Many times you may encounter huge traffic generating from/to your Linux server. You feel helpless as the bandwidth spike slows down your application and results in bad user experience. This becomes a pain especially if you have hosted an E-Commerce application or an ad script. Luckily, there are lot of free tools available in Linux which can help you identify the culprit. This article provides top 10 network monitoring tools available in Linux which can help you to diagnose the cause of the bandwidth spike.
1. Nload: nload is a console application which monitors network traffic and bandwidth usage in real time. It visualizes the in- and outgoing traffic using two graphs and provides additional info like the total amount of transfered data and min/max network usage. It can be obtained from https://sourceforge.net/projects/nload/.
2. iftop: iftop does for network usage what top does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts. The latest version of iftop is 0.17 and can be downloaded from here.
3. IPTraf: IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts. You can download IPTraf from here.
4. Nethogs: NetHogs is a small ‘net top’ tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there’s suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth. To install nethogs, you must turn on EPEL repository under your Linux systems and then run the following yum command to download and install nethogs package.
yum install nethogs
5. tcptrack: tcptrack is a sniffer which will show the information about TCP connections on a specific interface. tcptrack will watch all the connections that occur and show the information in a nice interface. Redhat (RHEL)/Fedora/CentOS users can download tcptrack from here. Debian/Ubuntu users can use apt-get to install the tcptrack package.
6. vnStat: vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. vnStat is available for download here.
7. pktstat: The pktstat program displays a real-time summary of packet activity on an interface. Each line displays the data rate associated with different classes of packets. It can be downloaded and installed on RHEL/Fedora/CentOS using yum utility. Debian/Ubuntu users can use apt-get to install pktstat.
8. ifstat: ifstat is a tool to report network interfaces bandwith just like vmstat/iostat do for other system counters. Ubuntu, Debian and Fedora users can install ifstat from their default repos. CentOS users should get it from Repoforge, since its not there in Epel.
9. Dstat: Dstat is a versatile replacement for vmstat, iostat, netstat and ifstat. Dstat overcomes some of their limitations and adds some extra features, more counters and flexibility. Dstat is handy for monitoring systems during performance tuning tests, benchmarks or troubleshooting. Dstat can be obtained from various repositories depending up on the operating system. Visit here to download and install Dstat.
10. Collectl: Collectl is a light-weight performance monitoring tool capable of reporting interactively as well as logging to disk. It reports statistics on CPU, disk, infiniband, lustre, memory, network, nfs, process, quadrics, slabs and more in easy to read format. You can obtain the latest version of Collectl from SourceForge.
There are many other network monitoring tools available which you can try to diagnose bandwidth spike.