TSHOOT – useful ping, other commands

The combination of the ICMP echo request and echo reply messages are known as ping. They provide a simple diagnostic tool to find out if a host is reachable. In the cOS Core CLI, the ping command provides this feature.

However in cOS Core the ping tool can be used to test much more than just ping. Its some kind of packet-tracer command like in Cisco ASA. By specifying other parameters in the ping command you can choose the routing table, source IP, source interface, port, protocol, etc.

For example if you want to test a TCP on specific host, you have to use the -port option is used along with the -tcp option. Successful connectivity then results in a 3-way TCP handshake taking place with the destination host. The -verbose option is to display as much output as possible.

Device:/> ping 10.6.58.10 -port=80 -tcp -verbose
Sending 0-byte TCP ping to 10.6.58.10:80 from 192.168.3.20:41207
using PBR table "main"
... using route "10.6.10.0/24 via aux, no gw" in PBR table "main"
TCP Reply from 10.6.58.10:80 to 192.168.3.20:41207 seq=0 SYN+ACK
time=>10 ms TTL=128
TCP Reply from 10.6.58.10:80 to 192.168.3.20:41207 seq=0 ACK
time=>10 ms TTL=128
TCP Ping Results: Sent: 1, RST/ACKs Received:1, Loss: 0%, Avg RTT: 10.0 ms

For testing UDP connectivity, use the -udp option with the -port option. The UDP message size must also be specified using the -count option to specify the number of packets and the -length option to specify each packet’s length. For example:

Device:/> ping 10.6.58.10 -udp -port=53 -verbose -count=1 -length=30
Sending 30-byte UDP ping to 10.6.58.10:53 from 192.168.3.20:22307
using PBR table "main"
... using route "0.0.0.0/0 via ext, gw 192.168.3.1" in PBR table "main"
UDP Reply from 10.6.58.10:53 to :192.168.3.20:22307 seq=0 time=50 ms TTL=58
Ping Results: Sent: 1, Received:1, Loss: 0%, Avg RTT: 50.0 ms

Incoming packet simulation with -srcif, -srcip

Now when you know some basic features of the cOS ping lets see the most useful command. We want to test if traffic passes through the FW, what rules it hits for source and destination IP addresses and TCP port 1433. Here is the command:

sanin502:/> ping -srcif=vir -srcip=Partners/ip_sanoma_vip01 -tcp -port=1433 IXA/ip_sania026_vir -verbose 
Rule and routing information for ping:
GOTO: Trigged rule "g_dnat_domB-C_to_vir" in table "Rule" -> table "dnat_domB-C".
RETURN: Trigged rule "r_main" in table "dnat_domB-C" -> table "Rule".
GOTO: Trigged rule "g_a-dnat_domB-C_to_vir" in table "Rule" -> table "a-dnat_domB-C".
TCP: 158.127.228.97:57159 -> 62.69.170.12:1433 PBR selected by rule "iface_member_main" - PBR table "main"
     TCP: 158.127.228.97:57159 -> 62.69.170.12:1433 allowed by rule "a_mssql_sania026"
Sending 0-byte TCP ping to 10.110.80.14:1433 from 158.127.228.97:57159
sent via route "10.110.80.0/24 via cpub1000, no gw" in PBR table "main"
TCP Reply from 62.69.170.12:1433 to 158.127.228.97:57159 seq=0  SYN+ACK time=

Cool right?!!

Other commands

To see where the object is used there is very useful command „show Address IP4Address Partners/ip_source-BizTalk -references“

Routes have to be checked via the command „routes -num=500“ without num attribute the command shows just few routes not whole route table

To check interface addresses HW/IP and its floating (HA) addresses execute the command „ifstat -allindepth“

Získejte registraci domén s tld .online, .space, .store, .tech zdarma!
Stačí si k jedné z těchto domén vybrat hosting Plus nebo Mega a registraci domény od nás dostanete za 0 Kč!
Objednat