Lead Image © Ildar Galeev, 123RF.com

Network traffic utilities bandwhich and iftop

Traffic Cops

Even if you have elaborate Elasticsearch-Logstash-Kibana (ELK)-based logging and metrics boasting gloriously detailed dashboards, if all you want is to SSH into a server and check which IP address is doing what over which interface, then the ELK stack is overkill. In this article, I demonstrate two tools that allow me to diagnose a misbehaving application on one occasion and odd routing behavior on another.

Sandwiches

The first tool I look at has changed its name recently from what to bandwhich and has had a bit of a facelift. A comprehensive README file [1] offers some insight into the tool written by Aram Drevekenin, who describes the tool as a "Terminal bandwidth utilization tool … formerly known as 'what'."

For this exercise, I used Linux Mint (based on Ubuntu 18.04) to see how the clever tool keeps a close eye on what the /proc pseudo filesystem is seeing, while producing useful, terminal-friendly output.

bandwhich is written in the Rust programming language [2]. To install a Rust package, you need the Rust package manager Cargo. However, if you use the apt install cargo command, you'll see that it needs a not-so-trivial 328MB of disk storage for Cargo and its libraries – just to be able to install bandwhich. My objection to the extra package installations comes from a security perspective. I just don't want unnecessary lines of code on my machines unless I need them. More package updates also means more admin time and a greater exposure to security issues.

The good news is that the author has kindly created some prebuilt binaries (which should be scanned for malware) to get around this problem, so I decided to take that route instead of installing Cargo.

From the

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES

Print Issues

Digital Issues

 

SUBSCRIPTIONS

Print Subs

Digisubs

 

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia