How to gather network information on NetBSD
From NetBSD Wiki
You have to realize that computer hosts (and/or other network devices) should have physical connection withing network.
After such physical connection is established, these hosts (other network devices) also should have logical connection. The logical connection enables these devices talk together (i.g. enables information interchange).
Often all this looks like number of hosts connected to one hub (concentrator) and it proves existence of physical connection. Misunderstanding can happen here, because instead of hub it can be switch. Switch may have vlan or similar option enabled specifically to decline connection of hosts or group of hosts. Thus hubs or switches should be checked (usually through telnet or web interface) to discover connection options in use.
Hosts even if they physically connected together may work with different logical networks. For an example network 192.168.1.X and 192.168.2.X, etc. As you can see it is two different networks. In this case, despite of physical connection they would not be able to talk together. Unless address translation, routing, etc. option is enabled to allow information interchange within different networks. Of course if they are connected withing one network (Host-A 192.168.1.10 and Host-B 192.168.1.20) all things looks right and simple.
Particular NetBSD advantage is that one computer can utilize several different network cards. Same computer can service large number of different networks. Same computer can provide routing and network address translation per your desire. And of course, you can refer not only two but for numbers of Dynamic Names Servers DNS or at any time set-up your own DNS-server if you need to have this service too. For the best end you can use much more network options on your NetBSD machine.
Contents |
dmesg
Use dmesg to obtain information about Network adapters you have on your computer:
$ dmesg | more $ vi /var/run/dmesg.boot
In my case, after precise look into return I found basic information about installed network adapter:
rtk0 at pci3 dev 0 function 0: Realtek 8139 10/100BaseTX rtk0: interrupting at irq 5 rtk0: Ethernet address 01:00:25:28:fa:c0
This means that my network card has Realtek chip and I have to call it - rtk0. Keep in mind that your computer can have 1, 2 or even 5 different network cards installed and it is ok. You may use as many cards as many free slots has mainboard.
ifconfig
Use ifconfig to look for network cards in use:
$ ifconfig -a
In my case it returns:
rtk0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: 00:00:21:20:fa:c0
media: Ethernet autoselect (none)
status: active
inet 192.168.17.1 netmask 0xffffff00 broadcast 192.168.17.255
inet alias 192.168.18.1 netmask 0xffffff00 broadcast 192.168.18.255
inet6 fe80::200:21ff:fe20:fac0%rtk0 prefixlen 64 scopeid 0x1
lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 33192
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
You can see the card rtk0 is UP and running with status: active. It does have current IP address: 192.168.17.1 This card also has second IP address 192.168.18.1 which is alias. The network card settings is stored at:
/etc/ifconfig.rtk0
ping
To explore and identify specific host connected into network ping it by its IP address. Start from your computer to see if it is presented withing network. Continue to use the ping to check plain network connections of other devices (e.g. computers, printers, VoIP phones, etc.) which is connected into network you work with.
# ping -n 192.168.17.1
Here I have used IP address of network card to take look into it.
nmap
To see list of all devices attached into your network, you can install and use pkgsrc/net/nmap. After installation of nmap, just do:
# nmap 192.168.17.1-254
or
# nmap 192.168.17.*
Asterisk and 1-254 means that nmap checks bandwith of IP adressess withing 192.168.17 network.
netstat
The netstat show network status, command symbolically displays the contents of various network-related data.
To see network relating routing tables you do:
# netstat -r
You see somthing like this:
Internet: Destination Gateway Flags Refs Use Mtu Interface default 192.168.170.201 UGS 1 34064 - rtk0 loopback/8 localhost UGRS 0 0 33192 lo0 localhost localhost UH 1 6 33192 lo0 192.168.170/24 link#1 UC 6 0 - rtk0 192.168.170.201 00:60:97:51:d1:d0 UHLc 2 7121 - rtk0 192.168.170.216 00:00:21:2b:d5:9b UHLc 0 71 - lo0 192.168.170.255 link#1 UHLc 3 787 - rtk0
This output means.
1. Your Network Interface Card (NIC) is here:
192.168.170.216 00:00:21:2b:d5:9b UHLc 0 71 - lo0
2. You have link#1 into 192.168.170.X network:
192.168.170/24 link#1 UC 6 0 - rtk0
3. Your default Gateway (e.g. IP address of router connected to your network) is here:
default 192.168.170.201 UGS 1 34064 - rtk0
You have to note two columns and two lines that are important particulary for routig:
Destination Gateway Flags Refs Use Mtu Interface default 192.168.170.201 UGS 1 34064 - rtk0 192.168.170.201 00:60:97:51:d1:d0 UHLc 2 7121 - rtk0
Means, NIC 00:60:97:51:d1:d0 with IP 192.168.170.201 is listened by your card; and your computer uses this particular IP as gateway to other part of network.
ipnat
Look into /etc/rc.local file. You may find following lines inside of one:
sysctl -w net.inet.ip.forwarding=1 ipnat -f /etc/ipnat.conf
Last line tales you that address translation option is enabled. Look further into /etc/ipnat.conf file:
map rtk0 192.168.1.0/24 -> 91.193.165.158/32 proxy port ftp ftp/tcp map rtk0 192.168.1.0/24 -> 91.193.165.158/32 portmap tcp/udp 10000:20000 map rtk0 192.168.1.0/24 -> 91.193.165.158/32
This means that all addresses heard by your network card rtk0 withing 192.168.1.X network are translating into one single address 91.193.165.158 The reasons to translate are simple. ISP's usually provide customers single or small set of IP addresses and don't deal with customers networks at all. But, your network is large and independent, you constructed your own networks inside of it. You have hosts, printers, switches, all these needs to be managed. By doing address translation you can use small or even single IP address and you be able to ridge whole other part of the world. As you can see here single IP address services network which has bandwidth of internal addresses from 192.168.1.0 to 192.168.1.255 (i.g. 254 hosts) Such mapping can be very flexible managed per your needs. For an example for single address:
map rtk0 192.168.2.2/24 -> 91.193.165.158/32 proxy port ftp ftp/tcp map rtk0 192.168.2.2/24 -> 91.193.165.158/32 portmap tcp/udp 10000:20000 map rtk0 192.168.2.2/24 -> 91.193.165.158/32
Or much more globally:
map rtk0 0.0.0.0/0 -> 91.193.165.158/32 proxy port ftp ftp/tcp map rtk0 0.0.0.0/0 -> 91.193.165.158/32 portmap tcp/udp 10000:20000 map rtk0 0.0.0.0/0 -> 91.193.165.158/32
Note, ipnat translation is netmask sensitive thus you have to use only correct subnets.
subnets
Very often IP addresses bears additional slash and number, for an example: 192.168.2.2/24 or /32, etc.
To help you deal with subnet look for this table:
For an additional calculation reference net/sipcalc.
More information can be found at Subnetwork
ipfilter
Because both ipfilter and ipnat work together, you have to check contents of ipf.conf file. Simple example is here:
pass in from any to any pass out from any to any
However some addresses, networks etc. possible can be blocked or open.
