Preface
This book is not a general introduction to network troubleshooting. Rather, it is about one aspect of troubleshootinginformation collection. This book is a tutorial introduction to tools and techniques for collecting information about computer networks. It should be particularly useful when dealing with network problems, but the tools and techniques it describes are not limited to troubleshooting. Many can and should be used on a regular basis regardless of whether you are having problems.
Some of the tools I have selected may be a bit surprising to many. I strongly believe that the best approach to troubleshooting is to be proactive, and the tools I discuss reflect this belief. Basically, if you don't understand how your network works before you have problems, you will find it very difficult to diagnose problems when they occur. Many of the tools described here should be used before you have problems. As such, these tools could just as easily be classified as network management or network performance analysis tools.
This book does not attempt to catalog every possible tool. There are simply too many tools already available, and the number is growing too rapidly. Rather, this book focuses on the tools that I believe are the most useful, a collection that should help in dealing with almost any problem you see. I have tried to include pointers to other relevant tools when there wasn't space to discuss them. In many cases, I have described more than one tool for a particular job. It is extremely rare for two tools to have exactly the same features. One tool may be more useful than another, depending on circumstances. And, because of the differences in operating systems, a specific tool may not be available on every system. It is worth knowing the alternatives.
The book is about freely available Unix tools. Many are open source tools covered by GNU- or BSD-style licenses. In selecting tools, my first concern has been availability. I have given the highest priority to the standard Unix utilities. Next in priority are tools available as packages or ports for FreeBSD or Linux. Tools requiring separate compilation or available only as binaries were given a lower priority since these may be available on fewer systems. In some cases, PC-only tools and commercial tools are noted but are not discussed in detail. The bulk of the book is specific to Ethernet and TCP/IP, but the general approach and many of the tools can be used with other technologies.
While this is a book about Unix tools, at the end of most of the chapters I have included a brief section for Microsoft Windows users. These sections are included since even small networks usually include a few computers running Windows. These sections are not, even in the wildest of fantasies, meant to be definitive. They are provided simply as starting pointsa quick overview of what is available.
Finally, this book describes a wide range of tools. Many of these tools are designed to do one thing and are often overlooked because of their simplicity. Others are extremely complex tools or sets of tools. I have not attempted to provide a comprehensive treatment for each tool discussed. Some of these tools can be extremely complex when used to their fullest. Some have manuals and other documentation that easily exceed the size of this book. Most have additional documentation that you will want to retrieve once you begin using them.
My goal is to make you aware of the tools and to provide you with enough information that you can decide which ones may be the most useful to you and in what context so that you can get started using the tools. Each chapter centers on a collection of related tasks or problems and tools useful for dealing with these tasks. The discussion is limited to features that are relevant to the problem being discussed. Consequently, the same tool may be discussed in several places throughout the book.
Please be warned: the suitability or behavior of these tools on your system cannot be guaranteed. While the material in this book is presented in good faith, neither the author nor O'Reilly & Associates makes any explicit or implied warranty as to the behavior or suitability of these tools. We strongly urge you to assess and evaluate these tool as appropriate for your circumstances.
Audience
This book is written primarily for individuals new to network administration. It should also be useful to those of you who have inherited responsibility for existing systems and networks set up by others. This book is designed to help you acquire the additional information you need to do your job.
Unfortunately, the book may also appeal to crackers. I truly regret this and wish there were a way to present this material to limit its worth to crackers. I never met a system manager or network administrator who wasn't overworked. Time devoted to security is time stolen from providing new services to users or improving existing services. There simply is no valid justification for cracking. I can only hope that the positive uses for the information I provide will outweigh the inevitable malicious uses to which it may be put. I would feel much better if crackers would forego buying this book.
In writing this book, I attempted to write the sort of book I often wished I had when I was learning. Certainly, there are others who are more knowledgeable and better prepared to write this book. But they never seemed to get around to it. They have written pieces of this book, a chapter here or a tutorial there, for which I am both immensely thankful and greatly indebted.
.
Organization
There are 12 chapters and 2 appendixes in this book. The book begins with individual network hosts, discusses network connections next, and then considers networks as a whole.
It is unlikely that every chapter in the book will be of equal interest to you. The following outline will give you an overview of the book so you can select the chapters of greatest interest and either skim or skip over the rest.
This chapter attempts to describe network management and troubleshooting in an administrative context. It discusses the need for network analysis and probing tools, their appropriate and inappropriate uses, professionalism in general, documentation practices, and the economic ramifications of troubleshooting. If you are familiar with the general aspects of network administration, you may want to skip this chapter.
is a review of tools and techniques used to configure or determine the configuration of a networked host. The primary focus is on built-in utilities. If you are well versed in Unix system administration, you can safely skip this chapter.
describes tools and techniques to test basic point-to-point and end-to-end network connectivity. It begins with a brief discussion of cabling. A discussion of ping
, ping
variants, and problems with ping
follows. Even if you are very familiar with ping
, you may want to skim over the discussion of the ping
variants.
This chapter focuses on assessing the nature and quality of end-to-end connections. After a discussion of traceroute
, a tool for decomposing a path into individual links, the primary focus is on tools that measure link performance. This chapter covers some lesser known tools, so even a seasoned network administrator may find a few useful tools and tricks.
This chapter describes tools and techniques for capturing traffic on a network, primarily