netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Linux, Unix-like, and Windows operating systems. netstat is powerful and can be a handy tool to troubleshoot network-related issues and verify connection statistics. If you type netstat -help, you will get the following usage guidelines. Let me show you some of the examples of the command. The following are tested on RHEL/CentOS, but I don’t see any reason not to work on another distro like Ubuntu.

Established Connection

If you are looking for all established connections from the server. If you many established connections and interested in looking for one of the IPs, then you can use another grep.

Listening Connection

Let’s say you’ve started some service, and that is supposed to listen on a particular IP:Port, this would be handy to verify. Or, you can use -l argument to show all the listening sockets. Take advantage of grep to filter the results.

Port Number used by PID

You know your application started and aware of PID (Process Identifier) but not sure what’s the port number it’s using. Below example is for PID 3937 As you can see, port 80 is being used for PID 3937.

All Protocols Statistics

Having frequent disconnections due to packet discarded? -s argument will show you overall stats where you can pay attention to packets discarded messages.

Kernel routing information

Having a routing issue? or, connectivity is not working as expected due to connection is traveling through a different route? Quickly check the routing table.

PID used by Port Number

Very handy to troubleshoot port conflict issue. Lets’s say you are trying to start Apache or Nginx server, which listens on port 80 but can’t because some other process already using port 80. And, you can see the PID 3937 is using that port. If you are using AIX, then This will display the address of the Protocol Control Block in hexadecimal Once you have hexadecimal, then can execute below to get wich process is holding a port number.

List of network interfaces

Having multiple ethernet interfaces? or not sure and want to find out?

Continuous Listening

An excellent option when troubleshooting services crash related issues. Let’s say an application is crashing randomly every few minutes. But, not sure when exactly. You can use -c argument which will continuously show the results. When it stops updating, then you know its crashed.

Conclusion

netstat is one of the widely used commands by sysadmin and I hope the above examples give you an idea about what you can do with it. If you are looking to learn more about Linux administration, then check out this Udemy course.

netstat Command Usage on Linux - 23netstat Command Usage on Linux - 6netstat Command Usage on Linux - 54netstat Command Usage on Linux - 11netstat Command Usage on Linux - 22netstat Command Usage on Linux - 34netstat Command Usage on Linux - 48netstat Command Usage on Linux - 18netstat Command Usage on Linux - 74netstat Command Usage on Linux - 88netstat Command Usage on Linux - 56netstat Command Usage on Linux - 92netstat Command Usage on Linux - 37netstat Command Usage on Linux - 44netstat Command Usage on Linux - 5netstat Command Usage on Linux - 44netstat Command Usage on Linux - 96netstat Command Usage on Linux - 64netstat Command Usage on Linux - 22netstat Command Usage on Linux - 51netstat Command Usage on Linux - 10netstat Command Usage on Linux - 84netstat Command Usage on Linux - 13