How to PROPERLY test port connectivity in Linux


Tips and Tricks

So, are you getting connection time out while trying to connect to some service over some port? It may be possible that the service may be UP and Running but due to firewall the port may be in-accessible. So it is a good idea to check the port connectivity between client and server node. Although if you wish to check if a port is open then you should read Check open ports in Linux | Test firewall rules

In this article we will cover different methods which can be used to test port connectivity between two or more Linux servers.  We will use the term client and server multiple times in our article, client would refer to the node using which I am trying to connect target node while server is the target node.

 

Method-1: Use timeout utility to test port connectivity

/usr/bin/timeout utility is available in most distributions by default so this is one of the best method to test port connectivity. So you don't have a dependency on any additional tools for this.

$ ls -l /usr/bin/timeout
-rwxr-xr-x 1 root root 43800 Sep  5  2019 /usr/bin/timeout

The timeout utility is part of coreutils package:

## On Ubuntu
$ dpkg -S `which timeout`
coreutils: /usr/bin/timeout

## On CentOS
~]# rpm -qf `which timeout`
coreutils-8.30-8.el8.x86_64

 

Syntax to use timeout utility

The syntax to use timeout utility will be:

timeout <value> bash -c "</dev/tcp/<server>/<port>"

Here value is the timeout value until which timeout utility will poll the target server on the provided port.

 

Examples to use timeout utility

For example to check for port 22 on 192.168.0.113, we will execute:

$ timeout 5 bash -c "</dev/tcp/192.168.0.113/22"

In this command, timeout will wait for 5 seconds to check the port connectivity. Once we execute the command, there is no output generated. Next check the exit status:

$ echo $?
0

Since the exit status is 0, so it means that port 22 is reachable on 192.168.0.113. We can further enhance the syntax to add some additional message for success and failure:

$ timeout 5 bash -c "</dev/tcp/192.168.0.113/22" && echo "connection success" || echo "connection failed"
connection success

Similarly let's check for a random port:

$ timeout 5 bash -c "</dev/tcp/192.168.0.113/21" && echo "connection success" || echo "connection failed"
bash: connect: No route to host
bash: /dev/tcp/192.168.0.113/21: No route to host
connection failed

This time the connection has failed so port 21 is not reachable.

 

Method-2: Use nmap command to test port connectivity

nmap may not be installed by default so you can manually install it using your default package manager.

## On CentOS
dnf -y install nmap

## On Ubuntu
apt-get install nmap

 

Syntax to use nmap command

Once installed, you can use nmap using the following syntax to test port connectivity from one node to another. Replace <server> with the target node IP or hostname and <port-no> with the port number to be checked

nmap <server> -PN -p <port-no> | egrep 'open|closed|filtered'

Here,

-Pn	                 Treat all hosts as online -- skip host discovery
-p <port-no>         Only scan the provided port
open                 means that an application on the target machine is listening for connections/packets on that port
closed               ports have no application listening on them, though they could open up at any time
filtered             means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed.

 

Examples to use nmap command

Let's try to check the connectivity for a known port:

$ nmap 192.168.0.113 -Pn -p 22 | egrep -io 'open|closed|filtered'
open

As expected, the connection is OPEN.

Now, let's try to check a different port which we know is not open:

$ nmap 192.168.0.113 -Pn -p 2222 | egrep -io 'open|closed|filtered'
filtered

So port 2222 is shown as filtered which means this is not reachable on 192.168.0.113 node.

 

Method-3: Use telnet command to test port connectivity

telnet is our old and traditional tool used by most administrators to test port connectivity on any specific port. Now telnet may not be installed by default so you can manually install it using:

## On CentOS
dnf -y install telnet

## On Ubuntu
apt-get install telnet

 

Syntax to use telnet command

We can use the following syntax to test port connectivity using telnet command:

telnet <server> <port>

Here,

  • <server> target node to check
  • <port> port number to check on <server>

 

Examples to use telnet command

Let's use telnet to test the connectivity of port 22 which we know is open and reachable:

# telnet 10.76.191.51 22
Trying 10.76.191.51...
Connected to 10.76.191.51.
Escape character is '^]'.
SSH-2.0-OpenSSH_7.4
^]  <-- At this stage press Ctrl+] to get the telnet prompt
telnet> close
Connection closed.

If you wish to automatically exit the connection on successful attempt, then you can use following command syntax:

# echo -e '\x1dclose\x0d' | telnet 10.76.191.51 22
Trying 10.76.191.51...
Connected to 10.76.191.51.
Escape character is '^]'.

telnet> close
Connection closed.

Similarly, if we try to connect to a non-reachable port:

# telnet 10.76.191.51 12345
Trying 10.76.191.51...
telnet: connect to address 10.76.191.51: Connection refused

Here we get connection has been refused so clearly port 12345 is not reachable.

 

Method-4: Use nc command to test port connectivity

This is my personal favourite for some reason I can't explain. May be because I can just start listening a port and transfer any file using nc command. OR May be just because I have been using this for long time now. The only drawback I see with this is that nc is not installed by default on most Linux distributions. So you can manually install nc using following commands:

## On CentOS
dnf -y install nmap-ncat

## On Ubuntu
apt-get install netcat-openbsd

 

Syntax to use nc command

We can use the following syntax to use nc command to test port connectivity in Linux

nc <server> <port> -v

Here,

  • <server> target node to check
  • <port> port number to check on <server>

 

Examples to use nc command

Let's jump into some example usecases to use nc utility to test port connectivity in Linux. So, first we will check the connectivity towards port 22 on our taget server:

# nc 10.76.191.51 22 -v
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.76.191.51:22.
SSH-2.0-OpenSSH_7.4
^C  <-- Press Ctrl+C to exit

Next let us check some other random port:

# nc 10.76.191.51 2222 -v
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connection refused.

As expected we get connection refused so this port is not reachable from our source server to 10.76.191.51

 

Summary

In this article we learned about different methods which can be used to test port connectivity in Linux between two or more servers. You can easily incorporate these individual commands into any script to automate the testing. Based on your environment and requirement you can choose the best tool. In most cases we prefer the tool which is installed by default on any server, in such case timeout utility will be your best choice in my view.

 

Deepak Prasad

Deepak Prasad

Deepak Prasad is the founder of GoLinuxCloud, bringing over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, Networking, and Security. His extensive experience spans development, DevOps, networking, and security, ensuring robust and efficient solutions for diverse projects.

Certifications and Credentials:

  • Certified Kubernetes Application Developer (CKAD)
  • Go Developer Certification
  • Linux Foundation Certified System Administrator (LFCS)
  • Certified Ethical Hacker (CEH)
  • Python Institute PCAP (Certified Associate in Python Programming)
You can connect with him on his LinkedIn profile and join his Facebook and LinkedIn page.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment