| Performance | tool | illustrate |
|---|---|---|
| Throughput (BPS) | sar nethogs iftop | You can view the network throughput of the network interface, process and IP address separately |
| PPS | sar /proc/net/dev | View the PPS of the network interface |
| Connections | netstat ss | View the number of connections |
| Delay | ping hping3 | Test network latency via ICMP, TCP, etc. |
| Connection Tracking Number | conntrack | View and manage connection tracking status |
| routing | mtr route traceroute | View routing and test link information |
| DNS | you nslookup | Troubleshooting DNS Resolution Issues |
| Firewall and NAT | iptables | Configure management firewall and NAT rules |
| Network card function | ethtool | Capabilities for viewing and configuring network interfaces |
| grab bag | tcpdump Wireshark | Capture packets and analyze network traffic |
| Kernel stack trace | bcc systemtap | Dynamically trace the behavior of the kernel protocol stack |
| tool | The main function |
|---|---|
| ifconfig ip | Configure and view network interfaces |
| ss | View the number of network connections |
| sar /proc/net/dev /sys/class/net/eth0/statistics/ | View the network sending and receiving status of the network interface |
| netlogs | Check the network sending and receiving status of the process |
| iftop | View the network sending and receiving of IP |
| ethtool | View and configure network interfaces |
| conntrack | View and manage connection tracking status |
| nslookup you | Troubleshooting DNS Resolution Issues |
| mtr route treceroute | View routing and test link information |
| ping hping3 | Test network latency |
| tcpdump | Network capture tool |
| iptables | Configure and manage firewall or NAT rules |
| perf | Analyze the performance of the kernel protocol stack |
| systemtap bcc | Dynamically trace the behavior of the kernel protocol stack |
TCP optimization
| TCP optimization method | kernel options | reference settings |
|---|---|---|
| Increase the number of connections in TIME_WAIT state | net.ipv4.tcp_max_tw_buckets | 1048576 |
| Increase connection tracking table size | net.netfilter.nf_conntrack_max | 1048576 |
| Shorten the timeout period in TIME_WAIT state | net.ipv4.tcp_fin_timeout | 15 |
| Shorten the timeout period for connections in the TIME_WAIT state in the connection tracking table | net.netfilter.nf_conntrack_tcp_timeout_time_wait | 30 |
| The port occupied by the TIME_WAIT state can also be used for new connections | net.ipv4.tcp_tw_reuse | 1 |
| Increase the range of local port numbers | net.ipv4.ip_local_port_range | 10000 65000 |
| Increase the maximum number of file descriptors for the system and applications | fs.nr_open (system), LimitNOFILE in systemd configuration file (application) | 1048576 |
| Increase the maximum number of semi-joins | net.ipv4.tcp_max_syn_backlog | 16384 |
| Enable SYN Cookies | net.ipv4.tcp_syncookis | 1 |
| Shorten the interval between sending keepalive probe packets | net.ipv4.tcp_keepalive_intvl | 30 |
| Reduce the number of retries before notifying the application after a failed keepalive probe | net.ipv4.tcp_keepalive_probes | 3 |
| Shorten the interval between the last data packet and the Keepalive probe packet | net.ipv4.tcp_keepalive_time | 600 |