Troubleshooting TCP and UDP Port Status

Problem

Description

Problem Description

The system makes several connections to back-end servers using various port numbers. If communication between the system and the back-end servers stops, it can be difficult to determine the source of the problem.

Solution

You can use the Portprobe command to display the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP) port status (open or closed).

Only the system internal ports, management port and internal VLAN ports support the Portprobe command.

A TCP port can be closed under two conditions:

  • The system sends a connection request to the back-end server port and the back-end server closes the connection (sends an RST packet).
  • The connection request times out because the back-end server is not found or the back-end server is too busy to respond to the connection request.

If either of these conditions occurs, the system sends a ping command to the back-end server. If the ping command is successful, the back-end server is considered reachable but the back-end server port is closed. If the ping command fails, the back-end server is considered unreachable.

For UDP ports, the system sends a UDP datagram with a ping to the back-end server port. If the back-end server responds with Internet Control Message Protocol (ICMP) port unreachable or ICMP unreachable, the back-end port is considered unreachable. If the back-end server responds with ICMP host unreachable then the back-end server is considered unreachable.

To troubleshoot the TCP or UDP port:

  1. Select Maintenance > Troubleshooting > Tools > Commands.
  2. Select the Portprobe command.
  3. Select either TCP or UDP.
  4. Enter the target server and port number. You can enter an IP address, hostname or FQDN for the target server.
  5. Enter the probe count. This is the number of times the system attempts to communicate with the back-end server port. The default for TCP is one; the default for UDP is five.
  6. Enter the probe timeout. This is the number of seconds the system waits for a response from the back-end server port.
  7. Select either the internal port or the management port. If the management port is not configured, it is not displayed.
  8. If using an internal port, select the internal VLAN port from the list.
  9. Click OK.

The following figure shows an example of a successful and an unsuccessful port probe.