Although virtualization has pushed a self-service culture for infrastructure, it is still common in production environments to need your Network Operations team to open the required ports necessary for any new application deployment.
So, while you may be able to create the base virtualized host, you can’t go much further without the network connectivity. And there is nothing worse than finding out half way through your full stack deployment that the reason you keep hitting errors is because a stray port was not opened.
I would suggest pre-validating all the TCP and UDP ports you expect open. This can be done pretty simply by using netcat on both sides of the communication.
Note that the netcat-openbsd package found on Ubuntu (/bin/nc), intentionally does not have -c or -e options for security purposes.
Validating TCP
Setup a simple TCP server on the server listening on port 17123
root@myserver# nc -vl 17123 Listening on [0.0.0.0] (family 0, port 17123)
Create a TCP client that attempts to connect to the server:17123
root@myclient# nc -vnz myserver 17123 Connection to myserver 17123 port [tcp/*] succeeded!
You will notice that this TCP server will only take one request, and then quit. If you want a server that accept multiple client connections, use a command such as below from bash:
root@myserver# while true; do { nc -vl 17123; } done
If you have issues with this basic connectivity, either disable the firewall completely as a test or selectively enable the server port:
root@myserver# ufw allow 17123/tcp
Validating UDP
Setup a simple UDP server on the server listening on port 17123
root@myserver# nc -vul 17123 Listening on [0.0.0.0] (family 0, port 17123)
Create a UDP client that attempts to connect to the server:17123
root@myclient# nc -vnuz 192.168.2.31 17123 Connection to myserver 17123 port [udp/*] succeeded!
If you have issues with this basic connectivity, either disable the firewall completely as a test or selectively enable the server port:
root@myserver# ufw allow 17123/udp
Note that this UDP server will respond to only a single request, and then has to be killed with CTRL-C. The UDP server does not stop, but also does not respond to any further client requests. If you want to auto-respond to multiple UDP request you will need to use a utility like socat.
Scan Ports
To scan across a range of UDP ports:
nc -vnzu myserver 17120-17130
To scan across a range of TCP ports:
nc -vnz myserver 17120-17130
REFERENCES
https://gist.github.com/benhosmer/2429640
http://stackoverflow.com/questions/16640054/minimal-web-server-using-netcat
http://superuser.com/questions/331582/netcat-socat-behavior-with-piping-and-udp