Networking AIX

  • $HOME/.netrc – Specify automatic login information
  • $HOME/.rhosts – Defines which client USERS are NOT required to supply a login password
  • ping – Sends an ICMP ECHO_REQUEST
  • finger – Lists the current users logged on
  • iptrace – Debug trace utility for ip packets
  • ipreport – Generates a packet trace report
  • spray – Sends a specified number of packets
  • no – Configures network options
  • netstat – Show network statistics
  • nfsstat – Lists statistics about network file system

Subnet Mask Addressing

Assume a configuration as follows…

Assume a configuration as follows…
In this case, the DESTINATION PACKET will NOT go to the DEFAULT GATEWAY ADDRESS and will be routed within the local network.

To determine via the SUBNET MASK if a destination packet goes to the GATEWAY node or not, follow these simple rules:

  1. Perform a LOGICAL AND of the destination address of the mask of the local subnet address
  2. Perform an EXCLUSIVE OR on the result of the previous operation and the local net address of the local interface (eg., source address)
  3. If the result of the previous operation is a ZERO, the destination is assummed to be reachable directly through one of the local interfaces ELSE the packet is forwarded to the DEFAULT GATEWAY ADDRESS.

top of page


Automatic login information for the ftp and rexec commands.

syntax: machine <hostname> login <username> password <password>

If this file contains a password entry (optional), the file permissions must be set to 600 (rw for owner only) or else the error message rshd: 0826-813 Permission is denied is generated.

The file .netrc must exist on the client that your executing the ftp or rexec command from and the <hostname> must specify the name of server to connect to.

For FTP only, you can initiate file transfers via a macro definition (up to 16 macros can be defined). This file resides on the client machine.

An example of the contents of a .netrc file…
machine sys8 login transfer password now macdef init
get /tmp/database.log /tmp/log/database.log
top of page


Defines which client users are not required to supply a login password for the rcp, rlogin, or rsh commands using a user account on the server. The file resides on the server machine under the home directory of the user account being logged into. An ALIAS entry cannot be specified.

syntax: <hostname> <username>

top of page


Defines which clients are permitted to execute commands by the lpd, rlogind, rcpd, or rshd daemons without supplying a password.

syntax: <hostname>

top of page


Defines which clients are permitted to print jobs to the print server.

top of page

arp – Address Resolution Protocol

Displays the translation table between TCP/IP addresses and network addresses. This physical address is six bytes long and is unique for every network board. The first three bytes of the address represent a vendor’s ID. The last three bytes are assigned by the manufacturer.

Some examples…

NOVELL 00 00 1B
NOVELL 08 00 14
3COM 02 60 8C
SUN 08 00 20
IBM 08 00 5a
DEC AA 00 04

Note that an IP address is really assigned to a network interface and not a host. A host may have more than 1 network interface as illustrated by the output of the netstat -i command.

Useful tool for debugging network problems.

  • For example, if you are using the DOS SERVER daemons to connect PCs to the RS/6000 and connections aren’t being made, check the arp table to see if there is a hostname entry for the name of the PC you are connecting from. If there is an entry in the arp table, then you know that packets are getting across and the problem lies with the DOS SERVER or PC DOS CLIENT software.
  • Further, you may have configured two or more hosts with the same internet address. If this is the case, its possbile that one connection may get hung. That’s because the entry in your arp table gets overwritten by the new connection. View the arp table and you’ll find that the internet address may now be bound to a new physical network address. The connection that is hung, will not show the correct physical address for that IP address. It shows the new physical address of the machine that has the same IP address of the previous connection.
  • Another reason to use this utility for a debugging tool is to show what network adapter card address is mapped to an internet address. If by chance, you have two nodes on your network with the same internet address, you will have periodic problems keeping a connection to one of those two machines until a unique internet address is assigned to each machine.

Examples: arp -a (Displays all addresses that have been translated by the address resolution

Outputs: dospc ( at 10:0:5a:2b:69:64 [token ring]

eai1 ( at (incomplete)
An incomplete entry in the network address field means the node in question could not be contacted. Probably reasons are:

  • node doesn’t exist on the network
  • node isn’t connected to network
  • network is not terminated properly
  • problem with network cabling
  • software on destination host has a bug

arp -d dospc (Remove the dospc entry from the arp table)

top of page


Lists the current users logged in from remote machines, including username, hostname, idle time, and so on

Example: finger -i (alias f -i)

top of page


This command returns the internet address when a hostname is specified or the hostname when the internet address is specified.

Examples What it does

top of page

hostname – Sets or displays the name of the host system

Examples What it does
hostname Displays the current hostname value
hostname rs520 Sets the name of the machine to rs520. Make ure that you set the system
name to rs520 by executing the
uname command

top of page

uname – Sets or displays the system name

Examples What it does
uname -S rs520 Sets the system name
uname -a List the system name

top of page

ifconfig – Configures or displays the network interface parameters for a tcp/ip network

Examples What it does
ifconfig en0 Indicates if the en0 interface is up and running. en0: flags=2000063<UP,BROADCAST,NOTRAILERS,RUNNING,NOECHO> inet netmask 0xffffff00 broadcast
ifconfig en0 up Before this command is executed the state of the en0 interface is down (doesn’t show UP): en0: flags=2000062<BROADCAST,NOTRAILERS,RUNNING,NOECHO> inet netmask 0xffffff00 broadcast this command is executed the state of the en0 interface is: en0: flags=2000063<UP,BROADCAST,NOTRAILERS,RUNNING,NOECHO> inet netmask 0xffffff00 broadcast
1) ifconfig en0 down2) ifconfig en0 detach Adapter statistics for the ethernet card get reset to zero. See the netstat -v display for further information.

top of page

iptrace – Debug trace utility for IP packets

Examples What it does
iptrace -a -s -i en0 network.log All TCP/IP packets that originate from host address of with a ethernet network interface (en0) will be logged to the file network.log.

top of page

ipreport – Generates a packet trace report generated from the iptrace facility

Example: ipreport network.log

Dumps the packets that were trapped from the iptrace session in ascii format for inspection. Must kill the iptrace process before this report can be displayed.

top of page

nameserver (resolv.conf)

Examples What it does
host ahinc or
arp -a
If the arp -a or host commands hang, usually means the name server daemon (/etc/named) is not running. Use the command ps -ef|grep named to check if named is running.
Telnet login responce is very slow. Make sure the /etc/resolv.conf file has a valid entry in it and the /etc/hosts file has the appropriate entries for all known client nodes.Contents of an example of a /etc/resolv.conf:
nameserver domain ahinc.comWhen using the named process, each node should have at least the loopback and local host name defined in the /etc/hosts of page

netstat – Shows network statistics

Examples What it does
netstat -f inet List statistics of AF_INET address family for remote communications
netstat -f unix List statistics of AF_UNIX address family for local communications.
netstat -m Shows current network interfaces that are up and running.

  • If a network interface shows an asterik next to it (en0*), this means your interface is down. Use the ifconfig command to bring the network back up.
  • If the Ierrs field (input errors) is nonzero, this means their are no more kernel memory buffers left to store an incoming frame or indicates a frame error has been detected.
  • If the field Coll field has a colllision rate greater than 1% of the packets sent/received, then a serious network problem exists.
netstat -r If the non-loopback entry has a G in Flags field (g=gateway), then the ping command may hang. Change the Flags field to U only. Make sure the ROUTED daemon is running. To start: startsrc -s routed.
netstat -nr Route Tree for Protocol Family 2:
netstat -sr
netstat -s
Displays statistics for each protocol (ip, icmp, tcp, udp)
netstat -v Shows statistics about network interface cards installed.

  • If the Xmit Carrier Lost field contains a non-zero value, you most likely have a problem with your ethernet cable.
  • The errpt command should contain entries for the eth?
    device where

    • ? is=first ethernet adapter
    • 2=second ethernet adapter, etc
  • These error entries should cycle between ENT_ERR6 and ENT_ERR2 and reference problems with the ethernet cable itself.
  • Use the ping command to further identify the problem and also validate through diagnostics that the network adapter card is good.
  • XMIT MAX COLLISIONS gets bumped when the transmitter has tried to transmit a frame 16 times and each of the 16 failed due to a collision.
  • XMIT UNDERRUN gets bumped when the transmitter is getting under-runs.
  • XMIT TIMEOUTS gets bumped when the transmitter on the adapter times out while trying to transmit.
  • PACKETS TOO LONG get bumped when a packet is detected that is larger than the interface can handle (en0 of 1514+ bytes)
  • RECEIVE DMA LOCKUPS gets bumped when the adapter card has detected itself in a lockup state. The microcode will then restart the 82586 to correct this problem and get things working again.
  • INTERRUPTS LOST is the number of interrupts which are not caught by that NIC device driver. When this counter is not 0, a problem exists with the device driver or NIC.
  • NO MBUF ERRORS is the number of failed receive MBUF requests from the NIC device driver.
  • RECV OVERRUN COUNT is stating the the NIC is getting overrun. This is not a big problem unless you see many of these. New microcode/EPROMS may reduce this number.
  • RECV PKTS DISCARDED is stating packets are being received that can’t be matched to the TYPE field. For Ethernet cards, the type of frames being received would only be 802.3/Ethernet Ver 2.0
  • PACKETS REJECTED NO NETID is stating that a packet came in at the LLC level and it didn’t have a SAP bound to send it up to. In other words, the device driver didn’t recognize the packet type that came in. Could be because your co-existing with a Novell network using IPX and your using TCP/IP.
netstat -v chdev -l ent0 -a receive_size=60

top of page


Lists statistics about network file system (NFS) and remote procedure calls (RPC).
Also distinguishes between client and server information.

top of page

no – Configures network options.

The no command ONLY operates on the currently running kernel. This command must be run each time the system is rebooted.

Examples What it does
no -o tcp_ttl=40 Specifies the time to live for TCP packets (40 ticks).
no -o thewall=3000 Sets the size of the mbuf pool to 3 MB (default is 2 MB). If requests for mbufs has been denied, this should prevent requests from being denied.
no -a ipforwarding=0 Turns off IP forwarding
no -o tcp_sendspace=8192
no -o tcp_recvspace=8192
Increasing the buffers to 8k, performance gains of up to 10-20% have been attained.

top of page


Sends an ICMP ECHO_REQUEST message to a network host every second.

Examples What it does
ping rs520 Quick way to determine if the network host you wish to communicate with is either up and running or is configured properly. If ping intermediately reports back packets (5 packets sent, 1 is lost, 2 packets sent, 1 lost, etc), suspect a bad connection.
ping Generates responses from all the other nodes connected on a class C network. If you wish to see what nodes are up and responding on your network, this is a simple test to run.

top of page


Sends a specified number of packets over the network and reports back performance statistics.

Examples What it does
/usr/etc/spray AIX  -c 1000 -l 1400 -d 1 Send 1000 packets to the host named AIX with a delay of 1 micro-second, where each packet sent is 1400 bytes. This uses the RPC protocol.

top of page