A systems administrator is troubleshooting a newly deployed web application server that is unable to connect to a required external partner API at api.partner.com. The administrator confirms the server has a valid IP configuration and can successfully ping its default gateway and public DNS servers. However, attempts to connect to the partner API consistently time out. The administrator suspects a routing issue or a firewall block somewhere along the path.
Which of the following commands would be the MOST effective next step to identify the point of failure along the network path to the API endpoint?
The correct answer is tracert api.partner.com. The tracert (or traceroute on Linux/macOS) command is a network diagnostic tool used to trace the path that data packets take from the source computer to a destination. It displays each hop (router) in the path and the latency to that hop. If a hop fails to respond, it will be indicated by timeouts (often shown as asterisks), which effectively pinpoints where in the network path the connectivity is being lost. Since the scenario involves a timeout to a specific destination and the goal is to find the point of failure along the route, tracert is the most appropriate tool.
ping api.partner.com -t is incorrect. While ping tests end-to-end reachability, the scenario already establishes that the connection is failing (timing out). A continuous ping (-t) will only repeatedly confirm the failure; it will not provide information about where along the network path the issue is occurring.
nslookup api.partner.com is incorrect. The nslookup command is used to query the Domain Name System (DNS) to resolve a hostname to an IP address or vice versa. It is the primary tool for troubleshooting DNS resolution problems. The scenario, however, describes a timeout, which typically occurs after name resolution has succeeded and the server is attempting to route packets to the destination IP. Therefore, it is not the most effective next step for diagnosing a suspected path failure.
netstat -an is incorrect. The netstat command displays active network connections, listening ports, and other network statistics on the local machine. While useful for checking if the server is attempting to initiate an outbound connection, it provides no visibility into the external network path and cannot identify a point of failure at an intermediate router or firewall.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the 'tracert' command?
Open an interactive chat with Bash
How is 'tracert' different from 'ping'?
Open an interactive chat with Bash
When would you use 'nslookup' instead of 'tracert'?