cjb@cblph.att.com (Chandrasekhar J Bhatt) (10/27/90)
Is there a package or tool available to examine tcp-ip ethernet packets on Sun Workstations ? I know that protocol analyzers can be used, but I am in a situation where the cost of such an analyzer cannot be justified. Shekhar Bhatt att!cblph!cjb
sja@sirius.hut.fi (Sakari Jalovaara) (11/16/90)
> Is there a package or tool available to examine tcp-ip ethernet > packets on Sun Workstations ? First, get RFC 1147 "NOCtools Network Management Tool Catalog" (eg. anonymous ftp uunet.uu.net rfc/rfc1147.Z.) This RFC lists both no-cost and commercial SW for network analysis. Some programs I have seen: nnstat (ftp venera.isi.edu) Versatile (and somewhat complex; you need to read the manual) statistics gathering package. nnstat works with "scripts" that tell it what kinds of statistics to collect. A sample script included with nnstat collects ethernet and TCP packet types, IP packet lengths, networks from/to which packets go, TCP port numbers and ICMP packet types. You can ask it stuff like "who sends broadcasts" and "which machines talk to the NFS port of host `foo'" and get packet counts and percentages of total traffic. tcpdump (ftp gatekeeper.dec.com, uunet.uu.net, wuarchive.wustl.edu) A la etherfind(8). Latest version is "March 3 1990"? Comes with a kernel patch for SunOS 4.0 (and 4.0.[13]?) traceroute (ftp zerkalo.harvard.edu, ftp.ee.lbl.gov, dopey.cs.unc.edu) Shows a trace of gateways through which a ping packet travels. Various versions for different OS's and OS versions (SunOS 3.5 and 4.0 with or without kernel patch, SunOS 4.1, ...) etherhostprobe (ftp spam.itstd.sri.com) Shows a map of corresponding ethernet/IP addresses (by "ping"ing a range of addresses and checking the arp cache...) None of these replace a real analyzer (these are simpler and work only on high-level packets) but can be useful in quick network checks - and the price is often right.
warb@gvlv2.gvl.unisys.com (Dan Warburton) (11/16/90)
cjb@cblph.att.com (Chandrasekhar J Bhatt) writes: >Is there a package or tool available to examine tcp-ip ethernet packets >on Sun Workstations ? I know that protocol analyzers can be used, but I am >in a situation where the cost of such an analyzer cannot be justified. Try man etherfind it can show quit a bit about tcp activity on the net. It takes a little getting use to but is a good tool. I think there may be a problem using it to watch packets to/from the machine it's on.
katz@rpal.com (11/16/90)
In article <1990Oct26.221702.18905@rice.edu> cjb@cblph.att.com (Chandrasekhar J Bhatt) writes: > > Is there a package or tool available to examine tcp-ip ethernet packets > on Sun Workstations ? I know that protocol analyzers can be used, but I am > in a situation where the cost of such an analyzer cannot be justified. > Suns come with two such programs: etherfind and traffic. Morry Katz Rockwell Science Center administrator@rpal.com (machine administration issues) katz@rpal.com (other)