在这篇文章中,我们将会学到一些常用的命令诸如ping/dig/host/traceroute/mtr/ss/tcpdump等,同时如何使用这些命令进行简单的网络故障确认。
ping
ping -c 1 www.baidu.com
命令作用:向baidu发2次ping确认,然后退出
影响ping结果的因素有目标机器的距离/网络速度/hop数都回对ping的结果有所影响
项目 | 详细说明 |
---|---|
目标机器的距离 | 目标机器的距离会对结果有一定影响 |
网络速度 | 带宽的高低会影响到上行和下行速度,从而对ping结果的取得也有一定的一个乡 |
hop数 | hop的数量指的是ping到达目的所经过的路由或者服务器数目 |
dig
dig命令被用来验证DNS的映射关系/网络连接/host地址/MX纪录等,dig可以取代nslookup命令进行简单查询确认。列出一些常用的使用方法如下:
dig www.baidu.com
用以确认整体信息
[root@liumiaocn ~]# dig www.baidu.com
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> www.baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62869
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 363 IN CNAME www.a.shifen.com.
www.a.shifen.com. 68 IN A 14.215.177.37
www.a.shifen.com. 68 IN A 14.215.177.38
;; Query time: 181 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:36:03 EST 2017
;; MSG SIZE rcvd: 101
[root@liumiaocn ~]#
google虽然不通,dig还是可以取到信息的。
[root@liumiaocn ~]# dig www.google.com
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38831
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 2208 IN A 78.16.49.15
;; Query time: 29 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:52:06 EST 2017
;; MSG SIZE rcvd: 48
[root@liumiaocn ~]#
具体信息在此不再一一展开,比如规则中的A和CNAME即为域名映射中地址映射或者别名映射等基本概念,粗糙一些的设定比如一些云服务上所提供的域名绑定可能还会要求你按照这些基本原理去设定A或者CNAME规则,以后应该会持续改进吧。
dig www.baidu.com @8.8.4.4
使用dig www.baidu.com最后提示的信息可以看到使用的google的8.8.8.8,但是如果想制定某一特定解析机器即可食用这种方法。
[root@liumiaocn ~]# dig www.baidu.com @8.8.4.4
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> www.baidu.com @8.8.4.4
;; global options: +cmd
;; connection timed out; no servers could be reached
[root@liumiaocn ~]#
奈何已经不通了,在内网中往往有多个DNS服务器,想确认某一特定DNS服务器是否有问题,也可使用此种方式进行部分信息的获取
[root@liumiaocn ~]# dig www.baidu.com @8.8.8.8
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> www.baidu.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21930
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1122 IN CNAME www.a.shifen.com.
www.a.shifen.com. 184 IN A 14.215.177.37
www.a.shifen.com. 184 IN A 14.215.177.38
;; Query time: 272 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:43:55 EST 2017
;; MSG SIZE rcvd: 101
[root@liumiaocn ~]#
dig baidu.com MX
[root@liumiaocn ~]# dig baidu.com MX
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> baidu.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34085
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;baidu.com. IN MX
;; ANSWER SECTION:
baidu.com. 6221 IN MX 20 mx50.baidu.com.
baidu.com. 6221 IN MX 10 mx.n.shifen.com.
baidu.com. 6221 IN MX 20 mx1.baidu.com.
baidu.com. 6221 IN MX 20 jpmx.baidu.com.
;; Query time: 205 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:45:58 EST 2017
;; MSG SIZE rcvd: 128
[root@liumiaocn ~]#
dig baidu.com TXT
[root@liumiaocn ~]# dig baidu.com TXT
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> baidu.com TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50561
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;baidu.com. IN TXT
;; ANSWER SECTION:
baidu.com. 6149 IN TXT "v=spf1 include:spf1.baidu.com include:spf2.baidu.com include:spf3.baidu.com a mx ptr -all"
baidu.com. 6149 IN TXT "google-site-verification=GHb98-6msqyx_qqjGl5eRatD3QTHyVB6-xQ3gJB5UwM"
;; Query time: 291 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:46:41 EST 2017
;; MSG SIZE rcvd: 221
[root@liumiaocn ~]#
dig baidu.com NS
[root@liumiaocn ~]# dig baidu.com NS
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> baidu.com NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16816
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;baidu.com. IN NS
;; ANSWER SECTION:
baidu.com. 12914 IN NS ns3.baidu.com.
baidu.com. 12914 IN NS dns.baidu.com.
baidu.com. 12914 IN NS ns4.baidu.com.
baidu.com. 12914 IN NS ns7.baidu.com.
baidu.com. 12914 IN NS ns2.baidu.com.
;; Query time: 199 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:46:57 EST 2017
;; MSG SIZE rcvd: 128
[root@liumiaocn ~]#
dig baidu.com SOA
[root@liumiaocn ~]# dig baidu.com SOA
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> baidu.com SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52137
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;baidu.com. IN SOA
;; ANSWER SECTION:
baidu.com. 2375 IN SOA dns.baidu.com. sa.baidu.com. 2012134282 300 300 2592000 7200
;; Query time: 204 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:47:14 EST 2017
;; MSG SIZE rcvd: 81
[root@liumiaocn ~]#
dig baidu.com ANY
[root@liumiaocn ~]# dig baidu.com ANY
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> baidu.com ANY
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30726
;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;baidu.com. IN ANY
;; ANSWER SECTION:
baidu.com. 7199 IN SOA dns.baidu.com. sa.baidu.com. 2012134282 300 300 2592000 7200
baidu.com. 7199 IN TXT "v=spf1 include:spf1.baidu.com include:spf2.baidu.com include:spf3.baidu.com a mx ptr -all"
baidu.com. 7199 IN TXT "google-site-verification=GHb98-6msqyx_qqjGl5eRatD3QTHyVB6-xQ3gJB5UwM"
baidu.com. 7199 IN MX 20 jpmx.baidu.com.
baidu.com. 7199 IN MX 20 mx50.baidu.com.
baidu.com. 7199 IN MX 10 mx.n.shifen.com.
baidu.com. 7199 IN MX 20 mx1.baidu.com.
baidu.com. 599 IN A 123.125.114.144
baidu.com. 599 IN A 180.149.132.47
baidu.com. 599 IN A 220.181.57.217
baidu.com. 599 IN A 111.13.101.208
baidu.com. 86399 IN NS dns.baidu.com.
baidu.com. 86399 IN NS ns7.baidu.com.
baidu.com. 86399 IN NS ns2.baidu.com.
baidu.com. 86399 IN NS ns3.baidu.com.
baidu.com. 86399 IN NS ns4.baidu.com.
;; Query time: 462 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:47:35 EST 2017
;; MSG SIZE rcvd: 504
[root@liumiaocn ~]#
dig -x 8.8.8.8 == nslookup 8.8.8.8
[root@liumiaocn ~]# dig -x 8.8.8.8
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> -x 8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51502
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;8.8.8.8.in-addr.arpa. IN PTR
;; ANSWER SECTION:
8.8.8.8.in-addr.arpa. 86399 IN PTR google-public-dns-a.google.com.
;; Query time: 298 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 23 12:48:17 EST 2017
;; MSG SIZE rcvd: 93
[root@liumiaocn ~]#
[root@liumiaocn ~]# nslookup 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
8.8.8.8.in-addr.arpa name = google-public-dns-a.google.com.
Authoritative answers can be found from:
[root@liumiaocn ~]#
dig -x 8.8.8.8 +short
[root@liumiaocn ~]# dig -x 8.8.8.8 +short
google-public-dns-a.google.com.
[root@liumiaocn ~]#
host
host可以取得和dig类似的信息,比稍举数例如下:
host -a baidu.com
[root@liumiaocn ~]# host -a baidu.com
Trying "baidu.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34929
;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;baidu.com. IN ANY
;; ANSWER SECTION:
baidu.com. 7199 IN SOA dns.baidu.com. sa.baidu.com. 2012134282 300 300 2592000 7200
baidu.com. 7199 IN TXT "google-site-verification=GHb98-6msqyx_qqjGl5eRatD3QTHyVB6-xQ3gJB5UwM"
baidu.com. 7199 IN TXT "v=spf1 include:spf1.baidu.com include:spf2.baidu.com include:spf3.baidu.com a mx ptr -all"
baidu.com. 7199 IN MX 20 mx1.baidu.com.
baidu.com. 7199 IN MX 20 jpmx.baidu.com.
baidu.com. 7199 IN MX 20 mx50.baidu.com.
baidu.com. 7199 IN MX 10 mx.n.shifen.com.
baidu.com. 599 IN A 123.125.114.144
baidu.com. 599 IN A 180.149.132.47
baidu.com. 599 IN A 220.181.57.217
baidu.com. 599 IN A 111.13.101.208
baidu.com. 86399 IN NS ns2.baidu.com.
baidu.com. 86399 IN NS ns4.baidu.com.
baidu.com. 86399 IN NS dns.baidu.com.
baidu.com. 86399 IN NS ns3.baidu.com.
baidu.com. 86399 IN NS ns7.baidu.com.
Received 493 bytes from 8.8.8.8#53 in 402 ms
[root@liumiaocn ~]#
host www.baidu.com
[root@liumiaocn ~]# host www.google.com
www.google.com has address 93.46.8.89
www.google.com has IPv6 address 200:2:2e52:ae44::
www.google.com has address 93.46.8.89
[root@liumiaocn ~]# host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 14.215.177.37
www.a.shifen.com has address 14.215.177.38
[root@liumiaocn ~]#
host www.baidu.com 16.110.135.51
host 8.8.8.8
[root@host31 ~]# host 8.8.8.8
8.8.8.8.in-addr.arpa domain name pointer google-public-dns-a.google.com.
[root@host31 ~]#
traceroute
traceroute被设计用来确认到目标机器所经过的路径
traceroute www.baidu.com
[root@liumiaocn ~]# traceroute www.baidu.com
traceroute to www.baidu.com (14.215.177.38), 30 hops max, 60 byte packets
1 gateway (192.168.32.2) 0.744 ms 0.519 ms 0.387 ms
2 * * *
3 * * *
...
traceroute -n www.baidu.com
[root@liumiaocn ~]# traceroute -n www.baidu.com
traceroute to www.baidu.com (14.215.177.38), 30 hops max, 60 byte packets
1 192.168.32.2 0.352 ms 0.438 ms 0.417 ms
2 * * *
3 * * *
另外traceroute还封装了各种常见协议的确认方式,比如ICMP/TCP/UDP
协议 | 访问方式 |
---|---|
ICMP | traceroute -I www.baidu.com |
TCP | traceroute -T www.baidu.com |
UDP | traceroute -U www.baidu.com |
mtr
mtr也可以得到traceroute类似的信息,在虚拟机或者NAT下依然能够得到你想要的信息。比如
mtr www.baidu.com
liumiaocn (0.0.0.0) Mon Jan 25 20:01:41 2017
Resolver: Received error response 2. (server failure)er of fields quit
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. 192.168.32.2 0.0% 38 0.1 0.7 0.1 1.5 0.0
2. 192.168.31.1 0.0% 38 1.2 2.8 1.2 5.4 0.7
3. 175.162.160.1 0.0% 38 3.8 5.0 2.3 13.2 1.8
4. 61.189.74.26 0.0% 38 3.0 5.0 2.4 8.5 1.3
5. 61.189.66.110 0.0% 38 19.1 18.1 12.2 67.7 11.0
6. 113.230.190.113 0.0% 38 65.6 64.8 62.4 78.5 3.2
7. 113.230.178.17 13.2% 38 22.8 25.1 21.8 57.2 6.4
8. 219.158.20.45 0.0% 38 25.1 25.7 21.6 59.2 7.7
9. 219.158.3.106 0.0% 38 24.0 25.6 22.3 34.1 2.2
10. 202.97.4.161 0.0% 37 61.9 61.6 56.9 68.4 2.2
11. 202.97.60.118 2.7% 37 67.8 71.5 67.4 90.8 4.5
12. 113.108.208.22 0.0% 37 71.1 70.9 67.9 75.8 2.0
13. ???
14. 14.29.117.234 0.0% 37 69.8 71.0 67.9 78.3 2.5
15. ???
16. 14.215.177.37 0.0% 37 63.7 66.6 63.6 85.1 3.8
mtr –report www.baidu.com
[root@liumiaocn ~]# mtr --report www.baidu.com
Start: Mon Jan 23 20:03:12 2017
HOST: liumiaocn Loss% Snt Last Avg Best Wrst StDev
1.|-- gateway 0.0% 10 0.2 0.4 0.2 0.6 0.0
2.|-- 192.168.31.1 0.0% 10 1.9 2.5 1.9 3.8 0.3
3.|-- 175.162.160.1 0.0% 10 5.1 5.8 4.2 9.3 1.3
4.|-- 61.189.74.26 0.0% 10 3.8 4.8 3.7 7.3 0.9
5.|-- 61.189.66.110 0.0% 10 11.8 15.7 11.8 28.2 5.2
6.|-- 113.230.190.113 0.0% 10 64.9 64.1 63.1 66.3 1.0
7.|-- 113.230.178.17 20.0% 10 21.9 23.2 21.9 25.7 1.1
8.|-- 219.158.20.45 0.0% 10 22.9 27.0 21.9 59.1 11.5
9.|-- 219.158.3.106 0.0% 10 24.7 25.1 23.6 28.5 1.3
10.|-- 202.97.4.161 0.0% 10 58.2 62.3 58.2 69.1 3.1
11.|-- 202.97.60.118 0.0% 10 70.8 71.3 67.6 74.2 1.7
12.|-- 113.108.208.22 0.0% 10 68.4 70.7 68.4 77.3 2.6
13.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
14.|-- 14.29.117.234 0.0% 10 68.2 70.8 68.2 77.4 2.5
15.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
16.|-- 14.215.177.37 0.0% 10 73.4 66.9 64.0 73.4 3.2
[root@liumiaocn ~]#
ss: Socket Statistics command
ss是netstat的继任者,不只是更快,它还能显示更多的信息,不同于netstat从诸如/proc下取得信息那样,ss直接从内核空间获取信息。常用方式列举如下,可自行练习使用。
项番 | 命令 |
---|---|
No.1 | ss -ta |
No.2 | ss -a -A tcp |
No.3 | ss -ua |
No.4 | ss -xa : unix socket connections |
No.5 | ss -t4 state established |
No.6 | ss -t6 state closed |
No.7 | ss -nt |
No.8 | ss -lnt: only listening sockets |
No.9 | ss -t -m: socket memory usage |
No.10 | ss -t -p |
No.11 | ss -ltp |
No.12 | ss -tl4 |
No.13 | ss -tl6 |
No.14 | ss -tn -o |
No.15 | ss -lpn |
No.16 | ss dst IP地址 |
No.17 | ss dst IP地址:22 |
tcpdump
tcpdump可以获取更加细致的信息。常用方式列举如下,可自行练习使用。
项番 | 命令 |
---|---|
No.1 | tcpdump -i eth0 |
No.2 | tcpdump -i eth0 tcp |
No.3 | tcpdump -i eth0 port 22 |
No.4 | tcpdump -c 10 -i eth0 |
No.5 | tcpdump -c 10 -i eth0 src IP地址 |
No.6 | tcmpdump -D |
No.7 | tcpdump -w /tmp/tmp.log -i eth0 |
No.8 | tcpdump -r /tmp/tmp.log |
参考文献
TCP Wikipedia: http://en.wikipedia.org/wiki/Transmission_Control_Protocol
Ping Wikipedia: http://en.wikipedia.org/wiki/Ping_(networking_utility)
Traceroute Wikipedia : http://en.wikipedia.org/wiki/Traceroute
ss 命令官方介绍: http://www.cyberciti.biz/files/ss.html
ARP Wikipedia : http://en.wikipedia.org/wiki/Address_Resolution_Protocol
dig Wikipedia : http://en.wikipedia.org/wiki/Dig_(command)
tcpdump Wikipedia : http://en.wikipedia.org/wiki/Tcpdump