網路服務連線測試

WAN ○ -------> ○ LAN -------> ● 伺服器

  如果您有管理權限通過SSH或遠程桌面服務登錄伺服器。

檢查您的電腦/伺服器是否被指派了IP位址

• Linux   ：(1) 檢查IP位址。ifconfig。 (2) 重新分配IP位址並重新啟動網路服務。service network restart 用於CentOS^[7]
• Win   ：檢查IP位址。ifconfig/all
• 更多關於網路問題

檢查網路服務是否已成功啟動？

• Apache /etc/init.d/httpd status 在CentOS7上 ^[8]
• nginx sudo service nginx status 在CentOS7上
• Docker容器 docker ps 檢查容器是否在運行和暴露埠口^[9]

檢查MySQL是否已成功啟動？

使用lsof指令

lsof -i:3306 在macOS 或Linux   在Unix類操作系統中用於列出打開的文件及打開它們的進程。

• lsof：這代表"列出打開的文件"。它是一個命令行工具，顯示有關由進程打開的文件的資訊。在Unix和Linux中，一切都被視為文件（包括硬體設備、套接字和目錄），因此lsof是系統管理員監控和排除系統行為問題的強大工具。

• -i：這個選項告訴lsof僅顯示網絡文件。在Unix和Linux中，網絡連接被視為文件。-i選項可用於根據互聯網地址或網絡協議過濾連接。

• :3306：這指定了埠號。埠3306通常被MySQL使用，這是一個流行的數據庫管理系統。通過包括:3306，您要求lsof列出所有與埠3306相關的網絡文件（包括套接字連接）。

輸出範例：localhost:mysql (LISTEN) 意味著MySQL已成功啟動

COMMAND     PID      USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
mysqld    93034 account   29u  IPv4 0xxxx      0t0  TCP localhost:mysql (LISTEN)

使用ps指令

ps aux | grep mysql 在macOS

如果MySQL已成功啟動的輸出範例：

_mysql           11083   0.3  0.2 409657280  31424   ??  Ss    2:12下午   0:01.07 /usr/local/mysql/bin/mysqld --user=_mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --plugin-dir=/usr/local/mysql/lib/plugin --log-error=/usr/local/mysql/data/mysqld.local.err --pid-file=/usr/local/mysql/data/mysqld.local.pid --keyring-file-data=/usr/local/mysql/keyring/keyring --early-plugin-load=keyring_file=keyring_file.so
ACCOUNT        12349   0.0  0.0 408645328   1648 s011  S+    2:14下午   0:00.00 grep mysql

如果MySQL沒有成功啟動的示例輸出：

ACCOUNT        12349   0.0  0.0 408645328   1648 s011  S+    2:14下午   0:00.00 grep mysql

檢查埠是否被其他進程佔用？

檢查埠是否被其他協議使用

SG TCP/IP埠數據庫 維基百科 - TCP和UDP埠號列表

Find process running on port

• Linux  
  • nmap "Network exploration tool and security / port scanner." e.g. nmap -p 80,443 ip
  • ss "utility to investigate sockets" e.g. ss -tnlp | grep 80 or using OR operator^[10] ss -tnlp | grep '80\|443'
  • ps List the current processes. Input ps -aux | grep "PORT_NUMBER" e.g. ps -aux | grep 443
  • netstat Command netstat -tulpn | grep LISTEN e.g.
  • docker port | Docker Documentation

Example output of netstat command

$ netstat -tulpn | grep LISTEN

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      - 

// means the 80 port service is running

• Win  
  • Using the software CurrPorts to check the process and port. e.g. Apache will not running if the 80 port was occupied by skype^[11].

Check if a port is blocked by browser

Check if a port is blocked by browser^[12]

• Chrome   net/base/port_util.cc - chromium/src.git - Git at Google
• Fetch Standard 2.9. Port blocking

Is the port opened for external users?

Check the OS firewall or protected by antivirus software

• • Linux  
    • iptables: (1) iptables -L to list all rules^[13] (2) rule with smaller line-number will override the rule with larger line-number^[14]
    • FirewallD rules: (1) sudo firewall-cmd --get-default-zone return 'public' (2) sudo firewall-cmd --list-all --zone=public^[15] (3) Allow port with FirewallD
    • SELinux Policy Management: (1) After installed policycoreutils-python^[16], input semanage port -l to list open ports. (2) Allow port with semanage.
  • Win   Windows Firewall with Advanced Security -> configure firewall rules
  • protected by antivirus software?
• connect to localhost ex: telnet 127.0.0.1 23 where 23 is the port number where the service running
  • Install Telnet Client on Win  
  • if the local service is web server, you can also try lynx http://127.0.0.1 for Linux  
• double check the server/service logs

WAN ○ -------> ● LAN -------> ● server

Testing on LAN (local network, subnet scope): The different servers between LAN or with the same ip class (ex: 1.2.3.*) and may not have the firewall limit. Private network / Private IP address

• Is the service alive?
• Connect to the internal IP eg: telnet 172.18.0.1 23 (1) IP start with 172.18... is Private IP Network Numbers (2) where 23 is the port number where the service running
• If the local service is web server, you can also try to connect the internal IP e.g. lynx http://172.18.0.1 for Linux  
• Double check the server/service logs
• Is the internal IP correct?

WAN ● -------> ● LAN -------> ● server

We met the trouble on WAN (wide area network). If we do no have the administrative permission, the tests we can do as follows:

• Down for everyone or just me? more on Web Ping
• Switch to different ISP? Is hardware firewall enabled?
• Is gateway alive?
• Is DNS alive?
• Is the external IP correct?
  • If the firewall rule is IP specified, verify the IP if correct from What Is My IP Address? or web access log.
  • Query the IP Address Details - ipinfo.io. e.g. Input the command curl ipinfo.io/ip^[17] for macOS & Linux  
• Is the port was opened for external users? Open Port Check Tool - Port Forwarding Port Check Tool
• Is institutional/ISP firewall enabled? Contact your MIS. (Management information system) of your company or ISP?

other issue:

• bandwidth cost too much by certain users
• exceed the request limit of (hardware) firewall
• the external connection of updated Windows was down until reboot Win  
• Amazon EC2 security group
• refresh browser cache: Refresh your cache - When hitting F5 just isn't enough!

1. CurrPorts: Monitoring TCP/IP network connections on Windows
2. PFPortCheck Program: check TCP/UDP port from localhost(where you installed the program) to portforward.com
3. TCPView for Windows
4. Check server: Check host - online website monitoring, Check IP "checks the possibility of a TCP connection to host's specified port from different locations around the world." quoted from website. [Last visited: 2015-08-02]

• 怎樣排除網路連線逾時 (network connection timed out) 問題