How to use the command 'bandwhich' (with examples)

How to use the command 'bandwhich' (with examples)

Bandwhich is a command line utility that allows you to monitor the network utilization by process, connection, or remote IP/hostname. It provides information on the amount of bandwidth used and the hosts and processes consuming it. This article will illustrate several use cases of the ‘bandwhich’ command along with the corresponding code, motivation, explanation, and example output.

Use case 1: Show the remote addresses table only

Code:

bandwhich --addresses

Motivation:

Sometimes, it can be helpful to view only the remote addresses table to quickly identify the outbound connections being established by processes. This can help in troubleshooting network-related issues or understanding which processes are communicating with external services.

Explanation:

The --addresses option instructs ‘bandwhich’ to display only the remote addresses table, omitting other information like process names or cumulative usage. This allows you to focus solely on the remote connections being made.

Example output:

Remote Address        Sent      Recv
------------------------------ --------
192.168.1.10:443      12.1kB    2.3kB
192.168.1.20:80       8.4kB     49.7kB

Use case 2: Show DNS queries

Code:

bandwhich --show-dns

Motivation:

Monitoring DNS queries can be important for troubleshooting network issues, identifying potential DNS misconfigurations or DNS server issues, and understanding which processes are making DNS requests.

Explanation:

The --show-dns option enables the display of DNS queries within the ‘bandwhich’ output. It will show the requested hostname or IP address and the corresponding DNS resolution details.

Example output:

Process       Remote Address        Query Type  Query Result
------------- --------------------- ----------- ------------
chrome        www.example.com       A           93.184.216.34
firefox       api.example.com       AAAA        2606:2800:220:1:248...

Use case 3: Show total (cumulative) usage

Code:

bandwhich --total-utilization

Motivation:

By showing the total utilization, you can quickly determine the overall network bandwidth consumption on your system. This can help in identifying processes or connections that might be causing network slowdowns or congestion.

Explanation:

The --total-utilization option displays the cumulative network utilization for all processes and connections, giving an aggregated view of the bandwidth usage.

Example output:

Total Sent   Total Recv
------------ ------------
894.5KB      1.2MB

Use case 4: Show the network utilization for a specific network interface

Code:

bandwhich --interface eth0

Motivation:

If you have multiple network interfaces on your system, it can be useful to monitor the bandwidth usage of a specific interface rather than the overall network. This allows you to focus on the traffic specific to that interface, which can be helpful for network optimization or troubleshooting.

Explanation:

The --interface option followed by the network interface name (e.g., eth0) instructs ‘bandwhich’ to monitor the network utilization specifically for that interface.

Example output:

Process       Remote Address        Sent    Recv
------------- --------------------- ------  ------
chrome        192.168.1.10:443      12.1kB  2.3kB
firefox       192.168.1.20:80       8.4kB   49.7kB

Use case 5: Show DNS queries with a given DNS server

Code:

bandwhich --show-dns --dns-server dns_server_ip

Motivation:

In some cases, you might need to monitor DNS queries with a specific DNS server. This can be helpful for verifying whether a particular DNS server is functioning correctly or to analyze DNS traffic routed through a certain server.

Explanation:

The --show-dns option enables the display of DNS queries, and the --dns-server option followed by the DNS server IP address allows you to specify the DNS server to monitor. This combination provides insights into DNS resolution traffic specific to the given DNS server.

Example output:

Process       Remote Address        Query Type  Query Result
------------- --------------------- ----------- ------------
chrome        www.example.com       A           93.184.216.34
firefox       api.example.com       AAAA        2606:2800:220:1:248...

Conclusion:

The ‘bandwhich’ command is a powerful utility for monitoring network utilization at a granular level. By leveraging its various options, such as displaying remote addresses, DNS queries, total utilization, specific network interface utilization, and monitoring DNS queries with targeted DNS servers, you can gain valuable insights into the network activity of your system. Whether it is troubleshooting network issues or optimizing network performance, ‘bandwhich’ offers a robust solution for analyzing network usage.

Tags :

Related Posts

How to use the command f3probe (with examples)

How to use the command f3probe (with examples)

The f3probe command is used to probe a block device, such as a flash drive or a microSD card, for counterfeit flash memory.

Read More
How to use the command 'vm_stat' (with examples)

How to use the command 'vm_stat' (with examples)

The ‘vm_stat’ command is used to display virtual memory statistics on a Unix-like operating system.

Read More
Using the "whence" Command (with examples)

Using the "whence" Command (with examples)

The “whence” command is a zsh builtin that allows you to investigate how a given command would be interpreted.

Read More