Network tools

[Originally posted Apr 15, 2012 2:22 AM by Antti Uitto   [ updated Apr 24, 2012 12:56 PM]]

In this post I do my best to list the most useful network-related applications and commands, with heavy emphasis on Linux and IPv6. Commands often work for IPv4 with tiny and hopefully obvious modification.

The list will change and expand as I find out more.

Linux

Routing table

netstat -6rn
Displays routing table

ip -6 route show
Displays routing table

ip -6 route show root 2001:1517:1517:fe00::/56
2001:1517:1517:fe00::/64 dev eth0  proto kernel  metric 256
Displays routing table entries that have a longer mask than given in the command.

ip -6 ro sh match 2001:1517:1517:fe00:ba8d:12ff:fe03:474c
2001:1517:1517:fe00::/64 dev eth0  proto kernel  metric 256
default dev tun  metric 1
Displays routes that apply for given address.

ip -6 rule show
Displays routing rules.

ip -6 ro show table <table_name>
Displays entries in a specific routing table.

Interface configuration and status

ifconfig
Displays interface information; interface name, IPv4 and IPv6 addresses, hardware address, MTU.

ip -6 add
Displays IP addresses configured on the system.

ip -6 link
Displays links on your system. MTU and MAC address.

ip -6 tunnel show
Displays tunnels.

ethtool eth0
Displays basic information about ethernet nic.

netstat -i
Displays interface counters and errors.

Traffic monitoring & analysis

ping6 ipv6.google.com
ping6 2a00:1450:4016:800::1010
Ping hosts with hostname or global address.

mtr http://www.yahoo.com
Probes routers on the route path, shows packet loss and latency.

traceroute6 ipv6.google.com
Traces ipv6 routes.

traceroute6 ipv6.google.com -s 2001:998:13:42:223:14ff:fecf:4f9c
Traces ipv6 route using specific source address.

netstat
Print  network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

sudo netstat -apn | more
Print network connections together with programs that initiate them.

sudo netstat -lp | more
Print listening ports on your system.

sudo netstat-nat
Displays current translations.

ntop
Displays network statistics in a web interface.

nmap -6 2001:997:5:5223:14ff:fecf:409c
Scans IPv6 host and displays it’s open services.

nmap -6 -p1-10000 -n 2001:997:5:5223:14ff:fecf:409c
Scans IPv6 host in defined port range, without discovering hostnames.

nmap -6A 2001:997:5:5223:14ff:fecf:409c
Scans IPv6 hosts and detects it’s Operating System.
Nmap has limited features with IPv6 and you can scan only one host at the time.

nmap 192.168.0.0/24
Displays which hosts are up and what services they have available.

nmap -sP 192.168.1.*
Pings hosts and shows the ones that are up.

ip6tables -nv -L
Traffic accounting with ip6tables. See how much traffic host 2001:5:5:5:5:5:fed6:32d2 sends or receives.
First put this into your routers firewall rules:
-A FORWARD -s 2001:5:5:5:5:5:fed6:32d2
-A FORWARD -d 2001:5:5:5:5:5:fed6:32d2

tcpdump -vvv -i eth0
Display packets going in and out from interface eth0 and be very verbose.

tcpdump host 2a00:1450:4010:c00::69 -i eth0
Display packets going to or coming from host 2a00:1450:4010:c00::69  in interface eth0

tcpflow

ngrep -l -q -d eth0 “User-Agent: ” tcp and port 80
Capture network traffic incoming to eth0 interface and show the HTTP User-Agent string

ngrep -d eth0 -x sex
Listens to interface eth0 and displays packets that have the word “sex” in them.

iptraf   (IPv4 only!)
Shows information about active connections.

iftop (IPv4 only!)
Shows information about active connections visually.

arping -I eth0 -c 2 -D 192.168.1.1
Check if you have a duplicate address. (IPv4 only!)

fping6 2:2:2::1 3:3:3::1 4:4:4::1
Ping multiple IPv6 hosts.

fping -ag 192.168.0.0/24
Ping multiple IPv4 hosts.

iperf
Test bandwidth between two hosts. Usage:
Server
iperf -V -s -B 2001:998:13:49::1
Client
iperf -V -c 2001:998:13:49::1

lsof -i6
List open files. The i is for IP sockets, 6 for IP version 6.

Other

host ipv6.google.com
Resolve the IP address of a host.

httping -GSb www.google.com
Tests latency of a web server using GET (gets the whole page), splitting the result in time to connect and time to exchange a request with the HTTP server. Shows the speed of the transfer.

Vyatta

 

Cisco

show ipv6 route
Displays the IPv6 routing table.

show ipv6 interfaces brief
Displays a brief list of IPv6 interfaces.

show ipv6 neighbors
Displays your IPv6 neighbors and their current states.

show ipv6 neighbors statistics
IPv6 ND statistics.

show bgp ipv6 unicast summary
Summary of IPv6 BGP neighbors, AS’s  and prefixes.

 
ping ipv6 ff02::1

Find your IPv6 neighbors. IOS will ask you to specify output interface.

debug ipv6 icmp
terminal monitor
Enables IPv6 ICMP debugging and shows results on terminal.

debug ipv6 packet detail
terminal monitor
Enables IPv6 packet debugging and shows results on terminal.

terminal no monitor
no debug ipv6 packet detail
Stops the flood of information on your terminal and then disables the IPv6 packet debugging.

Alcatel

Juniper

Windows

Mac OSX

Try out the commands listed under Linux.

netstat -rn
Displays the routing table (IPv4 and IPv6)

Sources
http://linux-ip.net/html/tools-ip-route.html
Carla Scroder: Linux Networking Cookbook
http://linux-hacks.blogspot.com/2008/02/howto-ipv6-ipv6-tunnel-and-ip4-ipv6.html
http://www.g-loaded.eu/2006/11/06/netcat-a-couple-of-useful-examples/
http://en.wikipedia.org/wiki/MTR_%28software%29
http://www.ntop.org/
http://www.enterprisenetworkingplanet.com/netos/article.php/3650131/Tips-and-Tricks-for–Linux-Admins-Discover-Map-and-Store.htm
http://nmap.org/book/man-misc-options.html
http://zeldor.biz/2010/07/nmap-ipv6-addresses/
http://wiki.openvz.org/Traffic_accounting_with_iptables
http://en.wikipedia.org/wiki/Ngrep
http://linux.die.net/man/1/httping
http://en.wikipedia.org/wiki/Lsof
http://www.cisco.com/en/US/docs/ios/ipv6/command/reference/ipv6_15.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s