Friday, May 17, 2013

Network Administration for JavaScript Programmers (Part I)


There is no easy path to understanding TCP/IP network communication.  Experienced system programmers spend hours each year tuning and improving the basic communication protocols that connect the internet. IT administrators spend thousands of hours configuring hosts, servers, switches, routers, and optimizing network architecture to  maximize network throughput. Many of us who simply use applications and programming languages don't dig to deeply into these areas.  However, TCP/IP communication makes everything work. Without imbibing some understanding and network troubleshooting techniques, your career as a JavaScript programmer will suffer frustration. As a programmer or IT administrator, you really can't get TCP/IP network administration without using administrative commands from the shell. Graphical suites that help troubleshoot network connectivity are not always available and sometimes they provide more information than needed. The official internet STDs and RFCs represent an authoritative starting point for greater understanding of TCP/IP; but the internet is awash in tutorials on these subjects. I recommend finding something authoritative.

JavaScript  provides functionality to web clients. This makes some network administration and process management skillsets important.  The instructions in this post will be abbreviated. The reader is recommended to additional sources of information for more detail.  My examples use either OpenBSD 5.2. or Cygwin running on Windows 7. OpenBSD is a free UNIX that is secure and easy to install. Cygwin is a free UNIX emulation terminal that includes many but not all UNIX network commands.  As you read this, think about how the commands below might help you test and deploy your JavaScript. In addition, as JavaScript functionality is essentially hosted  on web servers, a study of  network administration is the appropriate introduction for administrating Apache and other web servers and understanding how your JavaScript code will run or test under web load testing.  I will include, as appropriate, as many Windows network administration analogs as possible. However, the reader is warned that additional Windows command line network administration tools such as Powershell and Netsh are covered in summary fashion here.

Commands and arguments will be in bold. Screen examples and output will print in blue.  Choices will be [enclosed in brackets delineated by commas].  To complete this exercise, start an Xll Terminal on your MAC, UNIX, or Cygwin emulation. For Windows cmds, please start an administrative cmd sessions. If possible, it may be helpful to open multiple terminals or Xterms; one in which to practice the commands, the other in which to run man or info commands to further understand specific arguments.  UNIX is at all times cap sensitive.

UNIX commands run under an Operating System shell whose opening prompt will be delineated by a character(s) like #, $, or bash-.  The presence of such a prompt means your are in that particular shell.  Normally, you will recognize your shell type by the prompt. You can use the command echo $SHELL to return the shell type. The bash command will take you to a bash shell which is the most popular and powerful of administrative UNIX shells. Issuing exit will leave your shell. To run the commands as a particular user, change to appropriate directory (e.g. cd /home/rferrisx ), issue an su username command and provide a password. The whoami command  will tell you what user you are logged in as.  Some commands may require a login with administrative or root privileges to run successfully.

Some examples:

cd /home/rferrisx
su rferrisx

The command clear will erase your screen. Your previously typed commands can be found by using the up or down arrows. The keystroke combination CTRL-C will terminate most commands. Start an X11 Terminal. Lowercase q will terminate pagination. Space and Enter advance pagination on a command by one screen or one line respectively. With all UNIX commands, the less and more commands can be appended and used to page through output.  PageUp, PageDown, Enter,Space provide keystroke control pagination for long output. The size of the X11 font can usually be adjusted by holding down the CTRL key and right-clicking your mouse. The properties menu of the application control panel of a cmd or Powershell console provides for similar configuration.

Generic Commands

man man describes  how to access help for any UNIX cmd.
man 'command name' accesses help for any command
man -k keyword -s section number provides a keyword search on for a particular section. Sections 1 or 8 describe most system tools or administrative commands. Lowercase q will end pagination.
A popular alternative to man pages is the info command. Type info info to learn more.

Windows command help can generally be obtaining by appending  /?  or -? to the end of any command. Powershell cmds accept the man argument (e.g. man gc -full ) . Certain commands are essential to navigating all command or cmd shells, although the specific arguments and format may differ between Operating Systems and respective shells. Some of these commands are:

  • echo (UNIX, Windows cmd)
  • cat (UNIX)
  • grep or sls (UNIX, Powershell)
  • less (UNIX)
  • gawk (UNIX but available for Windows cmd)
  • vi (UNIX)
  • more (UNIX, Windows cmd, Powershell)
  • findstr (Windows cmd only)
  • gc (Powershell only)

Network Commands: Parsing network address information

Understanding your local network information allows you to see what interfaces your server and client are using to communicate. Without appropriate configuration  for address, gateways, and routes to local or internet hosts, network communication fails.

On UNIX and MAC:

ifconfig -a will list the status and configuration of all network interfaces.
ifconfig 'interface name' will expose the configuration for that interface.
ifconfig 'interface name' [up,down] will change the state of the interface.

UNIX commands can be piped together to send the output from one command to the input of another. For example, when used with the grep ("generalized regular expression parser") command, specific data for the IPv4 connection will be printed on single line. Please spend some time with 'man grep'.

ifconfig iwn0 | grep -w inet         
inet netmask 0xffffff00 broadcast

The output from this command lists the IP Address, broadcast address and netmask attached to the iwn0 network interface.  The IP Address indicates that your machine is addressed. A similar set of commands can be issued at an administrative Windows cmd prompt, Powershell Prompt, or NT Cygwin prompt with:

ipconfig /all
ipconfig /all | findstr Address
ipconfig /all | findstr Gateway
ipconfig /all  | findstr Mask

[ or ]

echo Address > search.txt & echo Gateway >> search.txt & echo Mask >> search.txt
ipconfig /all | findstr /g:search.txt
   Physical Address. . . . . . . . . : [deleted]
   Physical Address. . . . . . . . . : [deleted]
   IPv4 Address. . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Default Gateway . . . . . . . . . :
   Physical Address. . . . . . . . . : 00-24-BE-65-6D-59

Multiple examples of increasing address  and host network detail from Windows Powershell:

  • gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input}}
  • gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input}} | fl *
  • gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input | Select -ea 0 IP,DHCP,DNS,WINS}}

PS C:\Windows\system32> gwmi -class Win32_NetworkAdapterConfiguration | % {if ($_.IPAddress -ne $null) {$input}}

DHCPEnabled      : True

IPAddress        : {}
DefaultIPGateway : {}
DNSDomain        :
ServiceName      : NETwNs64
Description      : Intel(R) Centrino(R) Advanced-N 6200 AGN
Index            : 11

  • netsh interface ipv4 show addresses
  • netsh interface ipv6 show addresses

Configuration for interface "Local Area Connection 3"
    DHCP enabled:                         Yes
    InterfaceMetric:                      30

Configuration for interface "Wireless Network Connection"
    DHCP enabled:                         Yes
    IP Address:                 
    Subnet Prefix:               (mask
    Default Gateway:            
    Gateway Metric:                       0
    InterfaceMetric:                      25

Configuration for interface "Local Area Connection"
    DHCP enabled:                         No
    InterfaceMetric:                      5

Configuration for interface "Loopback Pseudo-Interface 1"
    DHCP enabled:                         No
    IP Address:                 
    Subnet Prefix:               (mask
    InterfaceMetric:                      50

Network Commands: Parsing connections states and endpoint information

Network endpoints couple foreign IP addresses and ports with your local hosts. They tell you what services on your host or server are connected with their analogs on foreign hosts. An understanding of application service port mapping is important but won't be covered here. More information is readily available on internet (e.g. see ). The curious may type:

On UNIX and MAC:

cat /etc/services
cat /etc/services | wc -l

On Windows from Powershell 3.0:
gc C:\Windows\System32\drivers\etc\services | get-unique 
(gc C:\Windows\System32\drivers\etc\services | get-unique ).count

On Windows from the cmd line:
more C:\Windows\System32\drivers\etc\services

netstat -an -p [TCP,UDP] will show you foreign IP Addresses and their  connected states to your TCP stack for all of Windows, UNIX, MAC. The formats will be slightly different:

netstat -an -p TCP
Active Internet connections (including servers)
Proto   Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp          0      0      ESTABLISHED
tcp          0      0      ESTABLISHED
tcp          0      0      ESTABLISHED
tcp          0      0      ESTABLISHED
tcp          0      0      ESTABLISHED

 On Windows:
netstat -an -p TCP

TCP              LISTENING

If installed on MAC or UNIX, the lsof -i -NR gives even clearer information on connected internet services and applications.
lsof -i -NR

dhclient  6101     1    _dhcp    8u  IPv4 0xd9d4f000      0t0 HOPOPTS *:*
Xorg      8579 31013     _x11    5u  IPv6 0xd9c32334      0t0     TCP *:6000 (LISTEN)
Xorg      8579 31013     _x11    7u  IPv4 0xd9c324cc      0t0     TCP *:6000 (LISTEN)

A combination of lsof, gawk, and grep reveals the endpoints to one host.

lsof -i -NR | gawk '{print $1" "$10}' | grep mrs02s04  

The fstat command on OpenBSD can deliver similar information. Note how grep is used her twice to filter information:

# fstat |  grep "internet stream" | grep 443 
rferrisx chrome     27185   73* internet stream tcp 0xd9c32664 -->
rferrisx chrome     27185   85* internet stream tcp 0xd9c32994 -->
rferrisx chrome     27185   94* internet stream tcp 0xd987e804 -->
rferrisx chrome     27185   95* internet stream tcp 0xd988a338 -->

On Windows the netsh cmd prompt (here used inside Powershell) delivers similar endpoint information:

PS C:\Windows\system32> netsh interface ipv4 show tcpconnections

MIB-II TCP Connection Entrynetsh
Local Address   Local Port      Remote Address  Remote Port     State
-----------------------------------------------------------------------      135               0       Listen      139               0       Listen     2345               0       Listen     4573         49167  Established    49167          4573  Established    61190               0       Listen    61442       5222  Established    61447        443  Established

This windows command will show all open IPv4 connections that have an established state that are not connected to the local loopback:

netsh interface ipv4 show tcpconnections | findstr Established | findstr /v

PS C:\Windows\system32> netsh interface ipv4 show tcpconnections | findstr Established | findstr /v    61442       5222  Established    61447        443  Established    61459        443  Established    61618          443  Established    61794        443  Established    61795        443  Established

Troubleshooting techniques for Network Administration

(Section Under Construction) Common shell commands for troubleshooting networks include:

For UNIX, MAC, Windows:

  • arp  : Adress Resolution Protocol - shows foreign address resolutionApplications available for installation on all platforms
  • ping : packet internetwork generation -sends ICMP packets to foreign hosts
  • route : delineates and modies routing tables
  • traceroute, tracert : sends communication test paths to hosts to determine path and latency
  • nslookup : finds nameserver information
For Windows
  • pathping : cmd line utility provides enhanced ping and tracert functionality
  • Test-connection: Cmdlet provides connection testing functionality - Powershell 3.0 only
  • Invoke-WebRequest : Cmdlet provides web testing functionality - Powershell 3.0 only
 For UNIX or Cygwin:
  • dig : finds nameserver information
  • strace : traces system information 

Applications available for installation on all platforms:

  • ssh : secure shell provides default remote administration terminal for almost all UNIX based systems
  • netcat : provides socket connection test functionality
  • wget: provides web connection test functionality
  • nmap : provides network scanning functionality
  • tcpdump, windump
  • snort
Next up: How to troubleshoot network and application connectivity issues

No comments:

Post a Comment