http://www.itworld.com/operating-systems/411332/unix-more-networking-basics-beginner
March 24, 2014, 3:59 PM — While the ifconfig command is still available and useful on most if not all Unix/Linux systems today, it is now deprecated
on many Linux distributions. That word, which doesn't appear to be
popularly used in any context other than in reference to Unix commands,
simply means that the command has lost favor and will eventually be
phased out -- though not necessarily any time soon. The command that
has taken ifconfig's place is ip. While the ip command has numerous options and is considered more powerful than ifconfig, the ip commands you are likely to use are not difficult to learn or remember. There's just a lot more of them.
To see the same type of information that ifconfig will show you, the command to use is ip addr. In this example, the system is using a bonded interface, basically allowing it to aggregate multiple NICs to achieve a higher data rate. The interface to pay attention to is, therefore, the bond0 interface.
IP addresses.
The ifconfig command doesn't suck; it's just not as cool or sophisticated as ip.
To see the same type of information that ifconfig will show you, the command to use is ip addr. In this example, the system is using a bonded interface, basically allowing it to aggregate multiple NICs to achieve a higher data rate. The interface to pay attention to is, therefore, the bond0 interface.
$ ip addr
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast master bond0 qlen 1000
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc pfifo_fast master bond0 qlen 1000
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
5: bond0: mtu 1500 qdisc noqueue
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
inet 10.1.2.155/16 brd 10.1.255.255 scope global bond0
inet6 fe80::7a2b:daff:fe5f:a937/64 scope link
valid_lft forever preferred_lft forever
The ifconfig output on this same system would look like this:$ ifconfig
bond0 Link encap:Ethernet HWaddr 63:2B:da:5F:A9:37
inet addr:10.1.2.155 Bcast:10.1.255.255 Mask:255.255.0.0
inet6 addr: fe80::7a2b:daff:fe5f:a937/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:632524272 errors:0 dropped:133387 overruns:0 frame:0
TX packets:763888940 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:375990796437 (350.1 GiB) TX bytes:889653824737 (828.5 GiB)
eth0 Link encap:Ethernet HWaddr 63:2B:da:5F:A9:37
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:640963722 errors:0 dropped:133387 overruns:0 frame:0
TX packets:763888940 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:360837640935 (336.0 GiB) TX bytes:889653824737 (828.5 GiB)
Interrupt:106 Memory:d2000000-d2012100
eth1 Link encap:Ethernet HWaddr 63:2B:da:5F:A9:37
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:141560550 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15141155502 (14.1 GiB) TX bytes:0 (0.0 b)
Interrupt:114 Memory:d4000000-d4012100
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:866191523 errors:0 dropped:0 overruns:0 frame:0
TX packets:866191523 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:267275935761 (248.9 GiB) TX bytes:267275935761 (248.9 GiB)
Once you get comfortable with the ip addr command, you might prefer to abbreviate it to ip a. And, if you just want to see only the IPv4 or the IPv6 information, you can add an option and use the command ip -4 a or ip -6 a,
limiting command's the output to one or the other. You can also limit
the command's response to a particular interface by using a command such
as ip a show bond0.$ ip a show bond0
9: bond0: mtu 1500 qdisc noqueue
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
inet 10.1.2.155/16 brd 10.1.255.255 scope global bond0
inet6 fe80::7a2b:daff:fe5f:a937/64 scope link
valid_lft forever preferred_lft forever
As you can see, much of the information provided by the ip command is the same as what you'd see with ifconfig -- the IP and MAC addresses, and the "UP" indicator showing that the interfaces are working. The ip link or ip l command shows a briefer display, but does not include theIP addresses.
$ ip link
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: mtu 1500 qdisc pfifo_fast master bond0 qlen 1000
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc pfifo_fast master bond0 qlen 1000
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
4: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
5: bond0: mtu 1500 qdisc noqueue
link/ether 63:2b:da:5f:a9:37 brd ff:ff:ff:ff:ff:ff
You can use the ip route command to display your routing tables, much like you would see using netstat -r.$ ip route 10.1.0.0/16 dev bond0 proto kernel scope link src 10.1.2.155 169.254.0.0/16 dev bond0 scope link default via 10.1.1.1 dev bond0 $ $ netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.1.0.0 * 255.255.0.0 U 0 0 0 bond0 169.254.0.0 * 255.255.0.0 U 0 0 0 bond0 default 10.1.1.1 0.0.0.0 UG 0 0 0 bond0And, as you might have suspected, you can use an abbreivation for the ip route command as well:
$ ip r 10.1.0.0/16 dev bond0 proto kernel scope link src 10.1.2.155 169.254.0.0/16 dev bond0 scope link default via 10.1.1.1 dev bond0The ip n show command ("n" for "neighbor") displays the kind of network information you would expect to see with a command such as arp -a. In other words, it shows information about other systems that have recently connected to your system. You can also use ip n ls.
$ ip n show 10.1.1.22 dev bond0 lladdr 00:50:56:b1:48:51 STALE 10.1.1.1 dev bond0 lladdr 00:00:0c:07:ac:01 STALE 10.1.4.21 dev bond0 lladdr 00:21:70:bd:30:2e REACHABLE 10.1.1.7 dev bond0 lladdr 08:00:37:bc:a1:6a STALE 10.1.1.8 dev bond0 lladdr 00:50:56:b1:5a:d8 STALE 10.1.4.123 dev bond0 lladdr 00:26:b9:e9:f6:0d STALE 10.1.1.250 dev bond0 lladdr 00:50:56:b1:50:9d DELAY 10.1.1.180 dev bond0 lladdr 00:0b:cd:fe:fd:8d REACHABLE 10.1.2.115 dev bond0 lladdr 08:00:37:da:17:5c REACHABLE $ $ arp -a mon-1.mynet.com (10.1.1.11) at 00:50:56:B1:48:51 [ether] on bond0 ? (10.1.1.1) at 00:00:0C:07:AC:01 [ether] on bond0 ? (10.1.4.23) at 00:21:70:BD:30:2E [ether] on bond0 ? (10.1.1.70) at 08:00:37:BC:A1:6A [ether] on bond0 mon-1.mynet.com (10.1.1.5) at 00:50:56:B1:5A:D8 [ether] on bond0 ? (10.1.4.113) at 00:26:B9:E9:F6:0D [ether] on bond0 all-log-1 (10.1.1.212) at 00:50:56:C2:50:9A [ether] on bond0 mon-1.mynet.com (10.1.1.123) at 00:0B:CD:FE:FD:8D [ether] on bond0 ? (10.1.2.115) at 08:00:37:da:17:5C [ether] on bond0The state of each neighbor is shown at the end of each line in the ip n show output. The possible states include:
delay -- waiting confirmation failed -- resolution has failed incomplete -- in the process of resolution noarp -- valid, removable when lifetime expires none -- void permanent -- can only be removed administratively probe -- delay timer expired, but no confirmation reachable -- valid until reachability timeout expires stale -- valid but maybe already unreachableOther useful networking commands include a couple netstat favorites. The netstat -i command will show you network statistics by interface:
$ netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg bond0 1500 0 632684318 0 133387 0 763890286 0 0 0 BMmRU eth0 1500 0 641044153 0 133387 0 763890286 0 0 0 BMsRU eth1 1500 0 141640165 0 0 0 0 0 0 0 BMsRU lo 16436 0 866250551 0 0 0 866250551 0 0 0 LRUFor per protocol statistics, use the netstat -s command ("s" for "statistics"). This command provides very detailed network information -- likely more than you will need to look at very often, but extremely useful for heavy duty troubleshooting.
$ netstat -s
Ip:
1744690691 total packets received
2559835 with invalid addresses
0 forwarded
0 incoming packets discarded
1700771884 incoming packets delivered
1175883101 requests sent out
7068 reassemblies required
3524 packets reassembled ok
Icmp:
279076 ICMP messages received
1099 input ICMP message failed.
ICMP input histogram:
destination unreachable: 4233
timeout in transit: 108
echo requests: 272761
echo replies: 1974
281380 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 5198
echo request: 3421
echo replies: 272761
IcmpMsg:
InType0: 1974
InType3: 4233
InType8: 272761
InType11: 108
OutType0: 272761
OutType3: 5198
OutType8: 3421
Tcp:
9713305 active connections openings
6346380 passive connection openings
2975552 failed connection attempts
3438243 connection resets received
45 connections established
1630650812 segments received
1172423736 segments send out
2826779 segments retransmited
0 bad segments received.
3928370 resets sent
Udp:
69839443 packets received
919 packets to unknown port received.
0 packet receive errors
350238 packets sent
TcpExt:
120 invalid SYN cookies received
323 resets received for embryonic SYN_RECV sockets
32 packets pruned from receive queue because of socket buffer overrun
33 ICMP packets dropped because they were out-of-window
4343758 TCP sockets finished time wait in fast timer
4834 time wait sockets recycled by time stamp
12 packets rejects in established connections because of timestamp
16658045 delayed acks sent
1292 delayed acks further delayed because of locked socket
Quick ack mode was activated 59694 times
2059 times the listen queue of a socket overflowed
2059 SYNs to LISTEN sockets ignored
705660774 packets directly queued to recvmsg prequeue.
100560858 packets directly received from backlog
2061379123 packets directly received from prequeue
254869153 packets header predicted
635912715 packets header predicted and directly queued to user
77257282 acknowledgments not containing data received
1108616005 predicted acknowledgments
285936 times recovered from packet loss due to SACK data
Detected reordering 159 times using FACK
Detected reordering 46695 times using SACK
Detected reordering 19 times using time stamp
19 congestion windows fully recovered
1473 congestion windows partially recovered using Hoe heuristic
TCPDSACKUndo: 169
8426 congestion windows recovered after partial ack
18907635 TCP data loss events
TCPLostRetransmit: 1907
608 timeouts after SACK recovery
50 timeouts in loss state
2370237 fast retransmits
279757 forward retransmits
26643 retransmits in slow start
14340 other TCP timeouts
1858 sack retransmits failed
3 times receiver scheduled too late for direct processing
7154 packets collapsed in receive queue due to low socket buffer
59861 DSACKs sent for old packets
29977 DSACKs received
48462 DSACKs for out of order packets received
463844 connections reset due to unexpected data
1039018 connections reset due to early user close
3187 connections aborted due to timeout
IpExt:
InMcastPkts: 1466685
OutMcastPkts: 18093
InBcastPkts: 72565731
OutBcastPkts: 41363
Wrap up: You'll probably be comfortable with using ip commands long before ifconfig disappears from your servers, but why wait? Even people like me who have been typing ifconfig for decades can learn some new tricks
No comments:
Post a Comment