5 Troubleshooting TCP/IP Fig 5 show trouble shooting a TCP/IP Chapter 5: Trouble shooting of a network Steps 1 First, determines whether your local host is properly configured. Step 2 Next, uses the ping or trace route commands to determine whether the routers through which you must communicate can respond. Start with the most local router and progressively ping outwards through the Internet or use traceroute. Step 3 If you cannot get through a particular node, examine the node configuration and use the various show commands to determine the state of the router. Step 4 If you can get to all the routers in the path, check the host configuration at the remote host (or get someone's help to do so), and check its configuration. 5.1 Ifconfig The "ifconfig" command allows the operating system to setup network interfaces and allow the user to view information about the configured network interfaces. Ifconfig [flag] [[Interface] [ Address Family] [ Address] [Destination Address] [Parameters...] ] Parameters : Address: Specifies the network address for the network interface. Address Family: Specifies which network address family to change. The inet, inet6, and ns address families are currently supported. Destination Address: Specifies the address of the correspondent on the remote end
of a point-to-point link Interface: Specifies the network interface configuration values to show or change Parameter : Allows the following parameter values: alias: Establishes an additional network address for the interface. When changing network numbers, this parameter is useful for accepting packets addressed to the old interface. allcast: Sets the Token-Ring interface to broadcast to all rings on the network. arp : Enables the ifconfig command to use the Address Resolution Protocol in mapping between network-level addresses and link-level addresses 5.2 route This command manipulates network routing tables. route [-f] [command [destination] [mask netmask] [gateway]] various options available in the route command: -f : clears the routing tables of all gateway entries. if this is used in conjunction with one of the commands, the tables are cleared prior to running the command. command specifies one of four commands print :prints a route add :adds a route delete :deletes a route change :modifies an existing route destination : specifies the host to send command. mask : if the mask keyword is present, the next parameter is interpreted as the netmask parameter. netmask : if provided, specifies a sub-net mask value to be associated with this route entry. if not specified, if defaults to 255.255.255.255. gateway : specifies gateway. example: route -n. print routing table route add 127.0.0.1. add a route to localhost; 5.3 Software tools: ping Ping (packet Internet groper) tests connectivity between source and destination systems If ping hostname, includes a rough check of DNS Sends an ICMP (Internet Control Message Protocol) ECHO_REQUEST Waits for an ICMP ECHO_REPLY Most pings can display round trip time Most pings can allow setting size of packet Can use to make a crude measurement of throughput.
How to Use ping? Ensure local host networking is enabled first: ping local host, local IP address ping a known host on local network ping local and remote interfaces on router ping by IP as well as by hostname if hostname ping fails Ping from more than one host ping - {option} option: t : repetitively send packets. n:number of echo to be sent l : sending buffer size [Max: 65500 bytes] f :Don't fragment; If this option is provided, then the packet should not be fragmented and should be sent as it is. r count :record route for count hops [3rd layer device] j : loose source route [Optionally it can follow different route]. k : strict source route [MUST follow the route specified by us]. C:\>ping 192.168.1.110 5.3.1 fping: flood ping Designed to test a large number of hosts more efficient than ping Used extensively by monitoring software such as mon: http://www.kernel.org/software/mon/, nagios: http://www.nagios.org/ Take care not to food too much! 5.3.2 hping2: ping anything with anything Able to send custom TCP/IP packets and display target replies like ping program does with ICMP replies. Can install with command below on Fedora Core 1. $ Yum -y install hping2 5.3.3 Path ping: This command is used as IP trace utility and so it is similar to the tracert command. It has some extra features compared to tracert command. Path ping - {option} option: n :Don't resolve addresses to hostnames h max_hops Max number of hops to search g host-list : Loose source route along host-list p period: Wait between pings (milliseconds)
q num_queries: Number of queries per hop w timeout: Wait timeout for each reply (milliseconds) T :Test each hop with Layer-2 priority tags R : Test if each hop is RSVP aware 5.4 Path Discovery: traceroute Sends UDP packets (Microsoft tracert sends ICMP packets) increments Time to Live (TTL) in IP packet header traceroute Limitations Each router has a number of IP addresses but traceroute only shows the one it used get different addresses when run traceroute from other end sometimes route is asymmetric traceroute [ -m Max_ttl ] [ -n ] [ -p Port ] [ -q Nqueries ] [ -r ] [-s SRC_Addr] [-t TypeOfService] [-v] [-w WaitTime] Host [PacketSize] 5.5 tracert Command : Its determines whether a destination node is on the same local network or whether a default gateway is used to send the packet to a remote network. Can also be used to discover whether a router is functioning Various options available in the tracert command: -d : Don t resolve addresses to hostnames. -h maximum_hops: Maximum number of hops to search for target -j host_list : Loose source router along host list. -w time-out : wait timeout milliseconds for each reply. 5.6 The ip program, iproute The ip program in the iproute package provides complete control over TCP/IP networking in a Linux system Provides more networking control facilities than other TCP/IP implementations Supports tunneling in many forms iproute support both IP routing, the tunneling. iproute and iptables: Between these software packages, you can: throttle bandwidth for certain computers throttle bandwidth to certain computers fairly share bandwidth protect your network from DoS attacks protect Internet from your customers multiplex many servers into one, for load balancing or for high availability restrict access to your computers limit access of your users to other hosts
do routing based on user id, MAC address, source IP, port, type of service, time of day or content 5.7 Traffic Measurements: netstat This command displays information about the state of sockets and packets processed by your system on the network. This command is used to get information about the open connections on your system (ports, protocols being used, etc.), incoming and outgoing data and also the ports of remote systems to which you are connected. netstat - {option} 5.8 NET Command This command is used at the command prompt to display and control various network related activities. net - {option} option: name : name of the PC share : details about shared resources start : to start a service. stop : to stop a service. use :used to map a drive to the network path. 5.9 ipconfig command: This command is used to get ip configurations present in your pc. ipconfig /all :display full configuration information. ipconfig /release [adapter] :release the ip address for the specified adapter. ipconfig /renew [adapter]: renew the ip address for the specified adapter. ipconfig /flushdns: purge the dns resolver cache. ipconfig /registerdns: refresh all dhcp leases and re-register dns names. ipconfig /displaydns :display the contents of the dns resolver cache. ipconfig /showclassid adapter :display all the dhcp class ids allowed for adapter. ipconfig /setclassid adapter [classid] :modify the dhcp class id. 5.10Finger Command The finger command shows information about a user account such as the name of the user, when the account was last accessed, and where the account is located. To view an individual's finger information, type: finger [options] <username>@<host.site.domain> Example: finger consult@aludra.usc.edu The options you can use are outlined below: -l : Force long output format. -s : Force short output format.
-h : Suppress printing of the.project file in a long format printout. -p : Suppress printing of the.plan file in a long format printout.