Tuesday 22 October 2019

Netstat command



 Below netstat commands are helpful while troubleshooting the Socket timeout issue. 


  • ·         netstat -ie                          -- to show all interfaces
  • ·         netstat –r                            -- show current rounting table
  • ·         netstat –C                           -- show the current active connection
  • ·         netstat -at                            -- show all the current connection,
  -l    -- listen on local machine
  -p  -- processes

  • ·         netstat -tanp | grep PID
  • ·         netstat -nap | grep :Port
      Most of the 11 TCP states are easy to understand and most programmers know what they mean:
CLOSED: There is no connection.
LISTEN: The local end-point is waiting for a connection request from a remote end-point i.e. a passive open was performed.
SYN-SENT: The first step of the three-way connection handshake was performed. A connection request has been sent to a remote end-point i.e. an active open was performed.
SYN-RECEIVED: The second step of the three-way connection handshake was performed. An acknowledgement for the received connection request as well as a connection request has been sent to the remote end-point.
ESTABLISHED: The third step of the three-way connection handshake was performed. The connection is open.
FIN-WAIT-1: The first step of an active close (four-way handshake) was performed. The local end-point has sent a connection termination request to the remote end-point.
CLOSE-WAIT: CLOSE_WAIT means the operating system knows that the remote application has closed the connection and waits for the local application to also do so.
FIN-WAIT-2: The remote end-point has sent an acknowledgement for the previously sent connection termination request. The local end-point waits for an active connection termination request from the remote end-point.If the count is high then may be there is some issue, application is not closing the connection properly. Lots of FIN-WAIT-2 connection ead to a memory overflow.
LAST-ACK: The local end-point has performed a passive close and has initiated an active close by sending a connection termination request to the remote end-point.
CLOSING: The local end-point is waiting for an acknowledgement for a connection termination request before going to the TIME-WAIT state.
TIME-WAIT: The local end-point waits for twice the maximum segment lifetime (MSL) to pass before going to CLOSED to be sure that the remote end-point received the acknowledgement

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)