Of Stack

linux resolved an ping problem with a blocked port

  • 2020-12-07 04:38:39
  • OfStack

Description of port availability detection when ping is available but port is unavailable

Introduction to port availability detection tools

The tools used for port availability detection vary from operating system to operating system.

Introduction to port availability detection tools in Linux environment

traceroute is a network test tool that comes pre-loaded with almost all Linux distributions and is used to track the path of Internet protocol (IP) packets as they travel to the destination address. You can use the traceroute tool for port availability detection.

traceroute probes the target port by sending TCP packets to detect the connectivity of the corresponding ports on the entire link from the packet source to the target server.

Common usage of traceroute port availability detection is as follows: 


traceroute [-n] -T -p < Target port number > Host

The sample 


[root@centos~]# traceroute -n -T -p 22 223.5.5.5
traceroute to 223.5.5.5 (223.5.5.5), 30 hops max, 60 byte packets
 1 58.96.171.249 0.431 ms 0.538 ms 0.702 ms
 2 10.88.16.29 0.997 ms 1.030 ms 10.88.16.21 1.309 ms
 3 58.96.160.246 0.393 ms 0.390 ms 58.96.160.250 0.423 ms
 4 63.218.56.237 1.110 ms 202.123.74.122 0.440 ms 0.440 ms
 5 63.223.15.90 1.744 ms 63.218.56.237 1.076 ms 1.232 ms
 6 63.223.15.158 1.832 ms 63.223.15.90 1.663 ms 63.223.15.74 1.616 ms
 7 202.97.122.113 2.776 ms 63.223.15.154 1.585 ms 1.606 ms
 8 * * 202.97.122.113 2.537 ms
 9 202.97.61.237 6.856 ms * *
10 * * *
11 * * *
12 * * 119.147.220.222 8.738 ms
13 119.147.220.230 8.248 ms 8.231 ms *
14 * 42.120.242.230 32.305 ms 42.120.242.226 29.877 ms
15 42.120.242.234 11.950 ms 42.120.242.222 23.853 ms 42.120.242.218 29.831 ms
16 42.120.253.2 11.007 ms 42.120.242.234 13.615 ms 42.120.253.2 11.956 ms
17 42.120.253.14 21.578 ms 42.120.253.2 13.236 ms *
18 * * 223.5.5.5 12.070 ms !X

Parameters that

-n directly uses the IP address instead of the host name (disable DNS reverse lookup).

-ES37en detected by TCP.

-p detects target port number.

Host target server domain name or IP.

More on the use of traceroute can be found with the help of man.

Introduction to port availability detection tools in Windows environment

In the Windows environment, you can use tracetcp for port availability detection.

tracetcp also conducts link detection by sending TCP packets to analyze whether the link intermediate node has blocked the target port.

Download and install

tracetcp relies on WinPcap library, so you need to go to the official website to download it.

Click here to download the latest version of tracetcp. Alternatively, you can download the attachment v1.0.2 tracetcp (which may not be the latest version).

Extract the downloaded tracetcp files directly to the C:\Windows directory. (If unzipped to a non-system directory, you need to manually modify system environment variables to ensure that instructions can be called directly)

Method of use

Double-click to open the tracetcp application. Common uses of tracetcp are as follows: 


tracetcp < Target server domain name or  IP>:< The port number to be detected >

The sample 


C:\ >tracetcp www.aliyun.com:80
Tracing route to 140.205.63.8 on port 80
Over a maximum of 30 hops.
1    3 ms  4 ms  3 ms  30.9.176.1
2    13 ms  3 ms  4 ms  10.64.200.33
3    3 ms  3 ms  2 ms  10.64.1.1
4    4 ms  3 ms  3 ms  42.120.74.4
5    5 ms  4 ms  7 ms  42.120.253.233
6    6 ms  5 ms  7 ms  42.120.247.97
7    8 ms  8 ms  8 ms  42.120.247.97
8    10 ms  10 ms  8 ms  123.56.34.246
9    9 ms  9 ms  11 ms  42.120.243.117
10   *    *    *    Request timed out.
11   Destination Reached in 8 ms. Connection established to 140.205.63.8
Trace Complete.

For more tracetcp parameters, you can use tracetcp -? Get and view.

Port availability detection steps

In general, you can:

As described earlier, use the corresponding tool to detect the availability of the target port of the target address.

Check and analyze the detection results to determine the abnormal nodes.

The corresponding nodes belong to operators and networks through ES102en. taobao. com and other IP address query websites.

Or submit your work order, and Aliyun will provide you with feedback to relevant operators.

Summary of link test results analysis

Abnormal node determination method: if the relevant port is blocked in one hop, then none of the subsequent hops will return data. From this you can identify the exception node.

Example 1 


C:\&gt;tracetcp www.aliyun.com:135
Tracing route to 115.239.210.27 on port 135
Over a maximum of 30 hops.
1    3 ms  3 ms  3 ms  30.9.176.1
2    4 ms  3 ms  3 ms  10.64.200.33
3    3 ms  3 ms  3 ms  10.64.1.1
4    *    *    *    Request timed out.
5    *    *    *    Request timed out.
6    *    *    *    Request timed out.
7    *    *    *    Request timed out.
8    *    *    *    Request timed out.
9    *    *    *    Request timed out.
10   *    *    *    Request timed out.
11   *    *    *    Request timed out.
12   *    *    *    Request timed out.
13   *    *    *    Request timed out.
14   *    *    *    Request timed out.
15   *    *    *    Request timed out.
16   *    *    *    Request timed out.
17   *    *    *    Request timed out.
18   *    *    *    Request timed out.
19   *    *    *    Request timed out.
20   *    *    *    Request timed out.
21   *    *    *    Request timed out.
22   *    *    *    Request timed out.
23   *    *    *    Request timed out.
24   *    *    *    Request timed out.
25   *    *    *    Request timed out.
26   *    *    *    Request timed out.
27   *    *    *    Request timed out.
28   *    *    *    Request timed out.
29   *    *    *    Request timed out.
30   *    *    *    Request timed out.
Trace Complete.

In the probe data above, the target port returns no data after the third hop. Indicates that the corresponding port is blocked on this node.

Example conclusion: Since this node is Intranet IP, it may be due to local network-related security policy, you need to contact the local network manager for further investigation and analysis.

Example 2 


[root@mycentos ~]# traceroute -T -p 135 www.baidu.com
traceroute to www.baidu.com (111.13.100.92), 30 hops max, 60 byte packets
 1 * * *
 2 192.168.17.20 (192.168.17.20) 4.115 ms 4.397 ms 4.679 ms
 3 111.1.20.41 (111.1.20.41) 901.921 ms 902.762 ms 902.338 ms
 4 111.1.34.197 (111.1.34.197) 2.187 ms 1.392 ms 2.266 ms
 5 * * *
 6 221.183.19.169 (221.183.19.169) 1.688 ms 1.465 ms 1.475 ms
 7 221.183.11.105 (221.183.11.105) 27.729 ms 27.708 ms 27.636 ms
 8 * * *
 9 * * *
10 111.13.98.249 (111.13.98.249) 28.922 ms 111.13.98.253 (111.13.98.253) 29.030 ms 28.916 ms
11 111.13.108.22 (111.13.108.22) 29.169 ms 28.893 ms 111.13.108.33 (111.13.108.33) 30.986 ms
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

In the probe data above, the target port returns no data after the 11th hop. Indicates that the corresponding port is blocked on this node.

Conclusion: Because this node belongs to Beijing Mobile after being checked, you need to check by yourself, or submit the work order for further checking analysis.

Related articles: