命令netstat-a停了很长时间没有响应(netstat takes a long time)
这个可能是DNS出了问题。
If netstat -a takes a long time for some connections, it suggests delays in resolving the names from the IP addresses of the connection (or service names from port numbers).
A connection can appear in netstat -a and not appear in lsof output. Lsof will only show those endpoints with a coresponding socket. However, a connection with no socket will only appear in netstat -a and perhaps ndd /dev/tcp tcp_status.
A connection in ESTABLISHED that does not appear in lsof output could possibly be a connection that has been ESTABLISHED, but for which the server application has not called accept(). If it persists for a "long time" it suggests that there is some issue with the server application.
The tcp_discon stuff should be considered a MASSIVE KLUDGE and SHOULD NOT be used except in EXTREME CASES.
I would suggest running the netstat -a command under tusc. Between that, and comparing the performance of netstat -an you will likely see resolution delays. Be sure to add the timestamps to the tusc command, and might as well make it verbose so you can see the bind/connect calls on the SOCK_DGRAM sockets involving port 53 for DNS lookups.
there is no rest for the wicked yet the virtuous have no pillows
看完英文解释,再中文简单解释一下
使用#netstat --help 能够查看帮助信息, 如果只使用-a缺省情况下会进行域名解析,如果域名设置有问题,会造成速度响应慢。
1.如果要解决这个问题,可以使用参数-an,不对域名进行解析。同样的问题,在arp命令、route命令上也存在。
2.如果要解决这个问题,可以查看你的DNS设置,是否DNS不通,或者DNS有故障,在修复后再次尝试。
-a 参数列出所有的socket,
-n 参数不对ip地址进行域名解析,显示数字
[root@xiesshavip002 ~]# netstat --help
usage: netstat [-vWeenNcCF] [] -r netstat {-V|--version|-h|--help}
netstat [-vWnNcaeol] [ ...]
netstat { [-vWeenNac] -I[] | [-veenNac] -i | [-cnNe] -M | -s [-6tuw] } [delay]
-r, --route display routing table
-I, --interfaces= display interface table for
-i, --interfaces display interface table
-g, --groups display multicast group memberships
-s, --statistics display networking statistics (like SNMP)
-M, --masquerade display masqueraded connections
-v, --verbose be verbose
-W, --wide don't truncate IP addresses
-n, --numeric don't resolve names
--numeric-hosts don't resolve host names
--numeric-ports don't resolve port names
--numeric-users don't resolve user names
-N, --symbolic resolve hardware names
-e, --extend display other/more information
-p, --programs display PID/Program name for sockets
-o, --timers display timers
-c, --continuous continuous listing
-l, --listening display listening server sockets
-a, --all display all sockets (default: connected)
-F, --fib display Forwarding Information Base (default)
-C, --cache display routing cache instead of FIB
-Z, --context display SELinux security context for sockets
={-t|--tcp} {-u|--udp} {-U|--udplite} {-w|--raw} {-x|--unix}
--ax25 --ipx --netrom
=Use '-6|-4' or '-A ' or '--'; default: inet
List of possible address families (which support routing):
inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25)
netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP)
x25 (CCITT X.25)
netstat DNS 响应
