Shulou(Shulou.com)05/31 Report--

This article mainly explains "Mac OS X network diagnostic command is what", the explanation content in the article is simple and clear, easy to learn and understand, please follow the small series of ideas slowly in-depth, together to study and learn "Mac OS X network diagnostic command is what" it!

Some tools, such as arping, arp-scan, require Homebrew installation.

basic tools

The first step in network diagnosis is to understand your own equipment, such as what interfaces there are and what IP addresses are.

ifconfig

Displays network interface information. Such as interface name, interface type, IP address of interface, MAC address of hardware, etc.

ARP

ARP is used inside a local area network (LAN). By using ARP protocol, devices can know IP-MAC correspondence within the same local area network. When we access a local IP address, the device communicates with the corresponding MAC address according to this correspondence. Through ARP tools, we can know whether the communication within the local area network is normal.

arp -a

Show locally stored IP-MAC mapping

sudo arping -I eth0 192.168.1.1

Send ARP request via eth0 interface to query MAC address of device with IP 192.168.1.1

sudo arp-scan -l

Query MAC addresses corresponding to all IP addresses in the entire local area network

sudo tcpdump -i en0 arp

Monitoring arp protocol communication on en0 interface

network layer

The network layer is a wide-area Internet where devices are identified by IP addresses. ping is an ICMP ECHO_REQUEST request sent to an IP address. Devices that receive this request will return an ICMP reply. If the ping reaches an IP address, it means that the device with that IP address can be successfully reached through the network layer.

ping 192.168.1.1

Send an ICMP request to IP address 192.168.1.255. If ICMP for that address is not disabled, devices on that network will reply.

ping 192.168.1.255

Send an ICMP request to broadcast address 192.168.1.255. If ICMP is not disabled, devices on the network will reply.

Note that many devices disable ICMP. If the ping is less than one device, it is not necessarily a network layer failure.

If two devices have the same IP address, this will result in an IP collision. In many networks, IP addresses are automatically assigned by DHCP, which greatly reduces the possibility of IP collisions. The DHCP server makes an agreement with the device that the device will occupy an IP address for a certain period of time, and the DHCP server will no longer assign the IP address to others.

sudo ipconfig set en0 DHCP

Update DHCP lease. The device releases the IP address and retrieves it from the DHCP server.

sudo ipconfig set en0 INFORM 192.168.0.120

Set interface en0 to a static IP address.

routing

The local area network accesses the wide area Internet through the router. Communication on the Internet often has to be relayed through multiple routers. A router failure on the way may lead to abnormal Internet access.

netstat -nr

Displays the routing table. From the routing table, you can find the gateway. Gateway is the exit to a wider network.

traceroute 74.125.128.99

Traces the full route to the IP destination.

traceroute -I 74.125.128.99

Route tracing via ICMP protocol. ICMP is often disabled, so it returns a string of "*."

sudo traceroute -T -p 80 74.125.128.99

Trace routing over TCP protocol via port 80. TCP's default port 80 is rarely disabled.

network listen

Tcpdump is a web capture tool. It can listen to traffic at different layers of the network interface and filter out specific content, such as specific protocols, specific ports, and so on. We have used tcpdump above to monitor ARP traffic. Here we look at more ways to monitor.

sudo tcpdump -i en0

Listen to all traffic on the en0 interface

sudo tcpdump -A -i en0

Display the communication content of en0 interface with ASCII

sudo tcpdump -i en0 'port 8080'

Communication on port 8080 showing en0 interface

sudo tcpdump -i eth2 src 192.168.1.200

Display eth2 interface, communication from 192.168.1.200

sudo tcpdump -i eth2 dst 192.168.1.101 and port 80

Communication showing port 80 of port eth2 with destination 192.168.1.101

sudo tcpdump -w record.pcap -i lo0

Save the communication of lo0 interface into the file record.pcap

domain name resolution

DNS translates between domain names and IP addresses. DNS failures cause us to be unable to access a URL through a domain name.

host www.sina.com.cn

DNS domain name resolution. Return IP address corresponding to domain name

Thank you for reading, the above is "Mac OS X network diagnostic command is what" the content of the, after learning this article, I believe we have a deeper understanding of Mac OS X network diagnostic command is what this problem, the specific use of the situation also needs to be verified. Here is, Xiaobian will push more articles related to knowledge points for everyone, welcome to pay attention!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.