Network Tools Exercise

[00:00:00]
>> So I'm doing a lot of talking, you're just taking my word for it. Let's dive into some network tools to kind of show you the hidden layer. We're gonna lift up the sheets and see, what's going on over here? How does this all connect together? So the first network tool I want you to check out is ping.

[00:00:20]
Ping, and I won't hold the terminal because these are pretty straightforward. There's no flags or anything we're running other than netstat one. ping is useful because it tells you, is the host up or down? I use ping all the time. If my Wi-Fi goes out, I'm like, or if suddenly, I don't know, the browser is loading slow, is it the application?

[00:00:43]
Has my browser locked up? Or is it my network itself? Ping is a really fast way of telling you if the network's up or down. I like Google, Google's almost never down, at least google.com. So it's a pretty reliable way of saying is my network up and down?

[00:00:57]
And it's very, very lightweight. So you can ping all day and won't do anything. Fun facts, if you ping frontendmasters.com it will not respond, because they disabled replying to UDP or ICMP requests. How dare you, Mark? [LAUGH] I was talking to Mark, the CEO of Frontend Masters. So you can disable your computer responding to pings if you want.

[00:01:21]
I prefer to leave it open. It's good to know if your domain name is down. The next tool that is pretty fun, actually, I'll show you this one. Cuz this gives you, when we talk about how does the Internet work, this gives you maybe a stronger idea of it.

[00:01:41]
So I'm gonna exit my server, cuz I just left it open, exit, clear. So we're gonna run traceroutes. And this, you may get varying results depending on where you are in the world and what your network looks like, but let's traceroute google.com So what's happening in traceroute? Traceroute, actually, as always, we can man the page first because it'll give you a better explanation.

[00:02:14]
But what traceroute does, oops, what's going on? Traceroute tells us all of the hops it takes to get from your computer all the way to the destination host, and it prints every single hop along the way. So when we run traceroute to google.com, We see all the hops.

[00:02:38]
And we'll talk about why it pauses in some places. But right now, what this is telling me is I have a local IP address. Remember we talked about the router gives us a local IP address that allows us to connect to Internet and they usually start with 192.168.

[00:02:51]
So my current IP address is 192.168.3.1. That's my computer. The next hop is going to be to the modem in this case. So looking at this tells me they probably have a modem-router combination, probably just a router and then a modem, which is pretty common too. And their internet provider is, Cogentco?

[00:03:11]
I never know how to pronounce that one. But a pretty common ISP, one of the bigger ones. So that's connecting to one of the ISPs, which connects to probably the bigger ISP of the same name, which connects to another one, which connects to another one, and so on and so forth.

[00:03:26]
So we see the hops within just the ISP taking to get it to the outside world. And some of these are actually probably, actually, you can tell some of these are co-located by their IP blocks. And I can tell you just looking at this that Cogentco owns 154.54.

[00:03:45]
They own that entire block address, cuz they are an ISP and they hand out IP addresses. The second column is how long it took to respond. So that tells me how far away they are, how fast and how busy they are. And then, again, I'm telling you, I can see all this stuff by traceroute.

[00:04:05]
So we keep going, we keep going, we keep going. We are finally out of our ISP. It's made ten hops to get out from the internal block. Now, we're on something else. I don't know what as6453.net is, but it's probably a backbone in the Internet if we wanted to look it up.

[00:04:23]
It looks like it's in New York, interesting. And then these along the way are just routers, maybe some other ISP, maybe some backbones, maybe some Level 3 networking services. But it's fascinating that we'll hop, we'll hop, we'll hop, we'll hop, we'll hop, and then we'll get to, Probably about here.

[00:04:51]
Here is probably where Google's data center starts. We can tell because the IP addresses underneath start to come from the same block. So that tells me we're kind of narrowing in on the same location, on the same data center. So we hop, we hop, we hop, we hop, and then we finally get to our destination IP address, which is the IP address of probably the load balancer with the server cluster that's serving out google.com.

[00:05:21]
So that's pretty cool. You see how complex the Internet is? And it took 20 hops just from my computer to talk to google.com. So that diagram that I showed earlier of the different hops, that was a simplified diagram. Some of these hops can take 30, 40, 50 hops sometimes to get to where we're going.

[00:05:38]
If we're trying to get to, say, an IP address in another country, you will see a lot of hops and you will see the latency go up and up and up. But I really like traceroute, because it can tell you where the problem is in your stack. So let's say you can't connect to Internet or you can't connect to your domain or your server.

[00:05:55]
You ping it, it doesn't respond, but your network is actually online of some sort, or maybe your network is not and it's slow. You can use traceroute and figure out what's the slow part. Maybe it's actually my ISP, and it's timing out at one of these blocks, which tells you it's not your fault.

[00:06:10]
Or maybe it's Google. When you get to Goggle, they have a problem with their data set, and you'll see the latency jump up there too as well. So again, traceroute and ping and network tools are good for uncovering what's going on in the world. And if you're really a network admin or DevOps, you know these tools pretty well, they're very useful, they're pretty simple to use.

[00:06:31]
Last but not least is, this will by far give you the most verbose output, and that's netstat. So netstat tells you all of the things that are happening on your computer. All of the open ports, all of the IP addresses you are connected to, all the processes that are running just internally on your local host.

[00:06:51]
So if you just did netstat, [SOUND] you will get blown away by all of the data. So not super useful to do it in the raw. But you can see all the processes that are running on all the open ports. Let's see if we can get, DNS responder, I can see my VPN is running.

[00:07:13]
We have UDP and TCP, which we're gonna talk about in a second. You see all these local host ports are just local processes that open a port to talk to other processes. I don't know I have iPhone, I don't own an iPhone, but it's probably something to do with iOS and the way it's named.

[00:07:29]
So netstat tells you everything that's going on your computer related to networking. Not super useful, I mean, it is useful, but let's make this information a little bit clearer. Let's run netstat-lt. I'm gonna pipe it into less. Less displays my pages one at a time. It's a very, very convenient way of displaying a lot of information, whereas cat just dumps the entire file, not super useful in this case.

[00:07:56]
So now, netstat-lt tells me just my TCP connections and some of my local host connections. So this makes it a little bit easier to reason about what's going on my computer. And I still have a lot of these, because your computer is always open. These ports are always open, talking to each other.

[00:08:15]
And don't ask me what some of these do, I'm not that good. I'm not an expert at the OSX operating system. But it's just fascinating to know all this stuff is going on and it's hidden from you in the background.