Il giorno Tue, 10 Jul 2018 09:32:07 +0300
Lars Noodén <lars.noo...@gmail.com> ha scritto:

> On 07/09/2018 11:23 PM, Harald Arnesen wrote:
>> Rick Moen [2018-07-09 21:01]:
>>   
>>> 'netstat' in the 21st Century is spelled 'ss'.  ;->
>>> https://dougvitale.wordpress.com/2011/12/21/deprecated-linux-networking-commands-and-their-replacements/
>>>   
>> 
>> Why, oh why replace well-known, portable commands with Linux-only
>> commands that are no better?  
>
> Looking at the comparison table in that link, not only are the new
> utilities and order of magnitude more complex they also fail to deliver
> many of the functions available in the normal utilities.

  Actually there are many things that make net-tools obsolete to modern
networking standards.  They do not take advantage of features that were
introduced in the kernel in the last dozen years:

https://loicpefferkorn.net/2016/03/linux-network-metrics-why-you-should-use-nstat-instead-of-netstat/

        However, only nstat retrieves all the metrics provided by the kernel.
        Netstat seems to skip some of them, breakdown of metrics number per
        section:

        [...]

        Why? Just because netstat maintains a static table of metrics
        entries, while nstat parses the whole /proc files. Since netstat is
        obsolete, new entries are not taken into account.

        [...]

        However ss is way more comprehensive when it comes to TCP connection
        internals, by reading /proc/net/tcp.

        For instance, for an established TCP connection you can retrieve
        almost every number that characterize the state of an established TCP
        connection:

        [...]

        Another super feature of ss is its filters based on the states of a
        connection, more handy than grepping netstat output:

  Then, ifconfig is plain useless when it comes to dealing with multiple IP
address assigments to the same interface.

  Another limitation of ifconfig is it's counters size, that wrap after every
4GiB of data*; the kernel's counters have been larger than that for many
years.  And it's dropped packets counter meaning is hardly any useful, as it
was not updated to reflect the change in what the kernel counts as a dropped
packet#.

*)
https://serverfault.com/questions/163404/ifconfig-showing-wrong-rx-tx-byte-count

#)
https://www.linuxquestions.org/questions/linux-networking-3/ifconfig-reports-packet-drop-4175507861-print/

        Beginning with kernel 2.6.37, it has been changed the meaning of
        dropped packet count. Before, dropped packets was most likely due to
        an error. Now, the rx_dropped counter shows statistics for dropped
        frames because of:

        Softnet backlog full
        Bad / Unintended VLAN tags
        Unknown / Unregistered protocols
        IPv6 frames when the server is not configured for IPv6

        If any frames meet those conditions, they are dropped before the
        protocol stack and the rx_dropped counter is incremented.



> Newer is not better.  Different is not better.  Only better is better.

  In the case of net-tools and iptools, newer is indeed much better.


Alessandro
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Reply via email to