Solaris 10: Digging Into TCP/IP Problems
Abstract:
Transmission Control Protocol / Internet Protocol (TCP/IP) has been embedded into most UNIX platforms since the beginning days of the Internet. With the enhancement of TCP/IP protocols over the decades, configuration & debugging has become increasingly more sophisticated. In the process of converting to a 100% open source system, Solaris 10 has acquired newer tools to work through issues.
Key Files:
Some key files needed to validate a configuration:
/etc/inet/hostsKey Commands:
/etc/inet/ipnodes
/etc/inet/netmasks
/etc/inet/services
/etc/defaultrouter
/etc/hostname.{interface}
/etc/nsswitch.conf
/etc/resolv.conf
Some key commands used to validate the configuration:
/usr/sbin/ifconfigKey Tasks:
/usr/bin/netstat
/usr/sbin/dladm
/usr/sbin/inetadm
/usr/sbin/ping
Issues with debugging connectivity of a device or a service includes various steps.
Validate the machine host name is tied to an IP address:
sunt2000/root# grep `uname -n` /etc/inet/hosts /etc/inet/ipnodesValidate the machine host name and ip address is tied to a network interface:
/etc/inet/hosts:192.168.254.7 sunt2000 loghost
/etc/inet/ipnodes:192.168.254.7 sunt2000 loghost
sunt2000/root# grep `uname -n` /etc/hostname.*Validate a default gateway for traffic to pass off of the network:
/etc/hostname.ipge2:sunt2000
sunt2000/root# grep -v ^# /etc/defaultrouterValidate the configuration of the interface by the OS during the past reboot:
192.168.254.2 1
sunt2000/root# ifconfig ipge2Validate the interface parameters for duplex and speed
ipge2: flags=1000843mtu 1500 index 4
inet 192.168.254.7 netmask ffffff00 broadcast 192.168.254.255
ether 0:14:4f:2:6a:5e
sunt2000/root# dladm show-dev ipge2Validate routing is set up from last reboot:
ipge2 link: unknown speed: 100 Mbps duplex: full
sunt2000/root# netstat -rnValidate traffic is passing without errors or collisions on the interface.
Routing Table: IPv4 Destination Gateway Flags Ref Use Interface
-------------- ------------- ----- ----- ---------- ---------
default 192.168.254.2 UG 1 6719031
192.127.254.0 192.168.254.7 U 1 23399 ipge2
224.0.0.0 192.168.254.7 U 1 0 ipge2
127.0.0.1 127.0.0.1 UH 1 26319 lo0
sunt2000/root# netstat -ni -I ipge2Check to see what kind of name resolution is used on devices and services.
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis Queue
ipge2 1500 192.168.254.0 192.168.254.7 419830401 0 538731765 0 0 0
sunt2000/root# egrep '(^hosts|^services)' /etc/nsswitch.confWhen dns is being used, ensure the name services are running correctly.
hosts: dns files
services: files
sunt2000/root# nawk '/^nameserver/ { Cmd="nslookup www.oracle.com " $2 ; system(Cmd) }' /etc/resolv.confCheck inet services which are not disabled.
Server: 192.168.1.19
Address: 192.168.1.19#53
Non-authoritative answer:
www.oracle.com canonical name = www.oracle.com.edgesuite.net. www.oracle.com.edgesuite.net canonical name = a398.g.akamai.net.
Name: a398.g.akamai.net
Address: 63.216.54.107
Name: a398.g.akamai.net
Address: 63.216.54.106
Server: 192.168.24.231
Address: 192.168.24.231#53
Non-authoritative answer:
www.oracle.com canonical name = www.oracle.com.edgesuite.net. www.oracle.com.edgesuite.net canonical name = a398.g.akamai.net.
Name: a398.g.akamai.net
Address: 63.216.54.106
Name: a398.g.akamai.net
Address: 63.216.54.107
sunt2000/root# inetadm | grep -v disabledCheck global properties for all inet services.
ENABLED STATE FMRI enabled online svc:/application/x11/xfs:default enabled online svc:/application/font/stfsloader:default enabled offline svc:/application/print/rfc1179:default enabled online svc:/network/rpc/smserver:default enabled online svc:/network/rpc/gss:default enabled online svc:/network/rpc/rstat:default enabled online svc:/network/security/ktkt_warn:default enabled online svc:/network/telnet:default enabled online svc:/network/nfs/rquota:default enabled online svc:/network/ftp:default enabled online svc:/network/login:rlogin enabled online svc:/network/shell:default enabled online svc:/network/rpc-100235_1/rpc_ticotsord:default enabled online svc:/network/bpcd/tcp:default enabled online svc:/network/vnetd/tcp:default enabled online svc:/network/vopied/tcp:default enabled online svc:/network/bpjava-msvc/tcp:default enabled online svc:/network/bootps/udp:default enabled online svc:/network/tftp/udp6:default enabled online svc:/network/rpc/cde-calendar-manager:default enabled online svc:/network/rpc/cde-ttdbserver:tcp
sunt2000/root# inetadm -pList inet properties for any service which is suspect of not running correctly.
NAME=VALUE
bind_addr=""
bind_fail_max=-1
bind_fail_interval=-1
max_con_rate=-1
max_copies=-1
con_rate_offline=-1
failrate_cnt=40
failrate_interval=60
inherit_env=TRUE
tcp_trace=FALSE
tcp_wrappers=FALSE
connection_backlog=10
sunt2000/root# inetadm -l telnetConclusion:
SCOPE NAME=VALUE
name="telnet"
endpoint_type="stream"
proto="tcp6"
isrpc=FALSE
wait=FALSE
exec="/usr/sbin/in.telnetd"
user="root"
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
default tcp_wrappers=FALSE
default connection_backlog=10
For setting up and maintaining basic Network Management infrastructure under Solaris, these basic commands will take someone a long way.
No comments:
Post a Comment