Command Line Tools Lesson 10

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

tracert

(this is a windows command) In an earlier section, you were introduced to the ping command, which can verify Layer 3 connectivity to a remote host. If the pings were unsuccessful, or if the round-trip response times seem too long, the tracert command might help isolate the issue. Specifically, the tracert command pings every router hop from the source to the destination and reports the round-trip time for each router hop. If a router is not reachable, you might want to investigate the router hop just before or just after the hop that timed out. However, in many cases, a router does not respond to a tracert because it has been configured not to respond to ICMP messages (which is what the tracert command uses) for security reasons. So, a failed response does not always indicate a router-configuration issue or a bad link between two routers. However, even if the tracert output shows every route hop from the source to the destination, the round-trip delay time can help identify congested links. tracert with IPv6 Similar to the tracert options for IPv4, the IPv6 path through a network can be verified with tracert for IPv6. Depending on the version of Windows being used, this may be done by using tracert destination-IPv6-address, tracert6 destination-IPv6-address, or tracert -6 destination-IPv6-address. Although the tracert command has a few optional parameters, usually it simply specifies a target IP address or FQDN, as follows: C:\> tracert pearsonitcertification.com

ping

-t This option repeatedly sends pings (ICMP echo messages) until you stop it by pressing Ctrl+C. -n count This option specifies the number of pings to send.-fThis option sets the "don't fragment" bit in a packet's header. If the packet tries to cross a router that attempts to fragment the packet, the packet is dropped, and an ICMP error message is returned. -i TTL This option sets the TTL value in a packet's header. The TTL is decremented for each router hop. A packet is discarded when its TTL value reaches 0. -S srcaddr If the PC from which you are issuing the ping command has more than one IP address, this option allows you to specify the source IP address from which the ICMP echo messages should be sent. target_nameThis option specifies the name or the IP address of the device to which you are sending ICMP echo messages. ping with IPv6 Depending on the operating system, ping can natively work to test connectivity using IPv6 when an IPv6 destination address is part of the ping command. On some systems the command ping -6 IPv6-destination-address, ping6 IPv6-destination-address, or some variant specific to that operating system may be available for testing IPv6 connectivity. route

route (unix)

Although the UNIX route command is not used to display a host's IP routing table, which is a use of the Windows route command, it can be used to modify a UNIX host's IP routing table. The route command has multiple options; however, this discussion focuses on using the route command to add or delete a route from a UNIX host's routing table. route [-qv] [[add | delete] net network/mask gateway] -qThis option, where the q stands for quiet, suppresses any output from appearing onscreen after the route command is entered.-vThis option, where the v stands for verbose, causes additional details about the route command's execution to be shown onscreen.addThis option adds a route to a UNIX host's routing table.deleteThis option deletes a route from a UNIX host's routing table.netThis option specifies that the next parameter is a network address.networkThis option specifies the network to add or remove from a UNIX host's routing table.maskThis option is the number of bits in a specified network's subnet mask.gatewayThis option is the IP address of the gateway, which is the next hop toward the specified network.

man

One of the benefits of UNIX is its extensive syntax reference in the form of manual pages (man pages). These man pages can be invoked with the following syntax: HOST# man command For example, if you want detailed information about the arp command, you can enter man arp to produce the output shown in Example 10-20. To leave the man pages, use the Q key.

arp (uniux)

Similar to the Windows arp command, the UNIX arp command can be used to display MAC-address-to-IP-address mappings. -aThis option displays current ARP entries in a UNIX host's ARP table.-nThis option displays network addresses as numbers instead of symbols.-i interfaceThis option specifies that the arp command should be limited to a specified interface.-dAn ARP entry for a host can be deleted with this option, in combination with the inet_addr parameter. A wildcard character of * can delete all host entries.-sThis option, used in conjunction with the hostname and eth_addr parameters, statically adds a host entry in the ARP table.ifscope interfaceThis option indicates that the arp command should be limited to a specified interface.hostnameThis option is the IP address of the host to be associated with a specified MAC address.eth_addrThis parameter specifies a 48-bit MAC address.tempUsed in conjunction with the -s option, the temp option says that the static ARP entry is only temporary, as opposed to the default of being permanent.rejectUsed in conjunction with the -s option, this option says that traffic to the destination specified in the static ARP entry will be rejected, and the sender will be notified that the host is unreachable.blackholeSimilar to the reject option, the blackhole option says that traffic to the destination specified in the static ARP entry will be rejected. However, the sender is not notified.-f filenameThis option allows an external file to be used to import a collection of ARP entries. The entries in the external file should be in the following format:hostname ether_addr [temp] [ifscope interface]

pathping

The PathPing Windows tool combines features of ping and tracert over a period of time. It can be used with IPv4 and IPv6. PathPing shows the amount of packet loss at any given router so you can identify the routers that might be causing in the path. -g host-listLoose source route along host-list. Loose source routing permits you to specify a set of destinations the packet must visit in transit.-h maximum_hopsMaximum number of hops to search for target.-i addressUse the specified source address.-nDo not resolve addresses to hostnames.-p periodWait period milliseconds between pings.-q num_queriesNumber of queries per hop.-w timeoutWait timeout milliseconds for each reply.-4Force using IPv4.-6Force using IPv6.

ifconfig

The UNIX ifconfig command is most similar to the Windows ipconfig command, although the output is noticeably different. Issued by itself, the ifconfig command displays a UNIX host's interfaces along with configuration information about those interfaces, including MAC address, maximum transmission unit (MTU), IPv4 address, and IPv6 address information.Beyond just displaying interface information, the ifconfig command can also configure interface parameters. For example, an interface's IP address can be configured with the ifconfig command. For example, if you want to configure interface en0 with an IP address of 192.168.1.26 and a subnet mask of 255.255.255.0, you could issue the command ifconfig en0 inet 192.168.1.26 netmask 255.255.255.0

netstat (unix)

The UNIX netstat command serves the same basic purpose of the Windows netstat command, which is to display various information about current connections. This information includes source and destination IP addresses and port numbers. You can also display protocol statistics with the netstat command. -aThis option displays all of a UNIX host's active IP-based sessions, along with the TCP and UDP ports of each session.-pThis option shows connections for the protocol specified by protocol. In this case, protocol can be tcp, udp, tcpv6, or udpv6.-rThis option displays a UNIX host's IP routing table.-sThis option displays statistical information for protocols such as udp, ip, icmp, igmp, ipsec, ip6, icmp6, ipsec6, rip6, and pfkey. (Note that these protocols vary depending on your UNIX platform.)

ping (unix)

The UNIX ping command is most typically used to test network reachability to a specified destination, like the Windows version of the ping command. However, unlike the Windows ping command, the UNIX ping command sends continuous pings, as opposed to the Windows default of only four pings. -c countThis option specifies the number of pings to send.-DThis option sets the "don't fragment" bit in a packet's header. If the packet tries to cross a router that attempts to fragment the packet, the packet is dropped and an ICMP error message is returned.-S srcaddrIf the UNIX host from which you are issuing the ping command has more than one interface, this option allows you to specify the source IP address from which the ICMP echo messages should be sent.target_nameThis option specifies the name or the IP address of the device to which you are sending ICMP echo messages.

dig

The dig command can similarly be used to resolve FQDNs to IP addresses. Unlike the nslookup command, however, the dig command is entirely a command-line command. (dig lacks the interactive mode of the nslookup command.) the dig command offers more information than the nslookup command. For example, the A in the QUESTION SECTION output of the dig command identifies the DNS record type (an A record, which is an alias record). If you peruse the output, you can find a few other pieces of information present in the dig command output, not found in the nslookup command output; however, the dig command is rarely used to glean these more subtle pieces of information. Rather, the dig command is used by many UNIX administrators as simply an alternate way of resolving FQDNs to IP addresses.

host

The host command offers a variety of options, and you can read more about them by issuing the man host command from a UNIX prompt. However, this discussion focuses on the most common use of the host command, which is FQDN-to-IP-address resolution. host www.pearsonitcertification.com

nbtstat

The nbtstat command displays NetBIOS information for IP-based networks. The nbt prefix of the nbtstat command refers to NetBIOS over TCP/IP, which is called NBT or NetBT. This command can, for example, display a listing of NetBIOS device names learned by a Windows PC. nbtstat/R This option purges a PC's NetBIOS cache and reloads entries from a PC's LMHOSTS file (which is a text file containing NetBIOS to IP address mappings) that have #PRE following the entry. The #PRE option in an LMHOSTS file causes those entries to be preloaded into a PC's NetBIOS cache. When you are troubleshooting, it often helps to know the IP address of a known NetBIOS name. You can view a PC's NetBIOS name cache, which lists this information, with the nbtstat/c command.

nmap

The nmap command (short for Network Mapper) is an open-source and very versatile tool for UNIX network admins. You use nmap to explore networks, perform security scans, create network audits, and find open ports on remote machine. The tool can scan for live hosts, operating systems, packet filters, and open ports.

route

The route command can display a PC's current IP routing table. In addition, you can use the route command to add or delete entries to or from that routing table. -f This option clears gateway entries from the routing table. If this option is used with another option, the clearing of gateways from the routing table occurs before any other specified action. -pThis option can be used with the add command to make a statically configured route persistent, meaning that the route will remain in a PC's routing table even after a reboot.commandSupported commands include print, add, delete, and change. The print command lists entries in a PC's routing table. The add command adds a route entry. The delete command removes a route from the routing table, while the change command can modify an existing route. destinationThis option specifies the destination host or subnet to add to a PC's routing table. mask netmaskThis option, used in conjunction with the destination option, specifies the subnet mask of the destination. If the destination is the IP address of a host, the netmask parameter is 255.255.255.255. gatewayThis option specifies the IP address of the next-hop router used to reach the specified destination. metric metricThis option specifies the cost to reach a specified destination. If a routing table contains more than one route to reach the destination, the route with the lowest cost is selected. if interfaceIf you want to forward traffic to a specified destination out of a specific interface, use this option.

traceroute

The traceroute UNIX command can be used for the same purpose as the tracert Windows command. Specifically, you can help isolate which router hop along the path from a source device to a destination device is having issues. Also, based on the round-trip response time information reported for each hop, you can better determine which network segment might be causing excessive delay because of congestion. Similar to the traceroute options for IPv4, the IPv6 path through a network can be verified with traceroute for IPv6. Depending on the vendor and platform, this may be done by using traceroute destination-IPv6-address, traceroute6 destination-IPv6-address, traceroute -6 destination-IPv6-address, or some variant specific to the vendor and product being used.

arp

You can use the arp command to see what a Layer 2 MAC address corresponds to as a known Layer 3 IP address. In addition, you can use the arp command to statically add a MAC-address-to-IP-address mapping to a PC's Address Resolution Protocol (ARP) MAC address lookup table (sometimes called the ARP cache). A MAC address of 00-50-56-c0-00-08, which could alternatively be written as 0050.56c0.0008. arp /a (or -g) shows curent entries in a pcs routing table. inet_addr This option is a specific IP address. eth_addr This parameter is a 48-bit MAC address. if_addr If a host has multiple interfaces, an ARP entry might be associated with a specific interface. This option can be used for statically adding or deleting an ARP entry to or from a specified interface. /v This option, where the v stands for verbose, includes any invalid and loopback interface entries in an ARP table. /d An ARP entry for a host can be deleted with this option, in combination with the inet_addr parameter. A wildcard character of * can delete all host entries.

tcpdump

You can use the tcpdump command to print out the headers of packets on a network interface that match a Boolean expression. You can also run the command with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface.

iptables

You use the iptables UNIX command to put rules in place for packet filtering. Typical criteria you specify would include the following: Packet type: Specifies the type of packets the command filters Packet source/destination: Specifies which packets the command filters based on the source or destination of the packet Target: Specifies what action is taken on packets matching the preceding criteria

ipconfig

display IP address configuration parameters on a Windows PC. In addition, if the PC uses Dynamic Host Configuration Protocol (DHCP), you can use the ipconfig command to release and renew a DHCP lease, which is often useful when troubleshooting. /all gives more verbose information, including such information as DNS, MAC address, and IPv6 address information. If you are troubleshooting a PC and suspect that IP addressing might be an issue, you can release the PC's current DHCP lease with the ipconfig /release command, as shown in Example 10-4. Then you can renew the DHCP lease with the ipconfig /renew command /release and /release6 release a DHCP lease for an IPv4 and IPv6 address, respectively. /renew and /renew6 renew a DHCP lease for an IPv4 and IPv6 address, respectively.

netstat

display various information about IP-based connections on a PC. For example, you can view information about current sessions, including source and destination IP addresses and port numbers. You can also display protocol statistics. This might be useful for troubleshooting purposes. For example, you might issue the netstat command and see that your PC has sessions open to an unknown host on the Internet. These sessions might warrant further investigation to determine why the sessions are open and if they might be resulting in performance issues on your PC or possibly posing a security risk. The netstat command issued without any options lists source and destination IP addresses and port numbers for all IP-based sessions. -aThis option displays all of a PC's active IP-based sessions, along with the TCP and UDP ports of each session. -bThis option shows you the names of the program that opened up a session. -eThis option shows statistical information for an interface's IP-based traffic, such as the number of bytes sent and received. -fThis option displays fully qualified domain names (FQDN) of destination addresses appearing in a listing of active sessions. -p protoThis option displays connections for a specific protocol, which might be icmp, icmpv6, ip, ipv6, tcp, tcpv6, udp, or udpv6. -rThis option displays a PC's IP routing table. (Note that this command generates the same output as the route print command.) -sThis option displays statistical information for the following protocols: icmpv4, icmpv6, ipv4, ipv6, tcpv4, tcpv6, udpv4, and udpv6.

deleting a route

route delete 10.0.0.0 mask 255.0.0.0 192.168.1.11 route delete (network destination) mask (netmask) (gateway)

the rest are unix commands

the rest are unix commandss

nslookup

you can use the nslookup command to resolve an FQDN to an IP address. This can, for example, help you to determine whether a DNS record is correct and to verify that your DNS server is operating.


Ensembles d'études connexes

ATI Health Assess 2.0 Musculoskeletal/Neuro Learning Module Test

View Set

9.3 - Persons Subject to State Registration

View Set