Using the netstat command displays a variety of statistics about a computer’s active TCP/IP connections. It’s a useful tool to use when you’re having trouble with TCP/IP applications, such as File Transfer Protocol (FTP), HyperText Transport Protocol (HTTP), and so on.
Displaying connections
If you run netstat without specifying any parameters, you get a list of active connections. This list shows all the active connections on the computer and indicates the local port used by the connection, as well as the IP address and port number for the remote computer.
C:\>netstat
Active Connections
Proto Local Address Foreign Address State
TCP Doug:1463 192.168.168.10:1053 ESTABLISHED
TCP Doug:1582 192.168.168.9:netbios-ssn ESTABLISHED
TCP Doug:3630 192.168.168.30:9100 SYN_SENT
TCP Doug:3716 192.168.168.10:4678 ESTABLISHED
TCP Doug:3940 192.168.168.10:netbios-ssn ESTABLISHED
C:\>
You can specify the -n switch to display both local and foreign addresses in numeric IP form:
C:\>netstat -n
Active Connections
Proto Local Address Foreign Address State
TCP 192.168.168.21:1463 192.168.168.10:1053 ESTABLISHED
TCP 192.168.168.21:1582 192.168.168.9:139 ESTABLISHED
TCP 192.168.168.21:3658 192.168.168.30:9100 SYN_SENT
TCP 192.168.168.21:3716 192.168.168.10:4678 ESTABLISHED
TCP 192.168.168.21:3904 207.46.106.78:1863 ESTABLISHED
TCP 192.168.168.21:3940 192.168.168.10:139 ESTABLISHED
C:\>
Finally, you can specify the -a switch to display all TCP/IP connections and ports that are being listened to. The output from that command would run several pages, suffice it to say that it looks a lot like the netstat output shown previously, but a lot longer.
Displaying interface statistics
If you use an -e switch, netstat displays various protocol statistics, like this:
C:\>netstat -e
Interface Statistics
Received Sent
Bytes 672932849 417963911
Unicast packets 1981755 1972374
Non-unicast packets 251869 34585
Discards 0 0
Errors 0 0
Unknown protocols 1829
C:\>
The items to pay attention to in this output are the Discards and Errors. These numbers should be zero, or at least close to it. If they’re not, the network may be carrying too much traffic or the connection may have a physical problem. If no physical problem exists with the connection, try segmenting the network to see whether the error and discard rates drop.
You can display additional statistics by using an -s switch, like this:
C:\>netstat -s
IPv4 Statistics
Packets Received = 9155
Received Header Errors = 0
Received Address Errors = 0
Datagrams Forwarded = 0
Unknown Protocols Received = 0
Received Packets Discarded = 0
Received Packets Delivered = 14944
Output Requests = 12677
Routing Discards = 0
Discarded Output Packets = 71
Output Packet No Route = 0
Reassembly Required = 0
Reassembly Successful = 0
Reassembly Failures = 0
Datagrams Successfully Fragmented = 0
Datagrams Failing Fragmentation = 0
Fragments Created = 0
IPv6 Statistics
Packets Received = 3
Received Header Errors = 0
Received Address Errors = 0
Datagrams Forwarded = 0
Unknown Protocols Received = 0
Received Packets Discarded = 0
Received Packets Delivered = 345
Output Requests = 377
Routing Discards = 0
Discarded Output Packets = 0
Output Packet No Route = 0
Reassembly Required = 0
Reassembly Successful = 0
Reassembly Failures = 0
Datagrams Successfully Fragmented = 0
Datagrams Failing Fragmentation = 0
Fragments Created = 0
ICMPv4 Statistics
Received Sent
Messages 6 14
Errors 0 0
Destination Unreachable 6 14
Time Exceeded 0 0
Parameter Problems 0 0
Source Quenches 0 0
Redirects 0 0
Echo Replies 0 0
Echos 0 0
Timestamps 0 0
Timestamp Replies 0 0
Address Masks 0 0
Address Mask Replies 0 0
Router Solicitations 0 0
Router Advertisements 0 0
ICMPv6 Statistics
Received Sent
Messages 3 7
Errors 0 0
Destination Unreachable 0 0
Packet Too Big 0 0
Time Exceeded 0 0
Parameter Problems 0 0
Echos 0 0
Echo Replies 0 0
MLD Queries 0 0
MLD Reports 0 0
MLD Dones 0 0
Router Solicitations 0 6
Router Advertisements 3 0
Neighbor Solicitations 0 1
Neighbor Advertisements 0 0
Redirects 0 0
Router Renumberings 0 0
TCP Statistics for IPv4
Active Opens = 527
Passive Opens = 2
Failed Connection Attempts = 1
Reset Connections = 301
Current Connections = 1
Segments Received = 8101
Segments Sent = 6331
Segments Retransmitted = 301
TCP Statistics for IPv6
Active Opens = 1
Passive Opens = 1
Failed Connection Attempts = 0
Reset Connections = 1
Current Connections = 0
Segments Received = 142
Segments Sent = 142
Segments Retransmitted = 0
UDP Statistics for IPv4
Datagrams Received = 6703
No Ports = 0
Receive Errors = 0
Datagrams Sent = 6011
UDP Statistics for IPv6
Datagrams Received = 32
No Ports = 0
Receive Errors = 0
Datagrams Sent = 200
C:\>
dummies
Source:http://www.dummies.com/how-to/content/network-administration-the-netstat-command.html
No comments:
Post a Comment