Learn how UNIX machines connect and communicate over the Internet
This content is part # of # in the series: Speaking UNIX
This content is part of the series:Speaking UNIX
Stay tuned for additional content in this series.
As defined in Wikipedia, the Internet is a worldwide, publicly accessible series of interconnected computer networks that transmit data by packet switching using the standard Internet Protocol (IP). The Internet is, in a sense, the largest network in the world and spans the globe many times over.
The Internet and the Web are not the same thing, although people interchange the terms frequently. The World Wide Web (WWW), or the Web, is a collection of hypertext documents containing images, audio and video clips, and other files interlinked and accessed over the Internet.
A simplistic example of the two is when you connect to your Internet Service Provider (ISP) using a cable modem. Connecting to your ISP using a cable does exactly that: It connects you to your ISP's network and to the Internet, but you are still not using the Web—not until you open a Web browser, such as Mozilla Firefox or Apple Safari, and connect to a Web site.
Configuring TCP/IP and the network adapter
For a server running the AIX operating system to communicate over a network and connect to the Internet, you must configure the network adapter or, depending on the system, edit multiple files to set up TCP/IP. However, IBM has made this task easy with one simple switch inside the System Management Interface Tool (SMIT).
Before beginning to configure the network adapter, first document the following information:
- IP address to assign to the network adapter
- Host name of the target server
- Name of the domain of which the target server is a member
- Subnet mask
- Name servers
- Gateway address
To configure a network adapter on a server running AIX, perform the following steps:
- Log in to the system as
su –to root.
- Start the SMIT program, and then choose Communications
Applications and Services > TCP/IP > Minimum
Configuration & Startup.
Tip: SMIT has many shortcuts, or fast paths, to allow you to quickly get to the menu or task needed. In this case, simply typing smitty mktcpip bypasses having to navigate through the three previous menus.
- Select the network adapter you want to configure from the list shown
in Figure 1, and then click Enter. For this
example, en2 is used.
Figure 1. Available network adapters
After you select the desired network adapter, a new window is built that displays all the settings you need to configure the network adapter.
- Taking the information you documented earlier, type the host name, IP
address, subnet mask, domain name, name server IP address, and
default gateway address. If you want the network adapter to start as
soon as you've made your changes, change START Now to Yes,
as shown in Figure 2.
Figure 2. Minimum configuration settings for the network adapter
- Verify the information you typed, and then click Enter.
AIX makes the changes requested and starts the TCP/IP daemons (if they haven't already been started). In Figure 3, note that the TCP/IP daemons were already running, as en0 and en1 are configured on this AIX system.
Figure 3. Network adapter changes in progress
- Exit SMIT by clicking either F10 or Esc + 0 (zero).
A Domain Name System (DNS) server interprets IP addresses into domain names and locations of other computers or Web sites. Without DNS, you would need to enter the IP address into a Web browser. For example, if you didn't have access to DNS and wanted to view IBM's Web site, you would have to type 188.8.131.52 instead of www.ibm.com. DNS eases the use of Web browsing over the Internet as well as connecting to other servers over a network. It's much easier to remember www.ibm.com than 184.108.40.206!
Another advantage to using DNS is that from time to time, IP addresses change on servers. For instance, a server may need to move from one location to another, or a server may be replaced with new equipment. Performing such moves sometimes requires changing the IP address on the server after it reaches its new home because of a different network scheme at the new location. When this happens, it's much easier on users to remember the name of the server instead of having to remember what the old and new IP address are. If the server move was successful, users will never know the difference.
As mentioned earlier, when setting up the network adapter, you typed the IP address location to a name server. This server is your primary DNS server location. It is wise to have several DNS servers to rely on in case one should fail during an address lookup. If multiple DNS servers are used, when the server is looking up an IP or host name to cross-reference, if the first DNS server doesn't have the information or is unavailable, the lookup request will move to the second DNS server, and so on.
To add other DNS servers, you must modify the /etc/resolv.conf file. Listing 1 provides an example of such a file.
Listing 1. An /etc/resolv.conf file
domain ATC-DOMAIN.com nameserver 10.20.30.23 nameserver 10.20.30.24 nameserver 10.20.30.25 search atc-domain2.com, atc-domain3.com, atc-domain4.com options debug
The sections that follow provide descriptions of each parameter used in Listing 1.
domain parameter instructs the resolving function
<domain name> to the end of the
string to lookup if the string does not end with a
(period). For example, if the string entered for lookup is ibm, the actual
string that will be used is ibm.ATC-DOMAIN.com.
If no domain is included in the
domain parameter (that
is, using ATC-AIX1 rather than ATC-AIX.ATC-DOMAIN.com), the
root domain is assumed.
Note: Only one domain entry can be used in the /etc/resolv.conf file.
nameserver parameter tells the server which
DNS server to resolve IP addresses and host names against. The resolver
queries each name server in the order provided in /etc/resolv.conf until the
IP address has been properly resolved.
Note: Only three name server entries can be used in the /etc/resolv.conf file.
search parameter provides a list of domains to
the resolver to use when resolving an IP address or host name. Only the
entry can be used. If
domain is used,
search will be the value of
Note: Although you can add several domain names to the
search option, there is a limit of 1,024
options parameter provides an extra means of
debugging and adjusts the lookup function to your liking:
debug: This option turns on debugging for the resolving function
ndots:<N>: If a domain with
<N>or more periods is found, DNS attempts to resolve the string first without appending the search domain list.
For more information on DNS, see Related topics.
Testing the Internet connection
Now that you've configured the network adapter and modified /etc/resolv.conf to your liking, you can test your Internet connection. There are many ways to test your connection, so I cover only a couple of the basic, but useful, troubleshooting tools.
The ping command
One of the easiest ways to verify that you've configured your network adapter
correctly and can communicate with the Internet is to ping an IP
ping command is a tool for testing
whether the target is reachable by your server and its network. Basically,
ping sends Internet Control Message Protocol
(ICMP) packets from your server to the destination server, and then receives
a response from the destination server. If the response is received, you have
connectivity to the destination server. Using
is a simple and quick way to determine if there is a problem, how fast data
is being sent between servers, and if you have connectivity at all.
The following example confirms that I have connectivity to Google.com's IP address, 220.127.116.11:
ping 18.104.22.168 PING 22.214.171.124: (126.96.36.199): 56 data bytes 64 bytes from 188.8.131.52: icmp_seq=0 ttl=240 time=40 ms 64 bytes from 184.108.40.206: icmp_seq=1 ttl=240 time=41 ms 64 bytes from 220.127.116.11: icmp_seq=2 ttl=240 time=48 ms 64 bytes from 18.104.22.168: icmp_seq=3 ttl=240 time=40 ms ^C ----22.214.171.124 PING Statistics---- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 40/42/48 ms
ping can't be the only tool used
to confirm connectivity to a server, because a server may have ICMP requests
blocked by firewalls. The following example shows ICMP being blocked and
simulating no connectivity to IBM.com's IP address, 126.96.36.199:
ping 188.8.131.52 PING 184.108.40.206: (220.127.116.11): 56 data bytes ^C ----18.104.22.168 PING Statistics---- 6 packets transmitted, 0 packets received, 100% packet loss
So far, I've only attempted to ping IP addresses. After you've confirmed this first troubleshooting step, it's also a good test to attempt to ping the actual host name that is resolved in DNS:
ping google.com PING google.com: (22.214.171.124): 56 data bytes 64 bytes from 126.96.36.199: icmp_seq=0 ttl=240 time=40 ms 64 bytes from 188.8.131.52: icmp_seq=1 ttl=240 time=43 ms ^C ----google.com PING Statistics---- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 40/41/43 ms
The traceroute command
ping may have failed on one attempt, this
doesn't necessarily mean that you don't have connectivity to the Internet.
The following example shows that
when trying to communicate with ATC-AIX2:
ping ATC-AIX2 PING ATC-AIX2: (10.20.90.41): 56 data bytes ^C ----10.20.90.41 PING Statistics---- 6 packets transmitted, 0 packets received, 100% packet loss
Here's the same test using the
traceroute ATC-AIX2 traceroute to ATC-AIX2.ATC-DOMAIN.com (10.20.90.41) from ATC-AIX1.ATC-DOMAIN.com (10.20.30.40), 30 hops max outgoing MTU = 1500 1 10.20.30.254 (10.20.30.254) 8 ms 3 ms 3 ms 2 10.20.30.252 (10.20.30.252) 4 ms 4 ms 3 ms 3 184.108.40.206 (220.127.116.11) 5 ms 5 ms 5 ms 4 18.104.22.168 (22.214.171.124) 4 ms 5 ms 4 ms 5 10.20.90.252 (10.20.90.252) 4 ms 5 ms 4 ms 6 10.20.90.252 (10.20.90.254) 8 ms 5 ms 4 ms 7 10.20.90.41 (10.20.90.41) 8 ms 6 ms 5 ms
traceroute command can be a helpful
troubleshooting tool. If your
in failure, the output can lead you in the right direction—namely,
which server or network equipment may be blocking your access.
The nslookup and dig commands
commands, notice that host names were primarily used. Using host names is
helpful for users, because they don't need to memorize difficult IP addresses.
One method to determine whether DNS is in fact working is to use the
name server lookup, or
nslookup can provide host name
information as well as IP addresses associated with the host name. This command
is useful if users report an issue when they try to connect to a server but don't
get a response. In such a situation, it could be that their DNS information isn't
updated and old addresses are being used, which you can use
nslookup to verify quickly.
The following code displays the IP addresses associated with IBM.com:
nslookup ibm.com Server: ATC-AIX1.ATC-DOMAIN.com Address: 10.20.30.40 Non-authoritative answer: Name: ibm.com Addresses: 126.96.36.199, 188.8.131.52, 184.108.40.206
A newer program similar to
command provides the same information as
but with a fuller view of how DNS is set up for the target:
dig ibm.com ; <<>> DiG 9.2.0 <<>> ibm.com ;; global options: printcmd ;; Got answer: ;; -<<HEADER<<- opcode: QUERY, status: NOERROR, id: 16463 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 13 ;; QUESTION SECTION: ;ibm.com. IN A ;; ANSWER SECTION: ibm.com. 14740 IN A 220.127.116.11 ibm.com. 14740 IN A 18.104.22.168 ibm.com. 14740 IN A 22.214.171.124 ;; AUTHORITY SECTION: . 24402 IN NS I.ROOT-SERVERS.NET. . 24402 IN NS G.ROOT-SERVERS.NET. . 24402 IN NS C.ROOT-SERVERS.NET. . 24402 IN NS F.ROOT-SERVERS.NET. . 24402 IN NS M.ROOT-SERVERS.NET. . 24402 IN NS E.ROOT-SERVERS.NET. . 24402 IN NS L.ROOT-SERVERS.NET. . 24402 IN NS D.ROOT-SERVERS.NET. . 24402 IN NS J.ROOT-SERVERS.NET. . 24402 IN NS H.ROOT-SERVERS.NET. . 24402 IN NS A.ROOT-SERVERS.NET. . 24402 IN NS B.ROOT-SERVERS.NET. . 24402 IN NS K.ROOT-SERVERS.NET. ;; ADDITIONAL SECTION: I.ROOT-SERVERS.NET. 31808 IN A 126.96.36.199 G.ROOT-SERVERS.NET. 2961 IN A 188.8.131.52 C.ROOT-SERVERS.NET. 36288 IN A 184.108.40.206 F.ROOT-SERVERS.NET. 40867 IN A 220.127.116.11 M.ROOT-SERVERS.NET. 15357 IN A 18.104.22.168 E.ROOT-SERVERS.NET. 26901 IN A 22.214.171.124 L.ROOT-SERVERS.NET. 21568 IN A 126.96.36.199 D.ROOT-SERVERS.NET. 9464 IN A 188.8.131.52 J.ROOT-SERVERS.NET. 35190 IN A 184.108.40.206 H.ROOT-SERVERS.NET. 7936 IN A 220.127.116.11 A.ROOT-SERVERS.NET. 35190 IN A 18.104.22.168 B.ROOT-SERVERS.NET. 29770 IN A 22.214.171.124 K.ROOT-SERVERS.NET. 16473 IN A 126.96.36.199 ;; Query time: 3 msec ;; SERVER: 10.20.30.40#53(10.20.30.40) ;; WHEN: Wed Mar 12 17:02:32 2008 ;; MSG SIZE rcvd: 492
Connect to the Web
After successfully testing the Internet connection and verifying that DNS is
set up correctly by using the
commands, you're ready to get on the Web. Simply open your preferred Web
browser, type the Uniform Resource Locator (URL) you want to view (see
Figure 4), and viola! Congratulations: You're on the
Internet and viewing the Web!
Figure 4. Connecting to the Web
Connecting to the Internet and viewing Web sites is easy in AIX. IBM has made configuration of AIX and network adapters easy. Simply configure your network adapter, direct DNS to a valid DNS server, and you'll be surfing the Web in no time! Enjoy!
- Speaking UNIX®: Check out other parts in this series.
- Read the IBM Redbook, "HOW TO: Easily Configure TCP/IP on Your AIX System."
- Check out Wikipedia's definition of Internet.
- Check out Wikipedia's definition of World Wide Web.
- See IBM's Information Center file reference of /etc/resolv.conf.
- Read Martin Brown's article, "Understanding DNS” (developerWorks, 4 Mar 2008).
- IBM trial software: Build your next development project with software for download directly from developerWorks.