Netstat

The Netstat tab provides information on three sets of network data available on the workstation:

• The routing table
• The active network services
• The multicast network information

Ubuntu maintains an internal routing table to keep track of how to forward network packets to remote networks. Selecting the Routing Table radio button then clicking the Netstat button produces a list.

The routing table matches network destinations with a gateway that can send the packets to the remote network. The routing table always includes at least two entries. One entry is the default route, 0.0.0.0. This route defines the gateway to use by default for sending packets to any network on the Internet. Usually this gateway is the IP address of your broadband modem connection.

The other route defines the local network your Ubuntu workstation is connected to. In the example, the workstation is connected to the 10.0.1.0 public network address and uses the default gateway to send packets to this network.

The active network services selection displays a list of what network ports are currently in use on the workstation. Different software packages use different network ports to listen for incoming connections. Many network servers are assigned standard network ports, such as TCP port 80 for web servers and TCP port 25 for email servers.

The network port list includes the current state of the port. TCP uses 11 states to define what mode the network port is in.


TCP Network Port States
LISTEN Waiting for a connection request from a remote client

SYN-SENT Sent a connection acknowledgment and waiting for one in return

SYN-RECEIVED Received a connection acknowledgment from remote client

ESTABLISHED Port is ready to send and receive data with the remote client

FIN-WAIT-1 Sent a connection disconnect request to the remote client

FIN-WAIT-2 Received a connection disconnect from the remote client in response to a connection disconnect request sent by the port

CLOSE-WAIT Remote client initiated a connection disconnect

CLOSING Waiting for a response from a sent connection disconnect request

LAST-ACK Waiting for remote client to acknowledge a connection disconnect request

TIME-WAIT The port is on hold for a preset amount of time after the connection disconnects

CLOSED The connection is officially closed



The TCP states are invaluable for troubleshooting network programs. By checking the network port states, you often can determine whether a remote device is closing a connection early or is keeping a connection open too long.

The final feature of the Netstat tab is the multicast network information. This protocol allows devices to subscribe to special multicast IP addresses on network routers. Network routers handle multicast packets only when they have a device on the network that requests them. This list displays whether the Ubuntu workstation has registered to receive any multicast packets on the network.

Source of Information : Wiley Ubuntu Linux Secrets