LabEx
Log In Join For Free

Linux ss Command with Practical Examples

LinuxLinuxBeginner
Practice Now

Introduction

In this lab, you will learn how to use the ss command in Linux to explore network connections, analyze socket statistics, and understand the state of network sockets. The ss command is a powerful tool that provides detailed information about TCP, UDP, and Unix domain sockets, allowing you to troubleshoot network-related issues and monitor the activity of your system.

You will start by understanding the purpose and syntax of the ss command, including the various options available to filter and display specific types of sockets. Then, you will explore network connections using the ss command, learning how to identify active connections, their local and remote addresses, and the processes associated with them. Finally, you will dive deeper into analyzing socket statistics and states, gaining insights into the performance and behavior of your network connections.

Linux Commands Cheat Sheet

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL linux(("`Linux`")) -.-> linux/SystemInformationandMonitoringGroup(["`System Information and Monitoring`"]) linux(("`Linux`")) -.-> linux/RemoteAccessandNetworkingGroup(["`Remote Access and Networking`"]) linux/SystemInformationandMonitoringGroup -.-> linux/ps("`Process Displaying`") linux/RemoteAccessandNetworkingGroup -.-> linux/netstat("`Network Monitoring`") subgraph Lab Skills linux/ps -.-> lab-422930{{"`Linux ss Command with Practical Examples`"}} linux/netstat -.-> lab-422930{{"`Linux ss Command with Practical Examples`"}} end

Understand the Purpose and Syntax of the ss Command

In this step, you will learn about the purpose and syntax of the ss command in Linux. The ss command is a powerful tool used to display information about network sockets, including TCP, UDP, and Unix domain sockets.

To begin, let's explore the basic syntax of the ss command:

sudo ss [options]

The most common options used with the ss command are:

  • -t: Display TCP sockets
  • -u: Display UDP sockets
  • -x: Display Unix domain sockets
  • -n: Don't resolve service names
  • -a: Display all sockets (listening and non-listening)
  • -l: Display only listening sockets
  • -p: Display the process using the socket

Let's try some examples to understand the ss command better:

sudo ss -t

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
LISTEN     0      4096   127.0.0.1:6379                   0.0.0.0:*
ESTAB      0      0      172.17.0.2:36578                 172.17.0.1:22

This command displays information about all TCP sockets, including the state of the connection, the number of bytes received and sent, the local and remote addresses, and the ports used.

sudo ss -u

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
UNCONN     0      0      127.0.0.53%lo:53                 0.0.0.0:*
UNCONN     0      0      172.17.0.2:41378                 8.8.8.8:53

This command displays information about all UDP sockets, including the local and remote addresses and ports.

sudo ss -x

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
LISTEN     0      4096   /run/dbus/system_bus_socket      *:*
LISTEN     0      4096   /run/systemd/journal/stdout      *:*

This command displays information about all Unix domain sockets, which are used for inter-process communication within the same system.

By understanding the purpose and syntax of the ss command, you can effectively analyze and troubleshoot network connections on your Linux system.

Explore Network Connections Using the ss Command

In this step, you will learn how to use the ss command to explore and analyze network connections on your Linux system.

Let's start by displaying all active network connections:

sudo ss -a

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
LISTEN     0      4096   127.0.0.1:6379                   0.0.0.0:*
ESTAB      0      0      172.17.0.2:36578                 172.17.0.1:22
UNCONN     0      0      127.0.0.53%lo:53                 0.0.0.0:*
UNCONN     0      0      172.17.0.2:41378                 8.8.8.8:53

This command shows all active sockets, including listening and non-listening sockets.

To display only the listening sockets, you can use the -l option:

sudo ss -l

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
LISTEN     0      4096   127.0.0.1:6379                   0.0.0.0:*
LISTEN     0      4096   /run/dbus/system_bus_socket      *:*
LISTEN     0      4096   /run/systemd/journal/stdout      *:*

This command shows all the listening sockets on your system, which are waiting for incoming connections.

To display the process using a specific socket, you can use the -p option:

sudo ss -ltp

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port                  Process
LISTEN     0      4096   127.0.0.1:6379                   0.0.0.0:*                         users:(("redis-server",pid=520,fd=6))
LISTEN     0      4096   /run/dbus/system_bus_socket      *:*                               users:(("dbus-daemon",pid=518,fd=10))
LISTEN     0      4096   /run/systemd/journal/stdout      *:*                               users:(("systemd-journal",pid=516,fd=13))

This command shows the process ID and the name of the process using each listening socket.

By exploring the output of the ss command, you can gain valuable insights into the network connections on your Linux system, which can be useful for troubleshooting and monitoring purposes.

Analyze Socket Statistics and States with the ss Command

In this step, you will learn how to use the ss command to analyze socket statistics and states on your Linux system.

Let's start by displaying detailed information about TCP sockets:

sudo ss -t -i

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
ESTAB      0      0      172.17.0.2:36578                 172.17.0.1:22
   cubic wscale:7,7 rto:200 rtt:0.025/0.011 ato:40 mss:1460 pmtu:1500 rcvmss:1460 advmss:1460 cwnd:10 bytes_acked:1392 bytes_received:0 segs_out:18 segs_in:1 send 1.00Mbps rcv_space:29200

LISTEN     0      4096   127.0.0.1:6379                   0.0.0.0:*
   cubic wscale:7,7 rto:200 rtt:0.025/0.011 ato:40 mss:536 pmtu:1500 rcvmss:536 advmss:1460 cwnd:10 bytes_acked:1392 bytes_received:0 segs_out:18 segs_in:1 send 1.00Mbps rcv_space:29200

This command displays detailed information about each TCP socket, including the socket state, send and receive queue sizes, local and remote addresses, and various socket statistics such as the congestion control algorithm, window scaling, round-trip time, and more.

To display the state of all sockets, you can use the ss command with the -o option:

sudo ss -o

Example output:

State      Recv-Q Send-Q Local Address:Port               Peer Address:Port                  Timer
ESTAB      0      0      172.17.0.2:36578                 172.17.0.1:22                     timer:(keepalive,14sec,0)
LISTEN     0      4096   127.0.0.1:6379                   0.0.0.0:*                         timer:(timewait,60.0)
UNCONN     0      0      127.0.0.53%lo:53                 0.0.0.0:*                         timer:(off,0)
UNCONN     0      0      172.17.0.2:41378                 8.8.8.8:53                        timer:(off,0)

This command displays the state of all sockets, including the timer information for each socket.

By analyzing the output of the ss command with the -t -i and -o options, you can gain a deeper understanding of the network connections on your Linux system, which can be useful for troubleshooting and performance optimization.

Summary

In this lab, you first learned about the purpose and syntax of the ss command in Linux. The ss command is a powerful tool used to display information about network sockets, including TCP, UDP, and Unix domain sockets. You explored the common options for the ss command, such as -t for TCP sockets, -u for UDP sockets, and -x for Unix domain sockets. You also learned how to use the ss command to display detailed information about network connections, including the state of the connection, the number of bytes received and sent, and the local and remote addresses and ports.

Next, you learned how to use the ss command to analyze socket statistics and states. The ss command provides a wealth of information about the current state of network connections, which can be useful for troubleshooting and monitoring network issues.

Linux Commands Cheat Sheet

Other Linux Tutorials you may like

Related Linux Courses
Quick Start with Linux

Quick Start with Linux

LinuxShell
Beginner
Linux for Noobs

Linux for Noobs

LinuxShell
Intermediate
Practice Linux Commands

Practice Linux Commands

LinuxShell
Beginner

We use cookies for a number of reasons, such as keeping the website reliable and secure, to improve your experience on our website and to see how you interact with it. By accepting, you agree to our use of such cookies. Privacy Policy