This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: System Administration

CLI Magic: No-nonsense network monitoring tools

By Razvan T. Coloja on November 27, 2007 (4:00:00 PM)

Share    Print    Comments   

Linux is an excellent platform for network administration. If you want to monitor your network traffic, you can find many tools -- some accessible from a Web interface, others using a graphical interface -- but nothing beats the speed of the command line. Command-line tools are also useful in shell scripts, where they can help you perform complex tasks. Here's a handful of my favorites for monitoring network traffic.

 Atop is a system and process manager that displays network traffic, along with other useful information such as CPU consumption, memory usage, and a process list. Atop has a handful of options to be passed to at startup. To see network network-related information and save it to a log file located in /var/log, start the application with atop -N > /var/log/atopnet.log.

You need to patch the Linux kernel source to use the application to show TCP send and receive requests and the number of bytes received and transmitted through TCP/UDP. A second patch lets you automatically show data regarding terminated processes when atop starts.

Bmon is a bandwidth monitor for network connections. With it you can selectively watch a certain network card or a many of them, and even keep an eye on interfaces that are down (using the -a switch). Bmon can show results using either ASCII mode or the curses library, and can even generate statistics in an HTML file. If started without any options, bmon will show interface statistics using ncurses and display all available network connections. Once the application is started, you can press the g key to enable graphical mode and d to enable detailed statistics. If your server has subinterfaces, you can view them by pressing the f key.

One of the cool features of bmon is that it can provide interface statistics using rtnetlink with either the proc or sys filesystems. For example, if you start bmon with a command like bmon -i eth1,eth4 -o curses, it will monitor only the specified network cards in curses mode. You can use wildcards in interface names. If you want HTML output, enable the HTML output module in /etc/bmon.conf and launch bmon with -o html.

The utility also provides a command that you can use to bind not yet assigned keys to shell scripts. For example, if you quickly need to bring eth0 down, you can assign a key to it by creating a script that shuts down the interface and linking it to bmon with bind key /path/to/script.

Bwmon is similar to bmon, but it provides limited options. It shows bandwidth usage in curses mode and has options to show average bandwidth utilization since last boot (using -a), print maximum bandwidth utilization since the last launch of the program (using -m), and specify update timeout (using -u value).

Netwatch is an invaluable tool when it comes to network monitoring, and one of my personal favorites. It can not only show what IP addresses or hostnames are communicating with the outside, but also what ports they are using. Netwatch is great when you are a network administrator in a small or medium-sized office and your users are constantly downloading large files from the Internet. It can email you warnings about bandwidth usage (if you use the -u warnuser option) and can log all or specific packets.

Speedometer is a little different from the rest of these tools. It measures network traffic and the speed or progress of a certain file transfer. Let's say you want to see how fast someone can download a file from your server and how the download is going in real time. Enter speedometer filename, and the program will draw a progress bar that shows the speed of the transfer. It can print the RX and TX rates on a per-interface basis (using -rx iface and -tx iface). You can use speedometer to test the upstream speed of your ADSL line, the transfer speed of your LAN, or the time needed to send a file to a server.

I use speedometer when I need to send one of my clients a backup of his site. I email him the link to the .bz2 file and make sure he gets it. When speedometer tells me the file has been copied, I email the recipient with details of how he can burn the file to a multisession DVD.

There are many more tools out there that can help you monitor your network. Use them and let that bandwidth roll!

Razvan T. Coloja has published more than 150 Linux and IT-related articles in print and online magazines. He is an editor for a Romanian magazine and one of the maintainers and editors of www.mylro.org, a Romanian Linux/OSS portal and community.

Share    Print    Comments   

Comments

on CLI Magic: No-nonsense network monitoring tools

Note: Comments are owned by the poster. We are not responsible for their content.

CLI Magic: No-nonsense network monitoring tools

Posted by: Anonymous [ip: 220.249.173.74] on November 27, 2007 04:41 PM
bmon is perfect, thanks for recommandation.

#

CLI Magic: No-nonsense network monitoring tools

Posted by: Anonymous [ip: 79.167.38.70] on November 27, 2007 04:54 PM
I've been using iptraf (iptraf.seul.org) for the last 7-8 years and I'm really happy with it when it comes to network monitoring. You should check it out.
Also, how come tcpdump is not in your list of monitoring tools?

#

iftop

Posted by: Anonymous [ip: 85.81.29.171] on November 27, 2007 05:20 PM
iftop is also really sweet and is in the fedora repository, unlike the ones mentioned.

#

CLI != magic

Posted by: Anonymous [ip: 169.233.25.105] on November 27, 2007 06:09 PM
WTF Linux.com. You would think that these editors would realize that by now. Guess some folks never understand the true power of the CLI.

#

Re: CLI != magic

Posted by: Anonymous [ip: 24.248.89.66] on November 27, 2007 06:40 PM
It's the name of the series of articles. It's an literary device to convey to the user that the command line is a powerful tool and is worth learning how to use. "Command Line Magic" is much simpler to write than "Command line tips that shows you the command line is worth learning how to use" and it actually bring a bit of flavor to the pot on a subject that some people find dry at times.

#

Re: CLI != magic

Posted by: Anonymous [ip: 71.207.161.72] on November 28, 2007 12:05 AM
Again you have blessed us with your infinite wisdom. We must beg archbishop Ballmer for indulgences from straying from the GUI way. May the flying chair of justice bypass you.

#

your post != intelligent

Posted by: Anonymous [ip: 204.50.208.4] on November 28, 2007 02:06 PM
Your not that cool; get over yourself.

#

Re: your post != intelligent

Posted by: Anonymous [ip: 169.233.25.231] on November 30, 2007 09:11 AM
Use "you're" not "your" in that context.

#

bwm-ng

Posted by: Anonymous [ip: 64.56.208.2] on November 27, 2007 09:21 PM
I'm using bwm-ng to display bandwidth info

#

dnstop for watching DNS traffic

Posted by: Anonymous [ip: 222.0.20.88] on November 28, 2007 09:57 AM

CLI Magic: No-nonsense network monitoring tools

Posted by: Anonymous [ip: 72.37.252.50] on November 29, 2007 02:49 AM
my all time favorites are : iftop and atop

#

killer tool "jnettop" missing

Posted by: Anonymous [ip: 10.32.60.118] on November 29, 2007 01:45 PM
Since I discovered "jnettop" a long time ago... I do not use anything else anymore.

It displays transfer speed and session per TCP session etc... and can handle tcpdump-like filter rules.

#

htop is excellent too

Posted by: Anonymous [ip: 69.89.100.136] on November 30, 2007 07:20 AM
I'm a big fan of the htop utility. It's like top on steroids. It shows roughly the same info as top, but in a way that's easier to digest and offers a lot more interactivity.

http://htop.sourceforge.net/

#

CLI Magic: No-nonsense network monitoring tools

Posted by: Anonymous [ip: 69.8.157.195] on November 30, 2007 06:04 PM
Bmon site is currently down - any mirrors?

#

Re: CLI Magic: No-nonsense network monitoring tools

Posted by: Anonymous [ip: 71.170.201.5] on December 01, 2007 05:48 PM
http://people.suug.ch/~tgr/bmon/ is where to download it. Google the most overlook tool that you could of use. Lazy people

#

alias nntop='/usr/bin/watch -d "/bin/netstat -pantu | grep -v TIME_WAIT"'

Posted by: Anonymous [ip: 65.214.38.10] on December 04, 2007 03:39 PM
there - i wrote that myself - Lazy people!

#

CLI Magic: No-nonsense network monitoring tools

Posted by: Anonymous [ip: 15.235.153.107] on December 05, 2007 05:50 PM
don't forget collectl - http://collectl.sourceforge.net/
shows virtually everything every other tool shows including Infiniband, Lustre, processes, slabs and much more. You can run it interactively or even log to a file for later play back.

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya