IP Adresi Çakışmalarının Linux ile belirlenmesi ve çözümlenmesi

Bir ağ yöneticisi için en sinir bozucu sorunlardan biri bir ağ üzerinde iki veya daha fazla makinenin aynı IP kullanmaya çalışmasına rastlamak olabilir.

IP Adresi Çakışmalarının Linux ile belirlenmesi ve çözümlenmesi

The result is typically that some packets on the network go to one machine, and some packets go to the other – leading to intermittent packet loss and dropped connections.

Luckily, however, resolving IP address conflicts is easy if you know the right tools. This how to will teach you to find and resolve IP address conflicts on your network.

Araç

In order to identify the IP address conflict, you are going to need a Linux machine on the subnet that has the conflict, and a copy of arp-scan. You can install arp-scan on Fedora/RedHat or Ubuntu by using the following commands:

Fedora/RedHat Ubuntu
sudo yum install arp-scan sudo apt-get install arp-scan

Once arp-scan is installed, you’re just one step away from identifying (and punishing) the perpetrators!

Tüm localhost ip Listesini Çekmek İçin:

arp-scan interface=eth0 localnet

  Örnek arp-scan Bağlantıları

  • Specify a list of IP addresses as arguments, e.g. arp-scan interface=eth0 192.168.1.1 192.168.1.2 192.168.1.3
  • Specify the network in <network>/<bits> format, e.g. arp-scan interface=eth0 192.168.1.0/24
  • Specify the network in <network>:<netmask> format, e.g. arp-scan interface=eth0 192.168.1.0:255.255.255.0
  • Specify the inclusive address range in <start>-<end> format, e.g. arp-scan interface=eth0 192.168.1.3-192.168.1.27
  • Read the list of IP addresses from a file, e.g. arp-scan interface=eth0 file=ip-address-list.txt

IP Çakışmasını Bulmak

Finding an IP conflict is as simple as a single command, “arp-scan -l”. You may also wish to specify the -I option, which will allow you to pick an interface. Below, I have identified an IP address that is being claimed by two machines:

[root@pioneer jdeprizi]# arp-scan -I eth0 -l
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.7 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
192.168.0.1 00:0f:b5:0f:f5:7e NETGEAR Inc
192.168.0.4 00:1d:09:29:77:7f Dell Inc
192.168.0.5 c4:17:fe:8c:5f:de (Unknown)
192.168.0.9 00:21:85:c2:30:6b MICRO-STAR INT’L CO.,LTD.
192.168.0.9 00:20:6b:c6:12:04 Intel Corporate (DUP: 2)
192.168.0.11 00:0d:4b:45:db:b7 Roku, LLC
192.168.0.100 00:14:d1:c5:91:00 TRENDware International, Inc.
  7 packets received by filter, 0 packets dropped by kernel

Ending arp-scan 1.7: 256 hosts scanned in 1.737 seconds (147.38 hosts/sec). 7 responded

Notice that 192.168.0.9 is being claimed by two machines, and that the second machine is marked as a duplicate. I can tell that one of the machines has a Network Interface Card manufactured by MICRO-STAR and one of the machines has a NIC made by Intel. Using this information, it becomes much easier to track down and fix the IP conflict on my network.

Sonuç

Arp-scan is a very powerful tool, and I would definitely encourage network administrators to learn about its many options. Identifying machines that have an IP address conflict is just one use of the arp-scan tool, but it makes it one of my favorite programs in my toolbox.

What about you? What are the networking tools that you couldn’t live without?

Kaynak

 

Yorumunuzu Ekleyin


Yükleniyor...
Yükleniyor...