Usually, we use tenet <IP> <port> from traditional switch or router to check server listening to the port.
like ping ==> iping and traceroute ==> itraceroute used in ACI
Do we have any mechanism to check similar thing.
Thanks in advance.
A few questions:
1. What src/dst IPs are you trying to test port connectivity from/to?
a. IPs local to switch nodes/APIC nodes?
If you are trying to see what is opened for endpoints to communicate with, you can check the following from an apic:
> show contract *contract_name*
> show access-list *access-group-name*
If you are looking to catch denies or permits given active traffic flows, you can refer to the following document:
Thanks Gabriel for responding.
my query is how we can ensure endpoint listening on port 80 or it's a valid http server. In the traditional switches we used to use
telnet <IP of server> 80 and it used to respond.
Looking for similar arrangement in ACI.
Hope I'm able to spell my query correctly.
Thanks in advance
You can use nmap from any Linux based workstation. Don't do this from a switch or ACI.
Thanks, this we need to do when we don't have access to end servers / and no reachability to system administrator.
So wanted to check similar arrangement / method in ACI to check this.