Sunday, June 24, 2012

Using netstat to diagnose network

Netstat is one good "swiss army knife" to look deeper into the workings linux networking.

I thought I just quickly put some netstat commands which I often used and find it helpgul in resolving networking issue.

1. Checking of networking interfaces
netstat -i

Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500   0 95453656      0      0      0   177764      0      0      0 BMRU
lo        16436   0       70      0      0      0       70      0      0      0 LRU

 

2. Show Kernel Routing Table Information
# netstat -r 

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
  1.1.57.28     *               255.255.255.128 U         0 0          0 eth0
link-local      *               255.255.0.0     U         0 0          0 eth0
default             1.1.1.125   0.0.0.0         UG        0 0          0 eth0

3. Show active listening ports ( -l) with the specific process (-p) associated with listening port
# netstat -ap

....
unix  2      [ ACC ]     STREAM     LISTENING     21138  2474/gnome-session  @/tmp/.ICE-unix/2474
unix  2      [ ACC ]     STREAM     LISTENING     23166  2674/pulseaudio     /tmp/.esd-0/socket
....

3a. To show a specific process ie ssh
# netstat -ap |grep ssh

tcp        0      0 *:ssh                       *:*                         LISTEN      1771/sshd
tcp        0     52 1.1.57.28:ssh            172.21.4.129:50591          ESTABLISHED 7837/sshd
tcp        0      0 *:ssh                       *:*                         LISTEN      1771/sshd
unix       2      [ ACC ]     STREAM     LISTENING     21646  2464/gnome-keyring- /tmp/keyring-i1zxcd/socket.ssh
unix       2      [ ]         DGRAM                    8766783 7837/sshd

4. View operational statistics for network protocol
# netstat -s

Ip:
    12311840 total packets received
    1801583 with invalid addresses
    0 forwarded
    0 incoming packets discarded
    10510256 incoming packets delivered
    174002 requests sent out
Icmp:
    300 ICMP messages received
    0 input ICMP message failed.
    ICMP input histogram:
        destination unreachable: 18
        echo requests: 282
    555 ICMP messages sent
    0 ICMP messages failed
    ICMP output histogram:
        destination unreachable: 125
        echo request: 148
        echo replies: 282
...
A good resource can be found at
  1.  UNIX / Linux: 10 Netstat Command Examples

No comments: