ifconfig lo0 lo0: flags=1049UP,LOOPBACK,RUNNING
inet 127.0.0.1 netmask ff000000
When used to check the status of an interface, the ifconfig command displays two output lines. The first line shows the interface name and the flags that define the interfaces characteristics; the flags
are displayed as both a numeric value and a set of keywords. The meanings of the flag keywords in the previous examples are:
UP The interface is enabled for use.
BROADCAST The interface supports broadcast, which means it is connected to the
network that support broadcast in these cases Ethernet. NOTRAILER
The interface does not support trailer encapsulation. Some systems such as SunOS completely ignored this possibility and never used it.
RUNNING The interface is operational.
LOOPBACK The interface supports local loopback.
The second line of the ifconfig output displays information that directly relates to TCP IP. The meanings of the keywords used are:
inet Keyword inet is followed by the IP address assigned to this interface.
netmask Keyword netmask is followed by the subnet mask written in hexadecimal format. The mask specifies valid address bits of the network subnetwork part of the IP address
assigned to the interface. broadcast Keyword broadcast is followed by the broadcast address assigned to this interface. The
system figures out the broadcast address as the maximal available IP address within the defined network subnetwork.
15.4.2 The netstat Command
The netstat command displays the contents of various network−related data in a variety of formats, depending on the options specified. The command has the following syntax:
netstat [options] [system] [core]
where
options One or more options preceded by a hyphen −; some options require additional
arguments
system Allows a substitute for the default, which is the kernel such as vmunix core
Allows a substitute for the default, which is the special file devkmem There are a number of options, some of which are shown in the following table some options
require an additional argument:
Option Meaning
−a
Displays the state of all sockets. Without any option passive sockets used by server processes are not displayed.
−i
Displays the state of network interfaces that have been auto−configured.
−I interface
Displays information about the specified interface.
−g
Displays multicast information for network interfaces. 357
−n
Displays network addresses numerically as numbers. By default, hostnames are presented symbolically, if possible.
−r Displays the routing tables. When the s option is also present, it displays
routing statistics instead.
−v Displays additional routing information. When −v is used with the −r option, the
network masks in the route entries are also displayed; this applies only to the −r option.
−s
Displays statistics for all protocols.
We have already discussed the use of the netstat command to display hosts routing tables; now let us see how its usage relates to the network interfaces.
The netstat −i[n] should be used to check the status of all available network interfaces the optional n determines the way to present the addresses, numerically or symbolically. An example
SunOSSolaris follows:
netstat −in
Name Mtu NetDest Address Ipkts Ierrs Opkts Oerrs Collis Queue le0 1500 146.95.0.0 146.95.1.11 992048 0 96835 0 389 0
lo0 1536 127.0.0.0 127.0.0.1 36501 0 36501 0 0 0
netstat −i
Name Mtu NetDest Address Ipkts Ierrs Opkts Oerrs Collis Queue le0 1500 146.95.0.0 patsy 992092 0 96851 0 389 0
lo0 1536 loopback localhost 36509 0 36509 0 0 0
The displayed fields have the following meanings:
Field Meaning
Name The name field shows the actual name assigned to this interface. This is the
name that identifies an interface when the ifconfig command is used. An asterisk in this field indicates that the interface is not enabled is not up.
Mtu The maximum transmission unit field shows the longest frame packet that can
be transmitted by the interface without fragmentation. The Mtu is displayed in bytes.
NetDest The networkdestination field shows the network or the destination host to which
this interface provides access. This field contains a network address derived from the IP address of the interface and the subnet mask. If a point−to−point
link is configured, this field contains a remote host address. If the symbolical address presentation is required, this field contains the corresponding name
when the name can be resolved from the address.
Address The address field shows the IP address or the name assigned to this interface.
Ipkts The input packets field shows how many packets this interface has received.
Ierrs The input errors field shows how many damaged packets this interface has
received. Opkts
The output packets field shows how many packets were sent out by this interface.
Oerrs The output errors field shows how many of the packets caused an error
condition. Collis
358
Queue The packets queued field shows how many packets are in the queue, waiting to
be transmitted over this interface. Normally it is zero. The example above is typical for almost any SunOSSolaris workstation; two network interfaces are
identified: le0 and lo0:
le0 A lance Ethernet interface defined by a corresponding device statement in the kernel configuration file.
lo0 The loopback interface, which every TCPIP system has, and which is mandatory, defined in the kernel configuration file. On most systems this is part of the default configuration, and is
configured automatically. The next example is for the HP−UX flavor. The command output is almost the same, with different
names for the network interfaces:
netstat −in
Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll ni0 0 none none 0 0 0 0 0
ni1 0 none none 0 0 0 0 0 lo0 4608 127 127.0.0.1 2221 0 2221 0 0
lan0 1500 146.95 146.95.8.31 958064 36687 62446 0 4
netstat −i Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
ni0 0 none none 0 0 0 0 0 ni1 0 none none 0 0 0 0 0
lo0 4608 loopback localhost 2221 0 2221 0 0 lan0 1500 146.95 apollo.ph. 958118 36687 62462 0 4
The only difference is that the queue field is omitted in any case, the normal value in this field is zero. Of course, names, addresses, and numbers have different values, ni0 and ni1 interfaces are
disabled.
The netstat command is also instrumental in displaying the status of sockets. The display for each socket shows the local and remote addresses, the send and receive queue sizes in bytes, the
send and receive windows in bytes, and the internal state of the protocol.
The symbolic format normally used to display socket addresses is either hostname.port when the name of the host is specified, or network.port if a socket address specifies a network but no specific
host. If the network or hostname for an address is not known or if the −n option is specified, the numerical network address is shown. Unspecified, or wildcard, addresses and ports appear as .
The possible state values for TCP sockets are as follows: CLOSED
Closed, the socket is not being used. LISTEN
Listening for incoming connections. SYN_SENT
Actively trying to establish connection. SYN_RECEIVED Initial synchronization of the connection is under way.
ESTABLISHED Connection has been established.
CLOSE_WAIT Remote shutdown, waiting for the socket to close.
359
CLOSING Closed, then remote shutdown, awaiting acknowledgment.
LAST_ACK Remote shutdown, then closed, awaiting acknowledgment.
FIN_WAIT_2 Socket closed, waiting for shutdown from remote.
TIME_WAIT Wait after close for remote shutdown retransmission.
The following example illustrates the use of the netstat command for this purpose; the host name is garp. Only active sockets are presented.
netstat −a
Active Internet connections including servers Proto Recv−Q Send−Q Local Address Foreign Address state
tcp 0 0 garp.690 delft.scps.com.32771 TIME_WAIT tcp 0 0 garp.686 delft.scps.com.32771 TIME_WAIT
tcp 0 205 garp.telnet ink2.spcs.com.1047 ESTABLISHED tcp 0 0 garp.nprodsoc garp.4108 ESTABLISHED
tcp 0 0 garp.4108 garp.nprodsoc ESTABLISHED tcp 0 0 garp.telnet daloia.scps.com.1095 ESTABLISHED
tcp 0 0 garp.telnet park.scps.com.1038 ESTABLISHED tcp 0 0 .printer . LISTEN
tcp 0 0 garp.nprodsoc . LISTEN tcp 0 0 .2458 . LISTEN
tcp 0 0 . . CLOSED tcp 0 0 .querix . LISTEN
..... .....
If no options, or only the −n option is specified, netstat displays the status of active sockets only.
15.5 Super Internet Server
