Analyzing TCP Connection Problems

Last edited on

Introduction

When an application tries to connect to connect to a target computer on a specific target TCP port, various things can get in the way and cause errors.

A structured analysis is required to pinpoint the most likely area in which a/the problem occurs.

Analysis

In the following steps, client computer refers to the computer on which an application is running which is trying connect to another computer via TCP. And server computer refers to the computer on which an application (or a process) is running, and which listens on a TCP port for incoming connection requests.

Step 1 - Does a TCP server successfully launch on the server computer?

For this, the file tcpechoserver.py ( download ) is required, as well as Python for executing it.

Execute the tcpechoserver.py file on the server computer:

All operating systems:

python tcpechoserver.py 50123

Here '50123' specifies the TCP port that this server should listen on.

The specified port must not be in use. This means that the application/server that is usually listening on this port must first be stopped. An alternative is to use another, unused TCP port. But in that case note that port specific restrictions/problems may exist, so that use of a different port lessens the insight gained from this.

Expected output:

[...] Server listening at ('0.0.0.0', 8080); use Ctrl+C to quit

Check the output for signs of errors.

Step 2 - Does the server application listen on the expected TCP port?

Check with the netstat command line tool on the server computer, specify the desired TCP port (50123 in this example):

Linux:

netstat -ltpn | grep :50123

macOS:

lsof -i -U -P -n  | grep -i ".* TCP .*50123 (LISTEN)"

Windows:

netstat -anop tcp | findstr :50123

Example output on Windows:

  TCP    0.0.0.0:50123          0.0.0.0:0              LISTENING      50123

Note that the last column in this is the ID of the process (PID) that is listening on this TCP port. You can use this to identify and inspect the process in system monitor tools like Task Manager, Process Explorer and similar process/system monitor tools.

If there is no output, no process is listening on that TCP port, and you need to find out why.

Step 3 - Can one connect to the TCP port on the server computer itself?

Instead of trying to connect from another computer, does it succeed to connect to the TCP port on the server computer itself?

For this, the file tcpechoclient.py ( download ) is required, as wel as Python for executing it.

All operating systems:

python tcpechoclient.py 127.0.0.1 50123
In a Shell

Here '127.0.0.1' is used to connect to the locally running echo server (launched in Step 1), and '50123' stands for the TCP port that the echo server was instructed to use/listen on.

Instead of '127.0.0.1', consider using the IP address or computer name that other computers should use to connect to the server computer.

Expected output:

[...] Connecting (with timeout: 10 seconds)...
[...] Connecting done
[...] Sending (with timeout: 10 seconds) 'Hello, Server!'
[...] Sending done
[...] Waiting (with timeout: 10 seconds) for a reply...
[...] Received 'Hello, Server!'

Expected output of echo server (launched at Step 1):

[...] Server listening at ('0.0.0.0', 50123); use Ctrl+C to quit
[...] Connection from ('127.0.0.1', 61448)
[...] Received: Hello, Server!
[...] Sending : Hello, Server!
[...] Sent    : Hello, Server!

Check the outputs for signs of errors.

Step 4 - Can the echo client on the client computer connect to the echo server on the server computer?

Similar to the previous step, but execute this on the client computer, and specify the server computer name and TCP port:

All operating systems:

python tcpechoclient.py my_server_computer 50123
In a Shell

Expected output:

[...] Connecting (with timeout: 10 seconds)...
[...] Connecting done
[...] Sending (with timeout: 10 seconds) 'Hello, Server!'
[...] Sending done
[...] Waiting (with timeout: 10 seconds) for a reply...
[...] Received 'Hello, Server!'

Expected output of echo server (launched at Step 1):

[...] Server listening at ('0.0.0.0', 50123); use Ctrl+C to quit
[...] Connection from ('client_computer_ip_address', some_port)
[...] Received: Hello, Server!
[...] Sending : Hello, Server!
[...] Sent    : Hello, Server!

Check the outputs for signs of errors.

Step 5 - Does the actual server application listen on the expected TCP port on the server computer?

Close/kill the echo server from the previous steps (via Ctrl+C in the shell/Command Prompt where the echo server is still running), then launch the actual server.

Check with the netstat command line tool on the server computer, specify the TCP port that the server is supposed to be using (50123 in this example):

Linux:

netstat -ltpn | grep :50123

macOS:

lsof -i -U -P -n  | grep -i ".* TCP .*50123 (LISTEN)"

Windows:

netstat -anop tcp | findstr :50123

Example output on Windows:

  TCP    0.0.0.0:50123          0.0.0.0:0              LISTENING      50123

Note that the last column in this is the ID of the process (PID) that is listening on this TCP port. You can use this to identify and inspect the process in system monitor tools like Task Manager, Process Explorer and similar process/system monitor tools.

If there is no output, no process is listening on that TCP port, and you need to find out why. This may require checking the logs of the applications, its output to stdout and stderr streams/channels, but possibly also contacting the developers of the application.

Step 6 - Can one connect to the actual TCP port on the server computer itself?

Like previously with the echo server and client, instead of trying to connect from another computer, does it succeed to connect to the TCP port on the server computer itself - except this time using the actual application/server?

For this, close/kill the echo server from the previous steps, and launch the desired server on the server computer.

Then, still on the server computer, check if connecting to the TCP port of the server succeeds:

Linux, macOS, Unix:

nc -z -v 127.0.0.1 50123
In a Shell

Note use of 127.0.0.1, and consider using the IP address or computer name that other computers should use to connect to the server computer.

Windows:

powershell Test-NetConnection -InformationLevel "Detailed" -ComputerName %COMPUTERNAME% -Port 50123
In Command Prompt / cmd.exe

(Note use of %COMPUTERNAME%, instead of, say, localhost, or 127.0.0.1, because the listening process/service may explicitly avoid the loopback network interfaces (denoted by localhost and 127.0.0.1).)

Step 7 - Can one connect to the TCP port from the client computer?

Linux, macOS, Unix:

nc -z -v server_computer_name_or_ip 50123
In a Shell

Replace server_computer_name_or_ip as needed.

Windows:

powershell Test-NetConnection -InformationLevel "Detailed" -ComputerName server_computer_name_or_ip -Port 50123
In Command Prompt / cmd.exe

Replace server_computer_name_or_ip as needed.