Monitor Network Connections on CentOS Using the ss Command
The ss utility, part of the iproute2 package, is a powerful tool for reviewing socket statistics. The name stands for “socket statistics” and allows administrators to view detailed information about sockets, including TCP, UDP, and Unix domain sockets.
For system administrators, analyzing these statistics can help diagnose and resolve potential network connectivity problems.
Unlike older tools like netstat, ss operates significantly faster, making it ideal for systems under heavy traffic. Because of this efficiency, ss is often preferred over netstat for real-time network monitoring.
Requirements
- A CentOS 6.x 64-bit server instance
- A user with
sudoprivileges
Installing ss (if not already available)
Most modern Linux distributions come with ss pre-installed. If it’s missing, you can install it along with its documentation on RPM-based systems using:
sudo yum install iproute iproute-doc
Common Usage Examples of ss
The following examples highlight typical ss commands. For a full list of options, use the help flag:
ss --help
Display a Summary of Socket Usage
ss -s
Show Listening IPv4 Sockets with Process Information
ss -4nlp
This is a combination of the following flags: -4, -n, -l, and -p.
Display IPv4 Sockets Only
ss -4
Show Port Numbers Instead of Service Names
ss -n
List Listening Sockets
ss -l
Display Processes Using Sockets
ss -p
View All Socket Connections
ss -a
Filter by Socket Type
List TCP, UDP, RAW, or Unix domain sockets:
ss -at
ss -au
ss -ar
ss -ax
Find the Process on Port 22
ss -lnp | grep 22
Note: You must use the -n flag together with the port number (e.g., 22) to ensure accurate output.
Show Connections to a Specific Remote Host
ss dst 123.123.123.123
Filter by Local Address and Port
ss src 12.34.56.78:80
View Help Options
ss -h
or
ss --help
Conclusion
The ss command is a versatile and efficient tool for real-time socket analysis on CentOS and other Linux systems. With its rapid performance and flexibility in filtering data, it is highly beneficial for system administrators managing modern, high-traffic servers. Mastering the various ss options can greatly enhance your ability to monitor and troubleshoot network activity effectively.
