Linux performance Optimization chapter seventh performance tools: Networking

7.1Network/ oIntroduction

network traffic in Linux and other major operating systems is abstracted into a series of hardware and software hierarchies.

The link layer, which is the lowest layer, contains network hardware, such as an Ethernet device. When transmitting network traffic, this layer does not differentiate between traffic types, but only sends and receives data (frames) at the fastest speed possible.

above the link layer is the network layer. This layer addresses and routes packets between machines using the IP protocol and the ICMP protocol. ip/icmp tries its best to try to pass packets between machines, but they do not guarantee that the packets will actually reach their destination.

above the network layer is the transport layer, which defines theTcpand theUdp. Tcpis a reliable protocol that guarantees that messages are delivered over the network and generates an error if the message cannot be delivered. andUdpan unreliable protocol that does not guarantee that the information will be delivered (for a higher rate). Tcpand theUdpincreased the“Service”the concept. Udpand theTcpthe number received“Port”the message. By convention, each type of network service is assigned a number that is not understood, that is, a different port. LikeHTTPis a80Ports,Sshis a22Ports,Ftpis a23.typically the service distinguishes the type of port, but in order to avoid the port being mixed, it is usually known that the portTcpPorts andUdpthe ports are set to the same. Like everybody saysSshis a22ports, although using theTcpprotocol, but usuallySshwill also occupy22of the PortUdpservice, so famous ports are often not targeted for protocols. In theLinuxsystem, the file/etc/servicesdefines all the ports and the types of services they provide.

The top level is the application layer. This layer contains a variety of applications.

the Linux kernel implements or controls a minimum of three layers (link layer, network layer, transport layer). The kernel can provide performance statistics for each layer, including bandwidth usage information and error count information for each layer of the data flow.

7.1.1network traffic on the link layer

The link layer, usually Ethernet, sends information to the network in the form of a sequence of frames. Even the upper-level pieces of information are much larger than frames, and the link layer splits them into frames and sends them to the network. The maximum size of a data frame is called the Maximum Transmission unit (MTU). You can use network configuration tools, such as IP or ifconfig to set the MTU,for Ethernet, the maximum size is usually a byte, although some hardware support jumbo frame up to 9000 bytes. the size of the MTU has a direct impact on network efficiency. Because each frame has a small head size , the larger the MTU, the higher the efficiency of the transfer, but the higher the probability that the data group will be corrupted or discarded. For a clean network link, a large MTU provides better performance, but a smaller MTU can have better performance on noisy links. Because, when a single frame is damaged, it has less data to retransmit.

in the physical layer, the frame flows through the physical network, the Linux kernel can collect a large amount of statistical information about the number and type of frames.

l Send / receive - if a frame successfully flows in or out of the machine, it is counted as a sent or received frame.

l Error - There is a wrong frame (either the network cable is broken or the duplex does not match)

l Discard - discarded frames (most likely due to small memory or buffer capacity)

l overflow - frames that are dropped by the network because the kernel or NIC has too many frames. Usually this situation should not occur.

l Frames -- frames that are discarded due to physical problems. This can be caused by cyclic redundancy check (CRC) errors or other low-level problems.

l Multicast-- These frames are not addressed directly to the current system, but are broadcast to a set of nodes at the same time.

l compression--some underlying interfaces, such as point-to-point protocols ( PPP) device compresses a frame before it is sent to the network. This value represents the number of frames that are compressed.

7.1.2protocol layer Network traffic

the In terms of TCP/UDP traffic,Linux uses sockets / ports to abstract the connection between two machines. When connected to a remote machine, the local application uses a network socket to open a port on the remote machine. such as HTTP port,the Web server listens for connections on the port, and when a connection occurs,the Web server is the Web The transfer of the page sets the connection.

7.2Network Performance Tools7.2.1 Mii-tool(Media agnostic interface tool)

Mii-tool is an Ethernet-specific hardware tool used primarily to set up Ethernet devices, but it can also provide information about current settings. This information, such as link speed and duplex settings, is useful for tracing the cause of poorly performing devices.

the first line of information tells us that the network device is using the 100BASETX-FD full-duplex connection.

7.2.2 Ethtool

compared to Mii-tool,Ethtool is more powerful and includes more configuration options and device statistics.

Displays the configuration information for the eth0 , which shows that the device supports a variety of different speed and link settings, and is currently connected to a full-duplex,1000Mbps link.

7.2.3 Ifconfig(interface Configuration)

the main task of Ifconfig is to install and configure network interfaces on Linux machines. It also provides basic performance statistics for all network devices in the system.

performance statistics for IFCONIFG

RX packets	Number of packets received by device
TX packets	Number of packets sent by device
errors	Number of errors sent or received
dropped	The number of packets dropped when sending or receiving
overruns	network devices do not have enough buffers to send or receive a single packet
frame
Carrier	The number of packets dropped due to a link media failure (such as a cable failure)

you can see that eth0 has received a total of 3.2G of data and sent 10.6G of data. The data is calculated from the start of the system and can be used to watch the data change.

7.2.4 IP

IP commands are used to replace the old ifconfig ,which not only allows you to configure various aspects of the Linux networking, but also displays performance statistics for each network device.

Similar to ifconfig,IP provides a summary of the data since the start of the system.

7.2.5 SAR

In addition to providing the network performance data of the link layer, the SAR can provide some basic information about the number of sockets opened by the transport layer.

SAR displays statistics sent and received by all network devices

SAR shows the number of sockets

7.2.6 netstat

Netstat is a basic network performance tool that appears on almost all Linux devices. Information that can be abstracted includes the number and type of network sockets currently in use, and specific interface statistics about the number of UDP and TCP packets that flow into and out of the current system . It can also backtrack a socket to its specific process or PID, which is useful when trying to determine which application is responsible for network traffic.

an active TCP connection is updated every second

display system since boot Statistics for UDP traffic:

Linux performance Optimization chapter seventh performance tools: Networking