在給客戶做運維服務期間,發現了一個奇怪的現象:備份系統(第三方國產)告警日志顯示,每天晚上備份服務器的客戶端在3點左右離線然后上線,再離線再上線,每晚兩次,很是詭異。
聯系了廠家技術支持,前后花了兩天時間也沒給出個答案,一會讓我測試網絡是否連接正常,一會讓我重啟客戶端服務試試,最終不了了之,很不專業,體驗極差。
我通過長ping生成日志,發現在3點左右網絡是正常的,沒有出現丟包現象。
思索着既然網絡沒有問題,查看系統日志在3點左右沒任何異常日志,就猜測是不是端口異常,如何實時監聽要做備份的客戶端跟備份服務器制定端口連接情況?網上搜索了很久找到了TCPing這個工具,很好用。做個記錄,也分享給大家。
Windows版本下載地址:https://elifulkerson.com/projects/tcping.php
參數如下:
NAME
tcping - simulate "ping" over tcp by establishing a connection to network hosts.
Measures the time for your system to [SYN], receive the target's [SYN][ACK] and send [ACK]. Note that the travel time for
the last ACK is not included - only the time it takes to be put on the wire a tthe sending end.
SYNOPSIS
tcping [-tdsvf46] [-i interval] [-n times] [-w interval] [-b n] [-r times][-j depth] [--tee filename] [-f] destination [port]
DESCRIPTION
tcping measures the time it takes to perform a TCP 3-way handshake (SYN, SYN/ACK, ACK) between itself and a remote host.
The travel time of the outgoing final ACK is not included, only the (minimal) amount of time it has taken to drop it on
the wire at the near end. This allows the travel time of the (SYN, SYN/ACK) to approximate the travel time of the
ICMP (request, response) equivalent.
OPTIONS
-4 Prefer using IPv4
-6 Prefer using IPv6
-t ping continuously until stopped via control-c
-n count
send _count_ pings and then stop. Default 4.
-i interval
Wait _interval_ seconds between pings. Default 1. Decimals permitted.
-w interval
Wait _interval_ seconds for a response. Default 2. Decimals permitted.
-d include date and time on every output line
-f Force sending at least one byte in addition to making the connection.
-g count
Give up after _count_ failed pings.
-b type
Enable audible beeps.
'-b 1' will beep "on down". If a host was up, but now its not, beep.
'-b 2' will beep "on up". If a host was down, but now its up, beep.
'-b 3' will beep "on change". If a host was one way, but now its the other, beep.
'-b 4' will beep "always".
-c only show output on a changed state
-r count
Every _count_ pings, we will perform a new DNS lookup for the host in case it changed.
-s Exit immediately upon a success.
-v Print version and exit.
-j Calculate jitter. Jitter is defined as the difference between the last response time and the historical average.
-js depth
Calculate jitter, as with -j but with an optional _depth_ argument specified. If _depth_ is specified tcping will
use the prior _depth_ values to calculate a rolling average.
--tee _filename_
Duplicate output to the _filename_ specified. Windows can still not be depended upon to have a useful command line
environment. Don't tease me, *nix guys.
--append
When using --tee, append to rather than overwrite the output file.
--file
Treat the "destination" option as a filename. That file becomes a source of destinations, looped through on a
line by line basis. Some options don't work in this mode and statistics will not be kept.
destination
A DNS name, an IP address, or (in "http" mode) a URL.
Do not specify the protocol ("http://") in "http" mode. Also do not specify server port via ":port" syntax.
For instance: "tcping http://www.elifulkerson.com:8080/index.html" would fail
Use the style: "tcping www.elifulkerson.com/index.html 8080" instead.
port
A numeric TCP port, 1-65535. If not specified, defaults to 80.
--header
include a header with the command line arguments and timestamp. Header is implied if using --tee.
HTTP MODE OPTIONS
-h Use "http" mode. In http mode we will attempt to GET the specified document and return additional values including
the document's size, http response code, kbit/s.
-u In "http" mode, include the target URL on each output line.
--post Use POST instead of GET in http mode.
--head Use HEAD instead of GET in http mode.
--get Shorthand to invoke "http" mode for consistency's sake.
--proxy-server _proxyserver_
Connect to _proxyserver_ to request the url rather than the server indicated in the url itself.
--proxy-port _port_
Specify the numeric TCP port of the proxy server. Defaults to 3128.
--proxy-credentials username:password
Specify a username:password pair which is sent as a 'Proxy-Authorization: Basic' header.
RETURN VALUE
tcping returns 0 if all pings are successful, 1 if zero pings are successful and 2 for mixed outcome.
BUGS/REQUESTS
Please report bugs and feature requests to the author via contact information on http://www.elifulkerson.com
AVAILABILITY
tcping is available at http://www.elifulkerson.com/projects/tcping.php |
翻譯如下:
| 描述
-6,優先使用IPv6 -h,使用http模式 -t,讓命令持續運行,直到使用ctrl + c指令退出 -n 數字,發送命令的次數,默認4次 -i 數字,發送ping命令的時間間隔,默認1s,可以為小數 -w 數字,等待響應的時間間隔,默認2s,可以為小數 -d,使輸出的每一行顯示時間和日期 -f,強制ping命令至少發送一個比特(byte) -g 數字,失敗指定次就放棄(注意默認是80端口,若其他端口沒開也算失敗) -b 數字,開啟蜂鳴器,參數4會一直響鈴 -c,只顯示改變的信息(ping時間很短一般不會改變) -r 數字,每發送指定個數據包,就重新查找主機一次(通過DNS或路由查找) -s,ping通就立即退出 -u,與-h命令連用,每一行輸出目標的url -v,顯示版本信息 -j,使用默認的方法,求ping的均值減小波動,網絡有一定的不穩定性時,用此參數可以減小波動 -js 數字,用指定個實例求平均值減小波動,使用這個參數,系統會tcping 指定次,然后求出平均值作為一次結果顯示,減小波動 –tee file_path,將結果輸出到指定位置,tcping –tee /data/test.txt192.168.0.100,會把ping的結果保存在/data下的test文件中 –file,從文件中獲得ping的來源;在/data下新建一個test.txt文件,並輸入要tcping的所有ip或域名,一行一個,然后執行命令tcping –file /data/test.txt,就會依次tcping文件中指定的地址 destination,可以是DNS地址、IP地址、URL(需要使用-h,http模式)。使用http模式時,不要加https//或:port,例如:tcping http://www.elifulkerson.com:8080/index.html就會失敗,使用tcping www.elifulkerson.com/index.html 8080就會成功 port 數字,指定tcp端口(1-65535),如果不指定,默認是80 –header,在頭部顯示時間和日期,與–tee顯示的格式差不多 –block,tcping不通的等待時間,默認是20秒(很長)。–block可以把-w參數沖突掉 ,例如tcping --block www.baiu.com網址不正確,顯然tcpping不通,默認會等待20s 。 tcping -w 0.5 –block www.baiu.com還是會等20s,而不是0.5s,因為–block選項會把-w選項沖突掉。 HTTP模式選項 –head,在http模式中,使用head方法 –get Shorthand to invoke “http” mode for consistency’s sake. –proxy-server,指定代理服務 –proxy-port,指定代理服務端口 –proxy-credentials username:password,使用代理的安全驗證,需要輸入用戶名和密碼 返回值 測試:tcping 200.209.200.15 21 |
我主要用的功能是長ping和輸出存檔:tcping.exe -t -d --tee d:/tcpping.log 192.168.**.** 9952
自動保存到D盤目錄。