Linux Sniffer(如tcpdump、Wireshark)排查网络故障的步骤如下:
安装工具
tcpdump
(轻量级,适合服务器)sudo apt install tcpdump # Debian/Ubuntu
sudo yum install tcpdump # CentOS/RHEL
Wireshark
(需安装图形界面)sudo apt install wireshark
捕获数据包
sudo tcpdump -i eth0
(eth0
替换为实际网卡名)sudo tcpdump host 192.168.1.100
sudo tcpdump port 80
(HTTP)或 port 443
(HTTPS)sudo tcpdump -w capture.pcap
,后续用Wireshark分析分析网络故障
-ttt
参数)分析RTT(往返时间),或统计重传率(tcpdump -i any -n -vv -s 0 'tcp[tcpflags] & (tcp-syn|tcp-ack) != 0'
)。tcpdump -i eth0 -nn -q | awk '{print $3}' | sort -nr
),定位大流量来源。验证与优化
ping
、traceroute
测试基础连通性。iptables -L
)是否限制关键端口。注意事项:
root
权限运行抓包工具。参考来源: