Member-only story
In my last article I introduced tools such as ping , ip , ss and sar to measure network performance. Using these tools/commands, you can quickly check network performance indicators such as bandwidth, throughput, and latency.
But none of these tools are suitable for network packet capture and analysis, therefore even you notice that the network performance is having issue, it is hard to find the root cause.
tcpdump and wireshark
tcpdump and wireshark are the most commonly used network packet capture and analysis tools, and they are also indispensable tools for analyzing network performance.
tcpdumponly supports the command line format, and is often used to capture and analyze network packets in the server.- In addition to capturing packets,
wiresharkalso provides a powerful graphical interface and summary analysis tools, which are particularly simple and practical when analyzing complex network scenarios.
Therefore, in the actual analysis of network performance, it is also a common method to use tcpdump to capture packets first, and then use wireshark to analyze.
Due to wireshark’s graphical interface, it cannot be used over SSH, so I recommend you install it on a local machine (eg Windows). You can…
