Advanced Network Troubleshooting: Using Telnet

  1. This article is part of our Network Troubleshooting series. You can refer to related articles on the links below:
  1. On this article, we will discuss how to use and read telnet applications when troubleshooting network connectivity issues.

Telnet is a terminal emulation application that lets you remotely access networks on TCP/IP. Telnet clients are available for almost all computer platforms. You can install a telnet client from the following packages:

    • For CentOS: yum install telnet
    • For Debian/Ubuntu: apt-get install telnet
    • For Windows: pkgmgr /iu:”TelnetClient” or using GUI
      You can also opt to use PuTTY, a free open-source telnet and SSH client for Windows.

The telnet commands for Linux and Windows are the same, though the output format may look different. So when troubleshooting a Linux server from a machine running Windows, just type the same telnet commands in the command line as you would in Linux.

Using telnet to test network connectivity

Telnet always tries to connect to TCP port 23 by default. You can, however, specify other TCP ports after typing in your target IP address. This is actually an easy way to see if a remote server is listening to a specific TCP port.

telnet [host [port]]

It is best to follow the three guidelines below to isolate the source of the problem when using telnet for network troubleshooting:

  • Test connectivity from the remote host.
  • Test connectivity from the target server itself. You should try making the connection to the loopback address as well as to the network interface controller (NIC) IP address.

Note: If the server has a firewall (e.g. Linux iptables), all loopback connectivity will be allowed but those to NIC ports may be blocked sometimes.

  • Test connectivity from another host on the same network as the target server to eliminate the influence of any firewalls that may be protecting the network from outside.

By default, Linux servers have the iptables firewall package installed. If not updated correctly, these firewall rules can cause connectivity problems. You can use the service iptables status command on the target server to determine whetheriptables rules are running.

Reading a s
uccessful telnet connection

In Linux, a successful telnet connection always has a “Connected to” message.The example below shows a successful connection to the server google.com via TCP port 443 reserved for HTTPS:

# telnet google.com 443
Trying 173.194.37.73...
Connected to google.com.
Escape character is '^]'.

Press “Ctrl” + “]” to break the connection.

In Windows, the command prompt screen goes blank to indicate a successful connection. Press “Ctrl” + “C” to exit the connection attempt.

More often than not, you can successfully connect to the remote server via a specified TCP port. If telnet appears not to be working, remember to check first if your client is configured properly before suspecting actual connectivity issues.

Connection refused” and “Connect failed”messages

The lines below show an example of a “Connection refused” output in Linux:

# telnet google.com 22
Trying 74.125.137.100...
telnet: connect to address 74.125.137.100: Connection refused

The equivalent in Windows is a “Connect failed” output and this is what it looks like:

C:\>telnet google.com 22
Connecting To google.com...Could not open connection to the host, on port 22: Connect failed

These outputs happen due to one the following reasons

  • The application you are trying to test hasnot been started on the remote server.
  • There may be a firewall blocking and rejecting the connection attempt.


Timeouts and hang

The telnet command abortan attempted connection or times outif it does not receive a response after waiting a predetermined time. See below for a sample of this kind of output:

Linux
# telnet google.com 22
Trying 74.125.137.100...
telnet: connect to address 74.125.137.100: Connection timed out

Windows
C:\>telnet google.com 256
Connecting To google.com...

If telnet does not abort, it will hang and wait indefinitely. Time outs and hangs happen due to one of the following reasons: 

  • The remote server does not exist on the destination network or it is turned off.
  • A firewall may be blocking but not rejecting the connection attempt, causing a timeout and not being quickly refused instead (i.e. “Connection refused” or “Connect failed” output).

Troubleshooting example

A great way to utilize telnet is for testing the mail server for an open relay. In the scenario below, we use telnet to connect to mail.example.com via port 25 using the following commands:

# telnet mail.example.com 25
Trying 67.23.X.X...
Connected to mail.example.com.
Escape character is '^]'.
220 mail.example.com ESMTP Postfix
helo client.server.com
250 mail.example.com
mail from: rockyjr@example1.com
250 2.1.0 Ok
rcpt to: testov@testdomain.com
554 5.7.1 <testov@testdomain.com>: Relay access denied

In the example, we find out that the mail server is denying relay access, which means that access is denied to send email.

Telnet is another great tool you can use to monitor and test your network. It can help you narrow down and isolate possible cause of network connectivity issues.

See our Knowledgebase for more How-To articles.

Comments are closed.