Router:
Routes packets to other networks until that packet ultimately reaches its destination.A Router is typically connected to at least two networks, commonly two Local Area Networks (LANs) or Wide Area Networks (WAN) or a LAN and its ISP’s network (for example, your PC and Earth Link). Using headers and forwarding tables, Routers determine the best path for forwarding the packets. Router use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.
Gateway:
It is an inter Networking system capable of joining together two different networks that user different base protocol.It is a network part that act as an entrance to another network.
A machine can communicate to the network through a gateway. A gateway contains the addressing and routing information for each host on its network, and can use routing daemons to broadcast routing information to, and receive routing information from, other gateways. TCP/IP routes information to the appropriate computer on the network using address information carried in a packet or stream.
Switch:
In networks ,Switch filters and forwards packets between LAN segments. Switches work on layr3 & layer2 of OSI model. Switch reads the incoming packets,determine which computer ,to send data.
Switches keeps a record of the MAC addresses of all the devices connected to it. With this information, a Switch can identify which system is sitting on which port. So when a packets received, it knows exactly which port to send it to, without significantly increasing network response times. And, unlike a Hub, a 10/100Mbps Switch will allocate a full 10/100Mbps to each of its ports. So regardless of the number of PCs transmitting, users will always have access to the maximum amount of bandwidth. It’s for these reasons why a Switch is considered to be a much better choice then a Hub.
Hub:
Sits at layer1 of OSI model. Hubs don’t read any data passing through it,and also they are not aware of their source and destination.Hub‘s simply amplifies electrical signal & broadcasts out packets to all devices on network.It doesn’t matter that the packet destined for one port. The Hub has no way of distinguishing which port a frame should be sent to. Passing it along to every port ensures that it will reach its
Bridge:
Another piece of network hardware related to the Switch is the bridge. A Bridge is effectively a two-port Switch. Because there is not much market for a two-port Switch, bridges are no longer manufactured. (A Switch is not much more than a multi-port bridge. More ports is the difference.)
SUBNETTING:
Subetting is dividing a single network into multiple logical networks (subnets). A subnet address is created by borrowing bits from the host field and designating them as the subnet field. (So we need to know it is a Class A, B or C IP adress.) With subnetting, one address may be known to the Internet and internally the packets are distributed to the correct network.
Subnet mask (or Net mask)
The subnet mask tells the system what the subnet partitioning scheme is. A bit set to 1 in the subnet mask indicates that bit position is part of the network address portion of the IP address.
Subnet mask (or Net mask)
The subnet mask tells the system what the subnet partitioning scheme is. A bit set to 1 in the subnet mask indicates that bit position is part of the network address portion of the IP address.
When a host sends a message to a destination, the system must determine whether the destination is on the same network or it must be reached through a gateway. The system compares the destination address to the host address using the subnet mask.
Terms and commands:
- Subnet Mask Addressing
- /etc/hosts.equiv – Defines which client HOSTS are permitted to execute commands
- /etc/hosts.lpd
- arp – Translation table between TCP/IP addresses and network
- host
- hostname
- uname
- nameserver & resolv.conf
- ifconfig – Configures or displays the network interface
- $HOME/.netrc – Specify automatic login information
- $HOME/.rhosts – Defines which client USERS are NOT required to supply a login password
- ping – Sends an ICMP ECHO_REQUEST
- finger – Lists the current users logged on
- Iptrace – Debug trace utility for ip packets
- ipreport – Generates a packet trace report
- spray – Sends a specified number of packets
- no – Configures network options
- netstat – Show network statistics
nfsstat - Lists statistics about network file system
Assume a configuration as follows…
Assume a configuration as follows…
SOURCE ADDR = 128.100.0.1
DESTINATION ADDR = 128.100.69.100
SUBNET MASK = 255.255.255.0
BROADCAST MASK = 128.100.0.255
DESTINATION ADDR = 128.100.69.100
SUBNET MASK = 255.255.255.0
BROADCAST MASK = 128.100.0.255
In this case, the DESTINATION PACKET will go to the DEFAULT GATEWAY ADDRESS
$HOME/.netrc
Automatic login information for the ftp and rexec commands.
syntax: machine login password
If this file contains a password entry (optional), the file permissions must be set to 600 (rw for owner only) or else the error message rshd: 0826-813 Permission is denied is generated.
The file .netrc must exist on the client that your executing the ftp or rexec command from and the must specify the name of server to connect to.
For FTP only, you can initiate file transfers via a macro definition (up to 16 macros can be defined). This file resides on the client machine.
An example of the contents of a .netrc file…
machine sys8 login transfer password now macdef init
get /tmp/database.log /tmp/log/database.log
quit
get /tmp/database.log /tmp/log/database.log
quit
$HOME/.rhosts
Defines which client users are not required to supply a login password for the rcp, rlogin, or rsh commands using a user account on the server. The file resides on the server machine under the home directory of the user account being logged into. An ALIAS entry cannot be specified.
syntax:
/etc/hosts.equiv
Defines which clients are permitted to execute commands by the lpd, rlogind, rcpd, or rshd daemons without supplying a password.
syntax:
/etc/hosts.lpd
Defines which clients are permitted to print jobs to the print server.
arp - Address Resolution Protocol
Displays the translation table between TCP/IP addresses and network addresses. This physical address is six bytes long and is unique for every network board. The first three bytes of the address represent a vendor’s ID. The last three bytes are assigned by the manufacturer.
Some examples…
NOVELL 00 00 1B
NOVELL 08 00 14
3COM 02 60 8C
SUN 08 00 20
IBM 08 00 5a
DEC AA 00 04
finger
Lists the current users logged in from remote machines, including username, hostname, idle time, and so on
Example: finger -i (alias f -i)
host :
This command returns the internet address when a hostname is specified or the hostname when the internet address is specified.
This command returns the internet address when a hostname is specified or the hostname when the internet address is specified.
| Examples | What it does |
| host www.ahinc.com | www.ahinc.com 209.218.236.72 |
| host 209.218.236.72 | www.ahinc.com 209.218.236.72 |
hostname :
Sets or displays the name of the host system
| Examples | What it does |
| Hostname | Displays the current hostname value |
| hostname rs520 | Sets the name of the machine to rs520. Make ure that you set the system name to rs520 by executing the uname command |
uname:
Sets or displays the system name
| Examples | What it does |
| uname -S rs520 | Sets the system name |
| uname –a | List the system name |
ifconfig:
Configures or displays the network interface parameters for a tcp/ip network
| Examples | What it does |
| ifconfig en0 | Indicates if the en0 interface is up and running. en0: flags=2000063 inet 192.0.0.1 netmask 0xffffff00 broadcast 192.0.0.255 |
| ifconfig en0 up | Before this command is executed the state of the en0 interface is down (doesn’t show UP): en0: flags=2000062 inet 192.0.0.1 netmask 0xffffff00 broadcast 192.0.0.255 After this command is executed the state of the en0 interface is: en0: flags=2000063 inet 192.0.0.1 netmask 0xffffff00 broadcast 192.0.0.255 |
| 1) ifconfig en0 down 2) ifconfig en0 detach | Adapter statistics for the ethernet card get reset to zero. See the netstat -v display for further information. |
Iptrace:
Debug trace utility for IP packets
| Examples | What it does |
| Iptrace -a -s 193.0.0.1 -i en0 network.log | All TCP/IP packets that originate from host address of 193.0.0.1 with a ethernet network interface (en0) will be logged to the file network.log. |
ipreport :
Generates a packet trace report generated from the Iptrace facility
Example: ipreport network.log
Dumps the packets that were trapped from the Iptrace session in ascii format for inspection. Must kill the Iptraceprocess before this report can be displayed.
Dumps the packets that were trapped from the Iptrace session in ascii format for inspection. Must kill the Iptraceprocess before this report can be displayed.
nameserver (resolv.conf):
| Examples | What it does |
| host ahinc or arp -a | If the arp -a or host commands hang, usually means the name server daemon (/etc/named) is not running. Use the command ps -ef|grep named to check if named is running. |
| Telnet login responce is very slow. | Make sure the /etc/resolv.conf file has a valid entry in it and the /etc/hosts file has the appropriate entries for all known client nodes.Contents of an example of a /etc/resolv.conf: nameserver 192.168.1.1 domain ahinc.comWhen using the named process, each node should have at least the loopback and local host name defined in the /etc/hosts file. |
netstat :
Shows network statistics
| Examples | What it does |
| netstat -f inet | List statistics of AF_INET address family for remote communications |
| netstat -f unix | List statistics of AF_UNIX address family for local communications. |
| netstat -m | Shows current network interfaces that are up and running.
|
| netstat -r | If the non-loopback entry has a G in Flags field (g=gateway), then the ping command may hang. Change the Flags field to U only. Make sure the ROUTED daemon is running. To start: startsrc -s routed. |
| netstat -nr | Route Tree for Protocol Family 2: |
| netstat -sr netstat -s | Displays statistics for each protocol (ip, icmp, tcp, udp) |
| netstat -v | Shows statistics about network interface cards installed. |
Ping: Sends an ICMP ECHO_REQUEST
ping 192.0.0.255 Generates responses from all the other nodes connected on a class C network.
PORTMAP DAEMON:
The portmap daemon converts remote procedure call (RPC) program numbers into Internet port numbers. (like in the case of NFS)he portmap daemon knows the location of every registered port on the host and which programs are available on each of these ports. When a client sends an RPC to the server, the portmap daemon answers to the client which port to send the call to. Portmap daemon listens on port number 111.
INETD DAEMON:
The /usr/sbin/inetd daemon provides Internet service management for a network. It reduces system load by invoking other daemons. The inetd daemon listens for connections on certain Internet sockets (info in /etc/inetd.conf) and handles those requests.
The /usr/sbin/inetd daemon provides Internet service management for a network. It reduces system load by invoking other daemons. The inetd daemon listens for connections on certain Internet sockets (info in /etc/inetd.conf) and handles those requests.
The inetd daemon is a subsystem that controls the following daemons (subservers): ftpd, fingerd, talkd, telnetd …
/etc/inetd.conf inetd configuration file (if changed by an editor, run refresh -s inetd)
smitty inetd updates automatically the /etc/inetd.conf
lssrc -ls inetd shows details of subservers started in inetd
stopsrc -s inetd stops the inetd daemon
stopsrc -t ftp stops an inetd subserver
smitty inetd updates automatically the /etc/inetd.conf
lssrc -ls inetd shows details of subservers started in inetd
stopsrc -s inetd stops the inetd daemon
stopsrc -t ftp stops an inetd subserver
NETWORK CONFIGURATION AT BOOT TIME:
1. /etc/rc.net
Configures and starts TCP/IP interfaces. Sets hostname, default gateway and static routes.(it is called by cfgmgr)
then during initialization the file /etc/inittab is called. There are 2 entries:
…
rctcpip:23456789:wait:/etc/rc.tcpip > /dev/console 2>&1 # Start TCP/IP daemons
rcnfs:23456789:wait:/etc/rc.nfs > /dev/console 2>&1 # Start NFS Daemons
…
2. /etc/rc.tcpip
starts TCP/IP daemons (sendmail, portmap, inetd, etc., and other daemons: syslogd, lpd …)
Configures and starts TCP/IP interfaces. Sets hostname, default gateway and static routes.(it is called by cfgmgr)
then during initialization the file /etc/inittab is called. There are 2 entries:
…
rctcpip:23456789:wait:/etc/rc.tcpip > /dev/console 2>&1 # Start TCP/IP daemons
rcnfs:23456789:wait:/etc/rc.nfs > /dev/console 2>&1 # Start NFS Daemons
…
2. /etc/rc.tcpip
starts TCP/IP daemons (sendmail, portmap, inetd, etc., and other daemons: syslogd, lpd …)
3. /etc/inetd.conf
when inetd started, it reads its configuration from this file
contains the name of the services that inetd listens for requests and starts as needed
when inetd started, it reads its configuration from this file
contains the name of the services that inetd listens for requests and starts as needed
NAME RESOLUTION:
You can use several methods to ensure that /etc/hosts file is used before any DNS, if the /etc/resolv.conf file exists.
You can include the NSORDER variable in the /etc/environment file, or you can include a specification line in either the /etc/irs.conf file or the /etc/netsvc.conf file.
The settings in the /etc/netsvc.conf configuration file override the settings in the /etc/irs.conf file. The NSORDER environment variable overrides the settings in the /etc/irs.conf and the /etc/netsvc.conf files.
You can use several methods to ensure that /etc/hosts file is used before any DNS, if the /etc/resolv.conf file exists.
You can include the NSORDER variable in the /etc/environment file, or you can include a specification line in either the /etc/irs.conf file or the /etc/netsvc.conf file.
The settings in the /etc/netsvc.conf configuration file override the settings in the /etc/irs.conf file. The NSORDER environment variable overrides the settings in the /etc/irs.conf and the /etc/netsvc.conf files.
Domain Name Service (DNS):
/etc/resolv.conf contains name servers, if this file exists then we have a domain network, if not then /etc/hosts file is used
/etc/netsvc.conf specify the ordering of name resolution (or NSORDER environment variable can contain this)
(if both exists NSORDER will override netsvc.conf)
bind=DNS, local=/etc/hosts
/etc/resolv.conf contains name servers, if this file exists then we have a domain network, if not then /etc/hosts file is used
/etc/netsvc.conf specify the ordering of name resolution (or NSORDER environment variable can contain this)
(if both exists NSORDER will override netsvc.conf)
bind=DNS, local=/etc/hosts
The /etc/netsvc.conf and /etc/irs.conf files are used by the resolver routines as soon as the files exist
/etc/netsvc.conf configuration:
hosts=local,bind
hosts=local,bind
/etc/irs.conf configuration:
hosts local continue
hosts DNS
nslookup responds similarly to the host command, but it only uses DNS (don’t NIS and don’t /etc/hosts)
hosts local continue
hosts DNS
nslookup
Flat Network:
/etc/hosts contains the hostnames and their address for hosts in the network
host
host
To work properly both should give the same result.
/etc/hosts contains the hostnames and their address for hosts in the network
host
host
To work properly both should give the same result.
ADDRESS RESOLUTION:
Internet-to-physical address (MAC address)
Internet-to-physical address (MAC address)
arp -a shows the ARP table
the manual of arp command can help
the manual of arp command can help
VERIFYING OPEN PORTS:
To display TCP/IP application ports (which are opened)
To display TCP/IP application ports (which are opened)
netstat -an lists of opened ports with port numbers (netstat -an -f inet)
netstat -af inet lists all open UDP and TCP ports with service names (not the port numbers)
server ports are in LISTEN state, client connections to or from any port are in ESTABLISHED state
netstat -af inet lists all open UDP and TCP ports with service names (not the port numbers)
server ports are in LISTEN state, client connections to or from any port are in ESTABLISHED state
/etc/services contains information about known services and their portnumber (if changing this file: refresh -s inetd)
ROUTING:
lsattr -El inet0 shows routings in the inet0 (which is a netwotk device in the kernel (config info for inet0 is stored in the odm)
(you can check with this as well: odmget -q attribute=route CuAt)
netstat -rn shows the routing table. (-r: displays routing statistics, -n: displays the network address as an IP address)
(you can check with this as well: odmget -q attribute=route CuAt)
netstat -rn shows the routing table. (-r: displays routing statistics, -n: displays the network address as an IP address)
In the routing table:
U – route is up and available
H – route is to a host
G – route is to a gateway
b – route represents a broadcast address
S – manually added??? (Static route: it will come back after reboot???)
A – Active Dead Gateway Detection is enabled on the route
U – route is up and available
H – route is to a host
G – route is to a gateway
b – route represents a broadcast address
S – manually added??? (Static route: it will come back after reboot???)
A – Active Dead Gateway Detection is enabled on the route
TCP/IP Subsystems:
The mktcpip command runs a shell script called rc.tcpip to start the TCP/IP
daemons for your configuration. The script contains start stanzas for the following
Dynamic Host Control Protocol (DHCP) daemons:
Check both places: netstat -nr and lsattr -El inet0 (odmget -q “attribute = route” CuAt)
Commands:
Check both places: netstat -nr and lsattr -El inet0 (odmget -q “attribute = route” CuAt)
Commands:
chdev <–permanent: it will modify inet0 with the new route, it registers a new entry in the ODM
smitty route <–permanent: it calls the command chdev (Destination, Gateway and Netmask should be filled)
route <–temporary: this is valid only until next reboot (does not update the ODM)
smitty route <–permanent: it calls the command chdev (Destination, Gateway and Netmask should be filled)
route <–temporary: this is valid only until next reboot (does not update the ODM)
ADD/REMOVE with chdev: (permanent)
(when default route is added it can be network route, dest. addres is 0.0.0.0 and network mask can be 0.0.0.0)
(we can add interface name as well, if omitted system will add 1)
(when default route is added it can be network route, dest. addres is 0.0.0.0 and network mask can be 0.0.0.0)
(we can add interface name as well, if omitted system will add 1)
add:
chdev -l inet0 -a route=net,-hopcount,0,,0,100.200.200.65
chdev -l inet0 -a route=0, <-this add="" default="" p="" route="" the="" will="">
chdev -l inet0 -a route=net,-hopcount,0,,0,100.200.200.65
chdev -l inet0 -a route=0,
remove:
first check lsattr -El inet0, and copy a line exactly from the output into ” …”:
first check lsattr -El inet0, and copy a line exactly from the output into ” …”:
chdev -l inet0 -a delroute=”net,-hopcount,0,-netmask,255.255.0.0,-if,en4,,,,50.20.0.0,50.50.80.3″
chdev -l inet0 -a delroute=”net,-hopcount,0,,0,100.200.200.65″
chdev -l inet0 -a delroute=”net,-hopcount,0,-netmask,255.255.255.240,,,,,-static,50.20.100.80,10.10.3.1″
chdev -l inet0 -a delroute=”net,-hopcount,0,,0,100.200.200.65″
chdev -l inet0 -a delroute=”net,-hopcount,0,-netmask,255.255.255.240,,,,,-static,50.20.100.80,10.10.3.1″
ADD/REMOVE with route: (temporary)
add:
route add 0 9.19.99.11 <–adds default route (0 really stands for 0.0.0.0)
route add -net 100.100.243.0 -netmask 255.255.255.0 100.100.200.209 <–adds network route (route add -net $NETW -netmask $NETMASK $GATEWAY)
route add -net 9.19.99/22 9.19.98.11 <–adds network route without netmask
route add -host 50.200.100.31 50.200.100.20 <–adds host route
route add 10.200.40.28 10.200.40.1 -active_dgd <–sets dead gateway detection on that route (netstat -nr shows: A if enabled on a route)
route add 0 9.19.99.11 <–adds default route (0 really stands for 0.0.0.0)
route add -net 100.100.243.0 -netmask 255.255.255.0 100.100.200.209 <–adds network route (route add -net $NETW -netmask $NETMASK $GATEWAY)
route add -net 9.19.99/22 9.19.98.11 <–adds network route without netmask
route add -host 50.200.100.31 50.200.100.20 <–adds host route
route add 10.200.40.28 10.200.40.1 -active_dgd <–sets dead gateway detection on that route (netstat -nr shows: A if enabled on a route)
remove:
route delete 50.20/22 50.50.80.3 <–keeps in the ODM
route delete 0 9.19.99.11 <–deletes only the deafult route
route delete 50.20/22 50.50.80.3 <–keeps in the ODM
route delete 0 9.19.99.11 <–deletes only the deafult route
route -f clear the routing table (except those created implicitly)
mkdev -l inet0 it will recreate the routes which exist in the ODm (inet0) (it can help, if it was deleted manually)
The route command distinguishes between routes to hosts and routes to networks by interpreting the network address of the destination address. The optional keywords -net and -host force the destination to be interpreted as given.
If there are more routes (duplicate routes) on host A, you can have some packet loss, when you ping host A from host B. On host A if you issue many times: route -n get , you will see interface names (enX) will change, this is due to bad routing)
For Static routes a solution would be:
(instead of using chdev and ODM checking)
1. add the routes with route command
2. Put the routes into /etc/rc.net file (with the same route command)
Look for “Part II – Traditional Configuration,” and you will see an area in which you can add routes
This way, you have a flat file that is easily modified, contains the route information in a straightforward way, and doesn’t manipulate the ODM.
This way, you have a flat file that is easily modified, contains the route information in a straightforward way, and doesn’t manipulate the ODM.
To remove all the routes:
(routing table + ODM)
/etc/route -n -f and odmdelete -o CuAt -q “name=inet0 and attribute=route”
(routing table + ODM)
/etc/route -n -f and odmdelete -o CuAt -q “name=inet0 and attribute=route”
chdev – changes are effective immediately and across boots
ifconfig, route – changes are active immediately and are effective until reboot
————————
ifconfig, route – changes are active immediately and are effective until reboot
————————
# netstat -C-The netstat -C command shows the routing table that includes current costs (Cost) and user-defined cost (Config_Cost) of individual routes. When using Dead Gateway detection.
Network tunables:
The no command is used to configure a wide range of network tuning parameters.
These are often referred to as tunables.
The options to the no command allow you to set or display either the current value or
the reboot value for network tunables.
No comments:
Post a Comment