Monday, February 10, 2014



In previous article, we understood the column wise information about netstat output. In this article, we will understand the different examples and uses of this command.

How to get interface statistics?

When we use –i flag with netstat command, it gives the currently configured interface statistics. If we use –a option then it gives all interface’s statistics.
[root@server1 Downloads]# netstat –I
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500   0    39784      0      0      0      568      0      0      0 BMRU
lo        16436   0       16      0      0      0       16      0      0      0 LRU
[root@server1 Downloads]#
[root@server1 Downloads]# netstat -ia
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500   0    40698      0      0      0      639      0      0      0 BMRU
lo        16436   0       16      0      0      0       16      0      0      0 LRU
pan0       1500   0        0      0      0      0        0      0      0      0 BM
sit0       1480   0        0      0      0      0        0      0      0      0 O
[root@server1 Downloads]#

Columns showing information about the packet status as follow:

MTU
Maximum transmission unit
Met
Metric values for that interface
RX-OK/TX-OK
How many packets received or transmitted successfully
RX-ERR/TX-ERR
Errors in packets(not delivered successfully)
RX-DRP/TX-DRP
Number of packets dropped
RX-OVR/TX-OVR
Number of packets are lost because of overrun
Flags
Flags that have been set for interface.

There are different types of flags. We got four types of flag in above example. Below is the short information about these flags.

B
Broadcast address has been set for this interface
O
Address resolution protocol is turned off for this interface
U
Interface is up
P
Point to point connection
R
Interface is running
L
Interface is a loopback device
M
All packets received successfully

How to display different types of connections using netstat command?
TCP, UDP and RAW and unix socket connection we can see by using –t, -u, -w, and –x flags with netstat command. Detailed description about this you will get in this article.
Posted by Machindra Dharmadhikari On 2/10/2014 10:19:00 PM No comments READ FULL POST


We have already gone through the netstat command uses but there are lots of uses of this command. We will understand some of the uses in this article.
·         When we use –r flag with linux netstat command then it is giving output same as route command. route command gives output info as kernel IP routing table. I have used –n flag with netstat, it gives IP information in dotted rather than symbolic host and network names.



Let’s understand column wise details about above output-

Destination

First column shows the destination IP address or symbolic hostname. 

Gateway

Second column shows the gateway to which the routing entry points. If gateway is not used then asterisk (*) is printed instead. 

Genmask

Third column is general mask, which is used when given IP address finding suitable route then kernel checks with each routing table entry and taking bitwise AND of the address and genmask before comparing it to the target of the route.

Flags

The fourth column can shows the following flags and their meaning as follows:
G             the route uses the gateway
U             the interface to be used is up.
H             only single host can be reached through the route. It is in case of loopback address.
D             this route is dynamically created.
M            sets when table entry was made by ICMP redirect message.
!              the route is reject route and datagram will be dropped.

MSS

Fifth column shows MSS i.e. Maximum segment size. i.e. this is largest datagram size which kernel has constructed for transmission via route.

Window

Sixth column shows the window i.e. it is the maximum amount of data system can accept from single burst from a remote host.

IRTT

Seventh column shows the irtt. i.e. Initial round trip time. The TCP protocol keeps the time to deliver a datagram and then acknowledgement of received, this is called round trip time. And initial round trip time is the time when connection established.
Iface
Eighth and last column gives information about network interface that this route will use.
Posted by Machindra Dharmadhikari On 2/10/2014 10:16:00 PM No comments READ FULL POST
  • RSS
  • Delicious
  • Digg
  • Facebook
  • Twitter
  • Linkedin
  • Youtube

    Chitika Ads 2

    Histat

    About

    Enter your email address:

    Delivered by FeedBurner