Lead Image © Ildar Galeev, 123RF.com

Lead Image © Ildar Galeev, 123RF.com

Network traffic utilities bandwhich and iftop

Traffic Cops

Article from ADMIN 57/2020
By
A close look at the network traffic on a server with the bandwhich and iftop utilities can reveal exactly why an application is behaving strangely.

Even if you have elaborate Elasticsearch-Logstash-Kibana (ELK)-based logging and metrics boasting gloriously detailed dashboards, if all you want is to SSH into a server and check which IP address is doing what over which interface, then the ELK stack is overkill. In this article, I demonstrate two tools that allow me to diagnose a misbehaving application on one occasion and odd routing behavior on another.

Sandwiches

The first tool I look at has changed its name recently from what to bandwhich and has had a bit of a facelift. A comprehensive README file [1] offers some insight into the tool written by Aram Drevekenin, who describes the tool as a "Terminal bandwidth utilization tool … formerly known as 'what'."

For this exercise, I used Linux Mint (based on Ubuntu 18.04) to see how the clever tool keeps a close eye on what the /proc pseudo filesystem is seeing, while producing useful, terminal-friendly output.

bandwhich is written in the Rust programming language [2]. To install a Rust package, you need the Rust package manager Cargo. However, if you use the apt install cargo command, you'll see that it needs a not-so-trivial 328MB of disk storage for Cargo and its libraries – just to be able to install bandwhich. My objection to the extra package installations comes from a security perspective. I just don't want unnecessary lines of code on my machines unless I need them. More package updates also means more admin time and a greater exposure to security issues.

The good news is that the author has kindly created some prebuilt binaries (which should be scanned for malware) to get around this problem, so I decided to take that route instead of installing Cargo.

From the

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Visualize Your Network

    Sometimes data that’s five minutes old just isn’t good enough. An abundance of network monitoring tools for SNMP makes a sys admin’s job easier by collecting and displaying a superabundance of constantly changing data.

    more »
  • Lead Image © Lucy Baldwin, 123RF.com
    Network performance in-terminal graphics  tools
    We explore the most chic terminal graphics in network performance tools.
    more »
  • Lead Image © Natalia Lukiyanova, 123RF.com
    Monitoring network traffic with ntopng
    The open source ntopng tool provides deep insights into network traffic and supports troubleshooting when network problems occur.
    more »
  • Netcat – The Admin’s Best Friend

    With the seemingly unlimited number of Linux packages available today in repositories, sometimes it’s easy to get lost and miss out on the really high quality packages – those that offer the most impressive functionality.

    more »
  • GUI or Text-Based Interface?

    Sys admins are like smokejumpers who parachute into fires, fighting them until they are out, or at least under control. When you jump into the fire, you only have the tools you brought with you.

    more »
comments powered by Disqus