[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

netstat -s

Subject: netstat -s
From: jared at puck.nether.net (Jared Mauch)
Date: Sat, 20 Jul 2019 18:22:46 -0400
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

> On Jul 20, 2019, at 6:14 PM, Joel Jaeggli <joelja at bogus.com> wrote:
> 
> On 7/17/19 17:54, Randy Bush wrote:
> 
>> do folk use `netstat -s` to help diagnose on routers/switches?
> 
> I suspect there's an unstated question here of should metrics reported
> by netstat -s  which includes metrics from the kernel should include
> metrics derived from from the asic counters.
> 
> I do / have occasionally used netstat or the values exposed to it from
> the kernel which are generally also exposed via other metrics methods.
> 
> I would find it a little odd for ip counters in netstat for example to
> include packets that do not hit the  kernel control plane, though I
> could imagine someone wanting that.

Yeah, I avoided jumping in until now, I think the key thing is (and why some people like GUI routers/devices eg: UBNT has a decent http(s) U/I) is a device can have a lot of interfaces and traffic both in the control and data plane that donâ??t hit a common set of counters/interfaces.

When I look at UBNT devices, I can get a sense quickly of traffic rates and information to understand how my network is working.  When on a device with 60 or 160 interfaces, itâ??s much trickier.

If Iâ??m on a 16 or 32 port device, a terminal window can tell me decent info, after that I need a summarization system, and this is where streaming telemetry stuff can come into play.  That is the aggregation layer for the information vs netstat -s, monitor interface, show | match rate, show | include bits or whatever other commands/data you want/need.

XR/JunOS have curses interface monitoring commands that work well, but in most of my cases I really would prefer to have software watch vs a human.  â??monitor interfaceâ?? on a Juniper for example doesnâ??t have separators or human readable elements.  I donâ??t measure my interfaces in bits per seconds these days but in gigs as my base unit and it doesnâ??t give me common visuals or right justified numbers to delineate if i bumped out an order of magnitude.

When Iâ??ve used netstat -s or netstat -i the units often donâ??t make sense.  Similar to other commands like vmstat or similar, what used to be a big number in context switches may not be relevant with 8 cpus each with 8 cores.

- Jared

References:
- netstat -s
  - From: randy at psg.com (Randy Bush)
- netstat -s
  - From: joelja at bogus.com (Joel Jaeggli)

Prev by Date: netstat -s
Next by Date: 44/8
Previous by thread: netstat -s
Next by thread: Cisco wifi signal fluctuations
Index(es):
- Date
- Thread