Top 7 commands for Linux Network Traffic Monitoring

Monitoring is one of the main task that anyone SystemAdmin or even a normal user should know about to get the best out of their systems/servers & avoid any issues. In this tutorial, we are going to discuss Top 7 commands for Linux Network Traffic Monitoring.

Recommended Read : Easy guide to setup Nagios monitoring using SSH (check_by_ssh)

Also Read : Real Time Linux server monitoring with GLANCES monitoring tool

All the commands mentioned here for Linux Network Traffic Monitoring will perform the network monitoring but one command might be a different from other command. Based on your requirement/use-case, one can choose the command.

Pre-Requisites

Packages for some of the commands mentioned here are available on EPEL repository. The command to install EPEL repo on your system is mentioned below. Use the one that suits your system architecture,

RHEL/CentOS 8

$ sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

RHEL/CentOS 7

$ sudo rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm

RHEL/CentOS 6 (64 Bit)

$ sudo rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

RHEL/CentOS 6 (32 Bit)

$ sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

Now let’s start the list with Iftop command,

1- Iftop command

We have already discussed Iftop command in detail in one of our previous posts. Iftop command provides real time monitoring of network bandwidth. It helps us measure the total data moving in & out of the individual socket connections i.e. it captures packets moving in and out from our network adapters & than it sums up to find the bandwidth being utilized by our servers.

Now to install it on your systems, run the following command from your terminal,

RHEL/CentOS (need to have EPEL repo installed, read tutorial here )

# yum install iftop

Fedora

# dnf install iftop

Ubuntu/Debian

# apt-get install iftop

Than to start monitoring the network, run the following command,

# iftop

For more detailed information on the options that can be used with iftop, use command help,

# iftop –help

2- tcptrack command

Next on the list of Linux Network Traffic monitoring commands is ‘tcptrack’ command. This command is quite similar to iftop command. Tcptrack captures packets & calculate network bandwidth for each tcp connection, it used pcap library to do so.

To install it on your systems, use the following command,

RHEL/CentOS

# yum install tcptrack

Fedora 

# dnf install tcptrack

Ubuntu/Debian

# apt-get install tcptrack

Next, to start using it & get the network stats, open terminal & run the following command,

# tcptrack

3- Nload command

Nload command is used to get information regarding incoming & outgoing traffic of the server. It produces a graph separately to indicate the incoming as well as outgoing traffic. But one downside to this command is that, it does not support many options i.e. we won’t get much information related to individual processes but one can adjust the scale.

Install it using the following command,

RHEL/CentOS (need to have EPEL repo installed, read tutorial here )

# yum install nload

Fedora

# dnf install nload

Ubuntu/Debian

# apt-get install nload

Now to start using it, run

# nload

4- Iptraf commands

This is one of the useful network monitoring tool & I use it all the time. Iptraf provides a colorful & interactive list of traffic going in & out to other servers or hosts. This produces a list with all hosts from which traffic is going in & out of from our system.

To install it on the system, use one of the following commands,

RHEL/CentOS (need to have EPEL repo installed, read tutorial here )

# yum install iptraf-ng

Fedora (need to have EPEL repo installed, read tutorial here )

# dnf install iptraf-ng

Ubuntu/Debian

# apt-get install iptraf-ng

Now to get the network traffic reports, run the following command,

# iptraf

Netdiag utility

Netdiag is a collection of network diagnostics tools & commands like netwatch, trafshow & netload commands are all part of it. So we only need to install netdiag package to get all these commands,

RHEL/CentOS

# yum install netdiag

Fedora

# dnf install netdiag

Ubuntu/Debian

# apt-get install netdiag

Now let’s discuss the Netwatch, Trafshow & Netload command one by one.

5- Netload command

Of all the commands that are part of netdiag package, netload is simplest to learn in the sense that it provided only a simple report on current network traffic. It also shows total number of data transferred since its start, other than that it doesn’t support much other options for any detailed report.

To get the netload report, run the netload command followed by the ethernet port name. For example,

# netload en0sp3

6- Netwatch command

It shows the total speed at which data transfer is happening for each connection from local system to remote systems. To check the transfer speed from an interface, we can use the following command,

# netwatch -e en0sp3 -nt

7- Trafshow commands

It is similar to tcptrack & can filter out traffic based on pcap filters. This command shows data transfer speed of all active connections along with the protocol. Like for example, we need to see the transfer speed of all udp connections from an ethernet port, so we will use the following command,

# trafshow -i en0sp3 udp

For all tcp connections, replace udp with tcp in above mentioned command.

This was my list of top 7 commands for Linux Network Traffic Monitoring & some of you might not agree with the list mentioned here. So if you do consider that this list is incomplete or you think some other command deserve a mention or if you have any question or query regarding to any command mentioned here, please do leave your comments using the comment box below.

That’s all on Linux Network Traffic Monitoring tutorial. ADIOS !!!