|
|
| Previous | Table of Contents | Next |
The RWHO daemon maintains the database used by the rwho and ruptime commands. Its operation is predicated by its capability to broadcast messages on a network. rwho operates by periodically querying the state of the system and broadcasting that information on the network. It also listens for rwho messages produced by other systems, so it can update its database of remote server information.
It is important to note that this service takes up more and more bandwidth as the number of hosts grows. For large networks, the cost in network traffic becomes prohibitive.
TCP/IP commands can be split into three categories:
This section examines some of the commands that are used to administer the TCP/IP services provided in a system. Many of the commands can be executed by either a regular user or the super-user, but some features are restricted due to the nature of the command. An understanding of the commands available to administer TCP/IP, however, is important for the administrator and helpful for the user.
The ping Command
The ping command is used to send Internet Control Message Protocol (ICMP) packets from one host to another. ping transmits packets using the ICMP ECHO_REQUEST command and expects to get an ICMP ECHO_REPLY in response to each transmitted packet. The name ping comes from the sonar detection device that uses a sound pulse resembling a ping to locate targets in the surrounding area. In this case, the sound pulses are ICMP packets to a target host.
The following illustrates using ping with a responding host and using ping with a nonresponding host. Under normal circumstances, ping does not terminate, but broadcasts packets until the user stops it, typically through an interrupt signal such as Control+C.
$ ping shylock PING shylock (192.139.234.12): 56 data bytes 64 bytes from shylock (192.139.234.12): icmp_seq=0 ttl=254 time=10 ms 64 bytes from shylock (192.139.234.12): icmp_seq=1 ttl=254 time=10 ms 64 bytes from shylock (192.139.234.12): icmp_seq=2 ttl=254 time=10 ms 64 bytes from shylock (192.139.234.12): icmp_seq=3 ttl=254 time=10 ms — shylock ping statistics — 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 10/10/10 ms $
The ping command has a wide variety of options that can be used to help locate potential problems in the connections. These options and their explanations are shown in table 1.5.
| Option | Description |
|---|---|
| -c count | This instructs ping to continue sending packets until count requests have been sent and received. |
| -d | This option turns on the debug option for the socket being used. |
| -f | This is a flood ping. It causes ping to output packets as fast as they come back from the remote host or 100 times per second, whichever is faster. In this mode, each request is shown with a period, and for each response, a backspace is printed. Only the super-user can use this option. For obvious reasons, this can be very hard on a network and should be used with caution. |
| -i seconds | This option instructs ping to wait the specified number of seconds between transmitting each packet. This option cannot be used with the -f option. |
| -n | Numeric mode only. Normally ping attempts to resolve the IP address for a hostname. This option instructs ping to print the IP addresses and not look up the symbolic names. This is important if for some reason the local name server is not available. |
| -p pattern | This enables the user to specify up to 16 pad bytes to be added to the packet. This is useful for diagnosing data-dependent problems in a network. Using -p ff, for example, causes the transmitted packet to be filled with all 1s. |
| -q | Normally, ping reports each response received. This option puts ping into quiet mode. The result is that it prints the summary information at startup and completion of the command. |
| -R | This adds the ICMP RECORD_ROUTE option to the ECHO_REQUEST packet. This asks for the route to be recorded in the packet, which ping then prints when the packet is returned. There is only room for nine routes in each packet, and many hosts ignore or discard this option. |
| -r | This causes ping to bypass the normal routing tables that would be used to transmit a packet. For this to work, the host must be on a directly attached network. If the target host is not, an error is printed by ping. |
| -s packetsize | This enables the user to specify the number of data bytes that are to be sent. The default is 56 bytes, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header of data. |
| -v | This puts ping into verbose mode. It instructs ping to print all ICMP packets returned other than ECHO_RESPONSE packets. |
The following demonstrates the -q option for ping. With this example, ping prints only the startup and summary information.
$ ping -q ftp.widgets.ca PING chelsea.widgets.ca (198.73.138.6): 56 data bytes -- chelsea.widgets.ca ping statistics -- 7 packets transmitted, 7 packets received, 0% packet loss round-trip min/avg/max = 0/0/0 ms $
These examples are not representative of all implementations of ping. The following illustrates the output of ping on BSD versions of Unix.
% /usr/etc/ping gateway gateway.widgets.ca is alive %
For the BSD Unix users, the ping command generally does not print the information that was illustrated in preceding code. The preceding example serves to illustrate that even different versions of TCP/IP have been implemented differently.
When ping is used for fault isolation, it should first be run on the local host to ensure that the network interface is up and running. The ping program is intended for use in network testing, measurement, and management. Because of the load it can impose on the network, however, it is not wise to use ping during normal working hours or from automated test scripts.
| Previous | Table of Contents | Next |