Maybe you are used to ping services to check whether they respond or not. It works well using a local console, but within the Azure portal you must use another command: tcpping.
Table of Contents
Probably you already know what ping is: it is a command that you can run on your terminal to see if a host is up and running.
It works by sending some packets to the host and waiting for a response, and it measures the round-trip time that the message takes to go to the host and come back to the client.
An example can be
that can return something like
Pinging code4it.dev [188.8.131.52] with 32 bytes of data: Reply from 184.108.40.206: bytes=32 time=17ms TTL=51 Reply from 220.127.116.11: bytes=32 time=20ms TTL=51 Reply from 18.104.22.168: bytes=32 time=15ms TTL=51 Reply from 22.214.171.124: bytes=32 time=16ms TTL=51 Ping statistics for 126.96.36.199: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 15ms, Maximum = 20ms, Average = 17ms
PSSS! Remember not to include the protocol!
More in detail, ping sends an ICMP echo request to a specified interface and waits for a reply.
Just as a reminder, ICMP (Internet Control Message Protocol) is a network protocol that is at the same level as TCP and UDP on the networking stack, but it is typically not used for exchanging data between endpoints but only for sharing errors or information.
Azure and ICMP
The problem comes when you want to ping a service hosted on Azure: in order to avoid DDoS attacks, the Azure team decided to block ICMP packets.
Unfortunately ICMP presents risks and problems for our underlying network infrastructure.
So you cannot ping them.
In fact, if you try it from your system, you will receive Request time out.
But at least you can try to reach it using a browser!
A simple use case
Let’s say that you have a website, mysite.azurewebsites.net, that must communicate with an API hosted at myapi.azurewebsites.net. Now you want to check if the networking between the two systems works well and check if everything is well configured.
Of course, you can’t open a browser inside the Azure portal. So what?
TCPPing - the solution for you
First of all, you should try to ping the service within the Azure Portal, so that you are sure you’re running the commands in the cloud environment. Azure Portal allows you to use multiple tools to interact and analyze what’s going on on your App: just open your resource and head to Development Tools
You will find both a Console and an external tool called Advanced Tools: you can use both, but here I’m using the Console tool:
If you try to ping myapi from Azure, you won’t receive a Request time out, but a different error:
Unable to contact IP driver. General failure
That’s because the ping command has directly been disabled.
So how can we solve it?
Well, the solution is pretty easy! There is a command called tcpping that allows you to do something similar, and that can be called by both the Console and the Kudu advanced tool, accessible in the Development Tools section.
tcpping myapi.azurewebsites.net, you can get something similar:
Connected to myapi.azurewebsites.net:80, time taken: 171ms Connected to myapi.azurewebsites.net:80, time taken: 109ms Connected to myapi.azurewebsites.net:80, time taken: 109ms Connected to myapi.azurewebsites.net:80, time taken: 109ms Complete: 4/4 successful attempts (100%). Average success time: 124.5ms
That, in the console, looks like this:
If you wanna have more info about this command, you can simply type
First of all, it explains what it is: Opens a TCP socket to a target host:port and returns whether the initial handshake was successful and a connection was established.
That’s the way to avoid ICMP packets! Just use TCP!
There are also some flags that can be set:
-n: the number of pings to perform. If not specified, the value is 4
-t: loop infinitely
-s: run for the specified seconds
This article first appeared on Code4IT
Here we’ve seen how you can ping an Azure App Service inside the Azure Portal. This is a tiny tool that you must know if you want to check if your architecture is well configured. Do you know other ways?