Linux Sniffer(如tcpdump、Wireshark)排查网络故障的步骤如下:
安装工具
tcpdump(轻量级,适合服务器)sudo apt install tcpdump # Debian/Ubuntu
sudo yum install tcpdump # CentOS/RHEL
Wireshark(需安装图形界面)sudo apt install wireshark
捕获数据包
sudo tcpdump -i eth0(eth0替换为实际网卡名)sudo tcpdump host 192.168.1.100sudo tcpdump port 80(HTTP)或 port 443(HTTPS)sudo tcpdump -w capture.pcap,后续用Wireshark分析分析网络故障
-ttt参数)分析RTT(往返时间),或统计重传率(tcpdump -i any -n -vv -s 0 'tcp[tcpflags] & (tcp-syn|tcp-ack) != 0')。tcpdump -i eth0 -nn -q | awk '{print $3}' | sort -nr),定位大流量来源。验证与优化
ping、traceroute测试基础连通性。iptables -L)是否限制关键端口。注意事项:
root权限运行抓包工具。参考来源: