Introduction
In this lab, you will learn how to check if a network socket option is configured in Linux. We will explore the use of the ss command with the -o option to display extended socket information, allowing you to view various socket options like TCP window size and MSS.
The lab guides you through using ss -no state all to examine socket details, preventing service name resolution for faster output. You'll also learn how to interpret the output, which includes socket state, addresses, and extended information crucial for diagnosing network performance issues.
Check socket options with ss -o
In this step, we'll explore how to use the ss command to check socket options. The ss command is a powerful tool for investigating network sockets. It's similar to netstat, but ss is generally faster and provides more detailed information. We'll focus on using the -o option to display extended socket information.
First, let's understand what a socket is. A socket is an endpoint of a two-way communication link between two programs running on the network. Sockets are fundamental to network programming and understanding them is crucial for network troubleshooting and optimization.
The ss command with the -o option allows you to view various socket options, such as TCP window size, TCP MSS (Maximum Segment Size), and other TCP-related parameters. This information can be invaluable for diagnosing network performance issues.
To begin, open your terminal.
Now, let's run the ss command with the -o option to see the socket information. We'll also use the -n option to prevent ss from attempting to resolve service names, which can slow down the output.
Type the following command into your terminal and press Enter:
ss -no state all
This command does the following:
ss: Invokes the socket statistics tool.-n: Prevents service name resolution.-o: Shows extended information.state all: Displays all sockets regardless of their state.
You should see output similar to this:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
nl UNCONN 0 0 rtnl:kernel
nl UNCONN 0 0 fib_trie:kernel
nl UNCONN 0 0 xfrm:kernel
tcp LISTEN 0 4096 0.0.0.0:22 0.0.0.0:*
skmem:(r0,rb369280,t0,tb87380) tclass 0 pclass 0
tcp ESTAB 0 0 127.0.0.1:38768 127.0.0.1:22
skmem:(r0,rb87380,t0,tb87380) tclass 0 pclass 0 rcv_space:2048,4194304,65535 rcv_qlen:0 snd_space:32768,4194304,65535 snd_qlen:0
tcp LISTEN 0 4096 [::]:22 [::]:*
skmem:(r0,rb369280,t0,tb87380) tclass 0 pclass 0
The output shows various socket connections, their states, and other relevant information. The skmem field shows memory usage related to the socket. The rcv_space and snd_space show receive and send buffer sizes.
Now, let's filter the output to focus on TCP sockets and include process information. This will help us identify which processes are using specific sockets.
Type the following command into your terminal and press Enter:
sudo ss -tnpo state all
This command adds the following options:
-t: Filters for TCP sockets.-p: Shows process using socket.
You should see output similar to this:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=942,fd=3))
ESTAB 0 0 127.0.0.1:22 127.0.0.1:49134 users:(("sshd",pid=1147,fd=5))
LISTEN 0 4096 [::]:22 [::]:* users:(("sshd",pid=942,fd=4))
The Process column now shows the process name and PID (Process ID) associated with each socket. This can be very useful for identifying which applications are using specific network connections.
By using ss -o, you can gain valuable insights into the configuration and status of network sockets on your system. This information can be used to troubleshoot network issues, optimize network performance, and understand how applications are using network resources.
Verify socket settings in /proc/sys/net
In this step, we'll explore how to verify socket settings using the /proc/sys/net directory. The /proc filesystem is a virtual filesystem that provides information about running processes and kernel configuration. The /proc/sys/net directory contains various files that control networking parameters, including socket settings.
Understanding these settings is crucial for optimizing network performance and troubleshooting network-related issues. These settings affect how the kernel handles network connections, buffer sizes, timeouts, and other critical parameters.
To begin, open your terminal.
Let's start by listing the contents of the /proc/sys/net/ipv4 directory. This directory contains settings specific to IPv4 networking.
Type the following command into your terminal and press Enter:
ls /proc/sys/net/ipv4
This command will list the files in the /proc/sys/net/ipv4 directory. Each file represents a specific networking parameter.
You should see output similar to this:
conf icmp_echo_ignore_all icmp_ignore_bogus_error_responses icmp_timestamp_ignore_replies ip_default_ttl ip_forward ip_local_port_range neigh route tcp_abc tcp_adv_win_scale tcp_allowed_congestion_control tcp_congestion_control tcp_dsack tcp_ecn tcp_fack tcp_fastopen tcp_fin_timeout tcp_frto tcp_keepalive_intvl tcp_keepalive_probes tcp_keepalive_time tcp_low_latency tcp_max_syn_backlog tcp_max_tw_buckets tcp_moderate_rcvbuf tcp_mtu_probing tcp_no_metrics_save tcp_orphan_retries tcp_reordering tcp_retries1 tcp_retries2 tcp_rfc1337 tcp_rmem tcp_sack tcp_slow_start_after_idle tcp_syn_retries tcp_syncookies tcp_timestamps tcp_tw_recycle tcp_tw_reuse tcp_wmem
Now, let's examine the value of a specific setting. For example, let's check the value of tcp_syn_retries. This setting determines how many times the kernel will attempt to retransmit a SYN packet when establishing a TCP connection.
To view the value of tcp_syn_retries, use the cat command:
cat /proc/sys/net/ipv4/tcp_syn_retries
You should see a number as output, typically 6. This means the kernel will attempt to retransmit the SYN packet up to 6 times.
6
You can also view the contents of other files in the /proc/sys/net/ipv4 directory to see their current values. For example, to view the range of local ports that the system can use, you can view the ip_local_port_range file:
cat /proc/sys/net/ipv4/ip_local_port_range
The output will show the lower and upper bounds of the local port range:
32768 60999
To explore settings related to all IP versions, you can also check /proc/sys/net/core.
ls /proc/sys/net/core
default_qdisc dev_weight message_burst message_cost netdev_max_backlog optmem_max rmem_default rmem_max somaxconn warnings wmem_default wmem_max
And check the value of rmem_default:
cat /proc/sys/net/core/rmem_default
212992
By examining the files in the /proc/sys/net directory, you can gain a better understanding of how your system is configured for networking. This knowledge can be invaluable for troubleshooting network issues and optimizing network performance.
Inspect socket config with sysctl
In this step, we'll explore how to inspect socket configurations using the sysctl command. sysctl is a command-line utility that allows you to view and modify kernel parameters at runtime. It's a powerful tool for fine-tuning your system's behavior, including network settings.
sysctl reads and writes values from the /proc/sys virtual filesystem. In the previous step, we used cat to read values directly from files in /proc/sys/net. sysctl provides a more convenient and structured way to access and modify these parameters.
To begin, open your terminal.
Let's start by listing all available network-related sysctl parameters. To do this, we can use the sysctl -a command and filter the output using grep to focus on network settings.
Type the following command into your terminal and press Enter:
sysctl -a | grep net.
This command does the following:
sysctl -a: Lists all kernel parameters.grep net.: Filters the output to show only parameters that start withnet..
You should see a long list of network-related parameters and their current values. The output will be similar to this:
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
net.core.bpf_jit_enable = 0
net.core.busy_poll = 50
net.core.busy_read = 50
net.core.default_qdisc = fq_codel
net.core.dev_weight = 64
net.core.message_burst = 10
net.core.message_cost = 5
net.core.netdev_max_backlog = 1000
net.core.optmem_max = 20480
net.core.rmem_default = 212992
net.core.rmem_max = 1703936
net.core.somaxconn = 128
net.core.warnings = 1
net.core.wmem_default = 212992
net.core.wmem_max = 1703936
net.ipv4.conf.all.accept_redirects = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_notify = 0
net.ipv4.conf.all.bootp_relay = 0
net.ipv4.conf.all.forwarding = 0
net.ipv4.conf.all.ignore_routes_with_linkdown = 0
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.medium_id = 0
net.ipv4.conf.all.promote_secondaries = 1
net.ipv4.conf.all.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.all.secure_redirects = 1
net.ipv4.conf.all.send_redirects = 1
net.ipv4.conf.default.accept_redirects = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_notify = 0
net.ipv4.conf.default.bootp_relay = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.default.ignore_routes_with_linkdown = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.medium_id = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.secure_redirects = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.lo.accept_redirects = 1
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_notify = 0
net.ipv4.conf.lo.bootp_relay = 0
net.ipv4.conf.lo.forwarding = 0
net.ipv4.conf.lo.ignore_routes_with_linkdown = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.medium_id = 0
net.ipv4.conf.lo.promote_secondaries = 1
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.lo.secure_redirects = 1
net.ipv4.conf.lo.send_redirects = 1
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.icmp_timestamp_ignore_replies = 0
net.ipv4.ip_default_ttl = 64
net.ipv4.ip_forward = 0
net.ipv4.ip_local_port_range = 32768 60999
net.ipv4.neigh.default.anycast_delay = 1
net.ipv4.neigh.default.app_solicit = 0
net.ipv4.neigh.default.base_reachable_time_ms = 30000
net.ipv4.neigh.default.gc_interval = 30
net.ipv4.neigh.default.gc_stale_time = 60
net.ipv4.neigh.default.locktime = 0
net.ipv4.neigh.default.mcast_solicit = 3
net.ipv4.neigh.default.proxy_qlen = 64
net.ipv4.neigh.default.retrans_time_ms = 1000
net.ipv4.neigh.default.ucast_solicit = 3
net.ipv4.route.flush = 0
net.ipv4.route.gc_elasticity = 9
net.ipv4.route.gc_interval = 30
net.ipv4.route.gc_min_interval = 0
net.ipv4.route.gc_timeout = 210
net.ipv4.route.max_size = 4096
net.ipv4.route.min_adv_mss = 536
net.ipv4.route.mtu_expires = 600
net.ipv4.tcp_abc = 0
net.ipv4.tcp_adv_win_scale = 1
net.ipv4.tcp_allowed_congestion_control = reno
net.ipv4.tcp_congestion_control = reno
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_ecn = 2
net.ipv4.tcp_fack = 1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_frto = 2
net.ipv4.tcp_keepalive_intvl = 75
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_low_latency = 0
net.ipv4.tcp_max_syn_backlog = 256
net.ipv4.tcp_max_tw_buckets = 180000
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_mtu_probing = 0
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_orphan_retries = 8
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_retries1 = 8
net.ipv4.tcp_retries2 = 15
net.ipv4.tcp_rfc1337 = 0
net.ipv4.tcp_rmem = 4096 212992 6291456
net.ipv4.tcp_sack = 1
net.ipv4.tcp_slow_start_after_idle = 1
net.ipv4.tcp_syn_retries = 6
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv6.conf.all.accept_dad = 1
net.ipv6.conf.all.accept_ra = 1
net.ipv6.conf.all.accept_redirects = 1
net.ipv6.conf.all.autoconf = 1
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.all.force_mld_version = 0
net.ipv6.conf.all.hop_limit = 64
net.ipv6.conf.all.ignore_routes_with_linkdown = 0
net.ipv6.conf.all.max_addresses = 16
net.ipv6.conf.all.mldv1_unsolicited_report_interval = 1000
net.ipv6.conf.all.mldv2_unsolicited_report_interval = 100
net.ipv6.conf.all.mtu = 0
net.ipv6.conf.all.proxy_ndp = 0
net.ipv6.conf.all.regen_max_random_factor = 600
net.ipv6.conf.all.router_solicitation_delay = 1
net.ipv6.conf.all.router_solicitation_interval = 4
net.ipv6.conf.all.router_solicitations = -1
net.ipv6.conf.all.seg6_enabled = 1
net.ipv6.conf.all.seg6_require_hmac = 0
net.ipv6.conf.all.use_optimistic_dad = 0
net.ipv6.conf.all.use_tempaddr = 0
net.ipv6.conf.default.accept_dad = 1
net.ipv6.conf.default.accept_ra = 1
net.ipv6.conf.default.accept_redirects = 1
net.ipv6.conf.default.autoconf = 1
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.default.force_mld_version = 0
net.ipv6.conf.default.hop_limit = 64
net.ipv6.conf.default.ignore_routes_with_linkdown = 0
net.ipv6.conf.default.max_addresses = 16
net.ipv6.conf.default.mldv1_unsolicited_report_interval = 1000
net.ipv6.conf.default.mldv2_unsolicited_report_interval = 100
net.ipv6.conf.default.mtu = 0
net.ipv6.conf.default.proxy_ndp = 0
net.ipv6.conf.default.regen_max_random_factor = 600
net.ipv6.conf.default.router_solicitation_delay = 1
net.ipv6.conf.default.router_solicitation_interval = 4
net.ipv6.conf.default.router_solicitations = -1
net.ipv6.conf.default.seg6_enabled = 1
net.ipv6.conf.default.seg6_require_hmac = 0
net.ipv6.conf.default.use_optimistic_dad = 0
net.ipv6.conf.default.use_tempaddr = 0
net.ipv6.conf.eth0.accept_dad = 1
net.ipv6.conf.eth0.accept_ra = 1
net.ipv6.conf.eth0.accept_redirects = 1
net.ipv6.conf.eth0.autoconf = 1
net.ipv6.conf.eth0.disable_ipv6 = 0
net.ipv6.conf.eth0.force_mld_version = 0
net.ipv6.conf.eth0.hop_limit = 64
net.ipv6.conf.eth0.ignore_routes_with_linkdown = 0
net.ipv6.conf.eth0.max_addresses = 16
net.ipv6.conf.eth0.mldv1_unsolicited_report_interval = 1000
net.ipv6.conf.eth0.mldv2_unsolicited_report_interval = 100
net.ipv6.conf.eth0.mtu = 1500
net.ipv6.conf.eth0.proxy_ndp = 0
net.ipv6.conf.eth0.regen_max_random_factor = 600
net.ipv6.conf.eth0.router_solicitation_delay = 1
net.ipv6.conf.eth0.router_solicitation_interval = 4
net.ipv6.conf.eth0.router_solicitations = -1
net.ipv6.conf.eth0.seg6_enabled = 1
net.ipv6.conf.eth0.seg6_require_hmac = 0
net.ipv6.conf.eth0.use_optimistic_dad = 0
net.ipv6.conf.eth0.use_tempaddr = 0
net.ipv6.conf.lo.accept_dad = 1
net.ipv6.conf.lo.accept_ra = 1
net.ipv6.conf.lo.accept_redirects = 1
net.ipv6.conf.lo.autoconf = 1
net.ipv6.conf.lo.disable_ipv6 = 0
net.ipv6.conf.lo.force_mld_version = 0
net.ipv6.conf.lo.hop_limit = 64
net.ipv6.conf.lo.ignore_routes_with_linkdown = 0
net.ipv6.conf.lo.max_addresses = 16
net.ipv6.conf.lo.mldv1_unsolicited_report_interval = 1000
net.ipv6.conf.lo.mldv2_unsolicited_report_interval = 100
net.ipv6.conf.lo.mtu = 65536
net.ipv6.conf.lo.proxy_ndp = 0
net.ipv6.conf.lo.regen_max_random_factor = 600
net.ipv6.conf.lo.router_solicitation_delay = 1
net.ipv6.conf.lo.router_solicitation_interval = 4
net.ipv6.conf.lo.router_solicitations = -1
net.ipv6.conf.lo.seg6_enabled = 1
net.ipv6.conf.lo.seg6_require_hmac = 0
net.ipv6.conf.lo.use_optimistic_dad = 0
net.ipv6.conf.lo.use_tempaddr = 0
net.netfilter.nf_conntrack_acct = 0
net.netfilter.nf_conntrack_buckets = 65536
net.netfilter.nf_conntrack_checksum = 0
net.netfilter.nf_conntrack_count = 256
net.netfilter.nf_conntrack_expect_max = 128
net.netfilter.nf_conntrack_frag6_high_thresh = 1048576
net.netfilter.nf_conntrack_frag6_low_thresh = 524288
net.netfilter.nf_conntrack_frag6_timeout = 60
net.netfilter.nf_conntrack_frag_high_thresh = 1048576
net.netfilter.nf_conntrack_frag_low_thresh = 524288
net.netfilter.nf_conntrack_frag_timeout = 60
net.netfilter.nf_conntrack_generic_timeout = 3600
net.netfilter.nf_conntrack_helper = 1
net.netfilter.nf_conntrack_icmpv6_timeout = 10
net.netfilter.nf_conntrack_icmp_timeout = 30
net.netfilter.nf_conntrack_log_invalid = 0
net.netfilter.nf_conntrack_max = 262144
net.netfilter.nf_conntrack_sctp_timeout_closed = 0
net.netfilter.nf_conntrack_sctp_timeout_cookie_echoed = 120
net.netfilter.nf_conntrack_sctp_timeout_cookie_wait = 120
net.netfilter.nf_conntrack_sctp_timeout_heartbeat_ack = 0
net.netfilter.nf_conntrack_sctp_timeout_heartbeat_sent = 30
net.netfilter.nf_conntrack_sctp_timeout_shutdown_ack_sent = 0
net.netfilter.nf_conntrack_sctp_timeout_shutdown_recd = 0
net.netfilter.nf_conntrack_sctp_timeout_shutdown_sent = 0
net.netfilter.nf_conntrack_tcp_loose = 1
net.netfilter.nf_conntrack_tcp_max_retrans = 3
net.netfilter.nf_conntrack_tcp_timeout_close = 10
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_established = 86400
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_last_ack = 30
net.netfilter.nf_conntrack_tcp_timeout_max_retrans = 300
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 60
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 120
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
net.unix.max_dgram_qlen = 512
To view the value of a specific parameter, use the sysctl command followed by the parameter name. For example, to view the value of net.ipv4.ip_forward, type the following command and press Enter:
sysctl net.ipv4.ip_forward
This command will display the current value of the net.ipv4.ip_forward parameter.
net.ipv4.ip_forward = 0
To modify a sysctl parameter, you can use the -w option followed by the parameter name and the new value. However, keep in mind that changes made with the -w option are temporary and will be lost after a reboot.
For example, to temporarily enable IP forwarding (set net.ipv4.ip_forward to 1), type the following command and press Enter:
sudo sysctl -w net.ipv4.ip_forward=1
You can verify that the value has been changed by running the sysctl command again:
sysctl net.ipv4.ip_forward
The output should now show:
net.ipv4.ip_forward = 1
To make the change permanent, you need to edit the /etc/sysctl.conf file or create a new configuration file in the /etc/sysctl.d/ directory.
For example, let's create a new file named 99-labex.conf in the /etc/sysctl.d/ directory and add the net.ipv4.ip_forward=1 setting to it.
First, create the file using nano:
sudo nano /etc/sysctl.d/99-labex.conf
Then, add the following line to the file:
net.ipv4.ip_forward=1
Press Ctrl+X, then Y, then Enter to save the file.
Finally, apply the changes by running the following command:
sudo sysctl -p /etc/sysctl.d/99-labex.conf
This command will read the configuration file and apply the settings.
By using the sysctl command and modifying the /etc/sysctl.conf file, you can fine-tune your system's network settings to optimize performance and security.
Summary
In this lab, we explored how to check network socket options in Linux using the ss command. The key takeaway is understanding how to use ss -no state all to display extended socket information, including TCP window size and MSS, which are crucial for diagnosing network performance issues.
The lab emphasized the importance of sockets as endpoints for network communication and demonstrated how the ss command provides detailed insights into socket parameters, enabling effective network troubleshooting and optimization.
