Maršrutizacija ir tinklo būsena
Darbo tikslas: Susipažinti su tinklo komandų rinkiniu netstat, traceroute, route.
KOMADA traceroute
traceroute naudojama tikrintimaršrytų parametrus. Ji siunčia UDP paketą ir laukiair maršrytizatorių ICMP pranešimų. Raktai:
-m maxttl – maksimalus gyvavimo skaičius.
-n – simboliniai vardai nerodomi.
-p port – kreiptis į atitinkamą portą(ryšio kanalą). Pagal nutylejima – 33434. Skirtingiems portams gali buti skirtingi rezultatai, nes dalis portu paprastai blokuojami.
-s SRC_adderss – resurso adresas.
-w time – laikas , po kurio paketas laikomas prarastas(timeout). Pagal nutylėjimą jis – 3 sekundės. Maršrutizatoriai ir informacija apie juos žymima žvaigždutėmis.
Host packetsize – galima nurodyti komandoje mazgo ir siunčiamo paketo dydį. Pagal nutyl4jim1- segmento dydis- 34 B.
-v – rodyti visus pranešimus, išskyrus TIME_EXCEEDED ir PORT_UNREACHABLE.
-q queries siunčiamų paketų (bandymų) skaičius. Pagal nutylėjimą –3.
-I naudojami ICMP paketai vietoj UDP. Kai kuriais atvejais ICMP paketai “laisviau” praleidžiami.
-z time nustato pauze tarp bandymu.
-f ttl nuo kurio hopo rodyti informacija.
-F- nefragmentuoti.
Galimos pastabos:
!H- hostas nepasiekiamas
!N- tinklas nepasiekiamas
!P- portas nepasiekiamas
!S- saltinis nepasiekiamas.
Reikia nepamiršti, kad apytiksliai pusė hopų reikalingi paketo gryžimui. Rezultatuose zvaigzdutes gali atsirasti del to, kad is serveriu issiustas ttl pakankamai mazas arba blokuojami ICMP pranesimai.
traceroute -p 80 -s 192.168.64.255 -m 50 -w 5 -q 2 www.is.lt 40
Cia portas 80, saltinis 192.168.64.255, bus spausdinama maksimaliai 50 irasu, timeout laikas 5 sekundes, bus siunčiami du bandymai.
traceroute -m 40 -w 5 -q 1 www.viko.lt 40
rezultatas:
traceroute to www.viko.lt (193.219.139.166), 40 hops max, 40 byte packets
1 adsl-81-7-112-1.takas.lt (81.7.112.1) 89.835 ms
2 212-59-1-141.telecom.lt (212.59.1.141) 86.330 ms
3 litnet-gw.is.lt (193.219.13.98) 90.356 ms
4 193.219.49.137 (193.219.49.137) 90.231 ms
5 193.219.49.131 (193.219.49.131) 89.919 ms
6 *
7 *
8 *
9 *
10 *
11 *
12 *
13 *
......
36 *
37 *
38 *
39 *
40 *
Kaip atfiltruoti tik tuos irasus, kurie prasmingi.
traceroute 192.168.64.255
socket: Permission denied
Uzduotis: paskaiciuoti, kiek irasu su tikrais adresais. Komandini faila paleisti foniniame rezime.
traceroute -I -m 50 -w 2 -q 2 www.is.lt 200 > log_1
a=` cat log_1 | wc -l `
a=` (expr $a - 1) `
echo "viso rezultatu $a"
echo "realus hopai"
eval "head -$a log_1 " | grep -v -e \* | awk '{print $1 " " $2}'
Uzduotis: paskaiciuoti, kiek neaiskiu marzrutizatoriu
Uzduotis: paskaiciuoti,, kiek marstutizatoriu, kuriie priklauso C klasei 193
KOMANDA netstat
Komanda netstas rodo tinklo būseną. Pagal n utylėjimą be jokių raktų.:
Lokalų ir nutolusį ardresą, nusiųstus ir gautus rezultatus, protokolą ir jo būseną. Raktai:
-a – rodo visų sujungimų (sockets) būseną ir visus maršrutizavijos įrašus. Soketai, naudojami serverio, nerodomi.
-n – adresai tik skaitmeniniai
-v – papildoma info apie soketus.
-g – multicast grupės adresai.
-p – arp lentelės.
-s – kiekvieno protokolo statistika.
-i – visų sąsajų statistika.
-r – maršrutizavimolentelės.
-d – DHCP statistika.
-D – konfiguruoti DHCP sąsajos.
-f address_family sattistika adresų blokui:inet, unix, inet6 ar ns.
-P protocol tik nurodutam protokolui.
- I interface tik nurodytam interfeisui: ie0 or le0.
-c – adapterio kaupyklos grynoji atmintis.
-D atmestų , išsiūstų ir gautų paketų statistika.
-m maršrutizacijos statistika.
-u soketų informacija.
-Zc – išvalo adapterio kaupyklą.
-Zi – išvalo adapterio statistiką.
-Zm – išvalo tinklo atminties paskirstymo statistiką.
-Zs – išvalo protokolų statistiką.
netstat –r
Flags |
Maršruto būsena:
U Up.
H maršrutas mazkas , ne tinklas.
G maršrutas nukreiptas įšliuzą.
D dinaminis maršrutas (redirect).
M modifilkuotas maršrutas (redirect)
//L The link-level address is present in the route entry.
1
Protocol specific routing flag #1.
2
Protocol specific routing flag #2.
3
Protocol specific routing flag #3.
b
The route represents a broadcast address.
e
Has a binding cache entry.
l
The route represents a local address.
m
The route represents a multicast address.
P
Pinned route.
R
Host or net unreachable.
S
Manually added.
u
Route usable.
Direct routes are created for each interface attached to the local host. |
Gateway |
The gateway field for these entries shows the address of the outgoing interface. |
Refs |
Gives the current number of active uses for the route. Connection-oriented protocols hold on to a single route for the duration of a connection, while connectionless protocols obtain a route while sending to the same destination. |
Use |
Provides a count of the number of packets sent using that route. |
PMTU |
Gives the Path Maximum Transfer Unit (PMTU). This field only applies to AIX 4.2.1 or later. |
Interface |
Indicates the network interfaces utilized for the route. |
Exp |
Displays the time (in minutes) remaining before the route expires. This field only applies to AIX 4.2.1 or later. |
Groups |
Provides a list of group IDs associated with that route. This field only applies to AIX 4.2.1 or later. |
Netmasks |
Lists the netmasks applied on the system. |
Route Tree for
Protocol Family |
Specifies the active address families for existing routes. Supported values for this field are:
1
Specifies the UNIX address family.
2
Specifies the Internet address family (for example, TCP and UDP).
6
Specifies the Xerox Network System (XNS) address family.
For more information on other address families, refer to the /usr/include/sys/socket.h file. |
1. netstat -r -f inet rodo tokią srtatistiką:
Routing tables
Destination Gateway Flags Refs Use PMTU If Exp Groups Netmasks:
(root node)
(0)0 ffff f000 0
(0)0 ffff f000 0
(0)0 8123 262f 0 0 0 0 0
(root node)
Route Tree for Protocol Family 2:
(root node)
default 129.35.38.47 UG 0 564 - tr0 -
loopback 127.0.0.1 UH 1 202 - lo0 -
129.35.32 129.35.41.172 U 4 30 - tr0 - +staff
129.35.32.117 129.35.41.172 UGHW 0 13 1492 tr0 30
192.100.61 192.100.61.11 U 1 195 - en0 -
(root node)
Route Tree for Protocol Family 6:
(root node)
(root node)
netstat -i -f inet
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
lo0 1536 <Link> 4 0 4 0 0
lo0 1536 127 loopback 4 0 4 0 0
en0 1500 <Link> 96 0 67 0 0
en0 1500 192.100.61 nullarbor 96 0 67 0 0
tr0 1500 <Link> 44802 0 11134 0 0
tr0 1500 129.35.32 stnullarb 44802 0 11134 0 0
netstat -i -f inet
This produces the following output if you are using AIX 4.2:
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
lo0 1536 <Link> 4 0 4 0 0
lo0 1536 127 loopback 4 0 4 0 0
en0 1500 <Link> 96 0 67 0 0
en0 1500 192.100.61 nullarbor 96 0 67 0 0
tr0 1500 <Link> 44802 0 11134 0 0
tr0 1500 129.35.32 stnullarb 44802 0 11134 0 0
This produces the following output if you are using AIX 4.3:
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
lo0 16896 Link#1 5161 0 5193 0 0
lo0 16896 127 localhost 5161 0 5193 0 0
lo0 16896 ::1 5161 0 5193 0 0
en1 1500 Link#2 8.0.38.22.8.34 221240 0 100284 0 0
en1 1500 129.183.64 infoserv.frec.bul 221240 0 100284 0 0
The -i -f inet flags indicate a request for the status of all configured Internet interfaces. The network interfaces are listed in the Name column; lo designates a loopback interface, en designates a Standard Ethernet interface, while tr specifies a Token-Ring interface.
- To display statistics for each protocol, enter:
netstat -s -f inet
This produces the following output:
ip:
:
44485 total packets received
0 bad header checksums
0 with size smaller than minimum
0 with data size < data length
0 with header length < data size
0 with data length < header length
0 with bad options
0 with incorrect version number
0 fragments received
0 fragments dropped (dup or out of space)
0 fragments dropped after timeout
0 packets reassembled ok
44485 packets for this host
0 packets for unknown/unsupported protocol
0 packets forwarded
0 packets not forwardable
0 redirects sent
1506 packets sent from this host
0 packets sent with fabricated ip header
0 output packets dropped due to no bufs, etc.
0 output packets discarded due to no route
0 output datagrams fragmented
0 fragments created
0 datagrams that can't be fragmented
0 IP Multicast packets dropped due to no receiver
0 successful path MTU discovery cycles
0 path MTU rediscovery cycles attempted
0 path MTU discovery no-response estimates
0 path MTU discovery response timeouts
0 path MTU discovery decreases detected
0 path MTU discovery packets sent
0 path MTU discovery memory allocation failures
0 ipintrq overflows
icmp:
0 calls to icmp_error
0 errors not generated 'cuz old message was icmp
Output histogram:
echo reply: 6
0 messages with bad code fields
0 messages < minimum length
0 bad checksums
0 messages with bad length
Input histogram:
echo: 19
6 message responses generated
igmp:defect
0 messages received
0 messages received with too few bytes
0 messages received with bad checksum
0 membership queries received
0 membership queries received with invalid field(s)
0 membership reports received
0 membership reports received with invalid field(s)
0 membership reports received for groups to which we belong
0 membership reports sent
tcp:
1393 packets sent
857 data packets (135315 bytes)
0 data packets (0 bytes) retransmitted
367 URG only packets
0 URG only packets
0 window probe packets
0 window update packets
170 control packets
1580 packets received
790 acks (for 135491 bytes)
60 duplicate acks
0 acks for unsent data
638 packets (2064 bytes) received in-sequence
0 completely duplicate packets (0 bytes)
0 packets with some dup. data (0 bytes duped)
117 out-of-order packets (0 bytes)
0 packets (0 bytes) of data after window
0 window probes
60 window update packets
0 packets received after close
0 discarded for bad checksums
0 discarded for bad header offset fields
0 connection request
58 connection requests
61 connection accepts
118 connections established (including accepts)
121 connections closed (including 0 drops)
0 embryonic connections dropped
845 segments updated rtt (of 847 attempts)
0 resends due to path MTU discovery
0 path MTU discovery terminations due to retransmits
0 retransmit timeouts
0 connections dropped by rexmit timeout
0 persist timeouts
0 keepalive timeouts
0 keepalive probes sent
0 connections dropped by keepalive
udp:
42886 datagrams received
:
0 incomplete headers
0 bad data length fields
0 bad checksums
0 dropped due to no socket
42860 broadcast/multicast datagrams dropped due to no
socket
0 socket buffer overflows
26 delivered
106 datagrams output
Atitinkamo porto užklausų klausymas
while [ true ]
do
echo "$(date) $(netstat -n | grep 80 | wc -l)" >> netstat_info
sleep 300
done
KOMANDA route
Komanda route valdo maršrutų lenteles. Raktai:
-A family - naudojama tik specifienei adresų šeimai:
inet (DARPA Internet)
inet6 (IPv6)
ax25 (AMPR AX.25)
netrom (AMPR NET/ROM)
ipx (Novell IPX)
ddp (Appletalk DDP)
x25 (CCITT X.25)
Pvz.: route –A inet
Raktai:
-F – anudoja standartinę fib(Forwarding Information Base) routing lentelę. Ji yra pagal nutylėjimą.
-C – route kaupykos statistika
Source Destination Gateway Flags Metric Ref Use Iface
xmlrpc.rhn.redh 192.168.64.105 192.168.64.105 l 0 6 11 lo
192.168.64.105 ns1.telecom.lt 192. 168.64.254 0 0 4 eth0
192.168.64.106 192.168.64.255 192.168.64.255 ibl 0 0 0 lo
-v – papildoma (verbose) informacija.
-n – skaitmeniniai adresai vietoj tekstinių.
-e – rodo netstat formatu.
del trinti route eilutę.
add pridėti.
-net tikslas- tinklas.
-host tikslas – mazgas.
netmask NM – kaukė.
gw GW maršrutizacija per šliuzą.
metric M nustato hopu skaidžiu pagal nutylejima (used by routing daemons) to M.
mss M maksimalus TCP segmentas. Maksimalus segmentas = MTU – antraštės.
irtt I initial round trip time (irtt) TCP sujungimams. I – millisekundės (1-12000).
reject blokuojamas maršrutas.
mod, dyn, reinstate dinaminis ar modifikuotas maršrutas (juos keicia procesai).
dev interface – sąsaja.
Pvz.: Prideda loopbacksu kauke 255.0.0.0 (klasė A), asociacija su lo įrenginiu (priimant tai , kad buvo teisingai konfiguruota su ifconfig):
route add -net 127.0.0.0
Prideda naują maršrutą:
route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0
Prideda mar6rutui pagal nutylėjimą atitinkamą šliuzą:
route add default gw mango-gw
Klasės D maršrutas via "eth0":
route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0
Atmetantis maršrutas iš lokalaus tinklo 10.x.x.x.
route add -net 10.0.0.0 netmask 255.0.0.0 reject
route komandos rezultatų parametrai:
Destination - tikslas;
Gateway – šliuzas ;
Genmask kaukė :
'255.255.255.255' mazgui ir '0.0.0.0' default maršrutui.
Flags (žymės):
U maršrutas įjungtas up
H (tikslas mazgas host)
G naudoja šliuzą gateway)
R (reinstate dinaminis maršrutas(reinstate route for dynamic routing))
D (įkėlė sisteminiai procesai ar redirect (dynamically installed by daemon or redirect) )
M (modified pakeistas routing daemon arba redirect atveju (modified from routing daemon or redirect))
C (cache paramertas)
A (installed by addrconf)
! atmestas (reject)
Metric - atstumas iki šaltinio (hops).
Use - lookups skaičius maršrutui. Depending on the use of -F and -C this will be either route cache misses (-F) or hits (-C).
Iface - sąsaja.
MSS - Maksimalus segmento dydis.
Window TCP langas.
irtt pradinis paketo keliavimo laikas Initial RTT (Round Trip Time).
Maršruto įjungimas:
read a
if test $a = "start"
then
echo "ijungiama"
route add -host 192.168.2.233 dev eth0
route add -net 192.168.1.0 netmask 255.255.255.0 dev eth0
route
else
echo "isjungima"
route del -host 192.198.2.233
route del -net 192.168.1.0 netmask 255.255.255.0
route
fi
arba:
# Local network start up script
# Change this to the IP number of your default router
defaultrouter=129.79.17.254
case "$1" in
'start')
route add default $defaultrouter
;;
'stop')
route delete default $defaultrouter
;;
*)
echo "usage: $0 {start|stop}"
;;
esac
http://www.hildrum.com/route.htm
http://www.iss.net/security_center/advice/Exploits/Services/finger/default.htm
http://www.hildrum.com/route.htm
http://www.nhh.no/geo/unix-dem/intro3.htm
http://www.cray.com/craydoc/manuals/S-2341-22/html-S-2341-22/fixedwx96w6wd21.html
http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/cmds/aixcmds4/netstat.htm
