经过netstat -anp能够查看机器的当前链接状态:java
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8139 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:26837 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1046 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp6 0 910 10.100.83.145:57142 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 0 10.100.83.145:57114 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 914 10.100.83.145:57117 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 910 10.100.83.145:57126 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 0 10.100.83.145:57159 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 0 10.100.83.145:57128 10.100.83.140:80 ESTABLISHED 7072/java
对proto,localAddress等都比较好理解,其中Recv-Q Send-Q具体是什么含义呢?为何Send-Q时长不为0呢?不为0是否是表示网络出口阻塞了呢?针对这个问题查了下相关资料。
一个较详细的解释是:
What It Means
"Proto" is short for protocol, which is either TCP or UDP. "Recv-Q" and "Send-Q" mean receiving queue and sending queue. These should always be zero; if they're not you might have a problem. Packets should not be piling up in either queue, except briefly, as this example shows:
tcp 0 593 192.168.1.5:34321 venus.euao.com:smtp ESTABLISHED
That happened when I hit the "check mail" button in KMail; a brief queuing of outgoing packets is normal behavior. If the receiving queue is consistently jamming up, you might be experiencing a denial-of-service attack. If the sending queue does not clear quickly, you might have an application that is sending them out too fast, or the receiver cannot accept them quickly enough.
"Local address" is either your IP and port number, or IP and the name of a service. "Foreign address" is the hostname and service you are connected to. The asterisk is a placeholder for IP addresses, which of course cannot be known until a remote host connects. "State" is the current status of the connection. Any TCP state can be displayed here, but these three are the ones you want to see。
"Proto" is short for protocol, which is either TCP or UDP. "Recv-Q" and "Send-Q" mean receiving queue and sending queue. These should always be zero; if they're not you might have a problem. Packets should not be piling up in either queue, except briefly, as this example shows:
tcp 0 593 192.168.1.5:34321 venus.euao.com:smtp ESTABLISHED
That happened when I hit the "check mail" button in KMail; a brief queuing of outgoing packets is normal behavior. If the receiving queue is consistently jamming up, you might be experiencing a denial-of-service attack. If the sending queue does not clear quickly, you might have an application that is sending them out too fast, or the receiver cannot accept them quickly enough.
"Local address" is either your IP and port number, or IP and the name of a service. "Foreign address" is the hostname and service you are connected to. The asterisk is a placeholder for IP addresses, which of course cannot be known until a remote host connects. "State" is the current status of the connection. Any TCP state can be displayed here, but these three are the ones you want to see。
大体的意思是:
Recv-Q Send-Q分别表示网络接收队列,发送队列。Q是Queue的缩写。
这两个值一般应该为0,若是不为0多是有问题的。packets在两个队列里都不该该有堆积状态。可接受短暂的非0状况。如文中的示例,短暂的Send-Q队列发送pakets非0是正常状态。网络
若是接收队列Recv-Q一直处于阻塞状态,多是遭受了拒绝服务 denial-of-service 攻击。
若是发送队列Send-Q不能很快的清零,多是有应用向外发送数据包过快,或者是对方接收数据包不够快。
Recv-Q:表示收到的数据已经在本地接收缓冲,可是还有多少没有被进程取走,recv()app
Send-Q:对方没有收到的数据或者说没有Ack的,仍是本地缓冲区.tcp
经过netstat的这两个值就能够简单判断程序收不到包究竟是包没到仍是包没有被进程recv。ui