it shows 192.168.2.25 is pinging 192.168.1.14

3.4 GigEnn™ Bandwidth Plotting

Bandwidth limiting		Use netstat.xplot.pl it reads /tmp/netstat.log it generates an xplot compatible format file /tmp/netstat.xplot.data To view the graphs: you have to be in graphical user mode ( use startx to get into KDE ) xplot /tmp/netstat.xplot.data gnuplot is another program, you will need to convert the data from xplot to gnuplot
Bandwidth vs RTT delay
Bandwidth : ping flood vs iperf vs socat

4.0 GigEnn™ Sniffing Network Traffic

• dsniff
  
• isniff

5.0 GigEnn™ Exit/Shutdown

! - drop to shell X - Logout S - Shutdown

6.1 GigEnn™ System Configuration

N - Configure Network IP# P - Set root password W - Set wansimuser password L - Load the previous wansim settings S - Save the current wansim settings c - clear the temp files s - Restore Factory Defaults U - Upgrade to the new gigEnn software

P - Set the root password. Often used to enable a scp to the Network Nightmare of a software upgrade, e.g. scp nn109.img.gz root@192.168.1.101:/var/tmp/ If you ssh to the Network Nightmare as root, you will login with a shell prompt.

W - Set the wansimuser password. Often used to enable network control of WAN simulator parameters. Login with "ssh wansimuser@NN-IP" to reach the menu system. There is a default password (1.0.9) of NN2wansim (certain models have a ! at the end of the password)

M - Mount/Map a network drive submenu

T - Configure TCPdump options. There are very many options, a common use is "host 192.168.1.11" which would record only the traffic to/from this particular host. To see all the options, enter the shell and type: tcpdumpman or select T, then CANCEL instead of selecting OK.

D - Set the timezone - menu driven selection of the device timezone.

L - Load Wansim Settings - Several files of typical network conditions have been provided (all are for the non-advanced mode). These will set bandwidth/RTT/loss rates.

F - Save Wansim settings - create a new template file to reload later.

S - Use these correct values as system defaults on reboot. All settings last only until power is removed/the Network Nightmare is rebooted. Use this option to save setting across power cycling. Be sure the settings are correct first!

c - Clear Temp files - erase temporary files

s - Restore Factory Default - overwrite existing files with factory defaults.
CAUTION: this will erase your current settings and previously saved settings.

U - upgrade to a new release of the Network Nightmare firmware. There are two ways to upgrade, copying an image down or mounting it. To mount, see the mount menu, and mount/map a drive with the new image onto the NetworkNightmare (note an image in /tmp will take priority over one in /tmp/mnt). To copy, make sure the Network Nightmare has an IP address and password, then copy to the Network Nightmare (i.e. scp nn109.img.gz root@192.168.1.101:/tmp/)

Alternate ways to copy are to: - Just set an IP, then drop to the shell, cd /tmp, and scp from another machine to the NN - Use a terminal program supporting zmodem, drop to the shell, cd to /tmp, execute rz (or zmrx), then send with the terminal program (use binary mode, and it's slow!)

After the image has been completely copied, use option U to upgrade. Note that a copied-but-not installed image will be lost in a reboot. A partial copy of an image or a partial install will likely corrupt your device and require you to return it for servicing - possibly at additional cost if you have no Support contract. For safety, an Upgrade will delete all saved settings (IP, password, emulation settings, etc)

X - Return to the main menu.

6.1 gigEnn™ Configuration: Networking

I - change ip# numbers D - Set the default gateway B - The default is bridge mode R - Switch to routing mode A - Set Autonegotiate Q - Query for autonegotiation status

D - Set the default gateway (also available under I). Note that if you employ routed mode, the gateway may be off of any interface, not just the management interface.

B - The default Network Nightmare setting is to Bridge ports 1 and 2. This enables "in path" insertion for simple tests. If you have switched to Routing, then this option will revert to bridging. Use this setting if using port mirroring for tcpdump/network mon.

R - Switch to routing mode. To use this mode, you will need to assign IP addresses to ports 1 and 2. The format is as above for (I). Be aware that other routers will also need to know how to get back to the Network Nightmare! No routing protocols are supported, only static routes. You may NOT use the same LAN subnet on any of the 3 interfaces, if you attempt to do so, you will receive an error.

A - Set Autonegotiate vs Fixed speed/duplex. By default the Network Nightmare will autonegotiate for speed and duplex settings on its interfaces. If you need to change these to fixed, select this item.

Q - Query for autonegotiation status - shows the output of ifconfig. For any interfaces set to autonegotiate, this will reveal what setting they negotiated to.

X - Return to the main menu.

Configuration: Speed and Duplex

  Auto - use the auto-negotiation protocol to learn which setting
  10H - 10 Mbps, half duplex (old hub)
  10F - 10 Mbps, full duplex (old switch)          
  100H: 100 Mbps, half duplex (cheap router)
  100F: 100 Mbps, full duplex (modern switch/router)
  1000H: 1000 Mbps, half duplex (cheap gigE router)
  1000F: 1000 Mbps, full duplex (gigE switch/router)

6.2 gigEnn™ Configuration: Mapping/mounting a remote drive

U - Unmount N - Mount a Network File System W - Map a Windows network "share" drive S - Change the default directory L - List the mounted drive

Be warned that if mapping a drive, it should be off the network served on network 0 (mgmt), otherwise the network traffic to the drive may interfere with your WAN emulation/WAN monitoring.

U - Unmount whatever is mounted

N - Mount a Network File System - such as a Linux or Solaris drive which is exported.

W - Map a Windows network "share" drive.

S - Change the default directory (for tcpdump and network monitor) to use /tmp/mnt (or /tmp).

L - List the mounted drive.

X - Return to the main menu.

6.3 gigEnn™ Advanced Mode

N - normal mode A - Asymmetric mode 3 - 3-way mode I - Infinite queue size Q - Set fixed queue size B - Use Bandwidth * delay

N - normal mode - revert to the original way the Network Nightmare operated with just one setting for bidirectional traffic between net1 and net2

A - Asymmetric mode you can work with either bridged interfaces (net1/net2) or routed, but you can emulate different properties in the different directions, such as 1.5 Mbps from net1->net2, but only 386 kbps in the reverse direction.

3 - 3way mode works only for routed mode, but enables arbitrary settings in all 6 directions through the device. i.e. traffic from net1 to net2, net1 to mgmt, etc.

I - Infinite queues (don't drop due to delayed packets) default

Q - Set fixed queue size in packets

B - Use ( bandwidth * delay ) to determine queue size

X - Return to the main menu.

7.0 gigEnn™ Statistics (Monitoring)

S - Summary of Traffic (traffic.dat) P - Traffic Summary by port (traffic_byport.dat) T - Top Talkers (toptalkers.dat) A - Top Talking Applications (topapps.dat) G - Most talking machines (mosttalking.dat) Y - CIFS/SMB Signing status (smb_conns.dat) M - Monitor output (monitor.out) E - Open connections at monitor end (rt_open.dat) U - Every connection (all_connections.dat)

Note that the monitoring will not begin until a significant amount of traffic has been seen, so it is not suitable for extremely low traffic evaluation. While running the monitor will print its status every 10 seconds, the output looks like:

1100650592.535386  CONNECTIONS open: 2 (2)      total: 2 (2)    max-sim: 2 (2)
1100650592.535386  BYTES tcp: 1580404/57        udp: 0/0        other: 0/0

The first number (1100650592.535386) is a timestamp (seconds.msecs) If you have not used rdate with external access or otherwise set the time, this will be from an arbitrary starting point, but will be useful for relative timing in any case.

The Connections line describes the TCP connections currently extant:

• Open - the number of connections which have been seen which are still open (note that a quiescent connection will not show up)
• Total - the number of connections seen so far (ever open) in this session
• max-sim - the maximum number of simultaneous connections seen - i.e. the largest Open value seen (it can be even higher, if the peak count occurs in between display points).

The Traffic line gives the number of BYTES sent of each type, followed by the number of packets, e.g. bytes/packets. TCP is a reliable protocol, which is most common on networks. UDP is a lossy protocol used for some applications needing low delay, and other comprises all other traffic types, such as GRE or certain VPN protocols.

The monitoring process will produce files in /tmp (or /tmp/mnt) to explore different aspects of the traffic it saw. You can browse the files from this menu, or copy them off of the Network Nightmare. In addition it will produce several .csv files which are useful to load into other tools, such as Microsoft Excel(TM).

S - Summary of Traffic (traffic.dat) - provides summary statistics for the monitored period. These include the length of trace (secs), number of bytes sent, average speed, average RTT, a breakdown into the number of retransmitted bytes and duplicate acks, #connections, SMB signing statistics, byte and packet counts broken down into TCP/UDP/other, and the peak number of simultaneous connections.

P - Traffic Summary by port (traffic_byport.dat) - How much data was sent on each TCP port. Note that BOTH ports of a connection are summarized. i.e. if a client connects to a web-server on port 80, then that traffic counts towards port 80, but it ALSO counts toward the ephemeral port the client received in order to open this connection. Thus each byte sent is represented twice in this summary.

T - Top Talkers (toptalkers.dat) - The connections seen, sorted by which sent the most traffic (top 20), plus the rate at which they sent the traffic.

A - Top Talking Applications (topapps.dat) - similar to traffic_byport, but just the byte counts and ports.

G - Most talking machines (mosttalking.dat) - Identifies the IPs which sent the most data during the session.

Y - CIFS/SMB Signing status (smb_conns.dat) - SMB signing is an obscure CIFS setting of interest to WAFS vendors who need to know if traffic has had cryptographic checksums added to it by Microsoft.

M - Monitor output (monitor.out) - The recapitulates the output from during the monitoring session.

E - Open connections at monitor end (rt_open.dat) - this identifies the connections which had NOT been closed at the end of the monitor run.

U - Every connection (all_connections.dat) - displays stats (bytes, time, and rate) for each connection seen.

X - Return to the main menu.