ss is one another utility to investigate sockets(特适合大规模tcp链接)

最新推荐文章于 2025-11-27 13:04:08 发布

最新推荐文章于 2025-11-27 13:04:08 发布 · 101 阅读

文章标签：

#运维 #网络 #开发工具

ss是一款基于Linux系统的高效TCP连接监控工具，专门用于处理大量TCP连接时提供快速统计信息，解决netstat等常规工具在大规模连接下效率低下的问题。

具体的可以参考这里

他的最大特点是快, 当你的系统有上万个tcp链接要了解的时候的时候, 你就知道我说什么了. netstat等常规工具变成废铁了, 这时候他的作用就非常明显了.

/proc interface is inadequate, unfortunately. When amount of sockets is enough large, netstat or even plain cat /proc/net/tcp/ cause nothing but pains and curses. In linux-2.4 the desease became worse: even if amount of sockets is small reading /proc/net/tcp/ is slow enough.

This utility presents a new approach, which is supposed to scale well. I am not going to describe technical details here and will concentrate on description of the command. The only important thing to say is that it is not so bad idea to load module tcp_diag, which can be found in directory Modules of iproute2. If you do not make this ss will work, but it falls back to /proc and becomes slow like netstat, well, a bit faster yet (see section “Some numbers”).

从技术上讲, 它主要是通过/proc来获取各种各样的统计信息. 特别是当处理tcp的时候用到了, tcp_diag功能. tcp_diag是tcp协议栈用于诊断和统计的一个模块, 用netfilter来获取第一手的信息的. ss就用到了这个技术, 保证了信息的快捷获取.

这个软件是隶属于iproute包的, 如果你的系统没有的话可以这样安装:

`1`	`apt-get -y` `install` `iproute`

用它可以了解下协议栈占用的内存, 每个链接的队列使用情况, 每个链接属于哪个进程.
而之前唯一能用的就是:

`1`	`watch` `-n 1` `'cat /proc/net/sockstat'`

下面简单介绍下他的使用:

 
   01 root@ubuntu:/usr/src/iproute-20090324/misc# ss --help  

   02Usage: ss [ OPTIONS ] 

   03ss [ OPTIONS ] [ FILTER ] 

   04-h, --help this message 

   05-V, --version output version information 

   06-n, --numeric don't resolve service names 

   07-r, --resolve resolve host names 

   08-a, --all display all sockets 

   09-l, --listening display listening sockets 

   10-o, --options show timer information 

   11-e, --extended show detailed socket information 

   12-m, --memory show socket memory usage 

   13-p, --processes show process using socket 

   14-i, --info show internal TCP information 

   15-s, --summary show socket usage summary 

   16  

   17-4, --ipv4 display only IP version 4 sockets 

   18-6, --ipv6 display only IP version 6 sockets 

   19-0, --packet display PACKET sockets 

   20-t, --tcp display only TCP sockets 

   21-u, --udp display only UDP sockets 

   22-d, --dccp display only DCCP sockets 

   23-w, --raw display only RAW sockets 

   24-x, --unix display only Unix domain sockets 

   25 -f, --family=FAMILY display sockets of type FAMILY  

   26  

   27-A, --query=QUERY 

   28QUERY := {all|inet|tcp|udp|raw|unix|packet|netlink}[,QUERY] 

   29  

   30 -F, --filter=FILE read filter information from FILE  

   31FILTER := [ state TCP-STATE ] [ EXPRESSION ]

 
   01 root@ubuntu:/usr/src/iproute-20090324/misc# ss -s  

   02Total: 750 (kernel 761) 

   03TCP: 21 (estab 7, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0 

   04  

   05Transport Total IP IPv6 

   06* 761 - - 

   07RAW 0 0 0 

   08UDP 3 3 0 

   09TCP 21 18 3 

   10INET 24 21 3 

   11FRAG 0 0 0

 
   01 root@ubuntu:/usr/src/iproute-20090324/misc# ss -t -m  

   02State Recv-Q Send-Q Local Address:Port Peer Address:Port 

   03 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251  

   04mem:(r0,w0,f4096,t0) 

   05CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https 

   06mem:(r672,w0,f3424,t0) 

   07 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635  

   08mem:(r0,w0,f4096,t0) 

   09ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 

   10mem:(r0,w0,f0,t0) 

   11 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095  

   12mem:(r0,w0,f4096,t0) 

   13ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 

   14mem:(r0,w0,f0,t0) 

   15ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 

   16mem:(r0,w0,f0,t0) 

   17ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 

   18mem:(r0,w0,f0,t0)

 
   01 root@ubuntu:/usr/src/iproute-20090324/misc# ss -p  

   02State Recv-Q Send-Q Local Address:Port Peer Address:Port 

   03 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 users:(("sshd",8373,3))  

   04 CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https users:(("dropbox",2674,13))  

   05 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 users:(("sshd",350,3))  

   06 ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 users:(("epmd",28338,5))  

   07 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 users:(("sshd",29044,3))  

   08 ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 users:(("epmd",28338,4))  

   09 ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 users:(("beam.smp",25947,11))  

   10 ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 users:(("inet_gethost",23783,8),("inet_gethost",23784,8))  

   11 root@ubuntu:/usr/src/iproute-20090324/misc# ss -i  

   12State Recv-Q Send-Q Local Address:Port Peer Address:Port 

   13 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251  

   14cubic rto:396 rtt:124.5/66 ato:40 cwnd:4 send 375.3Kbps rcv_rtt:296456 rcv_space:66472 

   15CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https 

   16cubic wscale:7,9 rto:612 rtt:256/52 ato:40 cwnd:5 send 213.8Kbps rcv_rtt:259 rcv_space:5840 

   17 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635  

   18cubic rto:356 rtt:144/33 ato:40 cwnd:4 send 324.4Kbps rcv_rtt:511258 rcv_space:46760 

   19ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 

   20cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32768 

   21 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095  

   22cubic rto:232 rtt:21/18 ato:40 cwnd:5 ssthresh:4 send 2.8Mbps rcv_rtt:173516 rcv_space:118904 

   23ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 

   24cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32768 

   25ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 

   26cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32792 

   27ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 

   28cubic wscale:9,9 rto:204 rtt:4/2 ato:40 cwnd:3 send 98.3Mbps rcv_space:32792

 
   01 root@ubuntu:/usr/src/iproute-20090324/misc# ss -e  

   02State Recv-Q Send-Q Local Address:Port Peer Address:Port 

   03 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 timer:(keepalive,50min,0) ino:1843366 sk:c2ea2600  

   04CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https ino:12200 sk:c2ea2140 

   05 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 timer:(keepalive,2min59sec,0) ino:1101514 sk:c2ea4740  

   06ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 ino:2309430 sk:c2ea2ac0 

   07 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 timer:(keepalive,6min59sec,0) ino:379842 sk:c2f4af80  

   08ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 ino:2044745 sk:c2ea3440 

   09ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 ino:2309429 sk:c2ea7200 

   10ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369 ino:2044744 sk:c2ea1300

 
   01 root@ubuntu:/usr/src/iproute-20090324/misc# ss -o  

   02State Recv-Q Send-Q Local Address:Port Peer Address:Port 

   03 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4251 timer:(keepalive,50min,0)  

   04CLOSE-WAIT 38 0 192.168.235.147:13910 174.36.30.67:https 

   05 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:4635 timer:(keepalive,2min50sec,0)  

   06ESTAB 0 0 127.0.0.1:4369 127.0.0.1:54620 

   07 ESTAB 0 0 192.168.235.147:ssh 192.168.235.155:1095 timer:(keepalive,6min50sec,0)  

   08ESTAB 0 0 127.0.0.1:4369 127.0.0.1:44234 

   09ESTAB 0 0 127.0.0.1:54620 127.0.0.1:4369 

   10ESTAB 0 0 127.0.0.1:44234 127.0.0.1:4369