Get number of TCP established connections
Use the command:
ss -neopt state established
This will show you only TCP sessions in ESTABLISHED
state, no piping to other commands required, so it's super fast.
ss
is better than netstat
because the older netstat
just reads from procfs which is subject to file locks. ss
actually makes a query inside the kernel which is handled by the kernel scheduler and always returns accurate information.
Using /proc to reduce workload
I like to access kernel variables directly through /proc
. This is very efficient, quick and system friendly.
There is a pseudo file (kernel variables table) named /proc/net/tcp
where
kernel store list of TCP connection and listenning. The 6th field, called st
for state could contain 0A
for a listen entry and 01
for an established connection.
Counting TCP established connections:
By using grepgrep </proc/net/tcp -c '^ *[0-9]\+: [0-9A-F: ]\{27\} 01 '
By using awk
awk </proc/net/tcp 'BEGIN{t=0};{if ($4 == "01") {t++;}};END{print t}'
or
awk </proc/net/tcp 'BEGIN{t=0};/^ *[0-9]+: [0-9A-F: ]{27} 01 /{t++};END{print t}'
By using sed
sed </proc/net/tcp '/^ *[0-9]\+: [0-9A-F: ]\{27\} 01 /p;d' | wc -l
Execution time
As this question stand for high workload system. I've done a little bench:
Method Answer by Milliseconds grep Techno 2.48 awk no regexp ($4=="01") 2.51 sed | wc 2.67 awk with regexp 2.93 ss -neopt state established | wc -l Suprjami 15.14 lsof -i tcp -s tcp:ESTABLISHED Tonioc 25055.00
Ok Tonioc's answer is very slow, but very insteresting by his verbosity. So clearly not useable on high workload system.
This bench let you see that if ss
is a very usefull dedicated tool, asking /proc
variables could be a lot quicker.
Check also: 527875.
netstat + grep
is a good and simple option for a few connections but if you have a huge number of connections I would recommend ss
as recommended in nixCraft.
For instance: ss -s
Total: 78 (kernel 79)
TCP: 31 (estab 27, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 16
Transport Total IP IPv6
* 79 - -
RAW 0 0 0
UDP 4 2 2
TCP 31 2 29
INET 35 4 31
FRAG 0 0 0