How to gather network information on NetBSD

From NetBSD Wiki

Jump to: navigation, search

You have to realize that computer hosts (and/or other network devices) should have physical connection withing network.

After such physical connection is established, these hosts (other network devices) also should have logical connection. The logical connection enables these devices talk together (i.g. enables information interchange).

Often all this looks like number of hosts connected to one hub (concentrator) and it proves existence of physical connection. Misunderstanding can happen here, because instead of hub it can be switch. Switch may have vlan or similar option enabled specifically to decline connection of hosts or group of hosts. Thus hubs or switches should be checked (usually through telnet or web interface) to discover connection options in use.

Hosts even if they physically connected together may work with different logical networks. For an example network 192.168.1.X and 192.168.2.X, etc. As you can see it is two different networks. In this case, despite of physical connection they would not be able to talk together. Unless address translation, routing, etc. option is enabled to allow information interchange within different networks. Of course if they are connected withing one network (Host-A 192.168.1.10 and Host-B 192.168.1.20) all things looks right and simple.

Particular NetBSD advantage is that one computer can utilize several different network cards. Same computer can service large number of different networks. Same computer can provide routing and network address translation per your desire. And of course, you can refer not only two but for numbers of Dynamic Names Servers (DNS) or at any time set-up your own DNS-server if you need to have this service too. For the best end you can use much more network options on your NetBSD machine.

Contents

dmesg

Use dmesg to obtain information about Network adapters you have on your computer: 

$ dmesg | more
$ vi /var/run/dmesg.boot

In my case, after precise look into return I found basic information about installed network adapter: 

rtk0 at pci3 dev 0 function 0: Realtek 8139 10/100BaseTX
rtk0: interrupting at irq 5
rtk0: Ethernet address 01:00:25:28:fa:c0

This means that my network card has Realtek chip and I have to call it - rtk0. Keep in mind that your computer can have 1, 2 or even 5 different network cards installed and it is ok. You may use as many cards as many free slots has mainboard.

ifconfig

Use ifconfig to look for network cards in use: 

$ ifconfig -a

In my case it returns: 

rtk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      address: 00:00:21:20:fa:c0
      media: Ethernet autoselect (none)
      status: active
      inet 192.168.17.1 netmask 0xffffff00 broadcast 192.168.17.255
      inet alias 192.168.18.1 netmask 0xffffff00 broadcast 192.168.18.255
      inet6 fe80::200:21ff:fe20:fac0%rtk0 prefixlen 64 scopeid 0x1
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33192
      inet 127.0.0.1 netmask 0xff000000
      inet6 ::1 prefixlen 128
      inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2

You can see the card rtk0 is UP and running with status: active. It does have current IP address: 192.168.17.1 This card also has second IP address 192.168.18.1 which is alias. The network card settings is stored at: 

/etc/ifconfig.rtk0

ping

To explore and identify specific host connected into network ping it by its IP address. Start from your computer to see if it is presented withing network. Continue to use the ping to check plain network connections of other devices (e.g. computers, printers, VoIP phones, etc.) which is connected into network you work with. 

# ping -n 192.168.17.1

Here I have used IP address of network card to take look into it.

nmap

To see list of all devices attached into your network, you can install and use pkgsrc/net/nmap. After installation of nmap, just do: 

# nmap 192.168.17.1-254

or 

# nmap 192.168.17.*

Asterisk and 1-254 means that nmap checks bandwith of IP adressess withing 192.168.17 network.

netstat

The netstat show network status, command symbolically displays the contents of various network-related data.

To see network relating routing tables you do: 

# netstat -r

You see somthing like this: 

Internet:
Destination        Gateway            Flags     Refs     Use    Mtu  Interface
default            192.168.170.201    UGS         1    34064      -  rtk0
loopback/8         localhost          UGRS        0        0  33192  lo0
localhost          localhost          UH          1        6  33192  lo0
192.168.170/24     link#1             UC          6        0      -  rtk0
192.168.170.201    00:60:97:51:d1:d0  UHLc        2     7121      -  rtk0
192.168.170.216    00:00:21:2b:d5:9b  UHLc        0       71      -  lo0
192.168.170.255    link#1             UHLc        3      787      -  rtk0

This output means.

1. Your Network Interface Card (NIC) is here: 

192.168.170.216    00:00:21:2b:d5:9b  UHLc        0       71      -  lo0

2. You have link#1 into 192.168.170.X network: 

192.168.170/24     link#1             UC          6        0      -  rtk0

3. Your default Gateway (e.g. IP address of router connected to your network) is here: 

default            192.168.170.201    UGS         1    34064      -  rtk0

You have to note two columns and two lines that are important particulary for routig: 

Destination        Gateway            Flags     Refs     Use    Mtu  Interface
default            192.168.170.201    UGS         1    34064      -  rtk0
192.168.170.201    00:60:97:51:d1:d0  UHLc        2     7121      -  rtk0

Means, NIC 00:60:97:51:d1:d0 with IP 192.168.170.201 is listened by your card; and your computer uses this particular IP as gateway to other part of network.

ipnat

Look into /etc/rc.local file. You may find following lines inside of one: 

sysctl -w net.inet.ip.forwarding=1
ipnat -f /etc/ipnat.conf

Last line tales you that address translation option is enabled. Look further into /etc/ipnat.conf file: 

map rtk0 192.168.1.0/32 -> 91.193.165.158/32 proxy port ftp ftp/tcp 
map rtk0 192.168.1.0/32 -> 91.193.165.158/32 portmap tcp/udp 10000:20000
map rtk0 192.168.1.0/32 -> 91.193.165.158/32

This means that all addresses heard by your network card rtk0 withing 192.168.1.X network are translating into one single address 91.193.165.158 The reasons to translate are simple. ISP's usually provide customers single or small set of IP addresses and don't deal with customers networks at all. But, your network is large and independent, you constructed your own networks inside of it. You have hosts, printers, switches, all these needs to be managed. By doing address translation you can use small or even single IP address and you be able to ridge whole other part of the world. As you can see here single IP address services network which has bandwidth of internal addresses from 192.168.1.0 to 192.168.1.255 (i.g. 254 hosts) Such mapping can be very flexible managed per your needs. For an example for single address: 

map rtk0 192.168.2.2/32 -> 91.193.165.158/32 proxy port ftp ftp/tcp 
map rtk0 192.168.2.2/32 -> 91.193.165.158/32 portmap tcp/udp 10000:20000
map rtk0 192.168.2.2/32 -> 91.193.165.158/32

Or much more globally: 

map rtk0 0.0.0.0/0 -> 91.193.165.158/32 proxy port ftp ftp/tcp 
map rtk0 0.0.0.0/0 -> 91.193.165.158/32 portmap tcp/udp 10000:20000
map rtk0 0.0.0.0/0 -> 91.193.165.158/32

subnets

Very often IP addresses bears additional slash and number, for an example: 192.168.2.2/24 or /32, etc.

To help you deal with subnet calculation you can use net/sipcalc.

See also

Retrieved from "http://wiki.netbsd.se/How_to_gather_network_information_on_NetBSD"
Personal tools