Preface
In Linux systems, monitoring TCP connections is one of the important tasks of network management and troubleshooting. Whether it is a system administrator or a developer, it is crucial to understand how to view and analyze TCP connection status. This article will explain in detail how to monitor TCP connections on Linux systems, including using the /proc/net/tcp file, the awk command, the ss command, and the netstat command. We will also discuss the problems that may be encountered in actual operation and their solutions.
1. Introduction
In Linux systems, TCP connections are the basis of network communication. Whether it is a web server, database or other network services, it relies on TCP connections to enable data transmission. Therefore, monitoring the status of TCP connections is critical to ensuring system stability and performance.
This article will introduce how to monitor TCP connections in Linux systems, including using/proc/net/tcpdocument,awkOrder,ssCommands andnetstatOrder. We will also discuss the problems that may be encountered in actual operation and their solutions.
2. Basic knowledge of TCP connection
TCP (Transmission Control Protocol) is a connection-oriented protocol used to reliably transmit data on a network. The life cycle of a TCP connection includes the following stages:
- Establish a connection: Establish a connection through three handshakes.
- Data transmission: After the connection is established, both parties can start transmitting data.
- Close the connection: Close the connection by wave four times.
In Linux systems, the status of TCP connections can be monitored through a variety of tools and files, the most commonly used one is/proc/net/tcpdocument,ssCommands andnetstatOrder.
3. Use the /proc/net/tcp file to monitor TCP connections
File format parsing
/proc/net/tcpThe file contains the TCP connection information of the current system. Each line represents a TCP connection, in the format as follows:
sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
- sl: A unique identifier for the connection.
- local_address: Local address and port number (hexadecimal representation).
- rem_address: Remote address and port number (hexadecimal representation).
- st: Connection status (hexadecimal representation).
- tx_queueandrx_queue: The size of the send and receive queues.
- tr、tm->when、retrnsmt: Information related to retransmission.
- uid: User ID.
- timeout: Timeout time.
- inode: The inode number associated with the connection.
Use the awk command to count the number of TCP connections
awkIt is a powerful text processing tool that can be used for parsing/proc/net/tcpFile and count the number of TCP connections. Here is a sample command:
awk 'NR>1 {count++} END {print "TCP Connections:", count+0}' /proc/net/tcp
- NR>1: Skip the first row header.
- count++: Count each row.
- END {print “TCP Connections:”, count+0}: Output count results after file processing is finished.
4. Frequently Asked Questions and Solutions
Why is the /proc/net/tcp file empty?
if/proc/net/tcpThe file is empty or has only one line of table header, possible reasons include:
- The system does not have a TCP connection established: If the system does not run any network services or client programs, there may be no TCP connection.
- Container environment limitations: In a container environment, the container may not have permission to access the host's network stack, or the container itself does not establish any TCP connections.
- Network configuration issues: Check the network configuration to ensure that the network interface is enabled and can communicate normally.
How to verify that a TCP connection exists?
You can verify that the TCP connection exists using the following command:
cat /proc/net/tcp | wc -l
If the output is 1, there is only the header row and no TCP connection.
5. Use the ss and netstat commands to monitor TCP connections
Use of ss command
ssis a modern tool for viewing network connection status. Here are some commonly used onesssOrder:
View all TCP connections:
ss -t
View established TCP connections:
ss -t state established
To count the number of established TCP connections:
ss -t state established | wc -l
Use of netstat command
netstatis a traditional tool for viewing network connection status. Here are some commonly used onesnetstatOrder:
View all TCP connections:
netstat -t
View established TCP connections:
netstat -t | grep ESTABLISHED
To count the number of established TCP connections:
netstat -t | grep ESTABLISHED | wc -l
6. Monitor TCP connections in a container environment
In a container environment, monitoring TCP connections may encounter some limitations. For example, the container may not have permission to access the host's network stack, or the container itself does not establish any TCP connections. You can view TCP connections in a container using the following command:
ss -t
If the output is empty, there is no TCP connection in the container.
7. Simulate TCP connection for testing
To test the TCP connection counting function, TCP connections can be simulated. Here is a simple test method:
Start a TCP service:
python3 -m 8080
Access the service from another terminal or machine:
curl http://<IP>:8080
examine/proc/net/tcpdocument:
cat /proc/net/tcp | wc -l
awk 'NR>1 {count++} END {print "TCP Connections:", count+0}' /proc/net/tcp
8. Summary
Monitoring TCP connections is an important task in Linux system management and troubleshooting. This article describes how to use the /proc/net/tcp file, awk command, ss command, and netstat command to monitor TCP connections. We also discussed the problems that may be encountered in actual operation and their solutions.
By mastering these tools and methods, you can better understand and monitor TCP connections in Linux systems, ensuring system stability and performance.
This is the article about how to monitor TCP connections in Linux systems. For more related content on Linux monitoring TCP connections, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!