How to Use Netstat to Troubleshoot Server Network Issues

data center cables

Networking issues can be among the most frustrating to resolve, especially if you don’t know how to interpret the output of tools like ifconfig and tcpdump and don’t have the time to dig through their arcane and convoluted documentation. 

If that sounds familiar, I’d like to introduce you to netstat, a Linux command line utility that can display just about anything you might need to know to track down network security and performance issues on your server.

As you might expect, netstat can be difficult to get to grips with, so let’s focus on seven common network troubleshooting tasks and how you can accomplish them with netstat.

1. Checking active network connections

To see all active network connections on your server, use the netstat -a or netstat -an command. These provide a comprehensive list that includes vital information such as the connection protocol, local and remote IP addresses, and port numbers, which can be invaluable when diagnosing network issues or monitoring connections.

2. Monitoring network traffic

Keep track of network traffic statistics with the netstat -s command, which displays data that includes the number of packets sent and received, any errors encountered, and discarded packets.

3. Identifying listening ports

To reveal all open listening ports on your server, use netstat -l or netstat -ln. You’ll receive a detailed list that includes the process and protocol associated with each listening port, information particularly helpful for identifying unauthorized or unexpected open ports.

For a quick overview of all listening ports on your server, you can also use the netstat -an | grep LISTEN command. This will display a list of listening ports, along with the associated process and protocol.

4. Identifying which process is using a particular port

If you need to pin down which process is utilizing a specific port, look no further than the netstat -tulpn command. It provides a list of all active network connections with the corresponding process and port number.

5. Checking for network connectivity issues

For a more in-depth look at your server’s network connectivity, use netstat -rn. It displays the server’s routing table, which can help you diagnose connectivity problems and pinpoint the root cause.

6. Identifying network performance issues

To identify performance issues or bottlenecks within your server’s network, use netstat -i. This command displays statistics about your network interfaces, including the number of packets sent and received, errors, and collisions. The output will help you uncover potential performance problems and optimize your server’s network efficiency.

7. Checking for established connections

To view all established connections on your server, execute netstat -an | grep ESTABLISHED. This will generate a list containing the local and remote IP addresses and port numbers of all established connections, including those that are not yet being actively used. 

Mastering netstat enhances your ability to troubleshoot and optimize your server’s network performance and security. Keep these seven essential commands in your arsenal, and you’ll be better equipped to tackle any network challenge that comes your way.