Linux provides some test tools for checking the state of TCP/IP protocol connections or examining the protocol interactions as they take place on the wire. System administrators often wonder why they would want to do this. The basic TCP/IP protocols have been in use for 20 years and don't require any debugging. Even if your system uses some new protocol that does have a bug, it is unlikely that as a system administrator you have the time or inclination to try to debug a protocol.
These things are true, but these tools have uses beyond debugging a protocol. The most important role for protocol analysis is as a tool to gain more information and insight about a network problem. Discovering that a connection terminates during the parameter negotiation can steer you toward checking the configuration, or discovering that a connection hangs without a clean termination can point you to a malfunctioning wrap-up script. Protocol analysis may be the last tool you use, but there are times when it is very helpful.
Was this article helpful?