Unix Monitoring Tools

1,496 views

Published on

Ferramentas do sistema operacional para monitoração do ambiente durante a execução dos testes de carga pelas ferramentas de benchmarking.

Published in: Technology, Education
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,496
On SlideShare
0
From Embeds
0
Number of Embeds
163
Actions
Shares
0
Downloads
80
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide































  • KB/t - KB por transferencia
    tps - transferencias por segundo (?)
    MB/s - :-/
    us - tempo % da CPU gasto em processos de usuarios
    sy - tempo % da CPU gasto em processos de systema
    id - tempo % da CPU em estado ocioso


























  • Unix Monitoring Tools

    1. 1. Ferramentas Unix
    2. 2. 2
    3. 3. PS Lista de processos do SO 3
    4. 4. 4
    5. 5. 5
    6. 6. $ ps -A PID TTY TIME CMD 1 ? 00:00:00 init 2 ? 00:00:00 ksoftirqd/0 3 ? 00:00:00 events/0 4 ? 00:00:00 khelper 5 ? 00:00:00 kthread 7 ? 00:00:00 kacpid 89 ? 00:00:00 kblockd/0 92 ? 00:00:00 khubd 138 ? 00:00:00 pdflush 139 ? 00:00:01 pdflush 141 ? 00:00:00 aio/0 140 ? 00:00:15 kswapd0 227 ? 00:00:00 kseriod 386 ? 00:00:00 kjournald 1303 ? 00:00:00 udevd 1756 ? 00:00:04 kjournald 1757 ? 00:00:00 kjournald 1758 ? 00:00:27 kjournald 1759 ? 00:00:02 kjournald 2488 ? 02:31:43 named 2547 ? 00:00:02 syslogd 2551 ? 00:00:00 klogd 2579 ? 00:00:00 portmap 2599 ? 00:00:00 rpc.statd 2637 ? 00:00:00 rpc.idmapd 2720 ? 00:00:02 nifd 2752 ? 00:00:00 mDNSResponder 2764 ? 00:00:00 smartd 2774 ? 00:00:00 acpid 2784 ? 00:00:01 sshd (...) 6
    7. 7. $ ps -C httpd PID TTY TIME CMD 29361 ? 00:00:13 httpd 30204 ? 00:01:39 httpd 31855 ? 00:00:00 httpd 31856 ? 00:00:00 httpd 31857 ? 00:00:00 httpd 31859 ? 00:00:00 httpd 31860 ? 00:00:00 httpd 31862 ? 00:00:00 httpd 31863 ? 00:00:02 httpd 31866 ? 00:00:00 httpd 31868 ? 00:00:11 httpd 31869 ? 00:00:00 httpd 31872 ? 00:00:00 httpd 31879 ? 00:00:02 httpd 31902 ? 00:00:00 httpd 31905 ? 00:00:02 httpd 31906 ? 00:00:00 httpd 32376 ? 00:00:00 httpd 32387 ? 00:00:00 httpd 32388 ? 00:00:00 httpd 32389 ? 00:00:00 httpd 32756 ? 00:00:00 httpd 7
    8. 8. $ ps -p 3078 PID TTY TIME CMD 3078 ? 01:09:10 java $ ps -u alegomes PID TTY TIME CMD 480 ? 00:00:00 sshd 481 pts/0 00:00:00 bash 707 pts/0 00:00:00 ps 8
    9. 9. top Apresentação iterativa de informações de processos 9
    10. 10. 10
    11. 11. $ top -h top: procps version 3.2.3 usage: top -hv | -bcisS -d delay -n iterations [-u user | -U user] -p pid [,pid ...] 11
    12. 12. 12
    13. 13. netstat Lista sockets, conexões e estatísticas de interfaces 13
    14. 14. 14
    15. 15. 15
    16. 16. $ netstat Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 atlantico.seatecnolog:45081 viewvc:ldap ESTABLISHED tcp 0 0 localhost:53094 localhost:8009 ESTABLISHED tcp 0 0 atlantico.seatecnolog:45888 viewvc:ldap ESTABLISHED tcp 0 0 atlantico.seatecnolog:48511 viewvc:ldap ESTABLISHED tcp 0 0 localhost:mysql localhost:33856 ESTABLISHED tcp 0 0 localhost:mysql localhost:33857 ESTABLISHED tcp 0 0 localhost:mysql localhost:32796 ESTABLISHED tcp 0 0 localhost:mysql localhost:32793 ESTABLISHED tcp 0 0 atlantico.seatecnolog:41514 viewvc:ldap ESTABLISHED tcp 0 0 localhost:mysql localhost:35863 ESTABLISHED tcp 0 0 localhost:44443 localhost:8009 ESTABLISHED tcp 0 0 localhost:44442 localhost:8009 ESTABLISHED tcp 0 0 localhost:44441 localhost:8009 ESTABLISHED tcp 0 0 localhost:42265 localhost:8009 ESTABLISHED tcp 0 0 localhost:42218 localhost:8009 ESTABLISHED tcp 0 0 localhost:42223 localhost:8009 ESTABLISHED tcp 0 0 localhost:47238 localhost:8009 ESTABLISHED tcp 0 0 localhost:47236 localhost:8009 ESTABLISHED tcp 0 0 localhost:47235 localhost:8009 ESTABLISHED tcp 0 0 localhost:47232 localhost:8009 ESTABLISHED tcp 0 0 localhost:47233 localhost:8009 ESTABLISHED tcp 0 0 localhost:47230 localhost:8009 ESTABLISHED tcp 0 0 localhost:47231 localhost:8009 ESTABLISHED tcp 0 0 localhost:47228 localhost:8009 ESTABLISHED tcp 0 0 localhost:47229 localhost:8009 ESTABLISHED tcp 0 0 localhost:mysql localhost:33855 ESTABLISHED tcp 0 0 atlantico.seatecnolog:54489 viewvc:http ESTABLISHED tcp 0 0 atlantico.seatecnolog:49894 viewvc:ldap ESTABLISHED tcp 0 0 atlantico.seatecnolog:44141 ::ffff:192.168.1.6:mysql ESTABLISHED tcp 0 0 localhost:8009 localhost:44443 ESTABLISHED 16
    17. 17. $ netstat -an | grep -i list tcp 0 0 0.0.0.0:2144 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:9102 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN tcp 0 0 192.168.1.4:53 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:5335 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN tcp 0 0 :::32804 :::* LISTEN tcp 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN tcp 0 0 :::8009 :::* LISTEN tcp 0 0 :::1099 :::* LISTEN tcp 0 0 :::80 :::* LISTEN tcp 0 0 :::8080 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 :::443 :::* LISTEN 17
    18. 18. vmstat relatório da memória virtual 18
    19. 19. 19
    20. 20. 20
    21. 21. 21
    22. 22. 22
    23. 23. http://en.wikipedia.org/wiki/Slab_allocator 23
    24. 24. $ vmstat procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu---- r b swpd free buff cache si so bi bo in cs us sy id wa 0 0 56020 21864 21848 73660 0 0 5 11 2 10 3 0 97 0 $ vmstat 2 procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu---- r b swpd free buff cache si so bi bo in cs us sy id wa 1 0 56020 17684 25224 74536 0 0 5 11 2 10 3 0 97 0 0 0 56020 17684 25232 74536 0 0 0 16 1015 330 0 0 100 0 0 0 56020 17684 25240 74536 0 0 0 12 1012 329 0 0 100 0 0 0 56020 17684 25248 74536 0 0 0 26 1015 328 0 0 100 0 0 0 56020 17684 25248 74536 0 0 0 0 1012 329 0 0 100 0 0 0 56020 17684 25256 74536 0 0 0 6 1015 225 63 0 37 0 0 0 56020 17560 25264 74536 0 0 0 10 1032 367 0 0 100 0 0 0 56020 17560 25264 74536 0 0 0 0 1013 321 0 0 100 0 0 0 56020 17560 25272 74536 0 0 0 14 1031 351 0 0 100 0 0 0 56020 17560 25272 74536 0 0 0 0 1012 321 0 0 100 0 24
    25. 25. lsof lista “arquivos” abertos 25
    26. 26. 26
    27. 27. $ lsof -? lsof 4.77 latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/ latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man usage: [-?abhlnNoOPRstUvV] [+|-c c] [+|-d s] [+D D] [+|-f[cfgGn]] [-F [f]] [-g [s]] [-i [i]] [-k k] [+|-L [l]] [-m m] [+|-M] [-o [o]] [-p s] [+|-r [t]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names] Defaults in parentheses; comma-separated set (s) items; dash-separated ranges. -?|-h list help -a AND selections (OR) -b avoid kernel blocks -c c cmd c, /c/[bix] +c w COMMAND width (9) +d s dir s files -d s select by FD set +D D dir D tree *SLOW?* -i select IPv[46] files -l list UID numbers -n no host names -N select NFS files -o list file offset -O avoid overhead *RISK -P no port names -R list paRent PID -s list file size -t terse listing -T disable TCP/TPI info -U select Unix socket -v list version info -V verbose search +|-w Warnings (+) -- end option scan +f|-f +filesystem or -file names +|-f[cfgGn] Ct Fstr flaGs Node -F [f] select fields; -F? for help -k k kernel symbols (/mach_kernel) +|-L [l] list (+) suppress (-) link counts < l (0 = all; default = 0) -m m kernel memory (/dev/kmem) +|-M portMap registration (-) -o o o 0t offset digits (8) -p s exclude(^)|select PIDs -S [t] t second stat timeout (15) -T fqs TCP/TPI Fl,Q,St (s) info -g [s] exclude(^)|select and print process group IDs -i i select by IPv[46] address: [46][proto][@host|addr][:svc_list|port_list] +|-r [t] repeat every t seconds (15); + until no files, - forever -u s exclude(^)|select login|UID set s -x [fl] cross over +d|+D File systems or symbolic Links names select named files or files on named file systems Only root can list all files; /dev warnings enabled; kernel ID check disabled. 27
    28. 28. $ lsof COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ATSServer 173 alegomes cwd VDIR 14,2 1428 2 / ATSServer 173 alegomes 0r VCHR 3,2 0t0 61137924 /dev/null ATSServer 173 alegomes 1w VCHR 3,2 0t0 61137924 /dev/null ATSServer 173 alegomes 2w VCHR 3,2 0t1428748 61137924 /dev/null ATSServer 173 alegomes 3r 0x03a8a220 file struct, ty=0x3, op=0x384768 ATSServer 173 alegomes 4r 0x03a8a5a0 file struct, ty=0x3, op=0x384768 ATSServer 173 alegomes 5u VREG 14,2 225280 282757 /Library/Caches/com.apple.ATS/501/filetoken.db ATSServer 173 alegomes 6u VREG 14,2 204800 282758 /Library/Caches/com.apple.ATS/501/fonts.db ATSServer 173 alegomes 7u VREG 14,2 53248 282759 /Library/Caches/com.apple.ATS/501/qdfams.db ATSServer 173 alegomes 8u VREG 14,2 57344 282760 /Library/Caches/com.apple.ATS/501/annex.db ATSServer 173 alegomes 9u VREG 14,2 7445316 282761 /Library/Caches/com.apple.ATS/501/annex_aux ATSServer 173 alegomes 10r VREG 14,2 1135530 261575 /System/Library/Frameworks/ ApplicationServices.framew ork/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/SynthDB.rsrc loginwind 176 alegomes cwd VDIR 14,2 2380 231123 /Users/alegomes loginwind 176 alegomes 0u VCHR 3,2 0t0 61137924 /dev/null loginwind 176 alegomes 1u VCHR 0,0 0t140 61140100 /dev/console loginwind 176 alegomes 2u VCHR 0,0 0t140 61140100 /dev/console loginwind 176 alegomes 3r 0x03a8aba0 file struct, ty=0x3, op=0x384768 loginwind 176 alegomes 4u unix 0x03a9adb0 0t0 ->0x03a9c7d0 loginwind 176 alegomes 5r 0x03a8ab50 file struct, ty=0x3, op=0x384768 28
    29. 29. iostat estatísticas e I/O 29
    30. 30. 30
    31. 31. $ iostat -h iostat: illegal option -- h usage: iostat [-CdIKoT?] [-c count] [-n devs] [-w wait] [drives] 31
    32. 32. $ iostat disk0 cpu KB/t tps MB/s us sy id 20.11 3 0.06 42 17 41 $ iostat -c 10 disk0 cpu KB/t tps MB/s us sy id 20.11 3 0.06 42 17 41 0.00 0 0.00 66 20 14 0.00 0 0.00 63 26 11 12.56 8 0.10 67 20 13 6.30 15 0.09 70 20 10 32
    33. 33. sar relatório de atividades do sistema 33
    34. 34. 34
    35. 35. $ sar sar: failed to open input file [-1][/var/log/sa/sa21] /usr/bin/sar [-Adgpu] [-n { DEV | EDEV | PPP } ] [-o filename] t [n] /usr/bin/sar [-Adgpu] [-n { DEV | EDEV | PPP }] [-e time] [-f filename] [-i sec] [-s time] 35
    36. 36. $ sar 5 10 18:16:10 %usr %sys %idle 18:16:15 66 21 14 18:16:20 74 17 10 18:16:25 66 21 13 18:16:30 70 18 12 18:16:35 69 17 14 18:16:40 69 17 14 18:16:45 64 20 16 18:16:50 70 16 14 18:16:55 70 18 11 18:17:00 68 18 14 Average: 68 18 13 36
    37. 37. nmap Utilitário de segurança (investigador de portas?) 37
    38. 38. 38
    39. 39. $ nmap Nmap 3.70 Usage: nmap [Scan Type(s)] [Options] <host or net list> Some Common Scan Types ('*' options require root privileges) * -sS TCP SYN stealth port scan (default if privileged (root)) -sT TCP connect() port scan (default for unprivileged users) * -sU UDP port scan -sP ping scan (Find any reachable machines) * -sF,-sX,-sN Stealth FIN, Xmas, or Null scan (experts only) -sV Version scan probes open ports determining service & app names/versions -sR RPC scan (use with other scan types) Some Common Options (none are required, most can be combined): * -O Use TCP/IP fingerprinting to guess remote operating system -p <range> ports to scan. Example range: 1-1024,1080,6666,31337 -F Only scans ports listed in nmap-services -v Verbose. Its use is recommended. Use twice for greater effect. -P0 Don't ping hosts (needed to scan www.microsoft.com and others) * -Ddecoy_host1,decoy2[,...] Hide scan using many decoys -6 scans via IPv6 rather than IPv4 -T <Paranoid|Sneaky|Polite|Normal|Aggressive|Insane> General timing policy -n/-R Never do DNS resolution/Always resolve [default: sometimes resolve] -oN/-oX/-oG <logfile> Output normal/XML/grepable scan logs to <logfile> -iL <inputfile> Get targets from file; Use '-' for stdin * -S <your_IP>/-e <devicename> Specify source address or network interface --interactive Go into interactive mode (then press h for help) Example: nmap -v -sS -O www.my.com 192.168.0.0/16 '192.88-90.*.*' SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES 39
    40. 40. $ nmap 192.168.1.4 Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2009-05-20 16:09 BRT Interesting ports on atlantico.seatecnologia.com.br (192.168.1.4): (The 1648 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 53/tcp open domain 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 443/tcp open https 445/tcp open microsoft-ds 873/tcp open rsync 3306/tcp open mysql 8009/tcp open ajp13 8080/tcp open http-proxy Nmap run completed -- 1 IP address (1 host up) scanned in 0.436 seconds 40
    41. 41. tcpdump analisador de tráfego de rede 41
    42. 42. 42
    43. 43. $ tcpdump -? tcpdump version 3.9.7 libpcap version 0.8.3 Usage: tcpdump [-aAdDefKlLnNOpqRStuUvxX] [-c count] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -Z user ] [ expression ] 43
    44. 44. $ sudo tcpdump tcpdump: WARNING: en0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en0, link-type EN10MB (Ethernet), capture size 96 bytes 44
    45. 45. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 45
    46. 46. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) 45
    47. 47. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) 45
    48. 48. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) 45
    49. 49. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) 45
    50. 50. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) 45
    51. 51. $ sudo tcpdump -i en1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes 16:19:03.878034 IP 10.0.0.26.51679 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:03.879256 arp who-has 10.0.0.26 tell 10.0.0.27 16:19:04.389924 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.391950 arp who-has 10.0.0.26 tell 10.0.0.28 16:19:04.393171 IP 10.0.0.26.51681 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.491944 arp who-has 10.0.0.26 tell 10.0.0.30 16:19:04.582324 IP 10.0.0.11.60163 > 192.168.1.4.domain: 5460+ PTR? 26.0.0.10.in-addr.arpa. (40) 16:19:04.583625 IP 192.168.1.4.domain > 10.0.0.11.60163: 5460 NXDomain 0/1/0 (105) 16:19:04.595073 IP 10.0.0.26.51680 > 10.0.0.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 16:19:04.606453 IP 10.0.0.11.64925 > 192.168.1.4.domain: 2313+ PTR? 255.0.0.10.in-addr.arpa. (41) 16:19:04.614775 IP 192.168.1.4.domain > 10.0.0.11.64925: 2313 NXDomain 0/1/0 (106) 16:19:04.631329 IP 10.0.0.11.51358 > 192.168.1.4.domain: 48670+ PTR? 27.0.0.10.in-addr.arpa. (40) 16:19:04.640138 IP 192.168.1.4.domain > 10.0.0.11.51358: 48670 NXDomain 0/1/0 (105) 16:19:04.706174 IP 10.0.0.11.60513 > 192.168.1.4.domain: 40476+ PTR? 28.0.0.10.in-addr.arpa. (40) 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) ... 16:19:04.707379 IP 192.168.1.4.domain > 10.0.0.11.60513: 40476 NXDomain 0/1/0 (105) 45
    52. 52. NDT Network Diagnostic Tools 46
    53. 53. 47
    54. 54. ➊ Acompanhar, com comandos Unix, o consumo de CPU, memória e tráfego de rede durante testes de carga de alguma aplicação Web. 48
    55. 55. P&R

    ×