ss is one another utility to investigate sockets(特适合大规模tcp链接)
April 8th, 2010
原创文章,转载请注明: 转载自系统技术非业余研究
本文链接地址: ss is one another utility to investigate sockets(特适合大规模tcp链接)
具体的可以参考这里
他的最大特点是快, 当你的系统有上万个tcp链接要了解的时候的时候, 你就知道我说什么了. netstat等常规工具变成废铁了, 这时候他的作用就非常明显了.
/procinterface is inadequate, unfortunately. When amount of sockets is enough large,netstator even plaincat /proc/net/tcp/cause nothing but pains and curses. In linux-2.4 the desease became worse: even if amount of sockets is small reading/proc/net/tcp/is slow enough.This utility presents a new approach, which is supposed to scale well. I am not going to describe technical details here and will concentrate on description of the command. The only important thing to say is that it is not so bad idea to load module
tcp_diag, which can be found in directoryModulesofiproute2. If you do not make thissswill work, but it falls back to/procand becomes slow likenetstat, well, a bit faster yet (see section “Some numbers”).
从技术上讲, 它主要是通过/proc来获取各种各样的统计信息. 特别是当处理tcp的时候用到了, tcp_diag功能. tcp_diag是tcp协议栈用于诊断和统计的一个模块, 用netfilter来获取第一手的信息的. ss就用到了这个技术, 保证了信息的快捷获取.
这个软件是隶属于iproute包的, 如果你的系统没有的话可以这样安装:
apt-get -y install iproute
用它可以了解下协议栈占用的内存, 每个链接的队列使用情况, 每个链接属于哪个进程.
而之前唯一能用的就是:
watch -n 1 'cat /proc/net/sockstat'
下面简单介绍下他的使用:
root@ubuntu:/usr/src/iproute-20090324/misc# ss --help
Usage: ss [ OPTIONS ]
ss [ OPTIONS ] [ FILTER ]
-h, --help this message
-V, --version output version information
-n, --numeric don't resolve service names
-r, --resolve resolve host names
-a, --all display all sockets
-l, --listening display listening sockets
-o, --options show timer information
-e, --extended show detailed socket information
-m, --memory show socket memory usage
-p, --processes show process using socket
-i, --info show internal TCP information
-s, --summary show socket usage summary
-4, --ipv4 display only IP version 4 sockets
-6, --ipv6 display only IP version 6 sockets
-0, --packet display PACKET sockets
-t, --tcp display only TCP sockets
-u, --udp display only UDP sockets
-d, --dccp display only DCCP sockets
-w, --raw display only RAW sockets
-x, --unix display only Unix domain sockets
-f, --family=FAMILY display sockets of type FAMILY
-A, --query=QUERY
QUERY := {all|inet|tcp|udp|raw|unix|packet|netlink}[,QUERY]
-F, --filter=FILE read filter information from FILE
FILTER := [ state TCP-STATE ] [ EXPRESSION ]
root@ubuntu:/usr/src/iproute-20090324/misc# ss -s Total: 750 (kernel 761) TCP: 21 (estab 7, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0 Transport Total IP IPv6 * 761 - - RAW 0 0 0 UDP 3 3 0 TCP 21 18 3 INET 24 21 3 FRAG 0 0 0
root@ubuntu:/usr/src/iproute-20090324/misc# ss -t -m State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 mem:(r0,w0,f4096,t0) CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https mem:(r672,w0,f3424,t0) ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 mem:(r0,w0,f4096,t0) ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 mem:(r0,w0,f0,t0) ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 mem:(r0,w0,f4096,t0) ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 mem:(r0,w0,f0,t0) ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 mem:(r0,w0,f0,t0) ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 mem:(r0,w0,f0,t0)
root@ubuntu:/usr/src/iproute-20090324/misc# ss -p
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 users:(("sshd",8373,3))
CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https users:(("dropbox",2674,13))
ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 users:(("sshd",350,3))
ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 users:(("epmd",28338,5))
ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 users:(("sshd",29044,3))
ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 users:(("epmd",28338,4))
ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 users:(("beam.smp",25947,11))
ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 users:(("inet_gethost",23783,8),("inet_gethost",23784,8))
root@ubuntu:/usr/src/iproute-20090324/misc# ss -i
State Recv-Q Send-Q Local Address:Port Peer Address:Port
ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251
cubic rto:396 rtt:124.5/66 ato:40 cwnd:4 send 375.3Kbps rcv_rtt:296456 rcv_space:66472
CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https
cubic wscale:7,9 rto:612 rtt:256/52 ato:40 cwnd:5 send 213.8Kbps rcv_rtt:259 rcv_space:5840
ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635
cubic rto:356 rtt:144/33 ato:40 cwnd:4 send 324.4Kbps rcv_rtt:511258 rcv_space:46760
ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620
cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32768
ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095
cubic rto:232 rtt:21/18 ato:40 cwnd:5 ssthresh:4 send 2.8Mbps rcv_rtt:173516 rcv_space:118904
ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234
cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32768
ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369
cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32792
ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369
cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32792
root@ubuntu:/usr/src/iproute-20090324/misc# ss -e State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 timer:(keepalive,50min,0) ino:1843366 sk:c2ea2600 CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https ino:12200 sk:c2ea2140 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 timer:(keepalive,2min59sec,0) ino:1101514 sk:c2ea4740 ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 ino:2309430 sk:c2ea2ac0 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 timer:(keepalive,6min59sec,0) ino:379842 sk:c2f4af80 ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 ino:2044745 sk:c2ea3440 ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 ino:2309429 sk:c2ea7200 ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 ino:2044744 sk:c2ea1300
root@ubuntu:/usr/src/iproute-20090324/misc# ss -o State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 timer:(keepalive,50min,0) CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 timer:(keepalive,2min50sec,0) ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 timer:(keepalive,6min50sec,0) ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369
Have fun!!!
Post Footer automatically generated by wp-posturl plugin for wordpress.
请教下霸爷,ss -s 出来的closed数目异常(一直积累到几十万不会释放,其他状态正常)可能和那些因素有关?(个别服务器存在此问题)谢谢。
信息如下:
Total: 717825 (kernel 717929)
TCP: 718937 (estab 2098, closed 716067, orphaned 4, synrecv 0, timewait 148/0), ports 1432
Transport Total IP IPv6
* 717929 – –
RAW 0 0 0
UDP 22 19 3
TCP 2870 2865 5
INET 2892 2884 8
FRAG 0 0 0