Back in the early days of the Internet, things weren’t quite as stable as they are now so system administrators created a suite of tools to help troubleshoot issues. Many old-timers wistfully remember the “fun” of typing in a ping command at the command line followed by an IP address, then waiting to see whether there was a response.
Likewise, traceroute was always useful for finding out where in the long chain of bounces between computer, routers and servers that communications between machines was breaking down. Apple put all of these useful tools into a single app called Network Utility, which up until 2014 could be found residing in the Application > Utilities folder. So where is Network Utility hiding these days, and how can it be used to troubleshoot network problems?
Where In The World Is
Carmen Sandiego Network Utility?
If Network Utility is no longer in the Utilities folder of the Mac, where is it? Looking at the path to the app, it’s hidden away in:
There are three much easier ways to find Network Utility and launch it without digging around in hidden folders. The first is to go to the Apple Menu, select About This Mac…, click on “System Report”, and then select Network Utility from the Windows menu. The second is even easier; click the Spotlight search icon (it looks like a magnifying glass) on the right side of the Mac menu bar, then type in “Network Utility” and press the return key. The last way? Just ask Siri — say “Launch Network Utility” and the app is immediately on your screen.
Network Utility’s individual components can also be accessed from the Unix command line in Terminal, but that’s “beyond the scope of this course.” Just suffice it to say that if you really want to know the gory details of a command, you can type in “man name-of-command” (i.e., man netstat) and not only find out how to access that tool in Terminal, but all of the many options available.
Let’s look at each of the useful tools in Network Utility and how they can be used in troubleshooting.
Info (see the image in the previous section) provides a drop-down menu that lists each of the network interfaces that are built into your Mac. For example, my late 2015 iMac shows Ethernet (en0), Wi-Fi (en1), Thunderbolt 1 (en2) and Thunderbolt 13 (en3). Selecting any one of those network interfaces provides a wealth of information, including the hardware address (MAC — Media Access Control address, a unique number assigned to each network interface), the IP address (IPv4), link speed, link status, vendor, and model.
The right side of the Info screen also shows how many data packets have been sent or received by the interface since the last time the Mac was restarted. If a number of errors or collisions are visible, there’s a good possibility that there’s a poor connection that is dropping packets. This often manifests itself as a slow connection to websites, slow downloads, and so on.
Netstat is a bit esoteric for most Mac users who aren’t network administrators. It provides a way to examine your Mac’s network routing tables by displaying a summary of packet types sent and received using common network protocols – TCP, UDP, IP, ICMP, IGMP, IPSEC, IP6, ICMP6, IPSEC6, and PFKEY.
Probably the most widely-used and useful tools in Network Utility is ping. It’s used to see whether your Mac can communicate with another device with a known network address — otherwise known as “pinging” that other device. For example, if I’m at my iMac (local network IP address 10.0.1.6) and I want to know if I can reach my AirPort Extreme router (local network IP address 10.0.1.1), I type the address I wish to ping into the field on the Ping pane of Network Utility, then click the Ping button.
By default, ping sends 10 packets to the other device, measuring the amount of time it takes for each ping to be received back at the iMac. If the response shows a timeout on any or all of the pings coming back, it indicates a bad connection between the Mac and the router, and I can start troubleshooting issues armed with that knowledge.
If it weren’t for Domain Name System (DNS) servers, we’d all be typing numeric addresses into our web browsers to get to websites. DNS converts web addresses — like eshop.macsales.com/blog — to IP addresses so that our computers can carry on a conversation with a web server. Sometimes you may type in a web address and get a “server not found” error from the web browser. This usually indicates that you mistyped the address (like “blurg.macsales.com”), that there might be issues with the DNS server, or that that the DNS server address (entered in Network preferences) might be incorrect.
Lookup actually encompasses two underlying commands — nslookup and dig. Typing in an alphanumeric name for a website — say “apple.com” and clicking the Lookup button shows IP addresses that are associated with that domain name, while entering an IP address displays domains that are associated with that address. Oddly enough, entering the IP addresses that appear for “apple.com” returns “applecentre.info”, “AirTunes.info”, and “carbondating.com” as three possible domains. The first two addresses take you to the “apple.com” website, while the third goes off into oblivion. My guess? Apple uses these odd domain names as a way to fend off distributed denial of service attacks against the company.
One of the most useful tools in Network Utility is traceroute, which does exactly what the name implies — it traces the route between your Mac and another machine. Let’s see what happens when running traceroute from my iMac to the United States Patent and Trademark Office (uspto.gov).
Things start off on my local network (that 10.0.1.1 is my AirPort Extreme Wi-Fi router), then go through various Comcast systems to the Dallas, Texas area, then off to Washington, DC (wswdc) on the ATT network. Traceroute is fun in terms of just showing what a wild ride packets can take between your Mac and a web server.
Ever wanted to know what entity is behind a domain name? That’s what whois is all about. While many organizations now purchase privacy for domain name registration information, it’s still possible to find the domain registrar used by a website. This can be quite useful if you’re receiving spam from a particular email address and wish to complain to the domain registrar.
Think of finger as whois for individuals. Fortunately, it doesn’t work as well as it once did back in the original days of the Internet, when it was helpful for finding out who exactly was hiding behind an email address. Nowadays, a finger of a user name and domain address is likely to time out. That’s a good thing…
The last tab on the Network Utility window is Port Scan, useful for determining the status of various internet protocol ports on a particular machine. While your Mac is assigned a specific IP address, the various services that it uses — email, web browsing, and so on — are each assigned a TCP or UDP port number.
In a very secure world and on a very secure Mac, all ports would be closed — that’s the purpose of a firewall, which acts as a gatekeeper for a particular port and only allows specific traffic to enter through that port. But what you’ll find is that some ports are open — on this scan, I turned off my Mac’s built-in firewall (found in System Preferences > Firewall) and found that a number of ports were open:
To see what a particular port is used for, here’s a complete list. What I found is that some of the ports (445 and 4502) are used for Windows sharing and Silverlight; turning the Mac’s firewall back on did nothing to close those ports, which are apparently required by some of the apps that I use on this machine.
So there you have it! Not only is Network Utility still on your Mac, but it’s still a surprisingly useful tool for troubleshooting network issues.
Leave a Reply