 |  |
46.3. Status and Troubleshooting
ifconfig can be used to configure network devices (Section 44.8), but it also can be used to see the current network device configuration. ifconfig -a is very useful for this. Here's some sample output on a FreeBSD machine:
% ifconfig -a
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.1.1 netmask 0xffffffc0 broadcast 192.168.1.255
inet 192.168.1.5 netmask 0xffffffff broadcast 192.168.1.255
inet 192.168.1.6 netmask 0xffffffff broadcast 192.168.1.255
inet 192.168.1.7 netmask 0xffffffff broadcast 192.168.1.255
ether 0a:5c:da:a3:53:11
media: autoselect (100baseTX <full-duplex>) status: active
supported media: autoselect 100baseTX <full-duplex> 100baseTX 10baseT/UTP
<full-duplex> 10baseT/UTP 100baseTX <hw-loopback>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000This shows two network devices: rl0, which is an Ethernet card, and lo0, which is the loopback device. rl0's primary IP address is 192.168.1.1, and it has aliases (that is, it also answers to) 192.168.1.5 through 192.168.1.6. This also shows me that both network devices believe that they're actively sending and receiving packets (UP) and shows various options set on each device.
The output on Linux is slightly different, but similar enough to easily find the same information. Linux also adds a few statistics to its ifconfig output that otherwise require a netstat to see. Especially useful are packets received and transmitted:
eth0 Link encap:Ethernet HWaddr 0a:5c:da:a3:53:11
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18999386 errors:28965 dropped:0 overruns:0 frame:28965
TX packets:33955631 errors:0 dropped:0 overruns:0 carrier:0
collisions:29132 txqueuelen:100
RX bytes:1496731954 (1.3 GiB) TX bytes:2477239809 (2.3 GiB)
Interrupt:10 Base address:0xda00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:107211318 errors:0 dropped:0 overruns:0 frame:0
TX packets:107211318 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2880669120 (2.6 GiB) TX bytes:2880669120 (2.6 GiB)Note that on Linux 2.4 kernels, ipconfig and route (see below) are being phased out in favor of iproute2. See the manpage for iproute2 if you're on a 2.4 machine and want to be up to date.
netstat can be used to get a variety of useful information. By default, netstat displays a list of active sockets, thus showing you what is currently connected to your machine (and what your machine is currently connected to). netstat -r can show your routing tables, which is particularly useful when trying to understand why your machine can't seem to talk to anything. If the interface appears to be up, and you can ping (Section 46.4) other machines on your local network, but you can't get out, check your routing tables. It's quite possible that you don't have a default route, or your default route doesn't point to your gateway (Section 46.11). For a private LAN running NAT (Section 46.11), your routing table might look something like this (the -n option says to show IP addresses instead of attempting to resolve them into hostnames):
% netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.1.1 UGSc 17 543792 rl0 127.0.0.1 127.0.0.1 UH 2 2869882 lo0 192.168.1.0/24 link#1 UC 0 0 rl0 =>
Again, on Linux the output is slightly different but similar to interpret. The only thing to note is that 0.0.0.0 represents the default route when we use -n:
Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
route lets you manipulate the routing table. If, for example, you didn't see the default route when you used netstat -rn, you could add it with:
% route add default 192.168.1.1
route allows a variety of ways to manipulate the routing table; see its manpage for details. Note that Linux's route has a syntax for some commands that's slightly different than any other route.
Finally, dig allows you to easily make very specific DNS (Section 46.9) queries. For example, to find out information about www.oreilly.com:
% dig www.oreilly.com ... ;; ANSWER SECTION: www.oreilly.com. 6H IN A 209.204.146.22 ;; AUTHORITY SECTION: oreilly.com. 6H IN NS ns.oreilly.com. oreilly.com. 6H IN NS ns1.sonic.net. ...
This shows us the address (A) record and the nameservers (NS) that have authority over this particular address. If we want to find out the hostname for that IP address, we can do this:
% dig -x 209.204.146.22 ;; ANSWER SECTION: ... 22.146.204.209.in-addr.arpa. 6H IN PTR www.oreilly.com. ;; AUTHORITY SECTION: 146.204.209.in-addr.arpa. 6H IN NS ns.oreilly.com. 146.204.209.in-addr.arpa. 6H IN NS ns1.sonic.net. ...
This automatically deals with the details of reverse DNS lookups for us and shows us the pointer (PTR) record for that IP address, which tells us the canonical hostname. If we want to find out where mail should go:
% dig oreilly.com mx ... ;; ANSWER SECTION: oreilly.com. 6H IN MX 20 smtp2.oreilly.com. ;; AUTHORITY SECTION: oreilly.com. 6H IN NS ns.oreilly.com. oreilly.com. 6H IN NS ns1.sonic.net. ...
This shows us the mail exchanger (MX) record, which is where we ought to be sending mail. Any information stored in DNS can be found out with the right dig query; browse the manpage to get an idea.
|  | |
| 46.2. /etc/services Is Your Friend |  | 46.4. Where, Oh Where Did That Packet Go? |
Copyright © 2003 O'Reilly & Associates. All rights reserved.