Network Warrior: How to use macOS network utilities

In a recent article, I wrote about getting around in your wifi environment, using the airport utility available on the terminal, in this article, we will look at Network commands, starting from the most popular and quite mythical, ifconfig. Once you get more familiar with your Mac Terminal, the sky is the limit, you can do magical things, on your Mac with text-based access to your operating system using its command-line interface (and not just the basics, as creating files, directories, and assign permissions).

1. List available network interfaces

The ifconfig command will list all available network interfaces, including their IPV4 and IPV6 addresses, their MAC addresses, the interface MTU, which is basically the size of the allowed packet in your network, the standard is 1500 bytes.

You will also see, interfaces, that you have probably never heard of, as the utun0 and utun1, this is actually virtual interfaces or adapters that are created by your Mac operating system, for VPN connections.

2. Find out, who is your DNS server

When your client /PC connects to a new network, one of the first things, it does, is sending a DHCP request and ask for an IP address in that Network. The DHCP server whose responsibility (among others) is to allocate IP addresses, leases an IP address with a list of information, that will allow your client, to connect and get out to the internet, one of those, is the DNS server IP addresses, which will allow address resolving (from the domain name to IP addresses).

To know who is your DNS server, you can use the following command:

ipconfig getoption en0 domain_name_server

The en0 is the wireless adapter of my Mac:

3. Renew your DHCP IP address Lease

Your DHCP server will lease you an IP address for a specific amount of time, you can renew the lease time by using the ipconfig set en0 DHCP, but you will also need to enter your credentials, so use it with sudo before the command:

4. What is your subnet

When you work at home, you will most likely get a private IP address in a Class C subnet, that means, that you can have up to 253 IP addresses that your DHCP can lease, for clients connecting to your local area network (theoretically you have 255 addresses, but one is for the broadcast domain and one is reserved for your gateway, the interface that you connect to).

Your subnet starts at 255.255.255.0 so that you will have the last octet for you:

5. Configure a static IP

Sometimes you will need to configure a static IP address manually and not rely on your DHCP server, that is the case with servers and other appliances, that you will connect to often. to do so, you can use the ipconfig set en0 INFORM 10.0.3.99. So let’s start with the ifconfig command, see our current IP address, and change it:

Currently, the IP address that we have received from our DHCP is 10.0.3.139

Now let’s change it to 10.0.3.99 (change it to an address in your subnet). Don’t forget to use the sudo as you will need permissions:

And now let’s check again with ifconfig:

Our IP address has changed.

6. Show your Mac Routing table

Your Mac holds an internal routing table, which is actually a set of rules, that tell it where to send packets that have different destinations. The most important route, is the default route, which is usually the router, that it connects to, where all packets are destined on their way to the internet

To see your routing table, type the command netstat -nr.

As you can see on the left side under internet destination, the first route is the default route, and the destination is the gateway interface.

7. Network connectivity troubleshooting

This is probably one of the best and known commands, the ping command.

Ping is nothing more than a control packet, an ICMP packet sent to your target host and tells the other side, to respond with a response packet ) . using it, you can tell, if the computer or the server, that you ping, is up or down, what is the round trip time.

In most cases, the ping packet is 56 bytes in size, but you can change it.

Using the ping command, you have the option to change the number of packets sent, the delay between them, and even the rate that they are sent (misuse of the last option can actually trigger a denial of service attack using what is known as an ICMP flood).

So let’s start with a ping to Google DNS server:

As you can see at the end, you will get a summary, we have sent 21 packets, with no packet loss at all.

Now let’s change the rate to thousands of ICMP packets, but this time, I will use it towards my own gateway, as it is illegal to do so, this is for educational purposes only. you will also need to use sudo again. The command is sudo ping -f 10.0.3.1.

Using the -f, we have actually sent 5949 packets towards my gateway, in less than 5 seconds