Loading...
 

UNIX Networking commands

Contents


Bonding

NIC bonding in detail

Using ethtool

Of physical interfaces
$ ethtool eth0
Settings for eth0:
        Supported ports: [ FIBRE ]
        Supported link modes:   1000baseT/Full 
                                2500baseX/Full 
                               10000baseT/Full 
        Supports auto-negotiation: Yes
        Advertised link modes:  1000baseT/Full 
                                2500baseX/Full 
                                10000baseT/Full 
        Advertised auto-negotiation: Yes
        Speed: Unknown!
        Duplex: Full
        Port: FIBRE
        PHYAD: 16
        Transceiver: internal
        Auto-negotiation: on
        Supports Wake-on: g
        Wake-on: g
        Current message level: 0x00000000 (0)
        Link detected: no

However, for bonded interfaces (to see extra detail)
# cat /proc/net/bonding/bond0 
Ethernet Channel Bonding Driver: v3.4.0-1 (October 7, 2008)

Bonding Mode: adaptive load balancing
Primary Slave: None
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 80
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth0
MII Status: down
Speed: Unknown
Duplex: Unknown
Link Failure Count: 3
Permanent HW addr: 00:26:55:21:fe:b0

Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 2
Permanent HW addr: 00:26:55:21:fe:b4
[root@app012 ~]# ethtool -i eth0
driver: bnx2x
version: 1.70.00-0
firmware-version: bc 5.2.7 phy baa0.105
bus-info: 0000:02:00.0
[root@app012 ~]# ethtool -i eth1
driver: bnx2x
version: 1.70.00-0
firmware-version: bc 5.2.7 phy baa0.105
bus-info: 0000:02:00.1

Checking driver versions

# ethtool -i eth1
driver: bnx2x
version: 1.70.00-0
firmware-version: bc 5.2.7 phy baa0.105
bus-info: 0000:02:00.1


Using ip command

show interface status

# ip addr show bond0
4: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue 
    link/ether 00:26:55:21:fe:b0 brd ff:ff:ff:ff:ff:ff
    inet 172.16.28.140/25 brd 172.16.28.255 scope global bond0

down and up

$ ip link set eth0 down

$ ip link set eth0 up


Checking the status of connections

Using nmap

  • detailed broadcast ping*
nmap -sP 80.40.105.174/28''


netstat, sockstat and ss

  • shows if something uses a port*
$ netstat –an | grep <port_num>


With ss, show the process (needs to be root)
$ ss -nlp | grep <port_num>


sockstat – show current connections and relating process. Tcpkill can be used to drop these connections.

$ ss -o state established '( dport = :ssh or sport = :ssh )'

Recv-Q Send-Q           LocalAddress:Port       Peer Address:Port   
0        0              ::1:ssh                 ::1:52114 timer:(keepalive,118min,0)
0        48             ::1:52114               ::1:ssh   timer:(on,200ms,0)


$ ss -s

Total: 503 (kernel 529)

TCP:   37 (estab 7, closed 2, orphaned 0, synrecv 0, timewait 1/0), ports 0


Transport Total     IP        IPv6

*         529       -         -        

RAW       0         0         0        

UDP       26        22        4        

TCP       35        28        7        

INET      61        50        11       

FRAG      0         0         0

Using nc

root@host01 ~# nc -vzuw1 192.168.121.139 514
Connection to 192.168.121.139 514 port udp/syslog succeeded!
''UDP port scans will always succeed (i.e. report the port as open), rendering the -uz combination of flags rela-
tively useless.'' However, if there is access to the remote machine some checks can be made.
The following example sends a test message to the remote syslog server.
root@host01 ~# echo '&lt;0&gt;Test Message Gareth' | nc -vvvzw 1 -u 192.168.121.139 514

tcpdump

create a raw dump for Wireshark

tcpdump -s0 -i <interface> host <hostname> -w <filename.dmp>

Output readable text

tcpdump -AXvv src host <hostname>

Check for acknowledgements

tcpdump "tcp[tcpflags] & (tcp-syn|tcp-ack) != 0" and host <hostname>

tshark

monitor network retransmits

tshark -i eth0 -R tcp.analysis.retransmission