Rafa XU's technical blog: ss (socket statistics) introduction

Almost every sys-admin know the powerful tool called ‘netstat’ but it is time to say bye-bye to netstat as we have a more powerful and concise tool called ‘ss’.

1. ss introduction

ss is the abbreviation for socket statistics. It is part of the iproute tool. If you can’t use ss, you need to install iproute such as
yum install iproute iproute-doc
while netstat is part of net-tools which has not been updated since 2001
when we compare the performance between ss and netstat, we can get the conclusion that ss is much faster than netstat, that is because ss uses TCP’s tcp_diag to get the statistics from linux kernel.

See when a linux handle 10000 TCP connections, netstat took over 1 second to get the output and only 0.01 second to get the ss status


[root@X003 bin]# time netstat -ant > /dev/null

real    0m1.334s
user    0m0.230s
sys     0m1.101s
[root@X003 bin]# time ss -s
Total: 10439 (kernel 10442)
TCP:   11073 (estab 9203, closed 1, orphaned 800, synrecv 0, timewait 0/0), ports 10007

Transport Total     IP        IPv6
*         10442     -         -
RAW       0         0         0
UDP       8         5         3
TCP       11072     10008     1064
INET      11080     10013     1067
FRAG      0         0         0


real    0m0.014s
user    0m0.000s
sys     0m0.012s
ss





2.       Basic usage:
1.       ss -s       #Get basic statistics information 


[root@X003 bin]# ss -s
Total: 180 (kernel 197)
TCP:   15 (estab 3, closed 1, orphaned 0, synrecv 0, timewait 0/0), ports 7

Transport Total     IP        IPv6
*         197       -         -
RAW       0         0         0
UDP       8         5         3
TCP       14        8         6
INET      22        13        9
FRAG      0         0         0

2.       ss -l        #only list the listening port 


[root@X003 bin]# ss -l
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
LISTEN     0      128                    :::sunrpc                  :::*
LISTEN     0      128                     *:sunrpc                   *:*
LISTEN     0      128                    :::http                    :::*
LISTEN     0      128                    :::ssh                     :::*
LISTEN     0      128                     *:ssh                      *:*
LISTEN     0      128             127.0.0.1:ipp                      *:*
LISTEN     0      128                   ::1:ipp                     :::*
LISTEN     0      100                   ::1:smtp                    :::*
LISTEN     0      100             127.0.0.1:smtp                     *:*
LISTEN     0      128                    :::55878                   :::*
LISTEN     0      128                     *:38186                    *:*

3.       ss -t        #only list the tcp status


[root@X003 bin]# ss -t
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
ESTAB      0      52         192.168.56.113:ssh           192.168.56.1:65433
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65417
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65418

4.       ss -u       #only list the udp status


5.       ss -p      #list the program associated with port


[root@X003 bin]# ss -p
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
ESTAB      0      52         192.168.56.113:ssh           192.168.56.1:65433    users:(("sshd",1789,3))
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65417    users:(("sshd",1734,3))
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65418    users:(("sshd",1759,3))

6.       ss -n      #don’t convert the number to the hostname or known service name


[root@X003 bin]# ss -n
State      Recv-Q Send-Q        Local Address:Port          Peer Address:Port
ESTAB      0      52           192.168.56.113:22            192.168.56.1:65433
ESTAB      0      0            192.168.56.113:22            192.168.56.1:65417
ESTAB      0      0            192.168.56.113:22            192.168.56.1:65418

7.       ss -e      #show the extensive/detailed information.



[root@X003 bin]# ss -e
State      Recv-Q Send-Q      Local Address:Port          Peer Address:Port
ESTAB      0      52         192.168.56.113:ssh           192.168.56.1:65433    timer:(on,354ms,0) ino:74064 sk:ffff88002c8d5440
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65417    timer:(keepalive,76min,0) ino:73782 sk:ffff8800299e4d80
ESTAB      0      0          192.168.56.113:ssh           192.168.56.1:65418    timer:(keepalive,76min,0) ino:73915 sk:ffff8800299e4700

About Me

Wednesday, 25 June 2014

ss (socket statistics) introduction

1. ss introduction

2. Basic usage:

No comments:

Post a Comment