Every so often I write a post explaining in a relatively large amount of detail one aspect of the Mac OS X core, in the past I have spoken about the Anatomy of Network Preferences, as well as various other posts. Today I am going to talk about Network Utility. Its a general purpose application which is found in your Utilities folder under Applications. If you haven’t guessed by the title its an application which is very useful for finding specific bits of information about your network and various other network utilities. It’s highly useful for people who are working with a network, and worth knowing about if you are not a network geek.
Most of the tools in Network Utilities and available from other locations, usually from the Terminal command line. The Network Utility app allows you to have all of the tools in one place and have an easy to use GUI placed on top, it also makes printing results (from File > Print) a lot easier. To access Network Utilities go to Applications > Utilities and double click on Network Utilities. The app will take a moment to load and configure itself. Once it has loaded you are ready to go, you should have a window open which looks something similar to the image below. Note that I am doing this review from Snow Leopard, older versions may have a different layout, but the core functions remain the same.
The main screen is very basic and designed to give you a general overview of your network connections. It shows you hardware address, also known as a MAC address and is useful for knowing if you want to give specific hardware access from routers. IP address, pretty obvious inclusion. The link speed and status is good is you need to know the speed of your network. Finally the model, is the type of network card including in you Mac or the connection you are using. This is useful if you need to solve hardware specific problems.
On the right of the screen you get some basic transfer stats. Most of the time its a log of the sent and received packets. If you are getting network problems, such as poor performance and errors its highly likely you are dropping packets or there are collisions. Collisions shouldn’t happen on newer networks but may be prevalent if you run on older or damaged hardware.
The drop down box at the top of the page is used to select the type of connection. You can switch between Ethernet, Airport and any other connections you may have installed. Overall the info box is good to peel off quick statistics about your hardware.
Netstat is really only useful for the hardcore administrators who need to figure out what is happening with the networks. For the every day person, such as myself, its not really needed. However if you need to learn a little bit more about your network or are just wondering what is going on, Netstat can provide a wide variety of information.
Netstat has four different states, with the information shown in the bottom half of the window. The routing information shows which IP addresses have connected to your Mac and how they are linked. Its quite complicated on how it works and more information can be found here.
The network statistics (second option) is quite interesting, it shows a lot of information on what you network is doing. It gives details such as the packet sent and received as well as various other statistics relating to network transfer. It is useful if have problems with your network or want to troubleshoot what is happening with your packets. Most of the time, it useful to look at, in a similar manner to the multicast information button.
The final option, socket connections, shows you which IP addressed you are connected to. This includes open ports and open connections. This is useful for snooping in on what is happening when you use your network.
The ping option is very simple. If you want to see if a web server or IP address is up and running you can use the ping option to see if it is alive. When you enter a web address or IP address, the ping option will see if it alive and return a message. If there is no reply you can assume the server or computer at the other end is offline or not accepting pings. This option is very useful if you find a website is down and want to see if it is running or not.
The look up option is, again, used for people who need specific information about a server. The look up option gives you information on a server just as IP address, DNS server plus any other information if the server or computer is allowing that information to be sent. To find information on a server, enter an address, select “Any/All information” from the drop down list and press Lookup. The box will return any information it knows about the server you are trying to look up.
Traceroute and ping go hand in hand. Ping is used to see if the server is alive, traceroute is used to see the path to the final server. If you have a slow connection to a computer or server it may be worth seeing where the lag is in the network. I use this at home and on mini LAN’s to see the routes packets take. Simply type and address in the box, IP or otherwise, and press the button. The trace route will then run. It will take a fare bit of time and bandwidth but it will show every hope and jump it takes to reach the final server. The numbers on the right of the list is the time taken, anything around 100 to 300 ms is a good value. Anything in the thousands usually means a hold up. If you run this in a local network you can see where the hold up is by looking at the IP address and linking this to a piece of hardware.
Traceroute is very good at trouble shooting slow networks, its also very good at seeing how complicated the internet is and how many different routes a packet of data can take. For example from my computer to my server hosting this site takes 23 hops. This means it goes though 23 different bits of hardware and cables to get to its destination. From Sheffiled to my website in the USA a packet goes to the main switch in my block, the main servers for my Uni network, then around (what I think) is an education network within Britain. This packet is then bounced north to Leeds where it flys round a bit before going down to London. After taking a trip around London it enters the main exchange for the UK, where it flies across the Atlantic. When in America it goes through nine different routers before it enters my servers data centre, before finding my server and then my website. A long route done in (what is normally) about a second or two.
I can spend all day seeing where my packets go, and what connections it uses. Playing a side it is good to see where hold up’s are and if it is possible to correct them.
If you want to find the information behind a website the best way to do this normally is through the contact form a website provides. However if one doesn’t exist, and you need one for legal reasons or otherwise, the Whois is the way to go. With this enter a website and then pick a Whois server. I recommend adding “whois.godaddy.com” to the server box if you don’t get any meaningful results.
Finger is a very old protocol which was originally designed to find information about a user on a network. Nowadays its not really used due to security and other concerns. However you can find information on your network if you type your name into the box. Although I haven’t tested it it will probably work for other users on your Mac and small home network. Overall this is one option you can probably ignore.
The final option within Network Utility is the port scan option. This is used when you have ports open so can receive requests from other people. This usually includes the “Sharing” options within System Preferences. Any options which you have selected will usually show up here. I like to use this utility to find vulnerabilities and open ports on my Mac and other computers within the network. You can use it on other computers over the net however you usually don’t yeild useful results. I don’t have any ports open so the image below doesn’t show much information.
To conclude Network Utilities has a lot of options. For most people you only really need to use Ping, Traceroute, Whois and occasionally Port Scan. Have a play around with the app and see what information you can yield from it. Its good fun to play with, especially the Traceroute.
If you want to lean more about networking and TCP/IP there are plenty of resources. One of the best is to search the internet to see what you can find. If you like your information in a book there is plenty of resources out there, some good ones include TCP/IP For Dummies for general networking stuff and Mac OS X Unix Toolbox as a general Unix guide. A lot of the actions in Network Utility can be done through Terminal.
If you have any questions or comments please leave a comment below.