Skip to content
Flowchart Learning

Network_performance

Chapter 54: Network Performance

Section titled “Chapter 54: Network Performance”

Overview

Section titled “Overview”

Network performance is critical for application throughput and latency. This chapter covers network monitoring tools, kernel tuning parameters, interface configuration, and troubleshooting techniques for optimizing network performance on Linux systems.

54.1 Network Monitoring

Section titled “54.1 Network Monitoring”

Monitoring Tools Overview

Section titled “Monitoring Tools Overview”
┌─────────────────────────────────────────────────────────────────────────┐
│                   NETWORK PERFORMANCE TOOLS                               │
├─────────────────────────────────────────────────────────────────────────┤
│                                                                         │
│   Real-Time Monitoring:                                                 │
│   ┌─────────────────────────────────────────────────────────────────┐   │
│   │  iftop       - Bandwidth per connection                       │   │
│   │  nethogs     - Per-process bandwidth                          │   │
│   │  iptraf-ng   - Interactive network statistics                 │   │
│   │  bmon       - Bandwidth monitor                             │   │
│   └─────────────────────────────────────────────────────────────────┘   │
│                                                                         │
│   Statistics:                                                           │
│   ┌─────────────────────────────────────────────────────────────────┐   │
│   │  ss          - Socket statistics (modern)                      │   │
│   │  sar         - System activity reporter                        │   │
│   │  ip -s link - Interface statistics                            │   │
│   │  netstat    - Network statistics (legacy)                     │   │
│   └─────────────────────────────────────────────────────────────────┘   │
│                                                                         │
└─────────────────────────────────────────────────────────────────────────┘

Basic Commands

Section titled “Basic Commands”
Terminal window
# ============================================================
# NETWORK MONITORING
# ============================================================


# Interface status
ip link
ip addr
ip -s link


# Connection stats
ss -tunapl
ss -s
netstat -tunapl


# Network statistics
sar -n DEV 1 5
sar -n SOCK 1 5


# Real-time monitoring
iftop -i eth0
nethogs -i eth0


# Per-interface stats
ip -s link show eth0
cat /proc/net/dev


# Network errors
netstat -i
cat /proc/net/snmp

Bandwidth Monitoring

Section titled “Bandwidth Monitoring”
Terminal window
# ============================================================
# BANDWIDTH ANALYSIS
# ============================================================


# iftop - top-like bandwidth
sudo iftop -i eth0


# nethogs - per-process
sudo nethogs eth0


# iptraf-ng - interactive
sudo iptraf-ng


# bmon - bandwidth monitor
bmon -p eth0


# vnstat - historical
vnstat -i eth0
vnstat -h     # hourly
vnstat -d     # daily
vnstat -m     # monthly

54.2 Network Tuning

Section titled “54.2 Network Tuning”

Kernel Parameters

Section titled “Kernel Parameters”
Terminal window
# ============================================================
# NETWORK TUNING - SYSCTL
# ============================================================


# /etc/sysctl.conf


# TCP buffer sizes
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.rmem_default = 87380
net.core.wmem_default = 87380


# TCP performance features
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_congestion_control = cubic


# TCP tuning
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_sYNcookies = 1
net.ipv4.tcp_fin_timeout = 15


# Connection tracking
net.netfilter.nf_conntrack_max = 1048576
net.nf_conntrack_max = 1048576
net.netfilter.nf_conntrack_tcp_timeout_established = 86400


# Network buffers
net.core.netdev_max_backlog = 50000
net.core.optmem_max = 25165824


# Apply changes
sudo sysctl -p
sudo sysctl --system

54.3 Interface Tuning

Section titled “54.3 Interface Tuning”

ethtool Configuration

Section titled “ethtool Configuration”
Terminal window
# ============================================================
# EThtool TUNING
# ============================================================


# View settings
ethtool eth0


# Speed and duplex (fix if auto-negotiate fails)
sudo ethtool -s eth0 speed 1000 duplex full autoneg off


# Ring buffer (increase for high-throughput)
sudo ethtool -G eth0 rx 4096 tx 4096


# Offloads (enable for performance)
sudo ethtool -K eth0 tso on gso on gro on


# Interrupt coalescing (reduce CPU)
sudo ethtool -C eth0 rx-usecs 100 tx-usecs 100


# Pause frames
sudo ethtool -A eth0 tx on rx on


# Show all settings
ethtool -g eth0    # ring params
ethtool -k eth0    # offloads
ethtool -c eth0    # coalescing

54.4 Network Issues

Section titled “54.4 Network Issues”

Troubleshooting

Section titled “Troubleshooting”
Terminal window
# ============================================================
# NETWORK TROUBLESHOOTING
# ============================================================


# Connection issues
ss -tunapl | grep ESTAB
ss -tunapl | grep TIME_WAIT


# Network errors
netstat -s
cat /proc/net/snmp
cat /proc/net/netstat


# Packet drops
ip -s link show
ip -s link show eth0


# TCP errors
netstat -s | grep -i error


# Socket exhaustion
ss -s


# Check for packet loss
sar -n DEV 1 100 | grep -v Average


# Network queue issues
cat /proc/net/softnet_stat

54.5 Interview Questions

Section titled “54.5 Interview Questions”
┌─────────────────────────────────────────────────────────────────────────┐
│            NETWORK PERFORMANCE INTERVIEW QUESTIONS                           │
├─────────────────────────────────────────────────────────────────────────┤
                                                                         
Q1: How do you tune TCP buffer sizes?                                   │
                                                                         
A1:                                                                       │
net.ipv4.tcp_rmem = "min default max"                                 │
net.ipv4.tcp_wmem = "min default max"                                 │
Increase for high-latency or high-throughput networks                   │
                                                                         
─────────────────────────────────────────────────────────────────────────┤
                                                                         
Q2: What does ethtool -G do?                                           │
                                                                         
A2:                                                                       │
Sets ring buffer sizes for network interface                             │
- rx: receive ring buffer                                             │
- tx: transmit ring buffer                                            │
Larger buffers handle bursts better but increase latency               │
                                                                         
─────────────────────────────────────────────────────────────────────────┤
                                                                         
Q3: How do you monitor network throughput?                             │
                                                                         
A3:                                                                       │
iftop: real-time per-connection bandwidth                            │
nethogs: per-process bandwidth                                        │
sar -n DEV: historical statistics                                     │
vnstat: long-term tracking                                           │
                                                                         
─────────────────────────────────────────────────────────────────────────┤
                                                                         
Q4: What are TCP offloads?                                             │
                                                                         
A4:                                                                       │
- TSO: TCP Segmentation Offload                                        │
- GSO: Generic Segmentation Offload                                    │
- GRO: Generic Receive Offload                                         │
- Checksum offload                                                    │
Reduce CPU by having NIC handle packet processing                      │
                                                                         
─────────────────────────────────────────────────────────────────────────┤
                                                                         
Q5: How do you troubleshoot packet drops?                              │
                                                                         
A5:                                                                       │
- ip -s link show: interface drops                                   │
- netstat -s: protocol-level drops                                    │
- ethtool -S: NIC statistics                                          │
- Check ring buffer sizes                                             │
- Check for hardware issues                                           │
                                                                         
└─────────────────────────────────────────────────────────────────────────┘

Summary

Section titled “Summary”
  • Monitoring: ss, sar, iftop, nethogs
  • Tuning: sysctl TCP parameters, ethtool
  • Troubleshooting: ss, netstat, /proc/net

Next Chapter

Section titled “Next Chapter”

Chapter 55: Kernel Tuning with sysctl

Last Updated: February 2026