Shulou(Shulou.com)06/02 Report--

This article will introduce in detail for you "Linux system how to view tcp connection number", the content steps are clear and detailed, the details are handled properly, and the editor updates different knowledge points every day, hope that this article "Linux system how to view the number of tcp connections" can give you unexpected harvest, please follow the editor's train of thought slowly in depth, the specific content is as follows, to harvest new knowledge.

First, check which IP is connected to the local computer.

Netstat-an II. Check the number of TCP connections

1) count the number of connections at port 80

Netstat-nat | grep-I "80" | wc-L2) Statistics the number of httpd protocol connections

Ps-ef | grep httpd | wc-L3), count the connected ones, with a status of "established"

Netstat-na | grep ESTABLISHED | wc-L4), find out which IP address has the most connections and seal it.

Netstat-na | grep ESTABLISHED | awk {print $5} | awk-F: {print $1} | sort | uniq-c | sort-r + 0n netstat-na | grep SYN | awk {print $5} | awk-F: {print $1} | sort | uniq-c | sort-r + 0n1, check the current concurrent visits to apache:

Netstat-an | grep ESTABLISHED | the difference between wc-l and the number of MaxClients in httpd.conf.

2. Check the number of processes:

Ps aux | grep httpd | wc-L3. You can use the following parameters to view the data

Server-status?auto # ps-ef | grep httpd | wc-l 1388 counts the number of httpd processes. A single request will start a process to be used on the Apache server. Indicates that Apache can handle 1388 concurrent requests, and this value Apache can be adjusted automatically according to the load.

# netstat-nat | grep-I "80" | wc-l 4341netstat-an prints the current network link status of the system, while grep-I "80" is used to extract connections related to port 80, and wc-l calculates the number of connections. The final number returned is the total number of requests for all current ports 80.

# netstat-na | grep ESTABLISHED | wc-l 376netstat-an prints the current network link status of the system, and grep ESTABLISHED extracts the information of the established connection. Then wc-l statistics. The final number returned is the total number of established connections on all ports 80 currently.

Netstat-nat | | grep ESTABLISHED | wc-you can view the detailed records of all established connections to view the number of concurrent requests in Apache and their TCP connection status:

Netstat-n | awk'/ ^ tcp/ {+ + S [$NF]} END {for (an in S) print a, S [a]} 'return result: TIME_WAIT 8947 waits for enough time to ensure that the remote TCP receives confirmation of the connection interruption request FIN_WAIT1 15 waits for the remote TCP connection interruption request Or previous confirmation of connection break request FIN_WAIT2 1 wait for connection break request from remote TCP ESTABLISHED 55 on behalf of an open connection SYN_RECV 21 receive and send a connection request and wait for confirmation of connection request CLOSING 2 does not have any connection status LAST_ACK 4 wait for the original confirmation of connection break request sent to remote TCP connection status details LISTEN: listen from afar TCP port connection request SYN-SENT: send a connection request and wait for a matching connection request SYN-RECEIVED: receive and send a connection request and wait for the other party's confirmation of the connection request ESTABLISHED: on behalf of an open connection FIN-WAIT-1: wait for the remote TCP connection break request Or confirmation of previous connection break request FIN-WAIT-2: wait for connection break request from remote TCP CLOSE-WAIT: wait for connection break request sent from local user CLOSING: wait for confirmation of connection break by remote TCP LAST-ACK: wait for confirmation of original connection break request sent to remote TCP TIME-WAIT: wait enough time to ensure that the remote TCP receives the connection break please Confirm CLOSED: there is no connection status to check the number of Apache concurrent requests and their TCP connection status to check the number of httpd processes (that is, the number of concurrent requests that Apache can handle in prefork mode):

Ps-ef | grep httpd | wc-l returned result example: 1388 means Apache can handle 1388 concurrent requests. This value Apache can be adjusted automatically according to the load. The peak value of each server in my group has reached 2002.

Check the number of concurrent requests for Apache and their TCP connection status:

Netstat-n | awk'/ ^ tcp/ {+ + S [$NF]} END {for (an in S) print a, S [a]} 'return result example: LAST_ACK 5 SYN_RECV 30 ESTABLISHED 1597 FIN_WAIT1 51 FIN_WAIT2 504 TIME_WAIT 1057 where SYN_RECV indicates the number of requests waiting to be processed; ESTABLISHED indicates normal data transfer status; TIME_WAIT indicates the number of requests waiting for timeout to end. Status description: CLOSED: no connection is active or in progress LISTEN: server is waiting for incoming call SYN_RECV: a connection request has arrived, waiting for confirmation SYN_SENT: application has started Open a connection ESTABLISHED: normal data transfer status FIN_WAIT1: the application says it has completed FIN_WAIT2: the other side has agreed to release ITMED_WAIT: wait for all packets to die CLOSING: both sides try to close TIME_WAIT at the same time; the other side has initialized a release LAST_ACK: wait for all packets to die such as a connection with a large number of TIME_WAIT states found in the system Solve by adjusting kernel parameters

Edit the vim / etc/sysctl.conf file by adding the following:

Net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_fin_timeout = 30 and then execute / sbin/sysctl-p to make the parameter take effect.

Net.ipv4.tcp_syncookies = 1 means that SYN cookies is enabled. When a SYN waiting queue overflow occurs, enable cookies to prevent a small number of SYN attacks. Default is 0, which means disabled; net.ipv4.tcp_tw_reuse = 1 means reuse is enabled. Allow TIME-WAIT sockets to be reused for new TCP connections. Default is 0, which means disabled. Net.ipv4.tcp_tw_recycle = 1 means to enable fast recycling of TIME-WAIT sockets in TCP connections. Default is 0, which means disabled. The meaning of the TIME_WAIT status is attached to the default TIMEOUT time of the net.ipv4.tcp_fin_timeout modification system:

After the client establishes a TCP/IP connection with the server and closes the SOCKET, the port status of the server connection is TIME_WAIT

Will all socket that perform an active shutdown enter the TIME_WAIT state? Is there any situation that causes the actively closed socket to enter the CLOSED state directly?

After sending the last ack, the active shutdown party will enter the TIME_WAIT state to stay in 2MSL (max segment lifetime) time, which is essential to TCP/IP, that is, it cannot be "solved".

That's how TCP/IP designers designed it. There are two main reasons: 1, prevent the packets in the last connection from getting lost and reappear, affecting the new connection (through 2MSL, all duplicate packets in the previous connection will disappear) 2. Reliably close the TCP connection in the last ack (fin) sent by the active shutdown party, which may be lost, and the passive party will resend the fin. If the active party is in the CLOSED state, it will respond to rst instead of ack. So the active party should be in the TIME_WAIT state, not CLOSED. TIME_WAIT does not take up a lot of resources unless it is attacked. Also, if one party times out with send or recv, it will directly enter the CLOSED state.

How to set the maximum number of connections for apache httpd reasonably? There is a website on hand, the number of people online is increasing, and the access is very slow. It is initially believed that the server resources are insufficient, but after repeated tests, once the connection is connected, it can be opened quickly by constantly clicking on different links on the same page. This phenomenon means that the maximum number of apache connections is full, and new visitors can only wait in line for free links. Once connected, there is no need to reopen the connection within the survival time of keeyalive (KeepAliveTimeout, default is 5 seconds). Therefore, the solution is to increase the maximum number of apache connections.

1. Where can I set it? Apache 2.24, using the default configuration (FreeBSD does not load custom MPM configuration by default), and the default maximum number of connections is 250

Load the MPM configuration in / usr/local/etc/apache22/httpd.conf (remove the previous comments): the visible MPM of # Server-pool management (MPM specific) Include etc/apache22/extra/httpd-mpm.conf is configured in / usr/local/etc/apache22/extra/httpd-mpm.conf, but it is divided into many blocks according to the working mode of httpd. Which part is the current working mode of httpd? You can view this by executing apachectl-l:

Compiled in modules: core.c prefork.c http_core.c mod_so.c sees the word prefork, so it can be seen that the current httpd should be working in prefork mode. The default configuration of prefork mode is:

StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 02. How much do you want to add? In theory, of course, the larger the number of connections, the better, but within the capacity of the server, it is related to the server's CPU, memory, bandwidth, and so on. To view the current number of connections, you can use:

Ps aux | grep httpd | wc-l or: pgrep httpd | wc-l calculates the average amount of memory occupied by httpd:

Ps aux | grep-v grep | awk'/ httpd/ {sum+=$6;n++}; END {print sum/n} 'because the pages are basically static, the CPU consumption is very low, and each process takes up a small amount of memory, about 200K. The server has 2 gigabytes of memory, and apart from the normally started service, which requires about 500 megabytes (conservatively estimated), there are still 1.5 gigabytes available, so in theory, it can support 1.510241024cm 1024max 200000 = 8053.06368 about 8K processes. It should be no problem to support 2W people to access at the same time (it can ensure that 8K people can access quickly, while others may have to wait 1 or 2 seconds to connect. Once connected, it will be very smooth) MaxClients that controls the maximum number of connections, so you can try to configure it to:

StartServers 5 MinSpareServers 5 MaxSpareServers 10 ServerLimit 5500 MaxClients 5000 MaxRequestsPerChild 100Note: MaxClients defaults to a maximum of 2500.If you want to exceed this value, you need to explicitly set ServerLimit And ServerLimit should be placed before MaxClients, and the value should not be less than MaxClients, otherwise you will be prompted when you restart httpd. After restarting httpd, observe the number of connections by repeatedly executing pgrep httpd | wc-l. You can see that the number of connections does not increase after reaching the MaxClients setting, but visiting the website is also smooth at this time, so there is no need to set a higher value greedily, otherwise, if the website visits increase carelessly in the future, it will run out of server memory. You can gradually adjust it according to the trend of access pressure and changes in memory usage in the future, until you find an optimal setting. (MaxRequestsPerChild cannot be set to 0, which may cause the server to crash due to memory leaks.) Formula for better maximum calculation:

Apache_max_process_with_good_perfermance detects the number of HTTPD connections in real time: watch-n 1-d "pgrep httpd | wc-l" Linux which versions are available: Deepin, UbuntuKylin, Manjaro, LinuxMint, Ubuntu and other versions of Linux. Among them, Deepin is one of the best-developed Linux distributions in China; UbuntuKylin is a derivative release based on Ubuntu; Manjaro is a Linux release based on Arch; LinuxMint's default Cinnamon desktop is similar to Windows XP's easy-to-use; Ubuntu is the Linux operating system based on desktop applications.

Thank you for reading this. The editor hopes that you will have the most profound understanding of the key issue of "how to check the number of tcp connections in Linux system" from the practical level, and you need to practice and use it yourself in order to understand it. If you want to read more related articles, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.