Amount of Network Traffic info from netstat output
Hi,
I'm trying to figure out how much traffic has been generated and received from netstat -s output (using Linux). I can see the output shows packet counts and Octet values, how would I correctly calculate how much traffic in and how much out?
My output below:
Ip:
88847576 total packets received
2 with invalid addresses
0 forwarded
0 incoming packets discarded
88847574 incoming packets delivered
52844660 requests sent out
Icmp:
61 ICMP messages received
0 input ICMP message failed.
ICMP input histogram:
destination unreachable: 18
echo requests: 41
echo replies: 2
1183 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 1132
echo request: 10
echo replies: 41
IcmpMsg:
InType0: 2
InType3: 18
InType8: 41
OutType0: 41
OutType3: 1132
OutType8: 10
Tcp:
251019 active connections openings
35110 passive connection openings
1118 failed connection attempts
23126 connection resets received
28 connections established
87528846 segments received
51931529 segments send out
2970 segments retransmited
0 bad segments received.
27487 resets sent
Udp:
1063578 packets received
1135 packets to unknown port received.
0 packet receive errors
1067360 packets sent
UdpLite:
TcpExt:
36 packets pruned from receive queue because of socket buffer overrun
137140 TCP sockets finished time wait in fast timer
703868 delayed acks sent
498 delayed acks further delayed because of locked socket
Quick ack mode was activated 110169 times
12738250 packets directly queued to recvmsg prequeue.
448039148 packets directly received from backlog
6267072197 packets directly received from prequeue
53978991 packets header predicted
15337583 packets header predicted and directly queued to user
3014704 acknowledgments not containing data received
14371452 predicted acknowledgments
469 times recovered from packet loss due to fast retransmit
Detected reordering 1 times using FACK
Detected reordering 1 times using reno fast retransmit
Detected reordering 75 times using time stamp
211 congestion windows fully recovered
639 congestion windows partially recovered using Hoe heuristic
513 congestion windows recovered after partial ack
0 TCP data loss events
20 timeouts after reno fast retransmit
5 timeouts in loss state
506 fast retransmits
169 retransmits in slow start
2065 other TCP timeouts
TCPRenoRecoveryFail: 118
2840 packets collapsed in receive queue due to low socket buffer
1298 DSACKs sent for old packets
3157 connections reset due to unexpected data
13952 connections reset due to early user close
77 connections aborted due to timeout
TCPSackShiftFallback: 32
IpExt:
InMcastPkts: 70545
OutMcastPkts: 2100
InBcastPkts: 342646
InOctets: 98734962532
OutOctets: 14102355880
InMcastOctets: 2257440
OutMcastOctets: 337050
InBcastOctets: 45015868
thanks in advance.
Wilson.
Last edited by wilsonee; 02-01-2012 at 12:01 AM..
Reason: more info
I'm not sure what you mean by 'traffic,' so I'll assume total bytes. If not, the technique can be applied to other measurements.
The output from netstat is a total count since 'the beginning of time' which is probably the last boot. The man page I just checked didn't give any indication so that's my assumption.
Regardless, in order to know what your traffic is, you have to capture a baseline value, and then at sometime in the future, capture a second value with the difference being the traffic over that period of time.
A small script like this can present output counts by the minute:
One note: Bash is not able to handle the syntax 'command | read x y' so this isn't a portable script. If you want to use this under bash you'll need to change each get_stats statement to these three:
My son does homework on a school laptop. I was thinking about setting up a gateway on my home network, so that I can monitor web traffic and know if he is doing his homework without standing over his shoulder. Ideally I would like to use the Raspberry Pi Model b that I already have. However, I... (15 Replies)
Help required for creating a unix shell script using netstat command for retrieving total traffic in Kbytes with the source and destination address. (4 Replies)
Hi All
I am resilience testing an application that is spread across multiple servers.
One thing I will need to do soon is throttle the network traffic for specific interfaces within the test cluster. Specifically, maybe make a connection take twice or three times as long to respond....
I... (3 Replies)
If I would like to know what connection , data , traffic in a network port ( eth0 ) , what can I do ?
ps. because I always found the network is very slow , so I would like what the network port is doing .
Thanks
Login ID ust3 is currently in read-only mode for multiple infractions. Creating... (0 Replies)
I Colleagues,
Somebody can say me how to monitoring traffic in the network. also I am interested in monitoring memory. if somebody to know a guide with command advanced in unix welcome for me.
Thank you for adcanced. (0 Replies)
Hello All
I just wanted to know if on solaris ,below two commands need to be run separately unlike AIX where "/usr/bin/netstat -an -f inet " gives tcp as well as udp info.
/usr/bin/netstat -an -f inet -P tcp
/usr/bin/netstat -an -f inet -P udp
Also is there any way i can make these two... (10 Replies)
Hi all,
Got a strange one here, well not so much strange, different :-)
I need to work out if a server is particulary chatty, whether its talking / communicating heavily to a particular server, as Im planning to physically move the server to a different server, over a link. Hence the... (6 Replies)
there are commands to monitor the memory, paging, io... how about network traffic. i mean commands to see whether the network traffic (LAN) is congested? the closest i got is netstat
thanks (6 Replies)