ManagedCloud Servers

High performance handled and monitored by us 24/7/365. A complete solution to provide you with our in house expertise 24/7 tailored to your specific needs. We'll setup a bespoke server for your site using the latest tehnologies so you can get the most out of your hardware and get your website loading quickly and reliably. Find out more..

cPanelCloud Servers

Recommended - High performance cloud servers with no technical knowledge required. If you're hosting multiple websites already and you're looking to consolidate, or if you're looking to isolate yourself from the shared hosting environment but you don't have the time or knoweldge to manage a server, then the Managed cPanel Servers are for you. Find out more..

UnmanagedCloud Servers

Our unmanaged range gives you complete control at rock bottom prices and our cloud platform boasts super fast multipath 40Gb/s network, the latest Intel Xeon V3 CPUs and enterprise grade redundant SSDs. If you're a sysadmin look no further, we offer some of the best specification to price ratio servers available. Find out more..

Need Web Hosting? Try ours, it's fast, reliable and feature loaded with support you can depend on. From £1.60 / month.

View Plans

Top Network Monitoring Tools You Need to Know

Introduction

Network administrators need to know whats going on with their network, who's using the bandwidth and how their IT infrastructure is handling the load. It is a very dificult task for every network admin to monitor and debug Linux network related problems. But, it is much easier, if you have right tools at your disposal.

In this tutorial, we will look at the most popular Linux Network Monitoring Tools.

Nload

Nload is a console-based application that monitors network traffic and bandwidth usage in real time, and allows users to monitor the incoming and outgoing traffic separately.

Nload shows you the incoming and outgoing traffic using two graphs and also provides the total amount of transferred data and min/max network usage.

Nload is very useful if you want to see the total bandwidth usage without details of individual processes.

By default, nload is available in the Ubuntu repository. You can easily install it by running the following command:

sudo apt-get install nload

Run the following command to start monitoring your network:

sudo nload

If you want to monitor network traffic on interface eth0, then simply run the following command:

sudo nload eth0

If you want to refresh interval of the display every 300 milliseconds, then just hit the following command:

sudo nload -t 300

Iftop

Iftop is a real-time command line tool that listens to network traffic on a given interface such as eth0, eth1, wlan0 etc and displays a table of current bandwidth usage by pairs of hosts. If you want to see daily internet/bandwidth usage of your system or server, then iftop is best for you.

You can install iftop by simply running the following command:

sudo apt-get install iftop

Once iftop is installed, use iftop with the following command:

sudo iftop -i eth0

If you want to see the on-screen help, then just run the following command:

sudo iftop -h

Output:

    Synopsis: iftop -h | [-npblNBP] [-i interface] [-f filter code]
                                   [-F net/mask] [-G net6/mask6]

-h display this message -n don't do hostname lookups -N don't convert port numbers to services -p run in promiscuous mode (show traffic between other hosts on the same network segment) -b don't display a bar graph of traffic -B Display bandwidth in bytes -i interface listen on named interface -f filter code use filter code to select packets to count (default: none, but only IP packets are counted) -F net/mask show traffic flows in/out of IPv4 network -G net6/mask6 show traffic flows in/out of IPv6 network -l display and count link-local IPv6 traffic (default: off) -P show ports as well as hosts -m limit sets the upper limit for the bandwidth scale -c config file specifies an alternative configuration file

iftop, version 1.0pre2 copyright (c) 2002 Paul Warren and contributors

NetHogs

NetHogs is an open source small "net top" tool that is used to monitor network traffic by process. NetHogs groups bandwidth by process instead of breaking the traffic down per protocol or per subnet, it is very useful when it comes to find out which PID is causing the problem with your network. If you want to find out programs that are consuming all your bandwidth on your linux system, then NetHogs is best for you.

Features:

  • Display both download and upload speed per process
  • Supports both Ethernet and PPP
  • Supports both IPv4 and IPv6

You can easily install NetHogs in Ubuntu system by running the following command:

sudo apt-get install libncurses5-dev libpcap0.8-dev nethogs

Once NetHogs is installed, you can easily run it with the following command on your terminal.

sudo nethogs

By default, NetHogs listens on eth0 interface and displays the bandwidth consumption of the processes.

If you want to monitor bandwidth usage of eth1 interface, run the following command.

sudo nethogs eth1

You can also set refresh intervals using -d along with seconds.

sudo nethogs -d 10

For more information of nethogs command, run the following command:

man nethogs

IPTraf

IPTraf is a console-based software-only analyzer for Linux that gathers TCP connection packets, byte counts interface statistics and activity indicators. It shows you individual connections and the amount of data flowing between the hosts. You can use IPTraf to monitor the load on an IP network, and used types of network services.

Features

  • TCP packet and byte counts, and flag statuses.
  • TCP and UDP service statistics and ICMP type information.
    • Source and destination addresses with port numbers.
    • Statistics of LAN.

You can install IPTraf on Ubuntu system by running the following command:

sudo apt-get install iptraf

Once IPTraf installed, you can launch IPTraf interface by running the following command:

sudo iptraf

You should see IP traffic monitoring, general interface statistics, statistical breakdowns, filters and some configuration options.

You can also start the IP traffic monitor on a particular interface. For example, you can start the IP traffic on interface eth1, run the following command:

sudo iptraf -i eth1

To monitor TCP/UDP trafic on eth1 interface, run the following command:

sudo iptraf -s eth1

Similarly, you can also monitor TCP/UDP traffic on a specific interface, using the following command.

iptraf -s eth0

If you want to know more options, run the following command:

sudo iptraf -h

or

man iptraf

vnStat

vnStat is a console-based network traffic monitor for Linux that uses statistics provided by the kernel which ensures light use of system resources.

This tool can help you to monitor, log and view network statistics over various time periods. It provides summaries on various network interfaces such as eth0, wlan0, etc. You can also view hourly, daily, monthly statistics in the form of a detailed table using vnstat.

You can install vnstat on Ubuntu system by running the following command:

sudo apt-get install vnstat

Once the installation is complete, you will need to configure it as it does not start on its own.

Now, tell vnStat the network interfaces to monitor.

vnstat -u -i eth0

The above command activates monitoring on interface eth0.

Now, start vnstat by running the following command:

sudo vnstat

Output:

    Database updated: Sun Sep 18 16:50:25 2016

wlan0 since 01/01/16

rx: 16.33 GiB tx: 2.56 GiB total: 18.89 GiB

monthly rx | tx | total | avg. rate ------------------------+-------------+-------------+--------------- Aug '16 1.37 GiB | 263.16 MiB | 1.63 GiB | 5.09 kbit/s Sep '16 670.73 MiB | 136.67 MiB | 807.41 MiB | 4.32 kbit/s ------------------------+-------------+-------------+--------------- estimated 1.11 GiB | 230 MiB | 1.33 GiB |

daily rx | tx | total | avg. rate ------------------------+-------------+-------------+--------------- yesterday 94.54 MiB | 13.94 MiB | 108.48 MiB | 10.29 kbit/s today 92.68 MiB | 27.81 MiB | 120.48 MiB | 16.28 kbit/s ------------------------+-------------+-------------+--------------- estimated 131 MiB | 38 MiB | 169 MiB |

You can also monitor live bandwidth usage by running the following command:

sudo vnstat -l -i eth0

To view all the network interfaces available in your system, use the command:

sudo vnstat --iflist

Output:

    Available interfaces: vethQ75PDB br-7b9ff245c3a0 lo lxcbr0 wlan0 docker0 

Bmon

Bmon is a portable real-time bandwidth monitor tool that supports various input methods for different architectures. Bmon is used to gather the live network traffic related data. You can easily monitor network load over all the network interface on the system using bmon.

Features

  • Total download and upload speed on each network interface.
  • Total network bandwidth usage per network interface.
  • Detail information about network such as sent and received packets.

You can install bmon on Ubuntu system by running the following command:

sudo apt-get install bmon

Once bmon is installed, run the following command to start monitoring your system:

sudo bmon

Output:

    Interfaces                     │ RX bps       pps     %│ TX bps       pps     %
    ->lo                           │      0         0      │      0         0
      wlan0                        │      0         0      │      0         0
        qdisc none (mq)            │      0         0      │      0         0
          class :1 (mq)            │      0         0      │      0         0
          class :2 (mq)            │      0         0      │      0         0
          class :3 (mq)            │      0         0      │      0         0
    ┴     class :4 (mq)            │      0         0      │      0         0
    ───────────────────────────────┴───────────────────────┴─────────────────────────────────────────────────────────────────────────────────────────────
                                  (RX Bytes/second)                                                         (TX Bytes/second)
        0.00 ............................................................         0.00 ............................................................
        0.00 ............................................................         0.00 ............................................................
        0.00 ............................................................         0.00 ............................................................
        0.00 ............................................................         0.00 ............................................................
        0.00 ............................................................         0.00 ............................................................
        0.00 ............................................................         0.00 ............................................................
             1   5   10   15   20   25   30   35   40   45   50   55   60              1   5   10   15   20   25   30   35   40   45   50   55   60
    ───────────────────────────────────────┬───────────────────────────────────────┬─────────────────────────────────────────────────────────────────────
                          RX          TX   │                      RX          TX   │                      RX          TX
     Bytes            627.52KiB   627.52KiB│ Packtes            6.39K       6.39K  │ Abort Error           -           0
     Carrier Error         -           0   │ Collisions            -           0   │ Compressed            0           0
     CRC Error             0           -   │ Dropped               0           0   │ Errors                0           0
     FIFO Error            0           0   │ Frame Error           0           -   │ Heartbeat Erro        -           0
     ICMPv6                0           0   │ ICMPv6 Errors         0           0   │ Ip6 Address Er       83           -
     Ip6 Broadcast         0           0   │ Ip6 Broadcast         0           0   │ Ip6 Delivers          0           -
     Ip6 Forwarded         -           0   │ Ip6 Header Err     7.12K          -   │ Ip6 Multicast         0           0
     Ip6 Multicast         0           0   │ Ip6 No Route          0           0   │ Ip6 Reasm/Frag        0           0
     Ip6 Reasm/Frag        0           0   │ Ip6 Reasm/Frag        0           0   │ Ip6 Reassembly        0           -
     Ip6 Too Big Er       83           -   │ Ip6 Truncated         0           -   │ Ip6 Unknown Pr     7.12K          -
     Ip6Discards           0           0   │ Ip6Octets             0           0   │ Ip6Pkts              83           0
     Length Error          0           -   │ Missed Error          0           -   │ Multicast             -           0
     Over Error            0           -   │ Window Error          -           0   │

Collectl

collectl is a command-line utility that can be used to collect performance data that describes the current system status. Collectl comes with set of options that are used to measure the values of multiple different system metrics and also save the data for future. Collectl is used to gather information about cpu, network, disk, memory, tcp, nfs, and processes.

Features:

  • Run interactively or daemon.
  • Combination of ps, top, iotop, vmstat tools.
  • Ability to monitor any subsystem and record the captured data.
  • Display output in terminal and also write it to a file.
  • Easily monitor remote machine and server.

You can install collectl on Ubuntu system by running the following command:

sudo apt-get install collectl

Once the collectl is installed, you can easily run it from your terminal:

sudo collectl

You should see the following output:

    #
    #cpu sys inter  ctxsw KBRead  Reads KBWrit Writes   KBIn  PktIn  KBOut  PktOut 
      10   4   795   3288      0      0      0      0      0      0      0       0 
      24   6  1479   5447      0      0      0      0      0      0      0       0 
      17   3  1543   3248      0      0      0      0      0      0      0       0 
      17   4  1750   4043      0      0      0      0      0      0      0       0 
      11   5  1554   3654      8      2      0      0      0      0      0       0 
      12   4  1675   3608      0      0     64      3      1      4      1       6 
      13   6  1672   3501      0      0    376     34      1      6      2       7 
      12   5  1573   3860      0      0      0      0      0      1      0       0 
      13   5  1556   3615      0      0      0      0      0      0      0       0 
      16   5  1574   3830      0      0      0      0      0      0      0       0 
      18   4  1782   3863      0      0     40      2      0      2      0       2 
      14   5  1610   3932      0      0      0      0      0      0      0       0 
      11   4  1508   3486      0      0    248      1      0      0      0       0 
      10   3  1401   3295      0      0      0      0      0      0      0       0 
      10   4  1223   3355      0      0      0      0      0      0      0       0 
      12   5  1573   3705      0      0      0      0      0      0      0       0 
       9   4  1462   3119      0      0      0      0      0      0      0       0 
      12   5  1586   3835      0      0     40      2      0      0      0       0 
      12   5  1589   3401      0      0      0      0      0      0      0       0 
      11   5  1477   3606      0      0      0      0      0      0      0       0 
      11   4  1453   3484      0      0      0      0      0      0      0       0 
      10   4  1531   3232      0      0      0      0      0      0      0       0 
      12   5  1653   3798      0      0      0      0      0      0      0       0 
      11   4  1523   3529      0      0      0      0      0      0      0       0 
      10   4  1499   3465      0      0      0      0      0      0      0       0 
      12   5  1551   3601      0      0      0      0      0      0      0       0 

The above output displays information about cpu, disk and network. If you want to gather all information run the following command:

sudo collectl --all

Output:

    defined(@array) is deprecated at /usr/share/collectl/formatit.ph line 3149.
        (Maybe you should just omit the defined()?)
    waiting for 1 second sample...
    #
    #cpu sys inter  ctxsw Cpu0 Cpu1 Cpu2 Cpu3 Free Buff Cach Inac Slab  Map   Fragments KBRead  Reads KBWrit Writes   KBIn  PktIn  KBOut  PktOut   IP  Tcp  Udp Icmp  Tcp  Udp  Raw Frag Handle Inodes  Reads Writes Meta Comm 
      14   5  1588   3753  967  210  226  186   1G 203M   1G   1G 164M   1G ssplkfdjgaj      0      0      0      0      0      0      0       0    0    0    0    0  647    0    0    0   8032  96843      0      0    0    0 
      17   4  1667   3514  853  307  347  158   1G 203M   1G   1G 164M   1G ssplkfdjgaj      0      0      0      0      0      0      0       0    0    0    0    0  647    0    0    0   8032  96847      0      0    0    0 
      13   5  1603   3673  985  252  226  153   1G 203M   1G   1G 164M   1G ssplkfdjgaj      0      0     20      2      0      0      0       0    0    0    0    0  647    0    0    0   8032  96847      0      0    0    0 
      13   5  1616   3767  979  185  269  171   1G 203M   1G   1G 164M   1G ssplkfdjgaj      0      0      0      0      0      0      0       0    0    0    0    0  647    0    0    0   8032  96847      0      0    0    0 
      10   4  1524   3458  898   66  356  204   1G 203M   1G   1G 164M   1G ssplkfdjgaj      8      2      0      0      0      0      0       1    0    0    0    0  647    0    0    0   8032  96847      0      0    0    0 
      12   4  1502   3416  826  154  291  230   1G 203M   1G   1G 164M   1G qsplkfdjgaj      0      0      0      0      0      2      0       2    0    0    0    0  647    0    0    0   8032  96847      0      0    0    0 

Tcpdump

Tcpdump is a powerful command-line package analyzer tool that is used to capture TCP/IP packets received over a network on a specific interface. Tcpdump allows you to store captured output in a file for future analysis. Tcpdump works on most unix-based operating system such as Linux, Solaris, BSD, OS X, Android and AIX.

By default, most Linux distributions comes with tcpdump tool. If you don't have it on your system, you can install it by running the following command:

sudo apt-get install tcpdump

You can see the list of interfaces on which tcpdump can listen by running the following command:

sudo tcpdump -D

Output:

    1.wlan0
    2.lxcbr0
    3.docker0
    4.bluetooth0 (Bluetooth adapter number 0)
    5.br-7b9ff245c3a0
    6.veth18LLDW
    7.any (Pseudo-device that captures on all interfaces)
    8.lo

Now, run the following command to listen on interface wlan0:

sudo tcpdump -i wlan0

Output:

    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on wlan0, link-type EN10MB (Ethernet), capture size 65535 bytes

Now, start capturing packets by running the following command:

sudo tcpdump -vv

Output:

    tcpdump: listening on wlan0, link-type EN10MB (Ethernet), capture size 65535 bytes
    19:26:55.657252 IP (tos 0x0, ttl 50, id 59232, offset 0, flags [DF], proto TCP (6), length 52)
        webserver.aarth.com.http > Vyom-PC.33878: Flags [F.], cksum 0x534b (correct), seq 2322559038, ack 3658694015, win 114, options [nop,nop,TS val 84581743 ecr 424085], length 0
    19:26:55.657431 IP (tos 0x0, ttl 64, id 20423, offset 0, flags [DF], proto TCP (6), length 52)
        Vyom-PC.33878 > webserver.aarth.com.http: Flags [.], cksum 0x524b (correct), seq 1, ack 1, win 229, options [nop,nop,TS val 424226 ecr 84581743], length 0
    19:26:56.171154 IP (tos 0x0, ttl 64, id 35621, offset 0, flags [DF], proto UDP (17), length 71)
        Vyom-PC.45063 > 192.168.43.1.domain: [udp sum ok] 19257+ PTR? 4.43.168.192.in-addr.arpa. (43)
    19:26:56.173191 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 92)
        192.168.43.1.domain > Vyom-PC.45063: [udp sum ok] 19257* q: PTR? 4.43.168.192.in-addr.arpa. 1/0/0 4.43.168.192.in-addr.arpa. PTR Vyom-PC. (64)
    19:26:56.174256 IP (tos 0x0, ttl 64, id 35622, offset 0, flags [DF], proto UDP (17), length 71)
        Vyom-PC.38534 > 192.168.43.1.domain: [udp sum ok] 27978+ PTR? 90.89.252.43.in-addr.arpa. (43)
    19:26:56.175545 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 104)
        192.168.43.1.domain > Vyom-PC.38534: [udp sum ok] 27978 q: PTR? 90.89.252.43.in-addr.arpa. 1/0/0 90.89.252.43.in-addr.arpa. PTR webserver.aarth.com. (76)
    19:26:57.177633 IP (tos 0x0, ttl 64, id 35623, offset 0, flags [DF], proto UDP (17), length 71)
        Vyom-PC.43909 > 192.168.43.1.domain: [udp sum ok] 39537+ PTR? 1.43.168.192.in-addr.arpa. (43)
    19:26:57.178910 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 71)
        192.168.43.1.domain > Vyom-PC.43909: [udp sum ok] 39537 NXDomain q: PTR? 1.43.168.192.in-addr.arpa. 0/0/0 (43)
    19:26:59.385007 IP (tos 0x0, ttl 64, id 16886, offset 0, flags [DF], proto TCP (6), length 52)
        Vyom-PC.33874 > webserver.aarth.com.http: Flags [.], cksum 0xdc09 (correct), seq 2660449006, ack 2608338423, win 237, options [nop,nop,TS val 425158 ecr 84580185], length 0
    19:26:59.425192 IP (tos 0x0, ttl 64, id 57724, offset 0, flags [DF], proto TCP (6), length 52)
        Vyom-PC.33875 > webserver.aarth.com.http: Flags [.], cksum 0xa466 (correct), seq 3294075758, ack 571883679, win 237, options [nop,nop,TS val 425168 ecr 84580199], length 0
    19:26:59.727002 IP (tos 0x0, ttl 50, id 33757, offset 0, flags [DF], proto TCP (6), length 52)
        webserver.aarth.com.http > Vyom-PC.33874: Flags [.], cksum 0xdc11 (correct), seq 1, ack 1, win 156, options [nop,nop,TS val 84582757 ecr 422658], length 0
    19:26:59.826828 IP (tos 0x0, ttl 50, id 43229, offset 0, flags [DF], proto TCP (6), length 52)
        webserver.aarth.com.http > Vyom-PC.33875: Flags [.], cksum 0xa463 (correct), seq 1, ack 1, win 156, options [nop,nop,TS val 84582782 ecr 422668], length 0

To save the captured packets in a file called tcpdump.cap, run the following command:

sudo tcpdump -w tcpdump.cap

Nmon

Nmon also known as "Nigel's Performance Monitor" is a performance monitoring and benchmark tool that can be used to display performance data about the cpu, memory, network, disk, file system, nfs, resources, etc. Nmon gather information and displays it onscreen or saves to a file.

You can install nmon on Ubuntu system by running the following command:

sudo apt-get install nmon

Once nmon is installed, you can launch it by running the following command:

sudo nmon

Output:

    │  ------------------------------       For help type H or ...                                                                                      │
    │  #    #  #    #   ####   #    #        nmon -?  - hint                                                                                            │
    │  ##   #  ##  ##  #    #  ##   #        nmon -h  - full                                                                                            │
    │  # #  #  # ## #  #    #  # #  #                                                                                                                   │
    │  #  # #  #    #  #    #  #  # #       To start the same way every time                                                                            │
    │  #   ##  #    #  #    #  #   ##        set the NMON ksh variable                                                                                  │
    │  #    #  #    #   ####   #    #                                                                                                                   │
    │  ------------------------------                                                                                                                   │
    │                                                                                                                                                   │
    │  Use these keys to toggle statistics on/off:                                                                                                      │
    │     c = CPU        l = CPU Long-term   - = Faster screen updates                                                                                  │
    │     m = Memory     j = Filesystems     + = Slower screen updates                                                                                  │
    │     d = Disks      n = Network         V = Virtual Memory                                                                                         │
    │     r = Resource   N = NFS             v = Verbose hints                                                                                          │
    │     k = kernel     t = Top-processes   . = only busy disks/procs                                                                                  │
    │     h = more options                   q = Quit                                                                                                   │
    │───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────│

As you can see from the above output, nmon runs in interactive mode and use it with the keys to toggle statistics.

Conclusion

In the above tutorial, you have learned of various tools to quickly check the network bandwidth on your linux server or host system. There are also web based tools available to do the same task. I hope you can now easily install and use these tools in production environment to monitor and troubleshoot network performance.

Need Web Hosting? Try ours, it's fast, reliable and feature loaded with support you can depend on. From £1.60 / month.

View Plans