Welcome to part 5! If you haven't read parts 1-4, you can find them here:
Apple MacBook Air M1 for Network Engineers Part 1
Apple MacBook Air M1 for Network Engineers Part 3
Apple MacBook Air M1 for Network Engineers Part 4
So how is the M1 working out?
I have been using the M1 as my daily driver for a few months now. It has far exceeded my expectations. The "Instant On" like an iPad still blows me away, battery life is unbelievable, the Retina screen is amazing, memory management is so good I just don't even think about how many applications I have open.
Recently, I left work, came home, used it for a few hours web browsing, worked on Friday using it for probably 5 hours at three different sites, then Saturday morning I was web browsing and realized that it was at 39% battery! I can't wait until the plague is over and I get to spend 11-14 hours in airports and on planes with it. Oh, wait...
But it's not perfect! The M1 only has two USB-C Thunderbolt ports and the architecture of the M1 only allows a total of two displays - INCLUDING the Retina display. So even if you purchase two USB-C to HDMI adapters you can only drive one monitor. Since I have two 27" monitors in my home office and two 24" monitors at work this was disappointing.
But, it turns out the two monitor limit does not apply to DisplayLink monitors. StarTech.com makes a USB-A to DisplayLink adapter that has two DisplayPort ports and Gigabit Ethernet. It drives both monitors no problem and I can still use the Retina display for a total of three monitors. You do have to go to the Displaylink Downloads page and install the macOS app.
Of course, being USB-A, you still have to use a USB-C to USB-A adapter. I bought two from Satechi.com that have three USB-A ports and one Gigabit Ethernet adapter. That leaves the second USB-C port available for charging so I can work all day on two monitors and still have two USB-A available and Ethernet. They are very high-quality adapters and I can't recommend them enough. If you sign up at Satechi.com you will get discount coupons in your inbox.
TYPE-C 2-IN-1 USB HUB WITH ETHERNET
In the field, I have been using another Satechi adapter - USB-C ON-THE-GO MULTIPORT ADAPTER. This one has
- USB-C PD charging
- Gigabit Ethernet
- 4K HDMI, VGA
- USB-A
- USB-C data ports
- micro/SD card readers slots
The USB-C to C cable stashes inside the adapter, a really nice feature and it comes with a second, longer USB-C to C cable. I really like it because I can use the USB-C PD port for charging, use Gigabit Ethernet, an external monitor, and a USB-A device while still having the second USB-C port available. Plus, like the other Satechi adapter, it's very solidly built and feels like it will last even getting banged around in my backpack!
One last accessory that I am loving is an OIKWAN 10ft FTDI USB-C to RJ45 Serial Adapter. I didn't know that you could buy 10' cables but the extra length rocks. Plus, I don't need to put in a dongle just to use a console cable.
I found this Reddit post about USB-Serail chipsets. There is a lot of good information in it.
serial: With reliable macOS M1 support?
At this point, we have a macOS system running Big Sur with a great shell, a great terminal, the development tools needed to automate the network, and a vast collection of dongles! Now we will install and configure the tools that make macOS/Linux so much better than Windows.
Here is a list of the apps that we will be installing:
- arp-scan - a command-line tool for system discovery and fingerprinting
- bat - a replacement for cat with colorization
- cdpr - a Cisco Discovery Protocol daemon
- Debut WebCam software - Use an inexpensive endoscope on the m1.
- Docker Desktop for macOS
- duf - Disk Usage Free an ncurses interface for disk usage
- exa - a replacement for LS that includes a lot of useful features
- grepcidr - grep for IP subnets. A must learn tool
- iPerf3 - An open-source link performance testing tool
- lft - An alternative to Traceroute. Implements numerous network tracing methods and strategies.
- lsusb - the Linux List USB tool. Useful when you want to see what USB devices are connected
- lldp - an lldp daemon for macOS
- mtr - A network diagnostic tool that combines the functionality of commonly used traceroute and ping programs into a single tool.
- sipcalc - a terminal-based IP calculator
- speedtest-cli - a terminal tool that calls the speedtest.net site.
- tcp traceroute - a part of the IP route2 package from Linux. Useful to be able to use tcp instead of ICMP
- tldr - cli interface to the website https://tldr.sh. Curated list of man pages with exmaples
- Watch - Runs command repeatedly, displaying its output and errors
- shellcheck - Linter for shell scripts
- sc-im - Display csv files in the terminal. This is great for quickly reviewing csv files
Docker Desktop for macOS
Docker Desktop for Apple Silicon is now available for General Availability. You can download it here.
I recommend that you join the Docker Slack and then watch the docker-desktop-mac channel.
Use this link to get to the Docker Slack instance - https://dockercommunity.slack.com
The community is very active and they have solved a lot of issues.
Docker would require a book to go over, I am just going to show how to install the desktop and provide links to some good reference material.
References
Docker page for Troubleshooting
Docker page for Known Issues
https://docs.docker.com/desktop/mac/apple-silicon/
EXA
One of the most common tasks is listing files. Why spend your time squinting at black and white text?
exa is an improved file lister with more features and better defaults. It uses colours to distinguish file types and metadata. It knows about symlinks, extended attributes, and Git. And it’s small,
fast, and just one single binary.
Installation
brew install exa
Examples
List with long, (F) Classify, Tree.
Classify displays file kind indicators next to file names.
exa -lFT
exa -lF --group-directories-first
I created an alias for the last command in the .zshrc file.
alias exa1="exa -lFT --group-directories-first"
Now I just have to type "exa1" to execute that long command.
References
fd
A replacement for find. This tool is amazing, the readme on GitHub has a lot of examples.
Features
- Intuitive syntax: fd PATTERN instead of find -iname '*PATTERN*'.
- Regular expression (default) and glob-based patterns.
- Very fast due to parallelized directory traversal.
- Uses colors to highlight different file types (same as ls).
- Supports parallel command execution
- Smart case: the search is case-insensitive by default. It switches to case-sensitive if the pattern contains an uppercase character*.
- Ignores hidden directories and files, by default.
- Ignores patterns from your .gitignore, by default.
- The command name is 50% shorter* than find :-).
Installation
brew install fd
I'm not sure what program set the colors environment variable, it was set before installing fd, but this is what it looks like
echo $LSCOLORS
Gxfxcxdxbxegedabagacad
fd then uses that to color its output
There is a companion tool called as-tree that you can pipe the output to and display the results in a tree.
brew install as-tree
References
grepcidr
grepcidr can be used to filter a list of IP addresses against one or more Classless Inter-Domain Routing (CIDR) specifications. As with grep, there are options to invert matching and load patterns from a file. grepcidr is capable of efficiently processing large numbers of IPs and networks.
grepcidr has endless uses in network software, including: mail filtering and processing, network security, log analysis, and many custom applications.
For detailed instructions and examples, please see the README file or man page. A couple examples of usage:
grepcidr 2001:db8::/32 logfile
grepcidr 66.249.64.0/19 access.log
Installation
brew install grepcidr
LLDP
Git hub repo with documentation
Installation
brew install lldp
LFT
LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name lookups, et al. What makes LFT unique? LFT is the all-in-one traceroute tool because it can launch a variety of different probes using ICMP, UDP, and TCP protocols, or the RFC1393 trace method.
Installation
brew install lft
References
MTR
This is a tool that runs continuously to ping the target and calculate the path like traceroute. There is a lot to this tool besides just pinging and tracerouting. You can save the output in CSV or JSON format, use IPv6 addresses, etc. You can use "man mtr" to open the man page or see the Tecmint.com article in the reference section.
Installation
MTR is part of the Homebrew collection.
brew install mtr
The first time I ran mtr I got the error below:
└─[$] mtr -4 199.244.248.19
mtr: Failure to start mtr-packet: Invalid argument
A google search found an issue on the mtr github page. I just had to add "/usr/local/sbin" to the path variable. I included a link in the references on how to do that in case you have the same issue.
How to use mtr
Example to www.vectorusa.com from my home lab. Note that you will need to use sudo with mtr.
┌─[mhubbard@HP8600-4] - [/private/tftpboot] - [2909] └─[$] sudo mtr -4 www.vectorusa.com HP8600-4.local (192.168.10.142) -> www.vectorusa.com 2021-08-30T19:20:25-0700 Keys: Help Display mode Restart statistics Order of fields quit Packets Pings Host Loss% Snt Last Avg Best Wrst StDev 1. 192.168.10.254 0.0% 14 4.1 5.7 3.6 25.2 5.6 2. (waiting for reply) 3. dtr01hsprca-tge-0-0-0-4.hspr.ca.charter.com 0.0% 14 18.2 16.8 13.1 33.8 5.1 4. 024-180-019-029.biz.spectrum.com 0.0% 13 14.4 15.6 12.3 26.2 3.5 5. bbr02atlnga-bue-1.atln.ga.charter.com 0.0% 13 13.2 22.0 12.7 80.8 19.4 6. bbr02chcgil-tge-0-2-0-1.chcg.il.charter.com 0.0% 13 33.9 19.7 15.5 33.9 5.3 7. 206.223.123.156 0.0% 13 19.2 27.4 16.6 45.4 10.0 8. 199.60.103.2 0.0% 13 15.6 17.0 13.8 24.0 3.0
In this example, I added "-b" and "-y 0" to display the AS number and IP address:
┌─[mhubbard@HP8600-4] - [/private/tftpboot] - [2909] └─[$] sudo mtr -4 -b -y 0 www.vectorusa.com HP8600-4.local (192.168.10.142) -> www.vectorusa.com 2021-08-30T19:34:00-0700 Keys: Help Display mode Restart statistics Order of fields quit Packets Pings Host Loss% Snt Last Avg Best Wrst StDev 1. AS??? 192.168.10.254 (192.168.10.254) 0.0% 19 3.7 4.2 3.3 7.8 0.9 2. (waiting for reply) 3. AS??? dtr01hsprca-tge-0-0-0-4.hspr.ca.charter.com (96.34.100.96) 0.0% 19 16.0 16.7 13.1 41.3 6.2 4. AS20115 024-180-019-029.biz.spectrum.com (24.180.19.29) 0.0% 18 17.4 17.4 13.2 26.2 3.7 5. AS??? bbr02atlnga-bue-1.atln.ga.charter.com (96.34.3.18) 0.0% 18 26.9 27.2 12.0 78.8 20.1 6. AS??? bbr02chcgil-tge-0-2-0-1.chcg.il.charter.com (96.34.3.129) 0.0% 18 18.5 16.9 14.7 19.5 1.4 7. AS396998 206.223.123.156 (206.223.123.156) 0.0% 18 18.6 24.8 15.4 37.6 8.1 8. AS209242 199.60.103.2 (199.60.103.2) 0.0% 18 15.6 16.2 13.9 22.1 2.0
Using TCP or UDP instead of ICMP
sudo mtr --udp -b -y 0 www.vectorusa.com
References
tldr
brew install tldr
┌─[mhubbard@HP8600-4] - [~/.ssh] - [3255] └─[$] tldr mtr [20:34:50] mtr Matt's Traceroute: combined traceroute and ping tool. More information: <https://bitwizard.nl/mtr>. - Traceroute to a host and continuously ping all intermediary hops: mtr host - Disable IP address and host name mapping: mtr -n host - Generate output after pinging each hop 10 times: mtr -w host - Force IP IPv4 or IPV6: mtr -4 host - Wait for a given time (in seconds) before sending another packet to the same hop: mtr -i seconds host
Shellcheck
Installation
brew install shellcheck
- Network Service
- Interface Name
- MAC address
- IPv4 address
bash networkservice.sh [10:32:38] Wi-Fi, en0, 50:ed:3c:22:be:32, 192.168.10.148 USB 10/100/1000 LAN, en11, 00:e0:4c:68:0a:0d, 10.10.100.2
If you want to include the IPv6 address, modify awk '/inet /{print $2}' and remove the space after inet.
#!/bin/bash while read -r line; do sname=$(echo "$line" | awk -F "(, )|(: )|[)]" '{print $2}') sdev=$(echo "$line" | awk -F "(, )|(: )|[)]" '{print $4}') #echo "Current service: $sname, $sdev, $currentservice" if [ -n "$sdev" ]; then ifout="$(ifconfig "$sdev" 2>/dev/null)" echo "$ifout" | grep 'status: active' > /dev/null 2>&1 rc="$?" if [ "$rc" -eq 0 ]; then currentservice="$sname" currentdevice="$sdev" currentmac=$(echo "$ifout" | awk '/ether/{print $2}') currentIP=$(echo "$ifout" | awk '/inet /{print $2}') # may have multiple active devices, so echo it here echo "$currentservice, $currentdevice, $currentmac, $currentIP" fi fi done <<< "$(networksetup -listnetworkserviceorder | grep 'Hardware Port')" if [ -z "$currentservice" ]; then >&2 echo "Could not find current service" exit 1 fi
References
Learning the Shell
How to find the currently connected network service from the command line?
How to pass command line arguments to a shell alias?
Debut WebCam software
I bought an inexpensive endoscope off of eBay for about $15.00. On Linux, it worked with the built-in Cheese webcam software. On the Mac I couldn't figure out how to get Facetime to work with it so I had to do some research.
After I connected the endoscope, I ran lsusb (list USB) that I installed using "brew install lsusb" and it listed the following for the camera:
lsusb Bus 001 Device 001: ID 2109:0817 VIA Labs, Inc. USB3.0 Hub Bus 001 Device 003: ID 0bda:8153 Realtek Semiconductor Corp. USB 10/100/1000 LAN Serial: 000001 Bus 001 Device 002: ID 2109:2817 VIA Labs, Inc. USB2.0 Hub Bus 001 Device 004: ID 1e4e:0110 Etron Technology, Inc. USB2.0 Camera
So I knew that the M1 recognized the device. I searched for Etron Technology and found the company website. They had software so I downloaded it. But, I never install software from from the Internet without running it through VirusTotal.com. 17 AV vendors found Potentially Unwanted Programs (PUPs) in the Etron software.
The search also took me to the Logitech website for a package called "Capture". I found this in the description of Capture "Our webcams are USB Video Class (UVC) devices and driver support is built into Microsoft Windows 10 and macOS." So the endoscope must be a UVC device and the Mac has support built in.
Back to the search and I found an application that is free for personal use and worked fine. It's called Debut and you can download it Debut webcam software. Virus Total reported 0 issues for Debut.
The resolution of the endoscope is listed as 640x480 so it's pretty bad. I checked eBay tonight and found a couple endoscopes that claim 720P and 1600 x 1200 for about $25. They also say the work with macOS so they must be UVC also. They also come with wifi adapters so that they work with Android and IOS phones. The 1600x1200 resolution would be much better than the 640x480 on the $15 endoscope I bought.
I can hear you asking "Why does a network engineer need an endoscope?". Well, I dropped a brand new Cisco 10Gb Single Mode Fiber SFP and it went down the channel of the two post rack. There were several APC UPS units and batteries all way to the bottom of the rack so there was no way to reach in and recover it. I had a claw type tool in my truck but I couldn't see that far down the channel to get the SFP.
Luckily, I had spare SFPs and was able to come back after I got the endoscope. It has LEDs in it and I was able to use the endoscope to guide the claw to the SFP. Tonight I used the endoscope to guide a 1/4" socket onto a nut on the ice maker on my freezer. But that's a story for another day.
I was really more interested in explaining LSUSB and how to look at the USB devices that the M1 recognizes.
sc-im
From the git repo:
Spreadsheet Calculator Improvised, aka sc-im, is an ncurses based, vim-like spreadsheet calculator.
Some of the features of sc-im
- Vim movements commands for editing cell content.
- UNDO / REDO.
- 65.536 rows and 702 columns supported. (The number of rows can be expanded to 1.048.576 if wished).
- CSV / TAB delimited / XLSX file import and export. ODS import. Markdown export.
- Key-mappings.
- Autobackup.
- Direct color support - specifing the RGB values, screen colors can be customized by user, even at runtime.
- Colorize cells or give them format such as bold, italic or underline.
- Wide character support. The following alphabets are supported: English, Spanish, French, Italian, German, Portuguese, Russian, Ukrainian, Greek, Turkish, Czech, Japanese, Chinese.
- Sort of rows.
- Filter of rows.
- Subtotals.
- Cell shifting.
- Clipboard support.
- GNUPlot interaction.
- Scripting support with LUA. Also with triggers and c dynamic linked modules.
- Implement external functions in the language you prefer and use them in SC-IM.
- Use SC-IM as a non-interactive calculator, reading its input from an external script.
This is a great utility for network engineers. I hate having to open Excel or Libre Calc just to grab some data from a csv file that was created for deployment. With sc-im I don't have to leave the terminal.
Here is a screenshot from a template I created for configuring several sites:
Installation
brew install sc-im
Once it's installed simply run
sc-im <file name>
in the case above:
sc-im rc-parks-idf_info.csv
Exiting sc-im
sc-im uses vim key bindings by default. They are listed on the github README.
For reference, on Ubuntu, sc-im can open xlsx files.
An alias to view csv files.
If you just need to view a csv file with a limited number of columns, this alias works great
alias csv='ls *.csv | pbcopy ; sed s/,/,:/g $(pbpaste) | column -t -s: | sed s/,//g | cut -c-180'
Here is output of the alias in action:
csv [21:34:29] column: line too long Name IP Site # Name voip-museum-g430 10.90.80.50 03 Museum Voip-uoc-g450 10.80.152.5 05 Utilities Opration Center voip-RPUgw-g430 10.80.30.50 06 RPU Gateway voip-pucm-g450 10.80.138.50 07 Orange Square voip-casa-g430 10.80.196.50 08 UOC-CRC voip-SpringsSub-g430 10.80.160.50 09 UOC Springs Substation