Networking
by Juan Manuel González Garzón
I. Test conexiones usando net-cat
#!/bin/bash
echo 'LOCALHOST_WEB_SERVER 127.0.0.1 8080' > direcciones.txt
echo 'LOCALHOST_ANGULAR_SERVER 127.0.0.1 4200' >> direcciones.txt
cat direcciones.txt | awk '{print "(nc -w 10 -z "$2" "$3" > /dev/null && echo -e \"$(tput setaf 2)Si conecto a "$0"$(tput sgr0)\") || echo -e \"$(tput setaf 1)No conecto a "$0"$(tput sgr0)\""}' | sh
II. Mirar puertos en uso
lsof -i -P -n
netstat -tulpn
nmap -sTU -O localhost
Handy Linux Networking Tools and How to Use Them
Handy Linux Networking Tools and How to Use Them Articulo Slides
Motivacion; Solucionar problemas como:
- I can’t reach my website
- Can my service handle this load
- Why is my VM unable to reach the public internet
Accessing a service (DNS, Routing, Domain regiters)
# Registrar, Site Owner, DNS name server
# whois
whois google.com
# Nameservers, IP-address
# dig
dig google.com
# Nameservers, IP-address
# nslookup
nslookup google.com
# Routing information
# traceroute
traceroute google.com
Now you can answer:
- What is my service’s ip address?
- What DNS nameserver is providing this IP addressing information?
- What is a packet’s next-hop to get to this service?
Network Probing
# port scanning (TCP, UDP)
# nmap
sudo nmap -sS localhost # port scanning TCP
sudo nmap -sU localhost # port scanning UDP
# Sending icmp pings, checking latency
# ping
# ping6
ping google.com
ping6 google.com
# Checking connections
# netcat
# en el server (157.230.127.80)
sudo nc -l 80 # listens for TCP on port 80.
# sudo nc -ul 80 # listens for UDP on port 80.
# en el cliente
nc 157.230.80.127 80
# telnet
# en el client
telnet 157.230.80.127 80
# Saw the pid of the process that has the port open
lsof -Pni
# o netstat
sudo netstat -ptunl
Now you can answer:
- Which TCP or UDP ports are open?
- Is service X at IP address Y receiving and responding to ICMP pings?
- Can I open a TCP connection to this destination IP?
Traffic Capture
# Traffic capture. Uses dpf filters
# tcpdump (otro puede ser: wireshark)
tcpdump -i eth0 icmp
tcpdump -i eth0 src 68.183.27.77
tcpdump -i eth0 -vvv -d dst 157.230.82.127
Now you can answer:
- Am I receiving traffic on this interface of type x?
- What does my bpf filter look like in bytecode or what is the actual parser doing?
Network Stack Management (Rowting tables, networking tables)
# Network interface info
# ifconfig
ifconfig
# Routing info
# route
route -n
# Check arp cache
# arp
arp -a
# See arp cache. See neighbor tables, add routes
# ip
ip neigh show
ip -6 neigh show
ip route
ip route add 169.254.169.254 via 67.205.128.1
ip route show 169.254.169.254
Now you can answer:
- What are the network interfaces, ip addresses, subnet and broadcast address of my VM?
- What is the internet gateway?
- What is the corresponding hardware address for a particular IP?
- How can I add a route?
Load Testing
# Replays traffic from packet capture file
# tcpreplay
tcpdump -i eth0 -w traffic.pcap
tcpreplay -i eth0 httptraffic.pcap
# Send HTTP load
# wrk2
wrk2 -t1 -c10 -d60s -R100 -L http://157.230.80.127:80
# Send TCP or UDP traffic
# iperf3
# En el server
iperf3 -s
# En el client
iperf3 -c 157.230.80.127 5201
# nuttcp
Now you can answer:
- What is the max throughput I can send through an interface?
- What is the UDP jitter experienced with max UDP throughput?
- What is latency of requests when my service is under load?
- How many requests/sec can my service handle?
- What is the max number of connections I can send traffic through?