Docs and Blog Posts

Misc Terminal Stuff

  • Cmd: dig [IP or domain name] - tells you what that IP / domain name is pointing at

    • Cmd: dig -x [IP or domain name] is a reverse dig - it’ll tell you what domain names are pointing at a particular IP or domain name.
    • To install on CentOS: sudo yum install bind-utils
  • Cmds: nmap and netstat

    • (see below)
    • These are two sides of the same coin: nmap allows you to look at a server from externally and see its state, whereas netstat is one you run from inside the server to see what’s going on
  • Cmd: nmap

    • Tells you what state a host is in
    • Eg nmap -P0 otherelkdata.acmecorp.com

      • -P0 does an “IP protocol ping”
      • - Alex used this when wondering whether there was some problem with a vip (virtual IP - configured for load balancing in F5)
  • Cmd: netstat

  • Cmd: nc (netcat)

    • This is the netcat command. Netcat is a simple Unix utility that reads and writes data across network connections, using the TCP or UDP protocol
    • Our most common use case is for Graphite: echo "clare.test 12 $(date +%s)" | nc graphite.acmecorp.com 2003
    • You can also use it to test a port: nc -nv localhost 5667, then do echo $?, you can check whether you see 1 (for error) rather than 0 (for success)
  • Cmd: lsof

    • List open files - report a list of all open files and the processes that opened them.
    • For instance: sudo lsof -i -n -P

      • ! Use sudo or you may get no results at all!
    • You get very similar results from this that you do for netstat -pultn

Tcpdump

IP addresses

Subnets

CIDR

  • See also my blog post: https://insimpleterms.blog/a-simple-explanation-of-the-cidr-ip-address-scheme

  • With a CIDR address, you get something that looks like an IP address but then you get /nn at the end

    • Like this: 10.128.325.0/24
    • If you want to decode a CIDR address, you can use this tool: https://www.ipaddressguide.com/cidr It will tell you the First IP, Last IP, Number of Hosts and more.

    • The number at the end specifies how many bits of the IP address will be used for the network address. The rest of the bits will be used for host addresses.

      • There are always 32 bits available, because the highest IP address is 255.255.255.255. If those numbers were written in binary instead of decimal, each of the 255s would require 8 bits (255 is 11111111).
      • In the example above, 24 bits are used for the network address and this leaves 8 bits (32 minus 24) for the host addresses.
      • The range of numbers you can create when you have 8 bits is 256 (from 0000000 to 11111111), so if you have 8 bits available for host addresses, the number of host addresses is 256.
      • This means that in our example, the actual range of IP addresses described here is 10.128.325.0 to 10.128.325.255.
      • The first three decimals (10.128.325) will use up 24 bits and the last decimal (0 to 255) uses up the last 8 bits.
    • You can use the table shown on this page (https://www.keycdn.com/support/what-is-cidr) to find out how many IP addresses are represented by the number after the forward slash.

      • In the table below, the “decimal” column is telling you how many IP addresses will be in the range.
      • The “class” refers to the old way of allocating IP addresses, where class A was a range of over 16 million addresses, class B was a range of 65,535 addresses and class C was a range of 254 addresses. More here: https://www.keycdn.com/support/what-is-cidr
      • The “mask” refers to bit multiplication, which is a whole other topic.