This is a simple one, but I’ve not used it much before today.
You can use lsof on a linux box to find out what’s connected to what over the network.
In this case, we’d implemented a new ldap server, and it’s address had changed, I was attempting to determine what was still connecting to the old ldap server on a given linux system.
[root@someserver ~]# netstat -a | grep ldap0
tcp 0 0 someserver.some.domain:40201 ldap0.some.domain:ldap ESTABLISHED
tcp 0 0 someserver.some.domain:40203 ldap0.some.domain:ldap ESTABLISHED
tcp 0 0 someserver.some.domain:40202 ldap0.some.domain:ldap ESTABLISHED
But what’s actually connecting?
lsof to the rescue.
[root@someserver ~]# lsof -iTCP | grep ldap0
ntpd 3837 ntp 4u IPv4 12318 TCP someserver.some.domain:40202->ldap0.some.domain:ldap (ESTABLISHED)
mysqld 3921 mysql 3u IPv4 12285 TCP someserver.some.domain:40201->ldap0.some.domain:ldap (ESTABLISHED)
xfs 4032 xfs 3u IPv4 12549 TCP someserver.some.domain:40203->ldap0.some.domain:ldap (ESTABLISHED)
Once I identified what was hanging on to the old address, I just restarted those services.