Home > Network Management > netstat

netstat Command Guide: Checking Network Connections and Statistics (Legacy)

`netstat` command (network statistics) is used to display network connections, routing tables, interface statistics, masquerade connections, etc., in Linux and Unix-like operating systems. It is a useful tool for monitoring the network status of the system and troubleshooting issues. **However, in modern Linux systems, the `ss` (socket statistics) command has replaced `netstat`, providing faster and more powerful features. Therefore, the use of the `ss` command is recommended.** Use this guide to understand the basic usage of `netstat` and why you should transition to `ss`.

Overview of netstat

`netstat` provides various information about the network activity of the system. It is useful for diagnosing whether a specific port on the server is open, which processes are using network connections, whether the routing paths are correct, etc. However, as part of the `net-tools` package, it has incomplete IPv6 support and may have performance issues on large systems, having been replaced by the `ss` command from the `iproute2` package.

Main Roles of netstat

`netstat` command is primarily used for the following purposes:

Main Use Cases (Past and Some Systems)

  • Check Active Connections: Displays all currently established TCP, UDP connections and listening ports.
  • Check Routing Table: Displays the routing table that defines the path for IP packets.
  • Network Interface Statistics: Provides transmission and reception statistics for each network interface.
  • Process-Port Mapping: Identifies which processes are using specific ports.

`netstat` vs `ss`

`netstat` has been used for a long time, but currently, the `ss` command has taken over its role. It is advisable to get accustomed to using `ss` on new systems.

  • netstat: Legacy tool, based on `/proc` filesystem, can be slow with large connections, incomplete IPv6 support.
  • ss: Modern and fast, directly accesses kernel socket statistics, full IPv6 support, provides more filtering options.

Installing netstat (Optional)

Some recent Linux distributions (e.g., from Ubuntu 18.04+) may not have `netstat` installed by default. If necessary, it can be used by installing the `net-tools` package.

Install netstat (Debian/Ubuntu)

sudo apt update
sudo apt install net-tools

Command to install the `net-tools` package that includes `netstat` on Debian or Ubuntu-based systems.

Main netstat Command Options

`netstat` command can combine various options to filter and display the desired network information in detail.

1. Connection and Port Information

2. Routing Table and Statistics

Generated command:

Try combining the commands.

Description:

`netstat` Executes the command.

Combine the above options to virtually execute commands with AI.

Usage Examples

Learn how to check the network connections and statistics of the system through various usage examples of the `netstat` command.

Check All Active TCP Connections and Listening Ports

sudo netstat -tulpn

The most commonly used combination that displays TCP connections and listening ports in numeric addresses, along with related program names and PIDs.

Check All Listening Ports Only

sudo netstat -lntp

Checks all ports (TCP, UDP) that are waiting for external connections in the current system. Useful for checking if server ports are properly opened.

Check Routing Table

netstat -rn

Displays the system's IP routing table in numeric format. You can check the path packets will take.

Check Process Using a Specific Port

sudo netstat -tulpn | grep :80

Checks information about processes with TCP connections and listening ports using port `80`. (Useful for diagnosing web servers)

Check Statistics by Network Interface

netstat -i

Displays the number of received (Rx) and transmitted (Tx) packets, errors, etc., for each network interface (e.g., `eth0`, `lo`).

Overall Network Statistics Summary

netstat -s

Displays an overall summary of statistics for each network protocol such as TCP, UDP, IP, etc.

Same category commands

curl

The Complete Guide to the Curl Command

dig

dig: DNS Information Lookup Tool

ftp

ftp: File Transfer Protocol Client

host

host: Simple DNS Information Lookup Tool

http

Mastering the HTTPie Command