Test Connectivity to Confluent Cloud

Because brokers in Confluent Cloud do not respond to ping commands, you can use the following options to verify connectivity to a cluster. This is useful for verifying connections in VPC peering, VNet peering, AWS Transit Gateway, and public network deployments.

To verify connectivity to a Confluent Cloud cluster:

  1. Go to the cluster in the Confluent Cloud Console.
  2. Click Cluster settings. The Cluster settings page displays.
  3. Click the General tab and find the URL for Bootstrap server, which is listed in the Identification section.
  4. Run one of the following commands, substituting <bootstrap-url> with the bootstrap server URL.
    • For public endpoint clusters, run the command from any computer that has internet access.
    • For VPC peering, VNet peering, AWS Transit Gateway, AWS PrivateLink, and Azure Private Link, run the command from within the customer VPC or VNet that is connected to the Confluent Cloud cluster.
openssl
openssl s_client -connect <bootstrap-url>:9092

Tests connectivity to an HTTPS service.

If successful, you will see a CONNECTED message similar to this:

CONNECTED(00000005)
depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let\'s Encrypt, CN = R3
verify return:1
depth=0 CN = *.us-west-2.aws.confluent.cloud
verify return:1
...

If there is a problem reaching the cluster, then the command waits until a timeout occurs and then prints an error, such as connect: Operation timed out.

netcat
nc -zv <bootstrap-url> 9092

If successful, you will see a message similar to this:

Connection to pkc-4kgmg.us-west-2.aws.confluent.cloud port 9092 [tcp/XmlIpcRegSvc] succeeded!

If the connection fails, you will see a message similar to this:

connect to pkc-4kgmg.us-west-2.aws.confluent.cloud port 9092 (tcp) failed: Connection timed out.
telnet
telnet <bootstrap-url> 9092

If successful, you will see a message similar to this:

Trying 34.70.244.179...
Connected to pkc-4kgmg.us-west-2.aws.confluent.cloud.
Escape character is '^]'.
...