Wondering how to check connectivity between two network endpoints?
One of the common tasks for sysadmin is to check the connectivity to troubleshoot networking issues. It could be anything like application can’t connect to backend service, unable to fetch data from external URL, verify if the flow is opened, etc.
Whatever it might be, the following utility/commands would help you. They are tested on CentOS, and I don’t see any reason not to work on another Linux distro.
One of the widely used commands to test essential connectivity between servers, server to another network device’s IP. The syntax for the command is easy.
telnet $destinationIP $PORT
Let’s say you want to test if you can connect to port 8080 on 10.0.0.1 IP address; then the command would be.
telnet 10.0.0.1 8080
If there is no issue in connecting, then you should see the connected message.
Connected to 10.0.0.1.
Escape character is '^]'.
Note: if you get a command not found while executing telnet then you need to install telnet as I explained here.
In most of the scenarios, telnet should help. However, if you need some other option then here are some telnet alternatives.
ncat or nc
Ncat (a.k.a. nc) is a powerful network utility with many features like bind and accept a connection, execute commands remotely, write and read data, etc. It works on IPv4 and IPv6, both.
To do a simple test to check if the port is opened or not, you will execute the following.
nc -vz $HOSTNAME $PORT
Let’s take an example of testing 443 port on geekflare.com.
[root@geekflare-lab ~]# nc -vz geekflare.com 443
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 22.214.171.124:443.
Ncat: 0 bytes sent, 0 bytes received in 0.02 seconds.
As mentioned, you can also use
nc to bind the connection to listen on a particular port. This can be handy when you don’t have actual services running but want to ensure connectivity exists.
To start listening on a port:
nc -l $PORTNUMBER
It will bind the port to a given number.
If ncat is not installed, then you can get it done with
yum install nc on CentOS/RHEL servers.
wget is a useful command to download/test HTTP, HTTPS, and FTP. If you are working as a web engineer or often dealing with web-related issues then
wget is your friend. Testing using wget is straightforward.
Here is an example of testing tools.geekflare.com
[root@geekflare-lab ~]# wget tools.geekflare.com
--2019-05-09 20:40:01-- http://tools.geekflare.com/
Resolving tools.geekflare.com (tools.geekflare.com)... 126.96.36.199, 188.8.131.52, 2606:4700:20::6819:866b, ...
Connecting to tools.geekflare.com (tools.geekflare.com)|184.108.40.206|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://tools.geekflare.com/ [following]
--2019-05-09 20:40:01-- https://tools.geekflare.com/
Connecting to tools.geekflare.com (tools.geekflare.com)|220.127.116.11|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.html.2'
[ <=> ] 15,139 --.-K/s in 0.001s
2019-05-09 20:40:02 (12.8 MB/s) - 'index.html.2' saved 
If it shows connected means there is no connectivity issue.
Check out this to see some of the frequently used wget command examples.
A curl is a multipurpose tool.
Do you know you can telnet to a port using curl?
Well, now you know.
curl -v telnet://$IP:$PORT
The following is a working example.
[root@geekflare-lab ~]# curl -v telnet://chandan.io:443
* About to connect() to chandan.io port 443 (#0)
* Trying 18.104.22.168...
* Connected to chandan.io (22.214.171.124) port 443 (#0)
And, when there is no listening port or firewall issue, then you will see trying…
[root@geekflare-lab ~]# curl -v telnet://chandan.io:4434
* About to connect() to chandan.io port 4434 (#0)
* Trying 126.96.36.199...
You can also use curl to download the data. It supports multiple protocols – HTTP, HTTPS, FTP, IMAP, LDAP, POP3, SCP, SFTP, GOPHER, etc.
A popular tool with hundreds of features. Often this is considered as a security tool, nmap lets you test a single IP/port or in the range.
To test a single port
nmap -p $PORT $IP
An example of testing port 443 on siterelic.com
[root@geekflare-lab ~]# nmap -p 443 siterelic.com
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-10 06:55 UTC
Nmap scan report for siterelic.com (188.8.131.52)
Host is up (0.0079s latency).
Other addresses for siterelic.com (not scanned): 184.108.40.206 2606:4700:30::681b:ae32 2606:4700:30::681b:af32
PORT STATE SERVICE
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Look at the state column. If you see open means connection is ok. And, if the state is filtered that means connectivity doesn’t exist.
One of the widely used commands is to check if a remote host is responding to ICMP ECHO_REQUEST or not. Keep in mind, this may not give you accurate results when ICMP is blocked at the remote network’s firewall. Assuming that’s not the case, you can ping to IPv4 or IPv4 network endpoint as below.
For example, success result of geekflare.com
chandan@192 ~ % ping geekflare.com
PING geekflare.com (220.127.116.11): 56 data bytes
64 bytes from 18.104.22.168: icmp_seq=0 ttl=53 time=7.944 ms
64 bytes from 22.214.171.124: icmp_seq=1 ttl=53 time=8.870 ms
For example, failure result of internal IP.
chandan@192 ~ % ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
If the endpoint supports IPv6, you can use the
ping6 command as below.
chandan@192 ~ % ping6 geekflare.com
PING6(56=40+8+8 bytes) 2a01:4b00:88e4:8700:d8ca:bf50:159c:2a1d --> 2606:4700:20::681b:7673
16 bytes from 2606:4700:20::681b:7673, icmp_seq=0 hlim=250 time=8.650 ms
16 bytes from 2606:4700:20::681b:7673, icmp_seq=1 hlim=250 time=8.738 ms
If you need to do remote ping over the Internet, you can use the online ping tool.
telnet is phasing out in the latest Linux version. Thanks to the above telnet alternative.
If you are new to Linux and looking to learn then check out this Udemy course.