netstat/ss
$ # netstat -tnl
$ ss -tnlp # new command
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:8022 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:35763 0.0.0.0:* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 :::8022 :::* LISTEN
解释:显示本机目前监听的端口
nc
$ nc -vz 127.0.0.1 8080
Connection to 127.0.0.1 8080 port [tcp/http-alt] succeeded!
解释:探查目标 IP 对应的端口是否可达。
iptables
显示规则
$ sudo iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8022
ACCEPT all -- 127.0.0.1 127.0.0.1
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
显式 packet num
sudo iptables -Z
sudo iptables -L INPUT -v
-Z 用于清理 packet 数量记录,-v 显式数据包数量。
增加规则
sudo iptables -I INPUT 2 -p tcp --dport 8080 -s 0.0.0.0/0 -j ACCEPT
解释:增加一条 INPUT 被访问的规则,协议为 tcp,端口为 8080,IP 是所有,动作为 ACCEPT
删除规则
sudo iptables -L --line-numbers
sudo iptables -D [CHAIN] [LINE_NUMBER]
proxy
- tinyproxy: https://tinyproxy.github.io/
- goproxy: https://snail007.goproxyauth.com/goproxy/manual/zh/#/
nload
查看每个 device 汇总的输入、输出带宽
iftop
查看每个 device 具体使用的端口流量
iftop -i -P # show network port
lsof -i:port # show pid which creates port
nvdia-smi nvlink
nvlink show bandwidth between GPU
nvidia-smi nvlink -h
nvidia-smi nvlink status
ibstat
show network between nodes through infiniband