Tcpping is a TCP-based network connectivity tester and benchmarking utility for Linux. This comprehensive guide covers everything you need to install, configure, use, and troubleshoot tcpping.
How Tcpping and Ping Utilities Work
Ping and tcpping provide complementary network testing functions.
Ping Basics
Ping utilizes Internet Control Message Protocol (ICMP) packets. ICMP echo requests are sent to the target. ICMP echo replies are sent back.
Ping measures basic reachability and round-trip latency. It requires ICMP to be permitted by firewalls for full functionality.
Tcpping Handshake Process
Unlike ping, tcpping establishes a complete TCP connection using the three-way handshake:
- Client sends SYN packet to server TCP port
- Server responds with SYN-ACK packet
- Client returns ACK packet
If the handshake completes, the port accepts TCP connections as expected. Tcpping can then measure connection latency as well as tear down the connection.
Tcpping TCP handshake process (image created with Biorender.com)
This allows testing connectivity to actual services like web servers and databases. It also provides definitive proof of open ports in firewall configurations.
Advantages of Using Tcpping
There are several key advantages of using the tcpping utility:
Firewall Port Testing
Unlike ping, tcpping will provide reliable testing through restrictive firewall policies. A completed tcpping handshake proves the firewall is configured properly to allow connections on that TCP port.
Service Monitoring
Because tcpping can connect to application ports, it serves as an effective service monitor. Set on a frequent interval, tcpping will detect application outages faster than application health checks.
Performance Benchmarking
Tcpping statistics aggregated over time provide network connection benchmarks to discover performance trends:
| Metrics | Purpose |
|---|---|
| Latency | Compare providers, CDNs, route changes |
| Jitter | Qualify VoIP, video streaming viability |
| Packet Loss | Identify congestion points |
These benchmarks verify infrastructure changes and help optimize network configurations.
Geographic Analysis
Using public cloud endpoints in various geographic regions, tcpping measures provider backbone latency and routing efficiency.
For example, ping vs tcpping hop-by-hop trace routes can uncover extra routing hops impacting performance to endpoints.
Installing Tcpping
The tcpping utility originated in 2001 and has been included in most Linux distribution repositories, available for easy installation with standard package managers.
Debian/Ubuntu
sudo apt update
sudo apt install tcptraceroute
wget http://www.vdberg.org/~richard/tcppingRed Hat/CentOS
sudo yum install epel-release
sudo yum install tcptraceroute
wget http://www.vdberg.org/~richard/tcpping Arch Linux
sudo pacman -S inetutils
wget http://www.vdberg.org/~richard/tcpping This will install tcpping alongside some supplemental networking tools like traceroute. The tcpping binary will now reside in the system path, ready for execution.
For easy usage, add tcpping to your PATH:
export PATH=$PATH:/location/of/tcpping Using Tcpping for Connectivity Testing
With tcpping installed, let‘s demonstrate connectivity testing for vital network services.
Our example company uses these endpoints:
| Service | Domain | TCP Port |
|---|---|---|
| Web server | www.mycompany.com | 80 |
| Database | sql01.mycompany.com | 3306 |
| Mail server | mail.mycompany.com | 25 |
HTTP Web Connectivity
Test HTTP connectivity to the web server:
tcpping www.mycompany.com 80
TCP connect to www.mycompany.com:80 (192.0.2.25): connected in 0.102s seq=0 time=74.23msThe SEQ and time values provide round-trip latency results useful as a web server benchmark.
SQL Database Access
Next test external client access to the MySQL database TCP port:
tcpping sql01.mycompany.com 3306
TCP connect to sql01.mycompany.com:3306 (198.51.100.55): connected in 0.123s seq=0 time=89.55msSuccess confirms external database connectivity for applications. Failure would indicate issues like security group misconfigurations.
Mail Server Open Relay Detection
We can also check if our mail server has the open relay vulnerability exposed:
tcpping mail.mycompany.com 25
TCP connect to mail.mycompany.com:25 (203.0.113.25): Connection refused The connection refused result proves the mail server is properly hardened against open relay attacks.
Automated Monitoring & Benchmarks
While tcpping can always be executed manually, automation takes connectivity testing to the next level.
Here is example crontab syntax for scheduled jobs:
# Check web server every 5 minutes
*/5 * * * * tcpping www.mycompany.com 80 > /logs/web-benchmark.txt
# Check mail server daily
@daily tcpping mail.mycompany.com 25 >> /logs/mail-tcpping.log This will benchmark the web server and log connectivity results. It also checks the mail server daily.
Over time, aggregated tcpping statistics provide standardized benchmarks for comparison and trending. Expected baselines could be:
- Web server average latency below 100ms
- At least 99.95% web server uptime
- Median database latency under 40ms
- Zero packet loss across testing
Consider generating monthly reports with metrics and visualizations using these cron results. This quantifies infrastructure changes and demonstrates performance over time.
Tcpping Geographic Analysis
To analyze infrastructure connectivity across geographical regions, leverage cloud provider ping endpoints.
For example, create tcpping automation scripts targeting AWS regional URLs like:
- ec2.us-west-2.amazonaws.com
- ec2.eu-central-1.amazonaws.com
Aggregated results will show relative backbone latency from on-premise infrastructure to AWS. This reveals preferred regions and infrastructure isolation risks.
Azure, GCP and other public cloud providers offer similar regional endpoints useful for geographic tcpping analysis.
Troubleshooting Tcpping Issues
While a successful tcpping signifies positive TCP connectivity, there are ways connectivity testing can fail:
Firewall Blocking
If an intermediate firewall blocks TCP ports, tcpping will fail regardless of actual service health. Ensure firewalls like security groups allow the destination port.
Ping may still work, so compare tcping results to ping to identify firewall blocks.
Invalid Hosts and Ports
Specifying the wrong hostname or closed port will initiate failed connection attempts or timeouts. Verify details using secondary testing methods.
Packet Loss
Network congestion and high latency can manifest as partial tcpping failures. TCP retries and sequencing will show gaps indicating packet loss.
If this loss rate is high (>10%) investigate routing infrastructure for saturation issues.
Alternatives to Tcpping
While versatile, tcpping has limitations. Other Linux networking tools provide complementary connectivity testing:
Nmap Port Scanning
Nmap executes more comprehensive TCP port scans discovering open ports and services. It fingerprints OSes and applications when ports connect.
Hping Packet Crafting
Hping generates custom TCP packets for testing firewall filtering rules and content inspection. It can spoof addresses and alter other header options.
Curl URL Fetching
The curl tool performs HTTP requests like a client browser. In addition to timing and headers, it can validate application responses.
Consider combining these tools with tcpping for a complete connectivity and service test toolbox.
Tcpping Best Practices
Follow these guidelines when leveraging tcpping for lowest impact and highest value:
- Start with lowest possible iteration interval, increasing gradually to establish baselines
- Limit geographically distant targets to measure backbone routing primarily
- Validate that packet loss occurs before investigating further issues
- Always obtain written permission before testing networks you do not own or operate
- Check for unnecessary results collection if monitoring public provider endpoints
Adhering to ethical standards preserves tcpping as a beneficial diagnostic tool for all.
Conclusion
Tcpping remains a lightweight, efficient utility for TCP connectivity testing after 20+ years of network service evolution.
With tcpping providing the TCP layer perspective complementing ping for ICMP visibility, both classic tools still deliver immense value for modern network infrastructure monitoring, troubleshooting, and benchmarking.
By mastering tcpping for targeted synthetic monitoring, administrators can cost-effectively validate critical service connectivity, availability, and performance.
