How effective netstat to know your remote connections and troubleshooting of network issue :)

Today in our testing environment we encountered with one problem of open connection during  web service call to other system.
To truoble shoot and resolve this issue in my development PC first I connected to test environment and took help from netstate commands to resolve this issue .
I found quite of interesting commands to know the open / close_wait / time_wait and established connections.
(Don't forgot to give interval if you wanna see in schedule way :)
like netstae -n 2  will schedule it to 2 sec interval and display the all remote connections within this time)

A simple summary tutorials of netstat is as below:


Netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Unix, Unix-like, and Windows NT-based operating systems.

Parameters used with this command must be prefixed with a hyphen (-) rather than a slash (/).

-a : Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.

-b : Displays the binary (executable) program's name involved in creating each connection or listening port. (Windows only)

-e : Displays ethernet statistics, such as the number of bytes and packets sent and received. This parameter can be combined with -s.

-i : Displays network interfaces and their statistics (not available under Windows)

-n : Displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.

-o : Displays active TCP connections and includes the process ID (PID) for each connection. You can find the application based on the PID on the Processes tab in Windows Task Manager. This parameter can be combined with -a, -n, and -p. This parameter is available on Microsoft Windows XP, 2003 Server (not Microsoft Windows 2000)).

-p Windows: Protocol : Shows connections for the protocol specified by Protocol. In this case, the Protocol can be tcp, udp, tcpv6, or udpv6. If this parameter is used with -s to display statistics by protocol, Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6, or ipv6.

-p Linux: Process : Show which processes are using which sockets (similar to -b under Windows)

-r : Displays the contents of the IP routing table. (This is equivalent to the route print command under Windows.)

-s : Displays statistics by protocol. By default, statistics are shown for the TCP, UDP, ICMP, and IP protocols. If the IPv6 protocol for Windows XP is installed, statistics are shown for the TCP over IPv6, UDP over IPv6, ICMPv6, and IPv6 protocols. The -p parameter can be used to specify a set of protocols.

-v : When used in conjunction with -b it will display the sequence of components involved in creating the connection or listening port for all executables.

Interval : Redisplays the selected information every Interval seconds. Press CTRL+C to stop the redisplay. If this parameter is omitted, netstat prints the selected information only once.

/? : Displays help at the command prompt. (only on Windows)


To display the statistics for only the TCP or UDP protocols, type one of the following commands:

netstat -s -p tcp

netstat -s -p udp

To display active TCP connections and the process IDs every 5 seconds, type the following command (works on Microsoft XP and 2003 only):

netstat -o 5

OS X version

netstat -w 5

To display active TCP connections and the process IDs using numerical form, type the following command (works on Microsoft XP and 2003 only):

netstat -n -o