Skip to main content
Engineering LibreTexts

10-F.11.5: Network Troubleshooting Commands - iftop / iperf / mtr

  • Page ID
  • The iftop Command

    iftop monitors network traffic and displays a table of current bandwidth usage. An interface may be specified or, if not, it will listen on the first interface it finds which looks like an external interface. iftop must be run with sufficient permissions to monitor all network traffic; on most systems this means that it must be run as a root user.

    By default, iftop will look up hostnames associated with addresses and count all IP packets that pass through the filter. Hostname look-up can add substantial traffic, in and of itself, and may result in an inaccurate display of network traffic.


    iftop [ OPTIONS ]

    The most common option is the -i which specifies which network interface is to be monitored.

    In the example, if we look on the top address:

    image of the iftop output
    Figure \(\PageIndex{1}\): Iftop outputhere. ("itftop output" by Patrick McClanahan is licensed under CC BY-SA 4.0)
    • pbmac-server.local in the preceding 2 seconds is sent 0KB of data to the host
    • In the preceding 10 seconds pbmac-server.local is sent 2.01Kb data
    • In the preceding 40 seconds pbmac-server.local515b data

    At the same time :

    • in the preceding 2 seconds is sent 0Kb data to pbmac-server.local
    • In the preceding 10 seconds it sent 1.39Kb data
    • In the preceding 40 seconds it sent 355b data

    At the bottom line, iftop show us the results:

    • Cumulative TX and RX kilobytes transmitted
    • Peak TX and RX data over the last 40 seconds
    • Total transfer rates averaged over 2 seconds, 10 seconds and 40 seconds

    The iperf Command

    Iperf is a widely used tool for network performance measurement and tuning. It is significant as a cross-platform tool that can produce standardized performance measurements for any network. Iperf has client and server functionality, and can create data streams to measure the throughput between the two ends in one or both directions. Typical iperf output contains a time-stamped report of the amount of data transferred and the throughput measured.

    The data streams can be either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP):

    • UDP: When used for testing UDP capacity, iperf allows the user to specify the datagram size and provides results for the datagram throughput and the packet loss.
    • TCP: When used for testing TCP capacity, iperf measures the throughput of the payload. Iperf uses 1024 × 1024 for mebibytes and 1000 × 1000 for megabytes.


    iperf { -c | -s } [ OPTIONS ]

    The -c or -s option must be used with other OPTIONS.

    The following example shows the test of the bandwidth measurements between the local server and the remote server:

    pbmac@pbmac-server $ iperf -c -u 100
    iperf: ignoring extra argument -- 100
    Client connecting to, UDP port 5001
    Sending 1470 byte datagrams, IPG target: 11215.21 us (kalman adjust)
    UDP buffer size:  208 KByte (default)
    [  3] local port 49584 connected with port 5001
    [ ID] Interval       Transfer     Bandwidth
    [  3]  0.0-10.0 sec  1.25 MBytes  1.05 Mbits/sec
    [  3] Sent 893 datagrams
    [  3] WARNING: did not receive ack of last datagram after 10 tries.

    The mtr Command

    MTR relies on Internet Control Message Protocol (ICMP) Time Exceeded packets coming back from routers, or ICMP Echo Reply packets when the packets have hit their destination host. MTR also has a User Datagram Protocol (UDP) mode that sends UDP packets, with the time to live (TTL) field in the IP header increasing by one for each probe sent, toward the destination host. When the UDP mode is used, MTR relies on ICMP port unreachable packets when the destination is reached.

    The tool is often used for network troubleshooting. By showing a list of routers traversed, and the average round-trip time as well as packet loss to each router, it allows users to identify links between two given routers responsible for certain fractions of the overall latency or packet loss through the network. This can help identify network overuse problems.



    The columns in the output are relatively self explanatory: 1) Host - the remote system; 2) Packets Loss % - percent of packets that got no ack; 3) Packets Snt - number of packets sent; 4) Last - round trip time of the last packet; 5) Avg - the average time; 6) Best - the shortest round trip time; 7) Wrst - the slowest time; and 8) StDev - the standard deviation in the ping times.

    mtr command output
    Figure \(\PageIndex{1}\): mtr Output ("itftop output" by Patrick McClanahan is licensed under CC BY-SA 4.0)

    Adapted from:
    "iftop" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0
    "Iperf" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0
    "MTR (software)" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0

    • Was this article helpful?