10 Tools for Monitoring Network Performance in Linux

Linux is the best option when it comes to server. Any server. Whether database, web or network-related like proxy or router.

Speaking of network, you definitely need a tool for monitoring it because network is not just about setting it up but also how you treat it to ensure your network runs how it’s supposed to be. In Linux, there are some handy tools which you can use to monitor your network performance.

Network administrator is not an easy job since you are responsible to make sure all workers in other divisions keep connected, whether to the local network or internet. Or you will be blamed by them. And your job can be started by monitoring the performance of the network you are responsible to.

Here are 10 basic tools that you can use for monitoring your network performance with Linux.

1. Ping

Ping is the first tool you should use before going further with your network monitoring. You will need this tool to check the connection between your machine and other computer within local network and internet. Ping works by sending ICMP request. Ping is the most basic tool for monitoring network. There is no complex parameter to use this tool. All you need to do is typing the ping command on terminal followed by a certain IP address or hostname.


2. Tcpdump

You can use this tool for analyzing the TCP/IP packets traffic on your network. A great tool if you want to monitor other machice acitivities within the local network. In order for a further analysis you can also save the captured packets in a file. This tool requires a root privilege to run.

#tcpdump ---help

3. Netstat

Most network administrator use netstat to find out if there’s a problem experienced by the network they handle. This tool woks by displaying TCP network connections, routing tables and a number of network interfaces. There are a number of parameters you can use to run this tool which you can see by typing --help at the end of the command.

#netstat --help

4. Iptraf

If you are looking for a colorful network analyzing tool you can drop your choice to iptraf. Iptraf is developed to help all network administrators to monitor a local network in a real time. It collects a variety of information such as IP traffic monitor that passes over the network, including TCP flag information, ICMP details, TCP/UDP traffic breakdowns and lots more. Root privilege is also required to run this tool. Once typed the iptraf command on the terminal you will be asked about what you are going to do.



5. Nethogs

Nethogs is pretty similar to regular Linux’s top command that keeps a tab on each process network activity on your system. Nethogs breaks down network traffic per protocol or per subnet. It then groups by process. This tool very useful for checking the cause of a surge in your network traffic. Nethogs should be run by root.


6. Iftop

Iftop the the top version of network monitoring tool. It will listen to network traffic on selected network interfaces and displays a table of current usage. You should specify a network interface using “-i” option to check the network traffic. Iftop should also be run by root.

#iftop --help

7. Arpwatch

Arpwatch is a handy tool that you can use to monitor ethernet traffic acticities like changing IP and MAC addresses on you network. It also maintains a database of ethernet/ip address pairings. Most Linux distros haven’t included this tool on their utility package so chances are you have to install this tool by yourself.

#arpwatch --help

8. Traceroute

Traceroute is the tool which you can use to track the route of a certain network host. For instance, you can use traceroute to find which nodes you pass before getting to Google. Traceroute is very helpful if your internet connection is experiencing a problem. You can use it to see in which node your connection stopped.

#traceroute --help

9. MTR

Abbreviation of My Tracetoure. MTR is another tool that you can use to check the route of a certain host you are accessing. The MTR usage is also easy. You just need to type the mtr command in the terminal followed by a hostname you want to track its route.

#mtr hostname

10. Ngrep

Ngrep is grep but for the network layer. It’s pcap aware and will allow to specify extended regular or hexadecimal expressions to match against packets of. Ngrep should be run by root. There are a number of parameters you can use to run this tool, which you can find using --help


Written by Captain Jack

No, I am not Captain Jack Sparrow. I am just a guy who love drinking coffee.