Troubleshooting at the transport layer means making
sure that the network clients can access the TCP or UDP
ports on which the destination applications are running.
For example, in the case of web traffic, it is important to
verify that the client can connect to TCP ports 80 (HTTP)
and/or 443 (HTTPS) on the web server. In some cases,
web servers are configured to listen on esoteric ports
such as 8080, so it is important to know the correct port
on which the destination application is running.
Networking tools such as curl and custom telnet
commands specifying the application port can be used to
ensure that transport layer connectivity can be
established end to end between the source and
destination. If a transport layer connection cannot be
established, you need to look for issues such as these:
Firewall access control lists blocking data traffic based on TCP and UDP
ports
Misconfigured applications and listening ports
Misconfigured load balancers
Presence of proxy servers that are intercepting the traffic and denying
connectivity
Misconfigured PATOther common problems that affect application
connectivity are DNS related. As discussed earlier in this
chapter, DNS plays a critical role in resolving domain
names to IP addresses. If DNS is malfunctioning for
some reason, end-to-end connectivity is impacted.
Network tools such as nslookup can be used to
troubleshoot DNS functionality. The following problems
commonly cause DNS issues:
Misconfigured DNS resolver on the network client
Wrong hostname specified
Invalid DNS server configuration
Missing or incorrect DNS entry