Network Interfaces & ifconfig what is a network interface? - - PDF document

network interfaces ifconfig
SMART_READER_LITE
LIVE PREVIEW

Network Interfaces & ifconfig what is a network interface? - - PDF document

Feb 17, 2023 106 likes •155 views

Network Interfaces & ifconfig what is a network interface? Associated with a hardware device device fxp0 - Intel EtherExpress Pro Practical Networking Sometimes not loopback interface lo0 - pseudo-device Interfaces

slide-1
SLIDE 1

1

Practical Networking

Based on Elisheva Alexander (eli7@cs.huji.ac.il) tirgul from sysp2001

Network Interfaces & ifconfig

  • what is a network interface?
  • Associated with a hardware device

– device fxp0 - Intel EtherExpress Pro

  • Sometimes not

– loopback interface lo0 - pseudo-device

  • Interfaces are handled by device drivers
  • In FreeBSD interfaces are named after their device

drivers

– fxp0, fxp1, fxp2 - handled by fxp(4) driver – em0 - handled by the em(4) driver

  • User interface:

– ioctl(2) to sockets in the PF_LINK domain – ifconfig(8) – may be configured at boot time by BOOTP/DHCP

Ifconfig(8)

  • Can display current configuration for the network interface

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 132.65.16.100 netmask 0xffff0000 broadcast 132.65.255.255 inet6 fe80::202:b3ff:fe97:8e09%em0 prefixlen 64 scopeid 0x1 ether 00:02:b3:97:8e:09 media: Ethernet autoselect (1000baseTX <full-duplex>) status: active fxp0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 ether 00:b0:d0:b0:70:c3 media: Ethernet autoselect (none) status: no carrier lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500 sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552 faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff000000 ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500

The loopback device

  • lo0 is the loopback device
  • sends the packet back to our own host
  • lo0 has IP 127.0.0.1 (aka localhost)
  • telnet 127.0.0.1
  • useful for debugging!
  • run your server and client locally to assure reliable

connection

  • saves time writing applications. for example: syslog

– can send log messages to a remote host – can save log messages locally. – no need to write different code for local and remote messages

Configuring with ifconfig(8)

ifconfig <interface> [address[dest_address]] [parameters]

  • examples:
  • ifconfig ppp0 up

– ifconfig em0 down – ifconfig vl0 mtu 1496

  • Note the configuration differences between ppp

and ethernet devices:

– ifconfig ppp0 192.168.7.1 192.168.7.2 – ifconfig em0 192.168.0.1 netmask 255.255.255.0

Why is ifconfig different between ethernet and PPP

  • ethernet

– unique MAC address (hardware address, ethernet address) – It's a broadcast network – IP network part - segment of IPs that can hear us – has a netmask to define the host part and network part – has a broadcast address - to talk to everyone

  • PPP

– point to point – single destination address - IP that can hear us

slide-2
SLIDE 2

2

ARP, Reminder

  • Exist when using Ethernet and IP.
  • But not really a part of either!
  • Not a "layer".
  • ARP - Address Resolution Protocol

– what's the MAC of an IP in my network? – The OS caches the IP to MAC mapping in an ARP table

  • RARP - Reverse ARP

– what's the IP of a MAC? – who am i?? BOOTP, DHCP

Configuring the ARP table

  • arp(8) - displays and manipulate the ARP table

> arp -a router.cs.huji.ac.il (132.65.16.1) at 00:90:92:f8:90:00 on em0 [ethernet] athlon-mp.cs.huji.ac.il (132.65.80.208) at 00:e0:81:20:57:78 on em0 [ethernet] laa.cs.huji.ac.il (132.65.80.248) at 00:b0:d0:d4:c0:3c on em0 [ethernet] foo.cs.huji.ac.il (132.65.80.251) at 00:b0:d0:8b:6e:b3 on em0 [ethernet] sunhouse.bs.cs.huji.ac.il (132.65.179.17) at (incomplete) on em0 [ethernet] ? (132.65.255.255) at ff:ff:ff:ff:ff:ff on em0 permanent [ethernet]

asking ARP queries

  • so we know where to send!
  • sending out a packet destined to our own

network...

  • if it's MAC is in the ARP cache, send there
  • otherwise broadcast an ARP request...
  • if we get an answer - put the answer in the

cache

  • otherwise - put an incomplete entry in the cache

table

ARP Table Manual Manipulation

  • sometimes we would like to add things to

this cache table ourselves!

– arp -s 10.0.0.1 00:90:27:73:50:7a [temp]

  • or delete things a host has changed it's

network card, but forgot to tell us!

– arp -d 10.0.0.1

answering ARP queries

  • so other know where to send!
  • publishing an arp entry

– arp -s 10.0.0.1 00:90:27:73:50:7a pub

  • if someone broadcasts an ARP request - if we have the answer in

the cache AND it's published - send out the answer

  • sometimes we will want to publish a MAC address but not use it
  • urselves
  • %fore "yellow"
  • arp -s 10.0.0.1 00:90:27:73:50:7a pub only
  • %fore "white"
  • why say one thing, but route another?
  • in order to lie
  • in order to achieve proxy ARP

answering ARP queries

  • Configuring the ARP table so other know where to send!
  • publishing an arp entry

– arp -s 10.0.0.1 00:90:27:73:50:7a pub

  • if someone broadcasts an ARP request - if we have the

answer in the cache AND it's published - send out the answer

  • sometimes we will want to publish a MAC address but

not use it ourselves!

– arp -s 10.0.0.1 00:90:27:73:50:7a pub only

  • why say one thing, but route another?
  • in order to lie
  • in order to achieve proxy ARP
slide-3
SLIDE 3

3

ICMP, Reminder

  • ICMP - Internet Control Message Protocol
  • part of the IP implementation!
  • Not a "layer"
  • provides some feedback about problems
  • not to make IP reliable!
  • examples of control messages:

– destination unreachable – redirect message – echo / echo reply

Diagnostic Tools ping(8)

  • sends ICMP ECHO_REQUEST packets to

network hosts

  • Ping uses the ICMP ECHO_REQUEST

datagram

– elicits an ICMP ECHO_RESPONSE from a host or gateway. – the ICMP ECHO_RESPONSE packet returning includes the original packet

ping(8)

  • what kind of ICMP ECHO_REQUEST

packets can ping send?

– different sizes – different data – different time intervals – different ttl

  • some of these need root permissions, ping

can generate high loads

fault isolation with ping

  • how?

– ping local host first – ping hosts and gateways further and further away

  • what can ping tell us?

– packet loss – duplicate packets – when might we get many of these, but need not be alarmed? – damaged packets, oy vey! – round trip time – small ping packets can test latency

Green Ping Output

> ping 132.65.255.255 PING 132.65.255.255 (132.65.255.255): 56 data bytes 64 bytes from 132.65.16.22: icmp_seq=0 ttl=255 time=0.161 ms 64 bytes from 132.65.16.10: icmp_seq=0 ttl=255 time=0.185 ms (DUP!) 64 bytes from 132.65.208.213: icmp_seq=0 ttl=255 time=0.202 ms (DUP!) ^C

  • -- 132.65.255.255 ping statistics ---

1 packets transmitted, 1 packets received, +2 duplicates, 0% packet loss round-trip min/avg/max/stddev = 0.123/1.973/66.576/6.467 ms > ping -c 5 -s 1473 carl.eli7.net PING carl.eli7.net (132.64.15.194): 1473 data bytes ^C

  • -- carl.eli7.net ping statistics ---

5 packets transmitted, 0 packets received, 100% packet loss > ping -c 5 -s 1472 carl.eli7.net PING carl.eli7.net (132.64.15.194): 1472 data bytes 1480 bytes from 132.64.15.194: icmp_seq=0 ttl=250 time=220.887 ms 1480 bytes from 132.64.15.194: icmp_seq=1 ttl=250 time=196.905 ms 1480 bytes from 132.64.15.194: icmp_seq=2 ttl=250 time=204.625 ms 1480 bytes from 132.64.15.194: icmp_seq=3 ttl=250 time=193.621 ms 1480 bytes from 132.64.15.194: icmp_seq=4 ttl=250 time=194.895 ms

  • -- carl.eli7.net ping statistics ---

5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 193.621/202.187/220.887/10.100 ms