http://blog.csdn.net/sjin_1314/article/details/9853163
通過netstat -anp可以查看機器的當前連接狀態:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8139 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:26837 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1046 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp6 0 910 10.100.83.145:57142 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 0 10.100.83.145:57114 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 914 10.100.83.145:57117 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 910 10.100.83.145:57126 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 0 10.100.83.145:57159 10.100.83.140:80 ESTABLISHED 7072/java
tcp6 0 0 10.100.83.145:57128 10.100.83.140:80 ESTABLISHED 7072/java
對proto,localAddress等都比較好理解,其中Recv-Q Send-Q具體是什么含義呢?為什么Send-Q時長不為0呢?不為0是不是表示網絡出口阻塞了呢?針對這個問題查了下相關資料。
一個較詳細的解釋是:
What It Means
"Proto" is short for protocol, which is either TCP or UDP. "Recv-Q" and "Send-Q" mean receiving queue and sending queue. These should always be zero; if they're not you might have a problem. Packets should not be piling up in either queue, except briefly, as this example shows:
tcp 0 593 192.168.1.5:34321 venus.euao.com:smtp ESTABLISHED
That happened when I hit the "check mail" button in KMail; a brief queuing of outgoing packets is normal behavior. If the receiving queue is consistently jamming up, you might be experiencing a denial-of-service attack. If the sending queue does not clear quickly, you might have an application that is sending them out too fast, or the receiver cannot accept them quickly enough.
"Local address" is either your IP and port number, or IP and the name of a service. "Foreign address" is the hostname and service you are connected to. The asterisk is a placeholder for IP addresses, which of course cannot be known until a remote host connects. "State" is the current status of the connection. Any TCP state can be displayed here, but these three are the ones you want to see。
"Proto" is short for protocol, which is either TCP or UDP. "Recv-Q" and "Send-Q" mean receiving queue and sending queue. These should always be zero; if they're not you might have a problem. Packets should not be piling up in either queue, except briefly, as this example shows:
tcp 0 593 192.168.1.5:34321 venus.euao.com:smtp ESTABLISHED
That happened when I hit the "check mail" button in KMail; a brief queuing of outgoing packets is normal behavior. If the receiving queue is consistently jamming up, you might be experiencing a denial-of-service attack. If the sending queue does not clear quickly, you might have an application that is sending them out too fast, or the receiver cannot accept them quickly enough.
"Local address" is either your IP and port number, or IP and the name of a service. "Foreign address" is the hostname and service you are connected to. The asterisk is a placeholder for IP addresses, which of course cannot be known until a remote host connects. "State" is the current status of the connection. Any TCP state can be displayed here, but these three are the ones you want to see。
大致的意思是:
Recv-Q Send-Q分別表示網絡接收隊列,發送隊列。Q是Queue的縮寫。
這兩個值通常應該為0,如果不為0可能是有問題的。packets在兩個隊列里都不應該有堆積狀態。可接受短暫的非0情況。如文中的示例,短暫的Send-Q隊列發送pakets非0是正常狀態。
如果接收隊列Recv-Q一直處於阻塞狀態,可能是遭受了拒絕服務 denial-of-service 攻擊。
如果發送隊列Send-Q不能很快的清零,可能是有應用向外發送數據包過快,或者是對方接收數據包不夠快。
Recv-Q:表示收到的數據已經在本地接收緩沖,但是還有多少沒有被進程取走,recv()
Send-Q:對方沒有收到的數據或者說沒有Ack的,還是本地緩沖區.
通過netstat的這兩個值就可以簡單判斷程序收不到包到底是包沒到還是包沒有被進程recv。