Have you ever come across a network connection issue while using your Mac? Do you know how to troubleshoot it yet?
Fortunately, there is a built-in application called Network Utility on macOS that can be used to troubleshoot network problems. It provides a graphical interface for several macOS networking Terminal commands, such as netstat, ping, lookup, traceroute, and so on. This application suits users who aren't familiar with Terminal commands on macOS.
Let us introduce and go through the functionality of all the Network Utility features.
How To Use Network Utility on Mac To Troubleshoot Network Issues
In the early days of the Internet, things weren't as stable as they are now. Hence, a bundle of tools to help troubleshoot network issues were created, and then later, all put into a single app called Network Utility by Apple.
It provides a variety of useful networking tools that can be used for a variety of purposes, from troubleshooting a network connection to looking up information. It displays information about each network interface that you have, including the hardware address (MAC address), its assigned IP addresses, its speed and status, a count of outgoing and incoming data packets, as well as a count of transmission errors and collisions.
Network Utility includes Netstat, Ping, Lookup, Traceroute, Whois, Finger, and Port Scan. These tools can easily help with the following tasks:
- Check network routing tables and stats.
- Check connections between you another machine.
- Query your DNS servers.
- Trace the paths of your network or internet traffic.
- Scan for open network ports.
To open Network Utility, you can find it from the following path: Finder -> Applications -> Utilities -> Network Utility.
You can also launch Network Utility with Spotlight by pressing the Command + Spacebar key and enter: Network Utility to find and launch the app.
If it's no longer residing in the "Utilities" folder, and you are looking for the path to the app, go to:
Just ask Siri — say "Launch Network Utility," and the application is on your screen right away.
Nevertheless, it's not a replacement for NMAP or other security utilities but can certainly be helpful when you forget to install NMAP or just feel lazy and don't want to enter commands manually into Terminal.
Let's look at each of these tools and find out how they can be used in troubleshooting.
1. View Information
Network Utility allows you to choose a network interface/adapter and view its information, which are:
- MAC address: also known as Media Access Control address, a unique number that is assigned to each network interface.
- IP addresses: The LAN IPv4 address that is assigned to the network interface.
- Speed: The network interface's speed.
- Status: The network interface's status, Active or Inactive.
- In and out data: Display how many data packets have been sent or received by the network interface since the last time your Mac was restarted.
- Errors and collisions: If the data is greater than '0' value, it often manifests as a slow connection, slow downloads, and so on.
- Vendor: A supplier/manufacturer of the network interface's hardware, e.g., Ethernet adapter, Wi-Fi module, and so on.
- Model: The model of the network interface.
To switch between your network interfaces, e.g., Ethernet (en0), Wi-Fi (en1), Thunderbolt 1 (en2), and Thunderbolt 13 (en3), let's use the dropdown menu.
The Netstat feature is basically a lite version of the 'netstat' Terminal command but comes with a graphical interface. Netstat means Network Statistics. You can use it to view very detailed information about all the active incoming and outgoing network connections on your Mac. Netstat gives you a way to inspect your Mac's network routing tables by showing a summary of sent and received packets using common network protocols, including UDP, TCP, IP, IPSEC, IP6, ICMP6, IPSEC6,ICMP, IGMP, and PFKEY.
The Netstat feature in Network Utility has four options, which are:
- Display routing table information: Generating and displaying a list of local network destinations as stored by your router. You can use this information to have a clear understanding of the topology and arrangement of connected devices that make up your network system.
- Display comprehensive network statistics for each protocol: Display detailed information about connections, packets, as well as their status. Generating and showing statistics for TDP, UPD, ICMP, IGMP, IPv6, kernel control sockets, and ARP requests.
- Display multicast information: Show the multicast IP groups of which your Mac is a member.
- Display the state of all current socket connections: Gathering the information about every open socket and its current state, as well as displaying every network connection your Mac currently has open.
To use, simply choose the option you want and then click the Netstat button to execute the command.
Ping is used to test the reachability of your Mac to a specified destination computer through a corresponding IP address. It's the ideal command to use when you need to verify network connectivity between two devices (or servers) at the IP level or whether the TCP/IP stack is working on your local computer.
In short? It's usually used to verify whether your Mac can communicate over the network with another computer or device, e.g., your router.
How does ping work?
The ping command works in a similar manner to the sonar technology that the military use on submarines, as you often see in movies. Sonar sends out pulses of sound and listens for the returned echo. Likewise, when you execute a 'ping' command along with an URL or IP address, it sends several packets of information out to the destination device and then waits for a response.
If any response is returned, the ping tool will show you know how long it took to transmit those packets and get a response - the round trip. Otherwise, it will tell you there was no response.
It sounds simple, doesn't it?
You can use this handy tool to inspect various points of your network quickly. For example, you can perform a 'ping' command to 192.168.1.1 to test if your computer can communicate with your router or not.
Based on the response time, you can identify a slow connection or whether you are experiencing packet loss. This tool will allow you to inspect and diagnose a network issue quickly, whether it's from your computer or somewhere beyond.
Without Domain Name System (DNS) servers, we all need to type IP addresses into the web browser to access websites. For example, if you want to access www.google.com, instead of typing google.com into the address bar, you need to type something longer, for example, 22.214.171.124.
It's too hard to remember, is it?
Luckily, DNS servers take responsibility for this challenging part. Those servers store all domain names and their corresponding IP addresses as an address book for querying afterward.
Let's take a simple example!
When you visit google.com from your web browser, there will be a request sent to the corresponding DNS server to query the actual IP address of google.com's web server for loading the website. If the process goes smoothly and no problems occur, you will see google.com on your web browser, completely loaded. However, if those servers return an invalid/expired value, or it doesn't respond, a few DNS errors may occur on your computer, e.g., Server Not Found, or DNS Server Not Responding.
To learn further, we have a great article that explains what Domain Name System (DNS) is and how it works - take a few minutes to read it.
Back to the Lookup tool, it allows you to examine your DNS server. You can type in a domain name and then click the Lookup button to get IP addresses that are associated with that domain name. Similarly, type in an IP address will return to you all the domain names that are associated with that IP address. Some websites may have multiple IP addresses to serve different purposes, e.g., apple.com.
The main use of this tool is for troubleshooting DNS-related network problems. It's quite handy to find the IP address of a host, the domain name of an IP address, as well as mail servers for a domain.
This is one of the handiest tools in Network Utility, which does exactly what its name implies — to traces the route that network traffic goes from your Mac to another local computer or device, as well as external web servers.
To use this tool, simply fill in the destination, which is an IP address or domain name, and then click the Trace button. This process may take up to one or two minutes to display the complete result.
This is an example when we performed traceroute from one of our Macs to google.com.
Things start off on our Wi-Fi router at the following IP address: 192.168.1.1, then it goes through various Knology systems, which is our broadband Internet provider, and finally reaches out to Google servers. Traceroute shows the exact route that packets go and transit delays of them, between our Mac and Google's web server.
The Whois tab allows you to find out the entity behind a domain name. This can be somewhat handy if you are receiving too much spam from a specific email address and would like to complain to the domain registrar.
To get started, simply type a domain name, choose a whois server, and then click on the Whois button.
Wait for a few seconds, and you will know exactly where that domain is registered, when it will expire, as well as the individual or company behind that domain name and their contact information.
Unfortunately, this tool seems outdated nowadays. There are many web-based tools that can help you to query faster and better.
Think of Finger as a whois tool for individuals, which allows you to identify a registered user on your network. Depending on the information that your system administrator stores, this tool can return information like real name, email address, room number, and so on, based on your query. You may also get nothing if your system administrator hasn't added that information.
However, this tool is only useful on a local network system, where you can find stored information about its users. You can't use it to find information about a specific user from the internet based on their email address, e.g., email@example.com.
8. Port Scan
Port Scan is the last tab on the Network Utility application that will let you check for open TCP/UDP ports that are used by macOS, its apps, and services.
For example, here are several macOS features, apps, and services with the corresponding TCP/UDP ports:
- Hypertext Transfer Protocol (HTTP) uses port 80
- Internet Message Access Protocol (IMAP) uses port 143
- Secure Sockets Layer (SSL or HTTPS) uses port 443
- Simple Mail Transfer Protocol (SMTP) - 25
- Domain Name System (DNS) - 53
- Post Office Protocol (POP3) - 110
... and so on. For the full list of TCP and UDP ports that are used by Apple software products, read this document. To have a clear understanding of what a particular port is used for, check out this complete list from Wikipedia.org.
Port Scan doesn't only let you scan open ports on your computer but also can scan a computer or a server on the internet for any open ports, the same way we often do with NMAP but with fewer features. There are also a few other online port scanner tools that you may want to use in case you hate to use local apps.
Network Utility is a basic but surprisingly useful tool that can provide deep diagnostic information regarding your network's current status. Next time you have a network issue, don't forget to use it for troubleshooting.
For any questions regarding Network Utility, leave your comment below!