system administration network tools. ping test connectivity / latency (rtt) icmp echo request/reply...
TRANSCRIPT
![Page 1: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/1.jpg)
System AdministrationNetwork Tools
![Page 2: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/2.jpg)
pingTest connectivity / latency (RTT)ICMP echo request/replyVariants
◦ARP ping Send ARP instead May also ping MAC instead of IP
◦echoping Measure TCP connection latency
![Page 3: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/3.jpg)
tracerouteTrace packet path in sending
directionUDP packet with incrementing
TTLCan also use ICMP ping or TCP
![Page 4: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/4.jpg)
mtrCombines ping and traceroute
with friendly output
![Page 5: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/5.jpg)
Looking GlassPing / Traceroute from ISP routersProvided by most large ISPs
◦http://lg.he.net/
![Page 6: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/6.jpg)
hostQuery DNS recordshost [-t type | -a] name [server]
![Page 7: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/7.jpg)
digQuery DNS recordsMore versatile than host
◦Supports DNSSEC◦Multiple queries◦Tweakable output format◦Batch mode
Better for scripting
![Page 8: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/8.jpg)
nslookupOld way to query DNS
◦Interactive command line◦Best not to use
![Page 9: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/9.jpg)
whoisQuery domain and IP registrationOnline tool:
http://www.whois365.com/tw
![Page 10: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/10.jpg)
netstatShow network information
◦Connections◦Routing table◦Statistics◦Etc.
![Page 11: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/11.jpg)
arpShow/manipulate ARP table
◦IP => MAC mapping
![Page 12: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/12.jpg)
ifconfigShow interface configurationConfigure network interfaces
◦Bring up/down interface◦Set IP/netmask◦Add/delete address (alias)
2 ways to alias1. add/del – IP listed under same
interface2. ethX:X – Add symbolic name
![Page 13: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/13.jpg)
ethtoolControl network driver
◦IRQ Coalesce◦Line speed◦Auto negotiate
![Page 14: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/14.jpg)
routeShow routing tableManipulate routing table
◦Local network route is added when IP is configured
◦Default gateway: Destination is “default” or 0.0.0.0 No netmask required
![Page 15: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/15.jpg)
ipThe way to do network
configuration◦Network interfaces◦IPs◦ARP table◦Routing tables◦Etc.
![Page 16: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/16.jpg)
ipip link
◦Interface up/down, settings◦Manpage: ip-link (8)
ip addr◦IP addresses◦Manpage: ip-address (8)
ip neigh◦ARP table◦Manpage: ip-neighbour (8)
![Page 17: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/17.jpg)
ipip route
◦Routing tables◦Manpage: ip-route (8)
ip rule◦Routing policies◦Match rule => different routing table◦Manpage: ip-rule (8)
![Page 18: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/18.jpg)
iptablesLinux 2.4+Also known as NetfilterFilter
◦ACCEPT/REJECT packets◦Rate limiting◦QoS◦Log traffic
NAT◦Redirect◦NAT
![Page 19: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/19.jpg)
iptables – Commandsiptables -A <chain> <rule> -j
<TARGET>◦Chain: see next page◦Rule: see second next page◦TARGET: action
ACCEPT DROP (silently ignore) REJECT Etc.
![Page 20: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/20.jpg)
Iptables – Commandsiptables -L
◦List current rulesiptables –D <chain> <number>
◦Delete a ruleiptables –F <chain>
◦Flush (clear) a chain
![Page 21: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/21.jpg)
iptables – Chain Map
![Page 22: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/22.jpg)
iptables – RulesMatch
◦IPs (-s -d)◦Protocol (-p TCP/UDP/ICMP/…)◦Port (--sport --dport)◦Protocol options
ICMP type TCP SYN/ACK Etc.
◦Owner (UID, for OUTPUT chain)◦Etc.
![Page 23: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/23.jpg)
iptables (short hand)Short form Long form
-s --source
-d --destination
--sport --source-port
--dport --destination-port
![Page 24: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/24.jpg)
iptables – Simple RulesBlock a source IP
◦ iptables -A INPUT -s <IP> -j DROPBlock a destination IP
◦ iptables -A OUTPUT -d <ip> -j DROPBlock a TCP source port
◦ iptables -A INPUT -p tcp --sport <port> -j DROP
Block a TCP destination port◦ iptables -A OUTPUT -p tcp --dport
<port> -j DROP
![Page 25: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/25.jpg)
CombinationDrop packets from
140.112.30.0/22 to local TCP port 80
iptables -A INPUT --source 140.112.30.0/22 -p tcp --dport 80 -j DROP
![Page 26: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/26.jpg)
iptables – EvaluationPackets are evaluated rule by
ruleFirst match countsOrdering is importantBe careful not to block yourself
out
![Page 27: System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping Send ARP instead May also ping](https://reader036.vdocuments.us/reader036/viewer/2022062407/56649dc65503460f94abaeca/html5/thumbnails/27.jpg)
Homework從家裡 Ping / Traceroute 系上網站查詢系上網域的 DNS MX 紀錄寫出設定網路的指令 (ifconfig+route)
◦eth1 ( 未啟動 ) IP: 192.168.30.XXX (XXX 是座號 ) Netmask: 255.255.255.0 (/24)
◦Default gateway: 192.168.30.254同上,但改用 ip 系列指令防火牆
◦ 擋掉所有進來的封包,但要允許系上連到本機的 SSH (TCP port 22)