Nettop is a command-line program that displays updated information about network traffic. In this article we will cover how to run nettop, how to read its output, and how to format that output. This article is intended for the Mac user who wants to learn more about which applications are accessing the network, what state the network traffic is in, and the amount of consumed resources. The reader can be at a beginning or intermediate level of computer knowledge and skills. The article covers the command-line program nettop, which displays updated information about network traffic.
The company is incorporating previously iOS-only frameworks into macOS, and allowing those apps to tap into things like mouse and trackpad input, resizable windows, scroll bars, and copy-and-paste. Nobody builds apps for the Mac. Slack has a solid iOS app that scales up to the iPad just fine. Attach the smart keyboard, and you’ll find keyboard shortcuts.
Running the command is easy; however, reading the output needs a little more in-depth explanation. In this article we will cover how to run nettop, how to read its output, and how to format that output for readability. So let’s run nettop.
From the Finder menu, choose Go - Utilities - Terminal. After Terminal opens, type nettop on the command line and hit return.
If you do this while your computer is connected to the network, Terminal will fill with information about your network sockets. 1 (Pressing q quits nettop.) Now, let’s look closer at one of the entries.
If you have Google Chrome open, nettop will show you columnated information similar to the lines below (here we’re presenting just the first few columns): interface state Google Chrome.7523 tcp4 10.145.1bibble.babble.com:443 en1 Established Here are labels for these entries: interface state NetworkApp.processID transportProtocol IPversion localhost:portremotemachine:port networkInterface connection state In line one of the sample entry are nettop's column headings. Interface refers to the network interface ( lo0 means loopback interface, en0 means wired physical network connection, en1 means wireless; and fw0 means firewire). In this case, the network interface is a WiFi transciever. State refers to the state of the connection between sockets (the state of a server waiting for a connection on a port is LISTEN, the state of a connection recently closed is TimeWait; and in this sample entry, Established means the connection is active). Line two begins with the name of the network application (Google Chrome), separated by a period from the process ID (which in the example is 7523). 2 Line three shows one network socket listed for the application. Tcp4 means “Transmission Control Protocol/Internet Protocol version 4”.
3, 4That is followed by the localhost’s IP address colon port number remote host’s IP address colon port number 5, the network interface (which in the example is en1), and a connection state of Established. You might also notice many lines that use the Transport Protocol identifier udp4. Like tcp4, udp4 transmits datagrams, but the connection is one-way. Tcp4 guarantees that both ends of a transmission are aware of one another. Udp4 just sends data without a confirmation of its receipt.
You probably noticed many socket entries that looked like these: airportd.56 udp4.:.:. udp4.:.:. The fields for localhost:port and remotehost:port have asterisks in them.
![Best mac apps Best mac apps](/uploads/1/2/5/3/125381347/666569296.jpg)
The asterisks are wildcard characters. This means that these sockets are open. The operating system creates these open sockets as placeholders of sorts, so that it can respond faster to incoming data.
(Without an open socket ready to receive incoming data, incoming data would have to trigger the creation of a socket; and that causes delay.) The last example of nettop entries I'd like to consider is this one: ntpd.283 udp4 10.145.45.62:123.:. In this socket the localhost has an IPv4 address with a port number 123, which is the port number for NTP, or network time protocol, which is used to synchronize computers on the Internet. The wildcards for the remotehost means the ntp server on the localhost is listening for any address on any port. The next columns in entries for the network apps and their sockets show bytes in and bytes out ( since the app was launched). Returning to our example network app, Google Chrome, nettop might display something like this: interface state bytes in bytes out Google Chrome. 7523 11 MiB 1754 KiB tcp4 10.145.7bibble.babble.com:80 en1 Established 27 KiB 62 KiB tcp4 10.145.9www2.twitter.com:443 en1 Established 434 KiB 6954 B bytes in and bytes out for a socket shows how much traffic has come in and gone out for that socket, while bytes in and bytes out for the network app shows the total traffic for all the sockets belonging to that app. While nettop shows more columns than these, these columns cover the basics.
In the final part of this how-to, we will look briefly at formatting options. While nettop is running, pressing p renders the traffic numbers as bytes or in human-readable formats ( KiB for kilobytes and MiB for megabytes). Pressing c collapses the display, showing only the network apps (and not their sockets), while pressing e expands the display to show sockets. Pressing q quits nettop.
You may want to see only tcp traffic. In this case, on the command line type nettop -m tcp. If you want to see the routing table 6 instead of the sockets, on the command line type nettop -m route. If you are interested in learning more about nettop, please refer to the man page – on the command line type man nettop. If you are interested in learning more about the computer networking concepts mentioned in this article, please google the concept or refer to the Wikipedia articles on them. This Wikipedia pages for this article's key terms are included as hyperlinks in the endnotes below.
1 A network socket is one end-point in a two-way communication between two programs on a network; for example, between a web server and your web browser. 2 Every process has a unique identifier called “the process identifier” or PID. 3 TCP is a transport protocol that was designed to ensure the integrity of information sent over the network. It provides for error-checking of data packets, as well as their completeness and the correct order of their assembly at the receiving computer. Web traffic and file downloads use TCP. Information that doesn't require such integrity is usually sent by another transport protocol called UDP.
![See Port For Which App Mac See Port For Which App Mac](/uploads/1/2/5/3/125381347/562390011.png)
Streaming videos and music use UDP. 4 Internet Protocol (IP) is the principal communications protocol used on the Internet. The numerical labels assigned to devices on the Internet for identification and addressing are called IP addresses.
In the sample socket entry, 10.145.45.62 is a version 4 IP address. V4 IP addresses are the addresses that most people are familiar with. V6 IP addresses are newer, allow for a much greater range of addresses, and follow a different format (e.g., a v6 IP address looks like this: fe80::5921:c8ed:428e:a3aa). 5 Ports are communication endpoints in a computer's OS. They are identified with the IP address of the host and a protocol type (often the transport protocols TCP and UDP). Ports enable programs to share the same physical connection to the Internet.
Well-known port numbers and their services include 80 for http, 443 for https, 53 for DNS, and 22 for SSH. 6 The routing table shows the routes of the traffic between your network apps and their network destinations. Written by CNS OIT staff Questions or comments?
The best and easiest way to contact us is via the.
Note. Curious about the new releases for the macOS client? Check out. The Mac client runs on computers running macOS 10.10 and newer. The information in this article applies primarily to the full version of the Mac client - the version available in the Mac AppStore. Test-drive new features by downloading our preview app here:.
Get the Remote Desktop client Follow these steps to get started with Remote Desktop on your Mac:. Download the Microsoft Remote Desktop client from the. (If you skip this step, you can't connect to your PC.). Add a Remote Desktop connection or a remote resource. You use a connection to connect directly to a Windows PC and a remote resource to use a RemoteApp program, session-based desktop, or a virtual desktop published on-premises using RemoteApp and Desktop Connections.
This feature is typically available in corporate environments. What about the Mac beta client? We're testing new features on our preview channel on HockeyApp. Want to check it out?
Go to and click Download. You don't need to create an account or sign into HockeyApp to download the beta client. If you already have the client, you can check for updates to ensure you have the latest version.
In the beta client, click Microsoft Remote Desktop Beta at the top, and then click Check for updates. Add a Remote Desktop connection To create a remote desktop connection:. In the Connection Center, click +, and then click Desktop. Enter the following information:.
PC name - the name of the computer. This can be a Windows computer name (found in the System settings), a domain name, or an IP address. You can also add port information to the end of this name, like MyDesktop:3389. User Account - Add the user account you use to access the remote PC. For Active Directory (AD) joined computers or local accounts, use one of these formats: username, domain username, or [email protected]. For Azure Active Directory (AAD) joined computers, use one of these formats: AzureAD username or AzureAD [email protected].
You can also choose whether to require a password. When managing multiple user accounts with the same user name, set a friendly name to differentiate the accounts. Manage your saved user accounts in the preferences of the app. You can also set these optional settings for the connection:.
Set a friendly name. Add a Gateway. Set the sound output. Swap mouse buttons. Enable Admin Mode. Redirect local folders into a remote session.
Forward local printers. Forward Smart Cards. Click Save. To start the connection, just double-click it. The same is true for remote resources. Export and import connections You can export a remote desktop connection definition and use it on a different device. Remote desktops are saved in separate.RDP files.
In the Connection Center, right-click the remote desktop. Click Export. Browse to the location where you want to save the remote desktop.RDP file. Use the following steps to import a remote desktop.RDP file.
In the menu bar, click File Import. Browse to the.RDP file.
Click Open. Add a remote resource Remote resources are RemoteApp programs, session-based desktops, and virtual desktops published using RemoteApp and Desktop Connections. The URL displays the link to the RD Web Access server that gives you access to RemoteApp and Desktop Connections. The configured RemoteApp and Desktop Connections are listed.
To add a remote resource:. In the Connection Center click +, and then click Add Remote Resources. Enter information for the remote resource:.
Feed URL - The URL of the RD Web Access server. You can also enter your corporate email account in this field – this tells the client to search for the RD Web Access Server associated with your email address. User name - The user name to use for the RD Web Access server you are connecting to. Password - The password to use for the RD Web Access server you are connecting to. Click Save. The remote resources will be displayed in the Connection Center. Connect to an RD Gateway to access internal assets A Remote Desktop Gateway (RD Gateway) lets you connect to a remote computer on a corporate network from anywhere on the Internet.
You can create and manage your gateways in the preferences of the app or while setting up a new desktop connection. To set up a new gateway in preferences:. In the Connection Center, click Preferences Gateways. Click the + button at the bottom of the table Enter the following information:.
Server name – The name of the computer you want to use as a gateway. This can be a Windows computer name, an Internet domain name, or an IP address. You can also add port information to the server name (for example: RDGateway:443 or 10.0.0.1:443). User name - The user name and password to be used for the Remote Desktop gateway you are connecting to.
You can also select Use connection credentials to use the same user name and password as those used for the remote desktop connection. Manage your user accounts When you connect to a desktop or remote resources, you can save the user accounts to select from again. You can manage your user accounts by using the Remote Desktop client. To create a new user account:.
In the Connection Center, click Settings Accounts. Click Add User Account. Enter the following information:.
User Name - The name of the user to save for use with a remote connection. You can enter the user name in any of the following formats: username, domain username, or [email protected]. Password - The password for the user you specified.
Every user account that you want to save to use for remote connections needs to have a password associated with it. Friendly Name - If you are using the same user account with different passwords, set a friendly name to distinguish those user accounts. Tap Save, and then tap Settings.
Customize your display resolution You can specify the display resolution for the remote desktop session. In the Connection Center, click Preferences. Click Resolution. Enter a resolution height and width, and then click OK. To delete the resolution, select it, and then click.
Displays have separate spaces If you are running Mac OS X 10.9 and disabled Displays have separate spaces in Mavericks ( System Preferences Mission Control), you need to configure this setting in the remote desktop client using the same option. Drive redirection for remote resources Drive redirection is supported for remote resources, so that you can save files created with a remote application locally to your Mac. The redirected folder is always your home directory displayed as a network drive in the remote session. Note In order to use this feature, the administrator needs to set the appropriate settings on the server. Use a keyboard in a remote session Mac keyboard layouts differ from the Windows keyboard layouts.
The Command key on the Mac keyboard equals the Windows key. To perform actions that use the Command button on the Mac, you will need to use the control button in Windows (e.g.: Copy = Ctrl + C). The function keys can be activated in the session by pressing additionally the FN key (e.g.: FN + F1). The Alt key to the right of the space bar on the Mac keyboard equals the Alt Gr/right Alt key in Windows. By default, the remote session will use the same keyboard locale as the OS you're running the client on. (If your Mac is running an en-us OS, that will be used for the remote sessions as well.
If the OS keyboard locale is not used, check the keyboard setting on the remote PC and changing the setting manually. See the for more information about keyboards and locales. Support for Remote Desktop gateway pluggable authentication and authorization Windows Server 2012 R2 introduced support for a new authentication method, Remote Desktop Gateway pluggable authentication and authorization, which provides more flexibility for custom authentication routines. You can now this authentication model with the Mac client.