The nettest command can be used to perform some of the tests described earlier automatic.
The Peer Reachability test tries to set up a TCP session to port 7801 to a remote Steelhead appliance. It attempts to set them up from all configured IP addresses:
This test only supports IPv4 addresses.
Figure 3.49. Output of a peer reachability test
CSH (config) # nettest run peer-reach addr 192.168.1.6 Peer Reachability Test Last Run: 2013/11/25 10:54:01 Passed Address Interface Result ================================================================== 192.168.1.6 primary Passed 192.168.1.6 aux Passed 192.168.1.6 inpath0_0 Passed
The captures on the various interfaces look like this:
Figure 3.50. Capture of a peer reachability test
CSH # tcpdump -ni primary host 10.0.1.5 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on primary, link-type EN10MB (Ethernet), capture size 300 bytes 11:12:09.331690 IP 10.0.1.5.65535 > 192.168.1.6.7801: Flags [S], seq 169835245, win 5840, \ options [rvbd-probe unkn-ver-type:1/3 31010a0001050005,nop,eol], length 0 11:12:09.634781 IP 192.168.1.6.7801 > 10.0.1.5.65535: Flags [S.], seq 20020520, ack 169835 \ 246, win 5840, options [rvbd-probe AD CSH:10.0.1.5 SSH:192.168.1.6:7800 11110a000105c0 \ a801061e78,rvbd-probe EAD 0e3c,nop,eol], length 0 11:12:09.634888 IP 10.0.1.5.65535 > 192.168.1.6.7801: Flags [R], seq 169835246, win 0, len \ gth 0 11:12:09.635405 IP 10.0.1.5.65535 > 192.168.1.6.7801: Flags [S], seq 169835245, win 5840, \ options [rvbd-probe unkn-ver-type:1/3 31020a0001050005,nop,eol], length 0 11:12:09.936657 IP 192.168.1.6.7801 > 10.0.1.5.65535: Flags [S.], seq 1081397572, ack 1698 \ 35246, win 5840, options [mss 1460], length 0 11:12:09.936697 IP 10.0.1.5.65535 > 192.168.1.6.7801: Flags [R], seq 169835246, win 0, len \ gth 0
As can be seen, the client-side Steelhead appliance sends a SYN+, the server-side Steelhead appliance replies with a SYN/ACK+. Finally the client-side Steelhead appliance sends a TCP RST and the test is tried again.
The Net Gateway test sends three pings the IP addresses of the local network gateways. It takes the gateways of the base interfaces routing table and the in-path interfaces routing table and tries to ping them.
In the examples below an extra destination was added to the two routing tables before the test was ran:
Figure 3.51. Output of a net gateway test
CSH (config) # show ip route Destination Mask Gateway Interface 1.2.3.4 255.255.255.255 10.0.1.67 primary 10.0.1.0 255.255.255.0 0.0.0.0 primary default 0.0.0.0 10.0.1.9 primary CSH (config) # show ip in-path route inpath0_0 Destination Mask Gateway 1.2.3.4 255.255.255.255 10.0.1.66 10.0.1.0 255.255.255.0 0.0.0.0 default 0.0.0.0 10.0.1.9 CSH (config) # nettest run net-gateway Gateway Test Last Run: 2013/11/25 11:22:01 Passed Interface Address Packet Loss Result ================================================================== Default 10.0.1.9 0% Passed inpath0_0 10.0.1.66 100% Failed inpath0_0 10.0.1.9 0% Passed Static 10.0.1.67 100% Failed CSH (config) # nettest run net-gateway ipv6 Gateway Test Last Run: 2013/06/03 17:18:35 Passed Interface Address Packet Loss Result ================================================================== Default 2600:809:200:4ff:20e:b6ff:fe01:6070 0% Passed
As expected, the ones to 10.0.1.66 and 10.0.1.67 didn't get answered.
The Duplex test works by sending a large amount of ICMP ping tests over an interface. In case of a speed or duplex mismatch, there will be packet loss on it.
Figure 3.52. Output of a duplex test
CSH (config) # nettest run duplex primary target 10.0.1.9 Duplex Test Last Run: 2013/11/25 11:42:16 Passed Interface Number of Errors Result ================================================================== primary 0 Passed
CSH (config) # nettest run duplex primary ipv6-target fd57:1083::3 Duplex Test Last Run: 2013/11/25 11:42:16 Passed
Interface Number of Errors Result ================================================================== primary 0 Passed
The IP Port Reachability test sets up a TCP session from one of the base interfaces to the specified host.
Figure 3.53. Output of the IP Port reachability test
CSH (config) # nettest run ip-port-reach source primary addr 192.168.1.1 port 22 IP/Port Reachability Test Last Run: 2013/11/25 11:54:17 Passed Interface Address Protocol Result ================================================================== aux 192.168.1.1:22 Netcat Passed CSH (config) # nettest run ip-port-reach source primary ipv6-addr fd57:1083::3 port 22 IP/Port Reachability Test Last Run: 2013/11/25 11:54:17 Passed Interface Address Protocol Result ================================================================== aux [fd57:1083::3]:22 Netcat Passed
On the wire it looks like a normal TCP session, prefixed by some DNS resolution:
Figure 3.54. Capture of the IP Port reachability test
CSH # tcpdump -ni primary host 10.0.1.5 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on primary, link-type EN10MB (Ethernet), capture size 300 bytes 11:57:42.526526 IP 10.0.1.5.32825 > 192.168.1.1.53: 18418+ PTR? 5.1.0.10.in-addr.arpa. (39 \ ) 11:57:42.827737 IP 192.168.1.1.53 > 10.0.1.5.32825: 18418 NXDomain* 0/1/0 (91) 11:57:42.828122 IP 10.0.1.5.32825 > 192.168.1.1.53: 11624+ PTR? 1.1.168.192.in-addr.arpa. \ (42) 11:57:43.127581 IP 192.168.1.1.53 > 10.0.1.5.32825: 11624 NXDomain* 0/1/0 (94) 11:57:43.128040 IP 10.0.1.5.33329 > 192.168.1.1.80: Flags [S], seq 3966492797, win 5840, o \ ptions [mss 1460,sackOK,TS val 5332034 ecr 0,nop,wscale 2], length 0 11:57:43.427441 IP 192.168.1.1.80 > 10.0.1.5.33329: Flags [S.], seq 3407753711, ack 396649 \ 2798, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 3117926755 ecr 5332034], \ length 0 11:57:43.427490 IP 10.0.1.5.33329 > 192.168.1.1.80: Flags [.], seq 1, ack 1, win 1460, opt \ ions [nop,nop,TS val 5332333 ecr 3117926755], length 0 11:57:43.427799 IP 10.0.1.5.33329 > 192.168.1.1.80: Flags [F.], seq 1, ack 1, win 1460, op \ tions [nop,nop,TS val 5332334 ecr 3117926755], length 0 11:57:43.729324 IP 192.168.1.1.80 > 10.0.1.5.33329: Flags [.], seq 1, ack 2, win 1040, opt \ ions [nop,nop,TS val 3117927055 ecr 5332334], length 0 11:57:43.731237 IP 192.168.1.1.80 > 10.0.1.5.33329: Flags [F.], seq 1, ack 2, win 1040, op \ tions [nop,nop,TS val 3117927055 ecr 5332334], length 0 11:57:43.731262 IP 10.0.1.5.33329 > 192.168.1.1.80: Flags [.], seq 2, ack 2, win 1460, opt \ ions [nop,nop,TS val 5332637 ecr 3117927055], length 0