09-11-2019, 11:56 AM
You are sort of on your own for troubleshooting your particular network configuration but generally you will want to use a combination of the commands below to try and determine if there really is an issue.
The commands have lots of parameters but there is plenty of info on the Internet about how to use them. The link below shows how to use netstat for monitoring outbound connections.
https://unix.stackexchange.com/questions...my-machine
Here is an example from one of my Pi's that has a Music Source configured (a Samba share on my Router) and is playing a radio station. The IP address breakdown is as follows:
192.168.1.177 = Pi (host rp3)
192.168.1.155 = My Mac Air
127.0.0.1 = host Localhost on Pi rp3
192.168.1.1 = My WiFi Router
173.239.76.149 = Radio station SomaFM Groove Salad Classic
What the command output shows is quite normal.
- Some connections between PHP and MPD on port 6600, IP address 127.0.0.1
- Connection between my Air and Samba on the Pi over port 445. I've connected to the SDCard share that moOde posts.
- Connection between MPD and the radio station over port 80
- Some connections between NGINX web server and my Air over port 80. This is the moOde WebUI running on my Air.
- A connection between the Pi and my Router over port 445. My Router runs a Samba share.
- A connection between my Air and the Pi over port 22 (SSH)
If you want to see a packet trace then you would need to run tcpdump. Just beware that it will be difficult to interpret unless you filter the results. This is because there is always a lot of Link Layer traffic on networks (ARP, ICMP, etc) plus web server keep-alive, etc. Also protocols like Samba, UPnP, Spotify Connect, etc can be very chatty.
I haven't read a tcpdump in ages so i won't be able to help out.
-Tim
Code:
netstat
tcpdumpThe commands have lots of parameters but there is plenty of info on the Internet about how to use them. The link below shows how to use netstat for monitoring outbound connections.
https://unix.stackexchange.com/questions...my-machine
Here is an example from one of my Pi's that has a Music Source configured (a Samba share on my Router) and is playing a radio station. The IP address breakdown is as follows:
192.168.1.177 = Pi (host rp3)
192.168.1.155 = My Mac Air
127.0.0.1 = host Localhost on Pi rp3
192.168.1.1 = My WiFi Router
173.239.76.149 = Radio station SomaFM Groove Salad Classic
What the command output shows is quite normal.
- Some connections between PHP and MPD on port 6600, IP address 127.0.0.1
- Connection between my Air and Samba on the Pi over port 445. I've connected to the SDCard share that moOde posts.
- Connection between MPD and the radio station over port 80
- Some connections between NGINX web server and my Air over port 80. This is the moOde WebUI running on my Air.
- A connection between the Pi and my Router over port 445. My Router runs a Samba share.
- A connection between my Air and the Pi over port 22 (SSH)
Code:
pi@rp3:~ $ sudo netstat -nputw
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 1 0 127.0.0.1:34060 127.0.0.1:6600 CLOSE_WAIT 876/sudo
tcp 0 0 127.0.0.1:47922 127.0.0.1:6600 ESTABLISHED 26105/php-fpm: pool
tcp 0 0 192.168.1.177:43168 192.168.1.155:445 ESTABLISHED -
tcp 0 0 127.0.0.1:6600 127.0.0.1:47922 ESTABLISHED 839/mpd
tcp 0 0 192.168.1.177:49400 173.239.76.149:80 ESTABLISHED 839/mpd
tcp 0 0 192.168.1.177:80 192.168.1.155:52239 ESTABLISHED 445/nginx: worker p
tcp 0 0 192.168.1.177:80 192.168.1.155:51423 ESTABLISHED 445/nginx: worker p
tcp 0 0 192.168.1.177:80 192.168.1.155:51603 ESTABLISHED 445/nginx: worker p
tcp 0 0 192.168.1.177:33648 192.168.1.1:445 ESTABLISHED -
tcp 0 0 192.168.1.177:80 192.168.1.155:50430 ESTABLISHED 445/nginx: worker p
tcp 0 600 192.168.1.177:22 192.168.1.155:51092 ESTABLISHED 23241/sshd: pi [pri
pi@rp3:~ $If you want to see a packet trace then you would need to run tcpdump. Just beware that it will be difficult to interpret unless you filter the results. This is because there is always a lot of Link Layer traffic on networks (ARP, ICMP, etc) plus web server keep-alive, etc. Also protocols like Samba, UPnP, Spotify Connect, etc can be very chatty.
I haven't read a tcpdump in ages so i won't be able to help out.
-Tim
