Linux view network link details data

Mobile 2023-09-05 21:38:20 views: null

1. Check which IPs are connected to the machine

netstat -an

2. View the number of TCP connections

1) Count the number of connections on port 80

netstat -nat | grep -i "80" | wc -l

2) Count the number of httpd protocol connections

ps -ef | grep httpd | wc -l

3) Statistics are connected, the status is "established

netstat -anp | grep ESTABLISHED | wc -l

4) Find out which IP address has the most connections and block it

netstat -anp | grep ESTABLISHED | awk {print $5}|awk -F: {print $1} | sort | uniq -c | sort -r +0n
netstat -anp | grep SYN | awk {print $5}|awk -F: {print $1} | sort | uniq -c | sort -r +0n

Example:

1. View the current number of concurrent accesses of Apache:

netstat -anp | grep ESTABLISHED | wc -l

Compare the difference between the numbers of MaxClients in httpd.conf.

2. Check how many processes there are:

ps to | grep httpd | wc-l

3. You can use the following parameters to view the data

# ps -ef | grep httpd | wc -l
1388

Count the number of httpd processes, and even a request will start a process for the Apache server.

It means that Apache can handle 1388 concurrent requests, and this value can be automatically adjusted by Apache according to the load condition.

# netstat -ant | grep -i "80" | wc -l
4341

netstat -an will print the current network link status of the system, while grep -i "80" is used to extract connections related to port 80, and wc -l performs statistics on the number of connections. The final number returned is the total number of requests for all current port 80.

# netstat -anp | grep ESTABLISHED | wc -l
376

netstat -an will print the current network link status of the system, and grep ESTABLISHED will extract the information of the established connection. Then wc -l statistics. The final number returned is the total number of established connections of all current port 80.

netstat -ant || grep ESTABLISHED | wc -

A detailed record of all established connections can be viewed

View the number of concurrent requests of Apache and its TCP connection status:

# netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' TIME_WAIT 8947 Wait for enough time to ensure connection is received by remote 
TCP Acknowledgment of interruption request 
FIN_WAIT1 15 Waiting for remote TCP connection interruption request, or confirmation of previous connection interruption request 
FIN_WAIT2 1 Waiting for connection interruption request from remote TCP 
ESTABLISHED 55 Represents an open connection 
SYN_RECV 21 Waiting for the other party after receiving and sending a connection request Acknowledgment of the connection request 
CLOSING 2 No connection status 
LAST_ACK 4 Waiting for the acknowledgment of the original connection interruption request sent to the remote TCP

Detailed Explanation of TCP Connection Status 

  • LISTEN: Listen for connection requests from remote TCP ports
  • SYN-SENT: wait for a matching connection request after sending the connection request
  • SYN-RECEIVED: After receiving and sending a connection request, wait for the other party to confirm the connection request
  • ESTABLISHED: Represents an open connection
  • FIN-WAIT-1: Wait for the remote TCP connection interruption request, or the confirmation of the previous connection interruption request
  • FIN-WAIT-2: Waiting for connection interruption request from remote TCP
  • CLOSE-WAIT: Waiting for a connection interruption request from a local user
  • CLOSING: Waiting for the remote TCP to confirm that the connection is interrupted
  • LAST-ACK: Waiting for the confirmation of the original connection interruption request sent to the remote TCP
  • TIME-WAIT: Wait for enough time to ensure that the remote TCP receives an acknowledgment of the connection interruption request
  • CLOSED: no connection status
  • SYN_RECV indicates the number of requests waiting to be processed;
  • ESTABLISHED indicates the normal data transmission status;
  • TIME_WAIT indicates the number of requests that have been processed and are waiting for the timeout to end.

4. If it is found that there are a large number of connections in the TIME_WAIT state in the system, it can be solved by adjusting the kernel parameters

vim /etc/sysctl.conf

Edit the file and add the following:

net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30

then execute

/sbin/sysctl -p

Let the parameters take effect.

Attach the meaning of TIME_WAIT state:

  • net.ipv4.tcp_syncookies = 1 means enable SYN cookies. When the SYN waiting queue overflows, enable cookies to handle it, which can prevent a small amount of SYN attacks. The default is 0, which means it is closed;
  • net.ipv4.tcp_tw_reuse = 1 means enable reuse. Allow TIME-WAIT sockets to be reused for new TCP connections, the default is 0, which means closed;
  • net.ipv4.tcp_tw_recycle = 1 means to enable the fast recycling of TIME-WAIT sockets in the TCP connection, and the default is 0, which means it is turned off.
  • net.ipv4.tcp_fin_timeout modify the system default TIMEOUT time

5. After the client establishes a TCP/IP connection with the server and closes the SOCKET, the port status of the server connection is TIME_WAIT. Does it mean that all sockets that are actively closed will enter the TIME_WAIT state? Is there any situation that makes the actively closed socket directly enter the CLOSED state?

After sending the last ack, the party that actively closes will enter the TIME_WAIT state and stay for 2MSL (max segment lifetime). This is essential for TCP/IP, that is, it cannot be "solved". That is, the TCP/IP designer originally designed it this way.

There are two main reasons:

  • 1. Prevent the packets in the last connection from reappearing after getting lost, affecting the new connection (after 2MSL, all duplicate packets in the last connection will disappear)
  • 2. Close the TCP connection reliably. The last ack(fin) sent by the active closing party may be lost. At this time, the passive party will resend fin. If the active party is in the CLOSED state at this time, it will respond to rst instead of ack. Therefore, the active party must be in the TIME_WAIT state, not CLOSED. TIME_WAIT does not take up a lot of resources unless it is attacked. Also, if one party's send or recv times out, it will directly enter the CLOSED state.

6. How to reasonably set the maximum number of connections of Apache httpd?

There is a website at hand with an increasing number of online users, and it is very slow when visiting. Initially, it was thought that the server resources were insufficient, but after repeated tests, once connected, clicking on different links on the same page could open them quickly. This phenomenon means that the maximum number of connections in apache is already full, and new visitors can only Waiting in line for an idle connection, and once connected, there is no need to reopen the connection within the survival time of keeyalive (KeeyAliveTimeout, default 5 seconds), so the solution is to increase the maximum number of connections of apache.

1. Where is it set?

Apache 2.24, using the default configuration (FreeBSD does not load custom MPM configuration by default), the default maximum number of connections is 250

Load the MPM configuration in /usr/local/etc/apache22/httpd.conf (remove the previous comment):

# Server-pool management (MPM specific)
Include etc/apache22/extra/httpd-mpm.conf

The visible MPM configuration is in /usr/local/etc/apache22/extra/httpd-mpm.conf, but it is divided into many blocks according to the working mode of httpd. Which one is the current working mode of httpd? Can be viewed by executing apachectl -l:

Compiled in modules:
              core.c
              prefork.c
              http_core.c
              mod_so.c

Seeing the word prefork, it can be seen that the current httpd should be working in prefork mode. The default configuration of prefork mode is:

<IfModule mpm_prefork_module>
                StartServers                      5
                MinSpareServers                   5
                MaxSpareServers                  10
                MaxClients                      150
                MaxRequestsPerChild               0
</IfModule>

2. How much should be added?

Theoretically, the larger the number of connections, the better, but it must be within the capabilities of the server, which is related to the CPU, memory, bandwidth, etc. of the server.

To view the current number of connections you can use:

ps to | grep httpd | wc-l

or:

pgrep httpd|wc -l

Calculate the average amount of memory used by httpd:

ps aux|grep -v grep|awk '/httpd/{sum+=$6;n++};END{print sum/n}'

Since they are basically static pages, the CPU consumption is very low, and the memory occupied by each process is not too much, about 200K.

The server memory has 2G, and about 500M (conservative estimate) is required except for the services started normally, and 1.5G is available, so theoretically it can support 1.5*1024*1024*1024/200000 = 8053.06368

There are about 8K processes, and it should be no problem to support 20,000 people to visit at the same time (it can guarantee that 8K of them can visit quickly, and others may need to wait for 1 or 2 seconds to connect, and once connected, it will be very smooth)

MaxClients controls the maximum number of connections, so you can try to configure it as:

<IfModule mpm_prefork_module>
                StartServers                      5
                MinSpareServers                   5
                MaxSpareServers                  10
                ServerLimit                    5500
                MaxClients                     5000
                MaxRequestsPerChild               100
</IfModule>

Note that MaxClients defaults to a maximum of 250. If you want to exceed this value, you must explicitly set ServerLimit, and ServerLimit must be placed before MaxClients, and the value should not be less than MaxClients, otherwise there will be a prompt when restarting httpd.

After restarting httpd, execute pgrep httpd|wc -l repeatedly to observe the number of connections. It can be seen that the number of connections does not increase after reaching the set value of MaxClients, but the access to the website is also smooth at this time, so don’t be greedy and set more If the value is too high, otherwise, the server memory will be consumed if there is a sudden increase in website visits in the future. You can gradually adjust it according to the trend of access pressure and changes in memory usage in the future until you find an optimal setting value.

(MaxRequestsPerChild cannot be set to 0, the server may crash due to memory leaks)

Formula for better maximum calculation:

apache_max_process_with_good_perfermance < (total_hardware_memory / apache_memory_per_process ) * 2
apache_max_process = apache_max_process_with_good_perfermance * 1.5

7. Real-time detection of the number of httpd connections:

watch -n 1 -d "pgrep httpd|wc -l"

Forward address

Linux checks the number of connections to a port- EasonJim - Blog Park

Guess you like

Origin blog.csdn.net/qq_23080741/article/details/121224365
Recommended
微软回应中国区AI团队“打包赴美”传闻
Ranking
How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)
sudo echo command execution Permission denied
ADO: Using Transactions to Operate Oracle Database
[Java] [Class and Object] equals, hashCode, clone methods
Linux virtual host function
Порт управления rabbitmq открыт
on,where
jQuery WeUI
How can there be a weed pilot in Hangzhou?
tcp / ip model four
Daily
More
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)

Code World

© 2018 codetd.com