{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"前言","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上次发了","attrs":{}},{"type":"link","attrs":{"href":"https://xie.infoq.cn/article/bc1ac76b89662add12392392e","title":""},"content":[{"type":"text","text":"linux命令总结","attrs":{}}]},{"type":"text","text":"之后,很多朋友说想看网络命令归纳总结,今天他来了,别废话,给我收藏起来。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"推荐一下自己的linuxC/C++交流群:973961276!整理了一些个人觉得比较好的学习书籍、视频资料以及大厂面经视频共享在群文件里面,有需要的小伙伴可以自行添加哦!~","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"网络连通性检测","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"当应用出现网络异常时,首先需要确认的就是网络的连通性是否正常,下面一组命令可快速检测网络的连通性,如下:","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测DNS","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"dig www.baidu.combash\nnslookup www.baidu.combash\nhost www.baidu.com","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测主机是否可达","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"ping www.baidu.com","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测port是否可达","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"#检查tcp端口\ntelnet www.baidu.com 80\n#检查udp端口\nnc -uvz ip port","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测SSL","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"SSL认证也经常导致程序无法连接,主要出现在SSL握手过程中。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"openssl s_client -connect www.baidu.com:443 -prexit","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"一键检测","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"多数情况下,可以使用curl一键检测所有过程,如果有问题,再使用上面的命令逐个排查。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"curl -v http://www.baidu.com:80/","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"时间消耗分布","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用curl可检测出http协议接口各阶段花费的时间。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ curl -o /dev/null -s -w \" time_namelookup:%{time_namelookup}s\\n time_connect:%{time_connect}s\\n time_starttransfer:%{time_starttransfer}s\\n time_total:%{time_total}s\\n speed_download:%{speed_download}\\n http_code:%{http_code}\" \"http://www.baidu.com\"\n time_namelookup:0.016542s\n time_connect:0.038686s\n time_starttransfer:0.063550s\n time_total:0.063593s\n speed_download:37793.000\n http_code:200","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_namelookup:开始到DNS查询完成的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_connect:开始到TCP三次握手完成的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_starttransfer:开始到收到服务端发来首字节数据的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_total:开始到服务端数据接收完成的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"零基础和大三大四的朋友看这里>>","attrs":{}},{"type":"link","attrs":{"href":"https://ke.qq.com/course/444655?flowToken=1029781","title":null},"content":[{"type":"text","text":"c/c++ 企业级项目实战","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"已经工作了想继续自我提升跳槽涨薪的工程师看这里>>","attrs":{}},{"type":"link","attrs":{"href":"http://xn--https-vw1h119eb0elyzjoa//ke.qq.com/course/417774?flowToken=1026211","title":null},"content":[{"type":"text","text":"c/c++ linux服务器高级","attrs":{}}]}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"检查socket连接","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"由于网络通信都需要靠socket,所以检查一下socket连接以及它的分布情况也是非常有必要的。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检查端口是否监听","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"服务端程序一定会监听至少一个端口,检查监听socket是否存在,也是判断服务进程是否还存在的一种方法。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"netstat -nltp|grep 8080\nlsof -nP -i -sTCP:LISTEN|grep 8080","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看socket状态分布","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ ss -s\n$ netstat -nat | awk '/tcp/{print $6}'|sort|uniq -c\n 9 CLOSE_WAIT\n 102 ESTABLISHED\n 55 LISTEN\n 70 TIME_WAIT","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"需格外关注TIME_WAIT与CLOSE_WAIT这两种状态的数量,如果TIME_WAIT过多,可考虑优化内核网络参数或使用连接池,如果CLOSE_WAIT过多,就需要检查程序代码中哪里出现了连接泄露,导致未关闭连接了。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"谁连我最多","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"netstat -ant | awk '/tcp/{rl=split($5,r,\":\");printf \"%16s\\t%s\\n\",$4,r[rl-1]}' | sort | uniq -c | sort -nrk1 | head -n10","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"我连谁最多","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"netstat -ant | awk '/tcp/{ll=split($4,l,\":\");printf \"%11s\\t%s\\n\",l[ll-1],$5}' | sort | uniq -c | sort -nrk1 | head -n10","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"网络使用率检测","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看各连接网速","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"iftop -B -nNP\n","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看各进程网速","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"nethogs","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看网卡网速","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"sar -n DEV 1\nifstat ","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看网卡是否丢包","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# ifconfig命令,观察overrun/error/drop这几项\nifconfig\n# 同样,观察类似overflow、error、drop这些项\nethtool -S eth0","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"TCP层丢包与重传","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"有时,网卡层未出现丢包,但网络中间链路有可能出现丢包,这会导致tcp层重传,另外,如果tcp层的内核参数设置不合理,也可能导致丢包,比如backlog设置过小,服务器端网络io处理不过来。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ sar -n TCP,ETCP 1\n$ sudo watch -d -n1 'netstat -s|grep -iE \"listen|pruned|collapsed|reset|retransmit\"'\n 2879 connection resets received\n 378542 segments retransmitted\n 3357875 resets sent\n 52 resets received for embryonic SYN_RECV sockets\n 5 times the listen queue of a socket overflowed\n 5 SYNs to LISTEN sockets dropped\n TCPLostRetransmit: 235599\n 6337 fast retransmits\n 7877 retransmits in slow start\n 10385 connections reset due to unexpected data\n 1183 connections reset due to early user close","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"网络抓包","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"纯文本抓包","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# ngrep比较适合抓包类似http这种的纯文本协议\nsudo ngrep -W byline port 3306\n# 在无法使用抓包命令的情况下,也可使用nc、socat之类的网络工具,做一个端口转发,同时将转发流量打印出来\n# 另外在抓包https时,也可以使用socat将https流量代理为http流量,再进行抓包\nsocat -v TCP4-LISTEN:9999,bind=0.0.0.0,reuseaddr TCP4:remoteIp:9999","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"通用抓包工具","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# tcpdump抓包给wireshark分析\nsudo tcpdump tcp -i eth1 -s 0 -c 10000 and port 9999 -w ./target.cap\n# 抓rst包,用于网络经常出现connection reset异常的情况\nsudo tcpdump -ni any -s0 tcp and 'tcp[13] & 4 != 0 ' -vvv\n# 抓fin包,用于网络经常断连的情况\nsudo tcpdump -ni any -s0 tcp and 'tcp[13] & 1 != 0 ' -vvv","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"mysql抓包","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ sudo tshark -i eth0 -n -f 'tcp port 3306' -Y 'mysql' -T fields -e frame.number -e frame.time_epoch -e frame.time_delta_displayed -e ip.src -e tcp.srcport -e tcp.dstport -e ip.dst -e tcp.stream -e tcp.len -e tcp.nxtseq -e tcp.time_delta -e tcp.analysis.ack_rtt -e mysql.query\nRunning as user \"root\" and group \"root\". This could be dangerous.\nCapturing on 'ens33'\n4 1605412440.114466205 0.000000000 10.224.72.135 3306 59016 10.221.38.217 0 88 89 0.001027726\n6 1605412440.160709874 0.046243669 10.221.38.217 59016 3306 10.224.72.135 0 185 186 0.000020998\n8 1605412440.160929986 0.000220112 10.224.72.135 3306 59016 10.221.38.217 0 48 137 0.000211802\n9 1605412440.213810997 0.052881011 10.221.38.217 59016 3306 10.224.72.135 0 24 210 0.052881011 0.052881011\n11 1605412440.214178087 0.000367090 10.224.72.135 3306 59016 10.221.38.217 0 22 159 0.000341184\n12 1605412440.258391363 0.044213276 10.221.38.217 59016 3306 10.224.72.135 0 37 247 0.044213276 0.044213276 select @@version_comment limit 1\n14 1605412440.258812895 0.000421532 10.224.72.135 3306 59016 10.221.38.217 0 83 242 0.000395748\n15 1605412440.303693157 0.044880262 10.221.38.217 59016 3306 10.224.72.135 0 13 260 0.044880262 0.044880262 select 1\n16 1605412440.303955060 0.000261903 10.224.72.135 3306 59016 10.221.38.217 0 49 291 0.000261903 0.000261903\n17 1605412440.351387241 0.047432181 10.221.38.217 59016 3306 10.224.72.135 0 5 265 0.047432181 0.047432181","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"grpc抓包","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"对于grpc抓包,可以先使用tcpdump抓下来,然后到wireshark中查看,也可使用我从github找到的这个项目https://github.com/rmedvedev/grpcdump","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"sudo grpcdump -i eth0 -p 9999 -proto-path ~/protos -proto-files order/v1/log_service.proto","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"传输文件","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用scp","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"#上传文件到远程机器\nscp test.txt root@remoteIp:/home/\n#从远程机器下载文件\nscp root@remoteIp:/home/test.txt .","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用ncat","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"ncat其实就是常说的nc,但由于netcat也叫nc且用法稍有不同(ubuntu上的nc就是netcat),避免混淆,这里直接使用ncat","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# 接收文件端\nncat -l 9999 > test.txt\n# 发送文件端\nncat remoteIp 9999 < test.txt","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用python http server","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"python的http server经常用于分享本机文件给其它人,非常方便。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"python -m SimpleHTTPServer 8000\nwget http://remoteIp:8000/test.txt","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用使用python ftp server","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用python可以快速搭建一个ftp server,这样就即可以上传,又可以下载了。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"sudo pip3 install pyftpdlib\npython3 -m pyftpdlib -p 2121 -w\n#上传到ftp\ncurl ftp://remoteIp:2121/files/ -T file.txt\n#从ftp下载\ncurl -O ftp://remoteIp:2121/files/file.txt","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"总结","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"掌握常用的网络命令,还是非常有必要的,毕竟网络是如此复杂,必须要有东西能够窥探一些内部运行信息。","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/eb/eb920314e43a133cb56e5636cf849f28.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
继linux命令之后,我又给你们整理了网络命令归纳,快给我来收藏
{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"前言","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上次发了","attrs":{}},{"type":"link","attrs":{"href":"https://xie.infoq.cn/article/bc1ac76b89662add12392392e","title":""},"content":[{"type":"text","text":"linux命令总结","attrs":{}}]},{"type":"text","text":"之后,很多朋友说想看网络命令归纳总结,今天他来了,别废话,给我收藏起来。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"推荐一下自己的linuxC/C++交流群:973961276!整理了一些个人觉得比较好的学习书籍、视频资料以及大厂面经视频共享在群文件里面,有需要的小伙伴可以自行添加哦!~","attrs":{}}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"网络连通性检测","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"当应用出现网络异常时,首先需要确认的就是网络的连通性是否正常,下面一组命令可快速检测网络的连通性,如下:","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测DNS","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"dig www.baidu.combash\nnslookup www.baidu.combash\nhost www.baidu.com","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测主机是否可达","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"ping www.baidu.com","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测port是否可达","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"#检查tcp端口\ntelnet www.baidu.com 80\n#检查udp端口\nnc -uvz ip port","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检测SSL","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"SSL认证也经常导致程序无法连接,主要出现在SSL握手过程中。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"openssl s_client -connect www.baidu.com:443 -prexit","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"一键检测","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"多数情况下,可以使用curl一键检测所有过程,如果有问题,再使用上面的命令逐个排查。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"curl -v http://www.baidu.com:80/","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"时间消耗分布","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用curl可检测出http协议接口各阶段花费的时间。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ curl -o /dev/null -s -w \" time_namelookup:%{time_namelookup}s\\n time_connect:%{time_connect}s\\n time_starttransfer:%{time_starttransfer}s\\n time_total:%{time_total}s\\n speed_download:%{speed_download}\\n http_code:%{http_code}\" \"http://www.baidu.com\"\n time_namelookup:0.016542s\n time_connect:0.038686s\n time_starttransfer:0.063550s\n time_total:0.063593s\n speed_download:37793.000\n http_code:200","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_namelookup:开始到DNS查询完成的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_connect:开始到TCP三次握手完成的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_starttransfer:开始到收到服务端发来首字节数据的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"time_total:开始到服务端数据接收完成的时间","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"零基础和大三大四的朋友看这里>>","attrs":{}},{"type":"link","attrs":{"href":"https://ke.qq.com/course/444655?flowToken=1029781","title":null},"content":[{"type":"text","text":"c/c++ 企业级项目实战","attrs":{}}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"已经工作了想继续自我提升跳槽涨薪的工程师看这里>>","attrs":{}},{"type":"link","attrs":{"href":"http://xn--https-vw1h119eb0elyzjoa//ke.qq.com/course/417774?flowToken=1026211","title":null},"content":[{"type":"text","text":"c/c++ linux服务器高级","attrs":{}}]}]},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"检查socket连接","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"由于网络通信都需要靠socket,所以检查一下socket连接以及它的分布情况也是非常有必要的。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"检查端口是否监听","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"服务端程序一定会监听至少一个端口,检查监听socket是否存在,也是判断服务进程是否还存在的一种方法。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"netstat -nltp|grep 8080\nlsof -nP -i -sTCP:LISTEN|grep 8080","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看socket状态分布","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ ss -s\n$ netstat -nat | awk '/tcp/{print $6}'|sort|uniq -c\n 9 CLOSE_WAIT\n 102 ESTABLISHED\n 55 LISTEN\n 70 TIME_WAIT","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"需格外关注TIME_WAIT与CLOSE_WAIT这两种状态的数量,如果TIME_WAIT过多,可考虑优化内核网络参数或使用连接池,如果CLOSE_WAIT过多,就需要检查程序代码中哪里出现了连接泄露,导致未关闭连接了。","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"谁连我最多","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"netstat -ant | awk '/tcp/{rl=split($5,r,\":\");printf \"%16s\\t%s\\n\",$4,r[rl-1]}' | sort | uniq -c | sort -nrk1 | head -n10","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"我连谁最多","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"netstat -ant | awk '/tcp/{ll=split($4,l,\":\");printf \"%11s\\t%s\\n\",l[ll-1],$5}' | sort | uniq -c | sort -nrk1 | head -n10","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"网络使用率检测","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看各连接网速","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"iftop -B -nNP\n","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看各进程网速","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"nethogs","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看网卡网速","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"sar -n DEV 1\nifstat ","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"查看网卡是否丢包","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# ifconfig命令,观察overrun/error/drop这几项\nifconfig\n# 同样,观察类似overflow、error、drop这些项\nethtool -S eth0","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"TCP层丢包与重传","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"有时,网卡层未出现丢包,但网络中间链路有可能出现丢包,这会导致tcp层重传,另外,如果tcp层的内核参数设置不合理,也可能导致丢包,比如backlog设置过小,服务器端网络io处理不过来。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ sar -n TCP,ETCP 1\n$ sudo watch -d -n1 'netstat -s|grep -iE \"listen|pruned|collapsed|reset|retransmit\"'\n 2879 connection resets received\n 378542 segments retransmitted\n 3357875 resets sent\n 52 resets received for embryonic SYN_RECV sockets\n 5 times the listen queue of a socket overflowed\n 5 SYNs to LISTEN sockets dropped\n TCPLostRetransmit: 235599\n 6337 fast retransmits\n 7877 retransmits in slow start\n 10385 connections reset due to unexpected data\n 1183 connections reset due to early user close","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"网络抓包","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"纯文本抓包","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# ngrep比较适合抓包类似http这种的纯文本协议\nsudo ngrep -W byline port 3306\n# 在无法使用抓包命令的情况下,也可使用nc、socat之类的网络工具,做一个端口转发,同时将转发流量打印出来\n# 另外在抓包https时,也可以使用socat将https流量代理为http流量,再进行抓包\nsocat -v TCP4-LISTEN:9999,bind=0.0.0.0,reuseaddr TCP4:remoteIp:9999","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"通用抓包工具","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# tcpdump抓包给wireshark分析\nsudo tcpdump tcp -i eth1 -s 0 -c 10000 and port 9999 -w ./target.cap\n# 抓rst包,用于网络经常出现connection reset异常的情况\nsudo tcpdump -ni any -s0 tcp and 'tcp[13] & 4 != 0 ' -vvv\n# 抓fin包,用于网络经常断连的情况\nsudo tcpdump -ni any -s0 tcp and 'tcp[13] & 1 != 0 ' -vvv","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"mysql抓包","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"$ sudo tshark -i eth0 -n -f 'tcp port 3306' -Y 'mysql' -T fields -e frame.number -e frame.time_epoch -e frame.time_delta_displayed -e ip.src -e tcp.srcport -e tcp.dstport -e ip.dst -e tcp.stream -e tcp.len -e tcp.nxtseq -e tcp.time_delta -e tcp.analysis.ack_rtt -e mysql.query\nRunning as user \"root\" and group \"root\". This could be dangerous.\nCapturing on 'ens33'\n4 1605412440.114466205 0.000000000 10.224.72.135 3306 59016 10.221.38.217 0 88 89 0.001027726\n6 1605412440.160709874 0.046243669 10.221.38.217 59016 3306 10.224.72.135 0 185 186 0.000020998\n8 1605412440.160929986 0.000220112 10.224.72.135 3306 59016 10.221.38.217 0 48 137 0.000211802\n9 1605412440.213810997 0.052881011 10.221.38.217 59016 3306 10.224.72.135 0 24 210 0.052881011 0.052881011\n11 1605412440.214178087 0.000367090 10.224.72.135 3306 59016 10.221.38.217 0 22 159 0.000341184\n12 1605412440.258391363 0.044213276 10.221.38.217 59016 3306 10.224.72.135 0 37 247 0.044213276 0.044213276 select @@version_comment limit 1\n14 1605412440.258812895 0.000421532 10.224.72.135 3306 59016 10.221.38.217 0 83 242 0.000395748\n15 1605412440.303693157 0.044880262 10.221.38.217 59016 3306 10.224.72.135 0 13 260 0.044880262 0.044880262 select 1\n16 1605412440.303955060 0.000261903 10.224.72.135 3306 59016 10.221.38.217 0 49 291 0.000261903 0.000261903\n17 1605412440.351387241 0.047432181 10.221.38.217 59016 3306 10.224.72.135 0 5 265 0.047432181 0.047432181","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"grpc抓包","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"对于grpc抓包,可以先使用tcpdump抓下来,然后到wireshark中查看,也可使用我从github找到的这个项目https://github.com/rmedvedev/grpcdump","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"sudo grpcdump -i eth0 -p 9999 -proto-path ~/protos -proto-files order/v1/log_service.proto","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"传输文件","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用scp","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"#上传文件到远程机器\nscp test.txt root@remoteIp:/home/\n#从远程机器下载文件\nscp root@remoteIp:/home/test.txt .","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用ncat","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"ncat其实就是常说的nc,但由于netcat也叫nc且用法稍有不同(ubuntu上的nc就是netcat),避免混淆,这里直接使用ncat","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"# 接收文件端\nncat -l 9999 > test.txt\n# 发送文件端\nncat remoteIp 9999 < test.txt","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用python http server","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"python的http server经常用于分享本机文件给其它人,非常方便。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"python -m SimpleHTTPServer 8000\nwget http://remoteIp:8000/test.txt","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong","attrs":{}}],"text":"使用使用python ftp server","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"使用python可以快速搭建一个ftp server,这样就即可以上传,又可以下载了。","attrs":{}}]},{"type":"codeblock","attrs":{"lang":null},"content":[{"type":"text","text":"sudo pip3 install pyftpdlib\npython3 -m pyftpdlib -p 2121 -w\n#上传到ftp\ncurl ftp://remoteIp:2121/files/ -T file.txt\n#从ftp下载\ncurl -O ftp://remoteIp:2121/files/file.txt","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":3},"content":[{"type":"text","text":"总结","attrs":{}}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"掌握常用的网络命令,还是非常有必要的,毕竟网络是如此复杂,必须要有东西能够窥探一些内部运行信息。","attrs":{}}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/eb/eb920314e43a133cb56e5636cf849f28.jpeg","alt":null,"title":"","style":[{"key":"width","value":"100%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章