Friday, 30 May 2025

Process State in Linux


What is a Process in Linux?
     A process is an instance of a running program that has its own memory, execution state, and system resources. The Linux operating system uses the process scheduler to manage multiple processes, ensuring fair execution and resource allocation.

Understanding this process definition will help in system performance monitoring (identifying CPU-heavy tasks), debugging issues (checking for unresponsive or zombie processes), optimizing resource allocation (ensuring efficient memory usage).

Every process in Linux goes through different states, which can be viewed using the ps command:
ps aux
(OR)
ps -eo pid,state,cmd

Where pid is the process identifier

Different Process states are
  1. Running (`R`)
  2. Sleeping (`S` or `D`)
    • Interruptible Sleep (`S`)
    • Uninterruptible Sleep (`D`)
  3. Stopped (`T`)
  4. Zombie (`Z`)
  5. Dead (`X`)
Now, Let’s explore about these process states.

Running (`R`)

The process is actively executing or is ready to execute.
If the CPU is available, the process moves forward.
Processes in this state are visible in the task manager or top command.

Sleeping (`S` or `D`)

There are two types of sleeping states:
  • Interruptible Sleep (`S`)
            The process is waiting for an event or resource (such as user input or a network response).
            It can be woken up if the necessary resource becomes available.
  • Uninterruptible Sleep (`D`)
            The process is waiting for I/O operations (like disk read/write).
            It cannot be interrupted by signals until it finishes the I/O task.

Stopped (`T`)

    The process is paused and does not execute. A user can stop a process using 
Ctrl + Z 
(OR)
kill -STOP <pid>

It can be resumed using,
fg 
(OR)
 kill -CONT <pid>

Zombie (`Z`)

    The process has completed execution, but its parent process has not acknowledged its termination.
The system still holds the process ID (PID) but frees its resources. Zombie processes do not consume CPU or memory, but too many zombies indicate system inefficiency.

To list all zombie processes, we can use below command
ps aux | awk '{if ($8=="Z") print $2,$11}'
(OR)
ps -eo pid,ppid,state,cmd | awk '{if ($3=="Z") print $0}'

Dead (`X`)

    The process has fully terminated, and its ID is released. It no longer exists in the process table.

Examples and its explanation on which process state causes what on the system. 

    If a process is stuck in uninterruptible sleep (`D`), it may be waiting on slow disk operations.
Too many zombie processes (`Z`) might indicate improper child process management.

Managing Process States in Linux

Process can be managed with following commands in Linux, 

Terminate a process
kill -9 <pid>

Resume a stopped process 
kill -CONT <pid>



Understanding basics and organized work culture is key to efficient Troubleshooting!!!
Happy Troubleshooting!!!
Posted by at No comments:
Labels: , , , , , ,

Thursday, 29 May 2025

TCP connection states


TCP Connection Protocol (TCP) States – In IT Networking, when we stream or browse or data copy there is always a connection between 2 or more systems and these are going through different TCP states, once we understand them clearly it will be easy for us to understand what and where can be bottleneck/issue, improve performance, security. 

TCP operates in the transport layer of OSI model. TCP Ensures reliable network communication.

What are packets ?

     Packets are nothing but a smaller chunk/block/group of information/data that is being transferred over the network. Every packet when travelling over the network is independent and they are re-assembled once they all reached the destination to reconstruct the original data. 

Packets contain 3 main components to reconstruct the original data - Header, Payload, Trailer.

For every TCP connection that is happening in the networking world below can be the different states,
  1. LISTEN
  2. SYN-SENT
  3. SYN-RECEIVED
  4. ESTABLISHED
  5. FIN-WAIT-1
  6. CLOSE-WAIT
  7. FIN-WAIT-2
  8. LAST-ACK
  9. TIME-WAIT
  10. CLOSED
Let’s explore the different TCP connection states, which define how a connection is established, maintained, and eventually closed.

LISTEN

     This is the state where the server passively waits for incoming connection requests. It listens for SYN (synchronization) packets from clients that wish to establish a connection.

SYN-SENT

     This state occurs when a client initiates a connection by sending a SYN packet. The client waits for an acknowledgment from the server to move forward.

SYN-RECEIVED

     The server receives the SYN packet and responds with both a SYN and an ACK (acknowledgment).  This confirms that the server is ready for the handshake.

ESTABLISHED

     Once both sides exchange SYN and ACK packets, the connection is fully established. This is where data transmission occurs. Applications can send and receive packets smoothly.

FIN-WAIT-1

     When one side wants to close the connection, it sends a FIN (finish) packet. It waits for an acknowledgment from the other side.

CLOSE-WAIT

     The receiving party acknowledges the FIN packet and enters CLOSE-WAIT. It may still send remaining data before fully closing the connection.

FIN-WAIT-2

     The initiating party receives the ACK and waits for the second FIN packet from the other end.

LAST-ACK

     The second party sends a FIN and waits for the final acknowledgment.

TIME-WAIT

     The connection enters TIME-WAIT, ensuring the last ACK was received. This prevents old duplicate packets from interfering with new connections.

CLOSED

     Finally, the connection is fully terminated, and all resources are freed.

Sharing a real-world example of a user browsing on a website.

     Imagine you’re opening a website in your browser. Here’s how TCP connection states apply:
  • LISTEN – The web server is waiting for incoming connections.
  • SYN-SENT – Your browser sends a SYN packet to the server, requesting a connection.
  • SYN-RECEIVED – The server responds with a SYN-ACK, acknowledging the request.
  • ESTABLISHED – Your browser sends an ACK, completing the handshake. Now, data (webpage content) can be exchanged.
  • FIN-WAIT-1 & FIN-WAIT-2 – When you close the tab, your browser sends a FIN packet to terminate the connection.
  • TIME-WAIT & CLOSED – The server acknowledges the termination, ensuring no stray packets interfere with future connections.


Understanding basics and organized work culture is key to efficient Troubleshooting!!!
Happy Troubleshooting!!!
Posted by at No comments:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)