Notes on networking observability commnads
For many years and many UNIXen the netstat command has been the way to get information on the current state of TCP/IP and UNIX sockets. The recent man pages for netstat on linux state that netstat is “mostly obsolete” and use ss instead. The man page for ss, “another utility to investigate sockets”, says that is allows showing information similar to netstat. Some notes on using ss.
Overview Statistics
ss -s
Total: 549 (kernel 0)
TCP: 15 (estab 4, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0
Transport Total IP IPv6
* 0 - -
RAW 0 0 0
UDP 7 7 0
TCP 15 8 7
INET 22 15 7
FRAG 0 0 0 Listening Sockets
ss -l
Too much outputListening TCP sockets
ss -l -t
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.53%lo:domain 0.0.0.0:*
LISTEN 0 5 127.0.0.1:ipp 0.0.0.0:*
LISTEN 0 5 [::1]:ipp [::]:* Listening UDP sockets
ss -l -u
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 127.0.0.53%lo:domain 0.0.0.0:*
UNCONN 0 0 0.0.0.0:bootpc 0.0.0.0:*
UNCONN 0 0 0.0.0.0:ipp 0.0.0.0:*
UNCONN 0 0 0.0.0.0:33501 0.0.0.0:*
UNCONN 0 0 0.0.0.0:mdns 0.0.0.0:*
UNCONN 0 0 0.0.0.0:mdns 0.0.0.0:*
UNCONN 0 0 0.0.0.0:mdns 0.0.0.0:*
UNCONN 0 0 [::]:55092 [::]:*
UNCONN 0 0 *:mdns *:*
UNCONN 0 0 [::]:mdns [::]:*