent using
    route
  • Interface is the logical name of the local
    interface

12
Routing netstat -i
  • Can display status of all interfaces Example
    netstat i n Name MTU Net/Dest
    Address Ipkts Ierrs Opkts Oerrs
    Collle0 1500 192.12.23.128
    192.12.23.129 8141411 0 7902647 0 61

13
Routing netstat -i
  • Name is logical name of network
  • MTU is size in bytes of MTU interface
  • Net/Dest IP address of network to which interface
    is connected or that of end-point of link
  • Address is local IP address of interface
  • Ipkts is count of datalink frames received on
    link since last bootstrap
  • Ierrs is number of datalink frames received with
    errors and dropped by interface
  • Opkts is datalink frames sent on interface since
    last boot
  • Oerrs count of frames not sent due to output
    errors
  • Coll is count of collisions detected by this
    interface

14
Routing netstat -f
  • Permits looking at TCP and UDP packets
    onlyExample netstat f inetActive internet
    connectionsProto Rec-Q Req-Q Local
    Address Foreign Address (state)tcp 0
    4096 kiwilabs.com kia.smtp ESTABLISHED

15
Routing netstat -f
  • Proto is the protocol (TCP or UDP)
  • Recv-Q number of bytes in socket input queue
  • Send-Q number of bytes in socket output queue
  • Local address set of period separated names
  • Foreign address is remote socket address given in
    format of local address
  • (state) is current state of TCP connection. Field
    is always empty for UDP connections

16
Traceroute
  • Traces route an IP packet takes to destination
    host
  • Takes single hostname argument and lists all
    intermediate router
  • Sends three UDP messages encapsulated in an IP
    packet and records the round-trip time in
    milliseconds for each message sent to
    intermediate router
  • Lost message or router that does not respond is
    denoted with a Example traceroute
    unix5.andrew.cmu.edu

17
ARP Address Resolution Protocol
  • Arp command permits the examining and modifying
    of local ARP cacheExample arp -a

18
Etherfind
  • Specific to Sun for tracing Ethernet frames
  • Performs functions of a network analyzer
  • Output can be piped to other unix tools (grep,
    awk, sed)
  • Can display selective frames
  • Mainly useful for TCP/IIPExample etherfind
    i le0 v t greater 0

19
nslookup
  • Simple tool for querying DNS servers
  • Without arguments user is prompted for queries
  • Example nslookup ltunix5gt
  • gt unix5gt ls kiwilabs.comgt set type pttrgt
    set type any

20
Summary
  • Presented examples of network debugging tools
  • Discussed the use of these tools for various
    purposes
Write a Comment
User Comments (0)
About PowerShow.com