Many a times Linux System Admin2 face problem in network latency, connectivity the servers hampers the services which impact to the business. Using linux basic tools can not really solve it but you can identify the issues faced by the host to host or host to the device.
Here we will be using tcpdump tool to capture packet after which you can analyse the data and conclude with errors host.
If you have installed linux properly tcpdump is by default installed on to your system, and if not you can install it finding the relevant packages for your distros
RPM Based Linux can google for “tcpdump +rpm” and Debian can google for “tcpdump +deb”, you will get enough results to finish installing the TCPDUMP package onto your system.
After installing, check if tcpdump is installed successfully executing the below command
#>which tcpdump
Should return the binary location of the package installed
/usr/sbin/tcpdump
After confirming you can run tcpdump with various options passing to the command to check for the options
[root@ashwin ~]# tcpdump --help tcpdump version 3.9.8 libpcap version 0.9.8 Usage: tcpdump [-aAdDeflLnNOpqRStuUvxX] [-c count] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -Z user ] [ expression ]
We will be capturing packets for 2 minutes and analyze for any issues with hosts connecting to and from.
Running the below command will capture all the packets transferring between the hosts through the Network Interface Cards and will be redirected to a file
tcpdump -n -i bond0 -e -vvv > output.log
Once you have captured packets for 5 minutes press Ctrl + z to end and proceed with analyzing the file “output.log”
Example :
2.39.omserv > 11.240.240.141.nfs: ., cksum 0x1eba (correct), 156:156(0) ack 28961 win 30782
18:41:21.397883 00:a0:98:10:7a:05 > 00:21:5a:4c:a6:3e, ethertype IPv4 (0×0800), length 1514: (tos 0×0, ttl 64, id 26738, offset 0, flags [DF], proto: TCP (6), length: 1500) 11.240.240.141.2049 > 11.240.240.39.33554432: reply ERR 1448
In the above line its clear that a partition is mounted on the host using NFS protocol from other hosts having IP 11.240.240.141 which is having issues while transferring data to host bearing IP 11.240.240.39 Error “reply ERR 1448″
You can find great detail in the output of tcpdump, Also you can use wireshark to read the output.txt and get a better clarity of the data transmission hence lot of network latency can be resolved.
Enjoy.
Related posts:
- How to Change System Timezone on Linux Distros – Centos, Ubuntu, Redhat, Fedora Many a times after initial installation of Linux operating system...
- How to broadcast a Message through Terminal to Login users In Fedora, Centos, RedHat, Ubuntu Do you want to sent message to all logged in...
- Howto configure Network Time Protocol NTP Server on Linux Centos, Ubuntu, Fedora, RHEL This tutorial will guide you with step by step installation...
- Using Sendmail to Relay Mails from Your MSP/ISP in Centos, RHEL, Ubuntu and Other Linux Distros Do you want to relay mails from your local sendmail...