When working with RHEL or other Linux distributions, you don't always have the luxury of installing additional monitoring tools. Here are the native utilities you can use:
# Basic interface statistics
$ ifconfig eth0
# Continuous monitoring (refresh every 1 second)
$ watch -n 1 ifconfig eth0
For more detailed and programmable access to interface statistics:
# View raw network interface data
$ cat /proc/net/dev
# Sample output:
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
eth0: 12345678 98765 0 0 0 0 0 0 9876543 54321 0 0 0 0 0 0
The sysstat package (usually pre-installed) provides excellent historical monitoring:
# Install if not present (requires sudo)
$ sudo yum install sysstat
# View current network usage
$ sar -n DEV 1 5
# Sample output:
Linux 3.10.0-957.el7.x86_64 (hostname) 01/01/2023 _x86_64_ (4 CPU)
12:00:01 AM IFACE rxpck/s txpck/s rxkB/s txkB/s rxcmp/s txcmp/s rxmcst/s
12:00:02 AM eth0 2.00 1.00 0.12 0.08 0.00 0.00 0.00
For persistent monitoring, you can create a bash script:
#!/bin/bash
INTERFACE="eth0"
DELAY=1
while true; do
RX1=$(cat /sys/class/net/${INTERFACE}/statistics/rx_bytes)
TX1=$(cat /sys/class/net/${INTERFACE}/statistics/tx_bytes)
sleep $DELAY
RX2=$(cat /sys/class/net/${INTERFACE}/statistics/rx_bytes)
TX2=$(cat /sys/class/net/${INTERFACE}/statistics/tx_bytes)
RX_DIFF=$(( (RX2 - RX1) / DELAY ))
TX_DIFF=$(( (TX2 - TX1) / DELAY ))
echo "$(date +%H:%M:%S) RX: $(numfmt --to=iec $RX_DIFF)/s TX: $(numfmt --to=iec $TX_DIFF)/s"
done
The modern ip command provides interface statistics:
$ ip -s link show eth0
2: eth0: mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:16:3e:7a:1b:2f brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
123456789 987654 0 0 0 0
TX: bytes packets errors dropped carrier collsns
987654321 123456 0 0 0 0
On a standard RHEL system without the ability to install additional packages, we have several native tools available for monitoring network interface traffic:
# Basic interface statistics
$ cat /proc/net/dev
# Continuous monitoring with watch
$ watch -n 1 "cat /proc/net/dev | grep eth0"
# Using traditional ifconfig
$ ifconfig eth0
The /proc/net/dev file provides detailed statistics about each network interface. The output includes bytes received/transmitted, packets, errors, and more:
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
eth0: 14567892 102345 0 0 0 0 0 0 4567890 78901 0 0 0 0 0 0
For real-time monitoring, you can combine basic commands:
# Simple refresh every second
$ while true; do clear; date; cat /proc/net/dev | grep eth0; sleep 1; done
# More advanced version showing rates
$ watch -n 1 "ifconfig eth0 | grep 'RX bytes\|TX bytes'"
To estimate interface utilization percentage, you need to know the interface speed:
# Get interface speed (in Mb/s)
$ ethtool eth0 | grep Speed
# Calculate utilization script
prev_rx=$(cat /proc/net/dev | grep eth0 | awk '{print $2}')
prev_tx=$(cat /proc/net/dev | grep eth0 | awk '{print $10}')
sleep 1
curr_rx=$(cat /proc/net/dev | grep eth0 | awk '{print $2}')
curr_tx=$(cat /proc/net/dev | grep eth0 | awk '{print $10}')
rx_rate=$(( (curr_rx - prev_rx) * 8 / 1000 ))
tx_rate=$(( (curr_tx - prev_tx) * 8 / 1000 ))
echo "RX: $rx_rate Kb/s, TX: $tx_rate Kb/s"
If sysstat package is installed (common on RHEL), sar provides excellent network monitoring:
# Real-time network interface statistics
$ sar -n DEV 1
# Historical data (if collected)
$ sar -n DEV -f /var/log/sa/sa$(date +%d -d yesterday)
For long-term monitoring, create a simple logging script:
#!/bin/bash
LOG_FILE="/var/log/network_stats.log"
INTERFACE="eth0"
while true; do
TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S')
STATS=$(cat /proc/net/dev | grep "$INTERFACE")
echo "$TIMESTAMP - $STATS" >> "$LOG_FILE"
sleep 60
done
Remember to make the script executable and consider running it as a service if needed for continuous monitoring.