• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • Wondering how to check connectivity between two network endpoints?

    One of the common tasks for sysadmin is to check the connectivity to troubleshoot networking issues. It could be anything like application can’t connect to backend service, unable to fetch data from external URL, verify if the flow is opened, etc.

    Whatever it might be, the following utility/commands would help you. They are tested on CentOS 7.x, and I don’t see any reason not to work on another Linux distro.

    Let’s explore…

    telnet

    One of the widely used commands to test essential connectivity between servers, server to another network device’s IP. The syntax for the command is easy.

    telnet $destinationIP $PORT

    Let’s say you want to test if you can connect to port 8080 on 10.0.0.1 IP address; then the command would be.

    telnet 10.0.0.1 8080

    If there is no issue in connecting, then you should see the connected message.

    Trying 10.0.0.1...
    Connected to 10.0.0.1.
    Escape character is '^]'.

    Note: if you get command not found while executing telnet then you need to install telnet as I explained here.

    In most of the scenarios, telnet should help. However, if you need some other option then here are some telnet alternatives.

    ncat or nc

    Ncat (a.k.a. nc) is a powerful network utility with many features like bind and accept a connection, execute command remotely, write and read data, etc. It works on IPv4 and IPv6, both.

    To do a simple test to check if the port is opened or not, you will execute the following.

    nc -vz $HOSTNAME $PORT

    Let’s take an example of testing 443 port on geekflare.com.

    [[email protected] ~]# nc -vz geekflare.com 443
    Ncat: Version 7.50 ( https://nmap.org/ncat )
    Ncat: Connected to 104.25.133.107:443.
    Ncat: 0 bytes sent, 0 bytes received in 0.02 seconds.
    [[email protected] ~]#

    As mentioned, you can also use nc to bind the connection to listen on a particular port. This can be handy when you don’t have actual services running but want to ensure connectivity exists.

    To start listening on a port:

    nc -l $PORTNUMBER

    It will bind the port on a given number.

    If ncat is not installed, then you can get it done with yum install nc on CentOS/RHEL servers.

    wget

    wget is a useful command to download/test HTTP, HTTPS, and FTP. If you are working as a web engineer or often dealing with web related issue then wget is your friend. Testing using wget is straightforward.

    wget $URL

    Here is an example of testing tools.geekflare.com

    [[email protected] ~]# wget tools.geekflare.com
    --2019-05-09 20:40:01--  http://tools.geekflare.com/
    Resolving tools.geekflare.com (tools.geekflare.com)... 104.25.134.107, 104.25.133.107, 2606:4700:20::6819:866b, ...
    Connecting to tools.geekflare.com (tools.geekflare.com)|104.25.134.107|:80... connected.
    HTTP request sent, awaiting response... 301 Moved Permanently
    Location: https://tools.geekflare.com/ [following]
    --2019-05-09 20:40:01--  https://tools.geekflare.com/
    Connecting to tools.geekflare.com (tools.geekflare.com)|104.25.134.107|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: unspecified [text/html]
    Saving to: 'index.html.2'
    
        [ <=>                                                                                                                                  ] 15,139      --.-K/s   in 0.001s  
    
    2019-05-09 20:40:02 (12.8 MB/s) - 'index.html.2' saved [15139]
    
    [[email protected] ~]#

    If it shows connected means there is no connectivity issue.

    curl

    A curl is a multipurpose tool.

    Do you know you can telnet to a port using curl?

    Well, now you know.

    curl -v telnet://$IP:$PORT

    The following is a working example.

    [[email protected] ~]# curl -v telnet://chandan.io:443
    * About to connect() to chandan.io port 443 (#0)
    *   Trying 104.31.68.106...
    * Connected to chandan.io (104.31.68.106) port 443 (#0)

    And, when there is no listening port or firewall issue, then you will see trying…

    [[email protected] ~]# curl -v telnet://chandan.io:4434
    * About to connect() to chandan.io port 4434 (#0)
    *   Trying 104.31.68.106...

    You can also use curl to download the data. It supports multiple protocols – HTTP, HTTPS, FTP, IMAP, LDAP, POP3, SCP, SFTP, GOPHER, etc.

    nmap

    A popular tool with hundreds of features. Often this is considered as a security tool. nmap let you test a single IP/port or in the range.

    To test a single port

    nmap -p $PORT $IP

    An example of testing port 443 on siterelic.com

    [[email protected] ~]# nmap -p 443 siterelic.com
    Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-10 06:55 UTC
    Nmap scan report for siterelic.com (104.27.174.50)
    Host is up (0.0079s latency).
    Other addresses for siterelic.com (not scanned): 104.27.175.50 2606:4700:30::681b:ae32 2606:4700:30::681b:af32
    
    PORT    STATE SERVICE
    443/tcp open  https
    
    Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
    [[email protected] ~]#

    Look at state column. If you see open means connection is ok. And, if the state is filtered that means connectivity doesn’t exist.

    Conclusion

    telnet is phasing out in the latest Linux version. Thanks to the above telnet alternative.

    If you are new to Linux and looking to learn then check out this Udemy course.