One of the difficulties of working in a tightly controlled datacenter environment is establishing whether something isn’t working because of firewall rules. With most things, you can just test TCP connections using the telnet client, which is a nice simple command line utility that I generally include in Windows installs purely for that purpose.
With UDP it’s a little more difficult, and with trying to confirm that firewalls were blocking UDP/1434 between MS SQL Server installations in two sites, I’ve ended up with the following.
- Wireshark installed and running on both servers
- Powershell used with the following function Test-Port
With wireshark running and a capture filter for port 1434, I have then been running test-port -comp destserver -port 1434 -udp -udptimeout 10000 and checking both wireshark captures.
While the test-port reports success (UDP is connectionless after all, so a send is generally going to be accepted) , the wireshark tells a different story, of packets leaving and not arriving. One for the firewall guys to resolve.
I also discovered while looking into this, that on linux there’s a way of testing both TCP and UDP connections from the commannd line using special files:
/dev/tcp/host/port
If host is a valid hostname or Internet address, and port is an integer port number
or service name, bash attempts to open a TCP connection to the corresponding socket.
/dev/udp/host/port
If host is a valid hostname or Internet address, and port is an integer port number
or service name, bash attempts to open a UDP connection to the corresponding socket.
For example:
rich@www:~$ cat < /dev/tcp/localhost/22
SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
^C
See also my post here on testing network connectivity from ESXi.