Top 10 free open source tools for network admins

Routing issues, slow network applications, DNS resolution problems -- a network administrator has to deal with a host of network nuisances on a daily basis. How do you survive when you're constantly under the gun to fix the problems? Like any other professional, you need a solid set of tools.

Not surprisingly, plenty of options exist in the open source camp. Excellent open source software tools are available to help you keep a close watch over your network, as well as meet many other needs of the busy network manager. From monitoring, troubleshooting, and security analysis tools to utilities for keeping track of IP allocations, passwords, and router configurations, here are my top 10 picks of the most essential open source tools for our network admin toolbox -- all free for the downloading.

This is by no means an exhaustive list of open source networking utilities available, and I've merely touched on their capabilities.

Top free open source tools for network admins: Dig
DNS problems plague us all, and they're easily overlooked when troubleshooting, so you need a reliable tool that provides detailed information about how users' DNS queries are being resolved. Why not use the tool made by the Internet Systems Consortium, the same group that produces the BIND DNS server software running the majority of DNS servers worldwide? That tool is Dig.

At the heart of it, Dig is a command-line utility that performs DNS queries. That alone is helpful, but Dig can also tell you most everything about the queries and replies -- you'll sometimes need that extra information to determine why you're getting a strange reply from a DNS server. The default output of Dig provides you with all the data you'll require for troubleshooting: reply/error codes from the server, flags used in the query, a reiteration of your query, the answer to your query, how long the query took, which server it received the reply from, and how much data it received in the reply. Dig can be quite useful when you're trying to diagnose slow network applications, by determining how long it takes a computer to get DNS resolution for the application server's domain name.

Dig can ask for a typical name query, replying with an IP address when you give it a domain name. You can also do a reverse lookup: By using the -x switch and giving it an IP address, Dig it will return the corresponding domain name for that IP address. The -t switch lets you specify the type of query you're making, so you can ask for mail server records (MX), name server records (NS), text records (TXT), and more.

If you are sporadically getting incorrect replies to your DNS queries, it's possible that one of your DNS servers has a different set of DNS records than the others. With Dig, you can run the same query against each of your DNS servers to find out which one is providing the erroneous replies. Just give Dig the DNS server's address with the @ symbol in front:

dig @4.2.2.2 www.yourdomain.com

Are you troubleshooting DNS problems with servers that use transaction signatures? Dig lets you specify a TSIG key to use for your queries. Dig also lets you tailor IPv6-only queries to help you troubleshoot IPv6-specific problems.

Dig is a part of the client utilities of the BIND project. It is not generally installed by default, but is readily available on all Unix, Linux, and BSD variants, including Mac OS X. A Windows version is available too.  Read the entire article