Using Network Utility | Apple Training Series: Mac OS X Support Essentials v10.6: A Guide to Supporting and Troubleshooting Mac OS X v10.6 Snow Leopard

If you have trouble accessing the network, it is important to double-check that all the information you entered earlier in the Network pane is correct. Verify that you have a valid IP address and subnet mask and that the DNS entry is correct. An IP address that starts with 169.254 is self-assigned by Bonjour, which may not be what you wanted.

Network Utility (/Applications/Utilities) is a very valuable tool for testing network connectivity. You can use it to view network information and test network connectivity using commands such as Ping, Lookup, and Traceroute. The Info pane of Network Utility shows a quick interface overview. The left side has details about the interface itself, such as its MAC address, the assigned IP address, and its link speed. The right side shows packet transmission statistics.

NOTE

Some servers are configured to ignore particular types of network packets, and some may not identify themselves. Also, routers may not pass certain types of packets. If you think a server or router is configured in this way, contact your network administrator or the owner of the server.

If you notice a high number of send, receive, or collision errors, try resetting your network interface or the devices connected to it. For example, if you are using a DSL or cable modem, turn it off, wait a few seconds, and then turn it back on.

NOTE

Networking is enabled when booted from the Mac OS X Install DVD. By choosing Network Utility or Terminal from the Utilities menu, you can use the disc to troubleshoot network problems that may be a result of how your system is configured.

The rest of this lesson will consider the troubleshooting commands Ping, Lookup, Traceroute, and Port Scan. Network Utility has four other tools that are not necessarily concerned with troubleshooting:

Netstat An advanced command that system administrators use to monitor the network activity of their machines and the network.
AppleTalk Provides details and statistics for local and network AppleTalk configurations.
Whois Used to find out the registrant of a particular domain name.
Finger Used to get information about users on UNIX-based machines.

Ping

Ping, one of the tools in Network Utility, sends signals (packets) to a network interface to see if the computer responds, or echoes. If all the signals time out, the computer might be disconnected from the network, set to ignore ping packets, or unreachable from your computer.

Ping is often used to isolate a networking issue. Try pinging the server using its IP address. If that works, you've established that the server is up and your computer is able to reach it via the network. Use ping with the server's domain name to find out if DNS is working correctly. The following output shows using Ping in this manner:

 Ping has started ... PING 10.1.0.1 (10.1.0.1): 56 data bytes 64 bytes from 10.1.0.1: icmp_seq=0 ttl=64 time=0.410 ms 64 bytes from 10.1.0.1: icmp_seq=1 ttl=64 time=0.323 ms 64 bytes from 10.1.0.1: icmp_seq=2 ttl=64 time=0.363 ms Ping has started ... PING mainserver.pretendco.com (10.1.0.1): 56 data bytes 64 bytes from 10.1.0.1: icmp_seq=0 ttl=64 time=0.637 ms 64 bytes from 10.1.0.1: icmp_seq=1 ttl=64 time=0.314 ms 64 bytes from 10.1.0.1: icmp_seq=2 ttl=64 time=0.366 ms

If you are unable to ping the server, try pinging another computer that is nearby on the network to isolate if the problem is with your local network or router settings. If this works, check to make sure your Router entry in Network preferences is set correctly. See if another computer is able to ping the server.

Keep in mind that ping tests very basic network connectivity. Even if you can ping a server, its services may be blocked by a firewall, or the service may be turned off or misconfigured on the server.

Determining System Accessibility on an IP Network

This exercise walks you through the steps required to determine whether a machine is reachable on a given IP network. It assumes that your computer is properly configured for Internet access.

1.	Open Network Utility.
2.	Click Ping.
3.	In the "Please enter the network address to ping" field, enter www.apple.com.
4.	Select Send only and set it to 2 pings.
5.	Click Ping. You should see information regarding the packets returned by Apple's server.
6.	Scroll to the end of the results list.
7.	Record the min/avg/max round-trip latency times that give you an indication as to how long it took for the server to respond, in milliseconds.
8.	In the "Please enter the network address to ping" field, enter www.apple.com.au which is Apple's Australian server.
9.	Click Ping. If you are physically closer to Apple's main server in the United States, it shouldn't surprise you that the latency times are higher for Apple's Australian server.

Looking Up Internet Addresses

A frequent problem is that a particular server could not be found. This could be caused by DNS problems: either the computer is configured with invalid DNS addresses, or the DNS server is not functioning correctly.

You can use the Lookup pane in Network Utility to help determine if you are accessing a valid DNS server or to determine the IP address for a given domain name. You can query the DNS server using Network Utility to convert a numerical IP address to a domain name or to convert a domain name into a numerical IP address, but the results may not always be accurate, because Lookup depends upon the server's configuration. If the server configuration is wrong, Lookup will return incorrect information. You can also specify which information to look up, such as the mail records in the DNS server and so on. A sample of Lookup output is as follows:

 Lookup has started ... ; <<> DiG 9.2.2 <<> mainserver.pretendco.com ;; global options: printcmd ;; Got answer: ;; ->HEADER<<- opcode: QUERY, status: NOERROR, id: 50843 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;mainserver.pretendco.com.INA ;; ANSWER SECTION: mainserver.pretendco.com. 3600INA10.1.0.1 ;; AUTHORITY SECTION: pretendco.com.3600INNSmainserver.pretendco.com. ;; Query time: 4 msec ;; SERVER: 10.1.0.1#53(10.1.0.1) ;; WHEN: Thu Mar 31 15:05:56 2005 ;; MSG SIZE rcvd: 72

Using Lookup to Verify DNS Is Set Properly

Here you will use the Lookup tool in Network Utility to compare known IP addresses to their domain names.

1.	In Network Utility, click the Lookup button.
2.	Enter Apple's domain: www.apple.com
3.	Click Lookup. You should see the IP address for Apple in the lower window. DNS also keeps track of mail records and aliases. You can get this information by choosing the different types of options from the "Select the information to lookup" pop-up menu.

Tracing Routes

The Traceroute command in Network Utility traces the route through an IP network from your computer to the destination computer and shows the hop count, or the number of trips a packet took from one router or network device to another, needed to make the journey. This information is useful in determining where network delays are occurring.

The output should look like this:

 traceroute to www.apple.com (17.254.0.91), 64 hops max, 40 byte packets  1 17.197.12.1 (17.197.12.1) 20.271 ms 0.864 ms 1.170 ms  2 il1-reagan-jfk (17.200.33.97) 0.660 ms 0.626 ms 0.525 ms  3 mondale-11 (17.200.26.7) 1.728 ms 1.869 ms 0.451 ms

Each line represents a network hop on the way to the destination. The numbers at the beginning of the line indicate the order in which the hops were traversed. The time in milliseconds indicates the time it took for the network device to respond.

NOTE

Not all routers display the comprehensive network route demonstrated here, as this is optional information for the router to return to a client requesting a traceroute. It is common to see certain portions of the trace turn up with no data, because some administrators configure their routers not to pass this data back to the client.

Scanning Ports

Port Scan displays a list of open IP ports on a targeted computer. Port Scan is mainly used for security reasons. However, it can also be useful in troubleshooting. For example, if you are trying to connect to a web server without success, you can scan the open ports on the web server and ensure that the machine is running, and more importantly, that port 80, the HTTP port, is open. You can also do this with the FTP ports when trying to connect to an FTP server, or the NFS port, and so on.

The output of Port Scan should look something like this:

 Port Scanning host: 192.168.5.30 Open Port: 21 ftp Open Port: 139 netbios-ssn Open Port: 427 svrloc Open Port: 515 printer, spooler Open Port: 548 afpovertcp Open Port: 660

If Port Scan recognizes the use of the port, it will tell you what the port is being used for. The example above shows that port 21 is being used for FTP.

NOTE

Port Scan may look like a port attack to a system administrator. Do not use it to probe other computers without first notifying the system administrator. Otherwise, you may find yourself the recipient of a visit from your company security department or a flustered system administrator, even though you were only using the command for troubleshooting purposes.

Determining the Open Ports on a System Connected to the Network

In this exercise, you will use Port Scan to determine the open ports on a computer. You will need two Macintosh computers on the same local network.

1.	On one computer, open Sharing preferences.
2.	Click Services.
3.	Note which services, if any, are already turned on.
4.	Turn on all services.
5.	Note the computer's local subnet address at the top of the window.
6.	On the other computer, open Network Utility.
7.	Click the Port Scan button.
8.	In the IP address field, enter the other computer's local subnet address noted in step 5.
9.	Click Scan. This scan may take a few minutes.
10.	Review the ports that are open. Port 21 is the FTP port, so if you want to test whether a machine is running an FTP server, you can run Port Scan on it and test whether port 21 is open or not. HTTP uses port 80, and HTTPS uses port 443. NOTE You cannot scan the open ports on the system that you are using. You have to use Netstat to identify the open ports on your current system.
11.	Quit Network Utility.
12.	On the other computer, turn off all services that weren't originally on in Sharing preferences.
13.	Quit System Preferences.