8.7 TCP/IP Suite: Utilities
8.7.5 How and when to use NETSTAT to test, validate, and troubleshoot IP connectivity
NETSTAT is used to display the methods used by 
virtual circuits and network interfaces.  NETSTAT is available for troubleshooting specific TCP/IP issues by displaying protocol statistics and current TCP/IP connections. This utility is used to show the three-step handshake method when establishing and disconnecting network sessions.

NETSTAT displays a list of protocol types, local addresses and port information, remote access and port information, and current state.The information displayed also explains what connections are open and in progress. Variations of the netstat command are shown in the following:

Command Action
netstat -a <number> Displays connections and listening ports.
netstat -e Includes the number of bytes received and sent, discards and errors, and unknown protocols.
netstat -s -p <ipaddress> Displays contents of routing table. Allows users to view the current routes and active sessions and addresses.

NETSTAT enables the user to troubleshoot TCP/IP based connections by monitoring TCP protocol activity (by using netstat -a). Error counts and Ethernet interfaces can also be monitored using netstat.