ss -ntl sport :443 # list sockets lisenting on port 443
ss -ntl src :443 # same as above and can additionally filter by IP address
ss -tunap # list all TCP and UDP sockets, including both listening and non-listening sockets, and show the associated processes
For ss -tiepm
output,
-
app_limited
,rwnd_limited
orsndbuf_limited
could indicated if the connection bandwidth is limited by the send buffer or not. -
Send-Q
isREAD_ONCE(tp->write_seq) - tp->snd_una
, which means . -
notsent
is bytes not yet sent to the peer, which is part ofSend-Q
. It is calculated frommax_t(int, 0, tp->write_seq - tp->snd_nxt)
, which means . -
The difference between
Send-Q
andnotsent
issnd_nxt - snd_una
, representing all sent and yet unacknowledged data. -
skmem:(t<wmem_alloc>)
includes qdisc queues and NIC tx queue. Why is it often 0 during active transmission? -
skmem:(w<wmem_queued>)
is total memory allocated for unsent or unacknowleged packets. It is incremented intcp_sendmsg_locked()
and decremented in eithertcp_trim_head()
ortcp_wmem_free_skb()
. -
skmem:(tb<snd_buf>)
is the total send buffer size, including unused bytes. -
rtt:<rtt>/<rttvar>
andbbr:(<bw>,<mrtt>)
could be used to estimate your BDP. -
snd_wnd
is peer’s advertised receive window after scaling (bytes). -
rcv_wnd
is local advertised receive window after scaling (bytes), supported since iproute2-6.6.0 with linux-6.2 kernel. -
cwnd
is congestion window in MSS units. You need to multiply it bymss
before comparing it withsnd_wnd
.
With an iperf3
test, you could use the following Bash script to trace the statistics in ~ 1 second interval. You should replace dst
with src
where appropriate:
for i in {0..1000}; do ss -ntim dst :5201 | grep -B1 --color=always _limited; sleep 1; done