The Sysadmin's Toolbox: iftop

The Sysadmin's Toolbox: iftop Sep 25, 2012 By Kyle Rankin  inHOW-TOsSysAdmin Who's using up all the bandwidth, and what are they doing? Useiftop to find out.

Longtime system administrators often take tools for granted that they'veused for years and assume everyone else has heard of them. Of course, new sysadmins jointhe field every day, and even seasoned sysadmins don't all use thesame tools. With that in mind, I decided to write a few columns whereI highlight some common-but-easy-to-overlook tools that make life as asysadmin (and really, any Linux user) easier. My last article covered sar,a tool you can use to collect and view system metrics over time. This time,I discuss a program that's handy for viewing real-time networkperformance data: iftop.

Anyone who's had to use a network at a conference has experiencedwhat happens when there just isn't enough network bandwidth to goaround. While you are trying to check your e-mail, other people arestreaming movies and TV shows, downloading distribution install disks,using p2p networks, upgrading their distributions or watching cat videoson YouTube. Although it's certainly frustrating to try to use one of thosenetworks, imagine how frustrating it would be to be the admin in chargeof that network. Whether you run a conference network, a local officenetwork or even a Web server at your house, it can be really nice toknow what is using up all of your bandwidth.

iftop is a Linux command-line program designed to give you live statisticsabout what network connections use the most bandwidth in a nice graphicalform. As you may realize from the name, iftop borrows a lot of ideas fromthe always-useful load troubleshooting tool top. Like top, iftop updatesautomatically every few seconds, and like top, by default, it sorts theoutput you see by what's using the most resources. Where top is concernedwith processes and how much CPU and RAM they use, iftop is concerned withnetwork connections and how much upload and download bandwidth they use.

Even though iftop is packaged for both Red Hat- and Debian-baseddistributions, it's probably not installed by default, so you will needto install the package of the same name. In the case of Red Hat-baseddistributions, you might have to pull it down from a third-partyrepository. Once it's installed, the simplest way to get started is just torun iftop as the root user. iftop will locate the first interface itcan use and start listening in on the traffic and display output similarto what you see in Figure 1. To close the program, press q to quit justlike with top.

View the Original article

No comments:

Post a Comment

Thank You , For Immediate Assistance Plz Put Email Copy to