Like most people, I’ve always used the “telnet” utility for testing whether a server/tcp port is accessible, when maybe a more complex application is barfing about it.
Of course there have been plenty of attempts to remove it from OSes, the usual reason being “telnet is an insecure protocol, you shouldn’t be using it”
Well… yes it’s an insecure protocol, but no-one in their right mind has been using telnet to log in to systems for many, many years!
Since SSH became prevalent, telnet has only been used for testing whether an IP address / TCP port combination is accessible. You get a number of different responses depending on the connectivity:
- Immediate connection (and maybe some junk on the screen)
- Immediate fail – connection is being Rejected – the server (or sometimes a firewall en-route) is forcibly blocking the connection
- Timeout after a minute or so – connection is either being discarded by a firewall, or there is no route to the server
These 3 different responses are obviously helpful in your troubleshooting. You may be able to infer these different states by monitoring the connection table on the source, for states such as SYN_SENT or ESTABLISHED, but it’s a lot harder that way.
Anyway, enough of history, on ESXi there is no “telnet” utility. Boo! There is however, “nc”. I’m not sure if it’s always been there, but on 5.1U2 it certainly is (which is our minimum level of ESXi in the area I work).
Using the following command:
nc -z -w5 hostname tcpport
will give a suitable replacement for “telnet” eg:
~ # nc -z -w5 esxi-server 5989
Connection to esxi-server 5989 port [tcp/wbem-https] succeeded!
“ping” can also sometimes be used to help, although often the necessary ICMP messages are filtered by firewalls.
YAVB - Rich Dowling 