I'm running into an issue when I try to vnc into a new VM created with virt-install. When specifying vnc with virt-install using this:
--vnc \
--vncport=5905 \
--noautoconsole
The VM is created and 5905 is listening, but only on ipv4 as shown here:
# netstat -l | grep 5905
tcp 0 0 localhost:5905 0.0.0.0:* LISTEN
The problem is when I try to SSH tunnel using "ssh -v -L 5905:localhost:5905 myhost", I get a connection refused error because the vnc port is trying to forward from the hosts ipv6 local loopback interface and the vnc port is not listening on it:
debug1: Connection to port 5905 forwarding to localhost port 5905 requested.
debug1: channel 3: new [direct-tcpip]
channel 3: open failed: connect failed: Connection refused
debug1: channel 3: free: direct-tcpip: listening port 5905 for localhost port 5905, connect from ::1 port 57890 to ::1 port 5905, nchannels 4
I could solve this also by connecting vnc to the hosts ipv4 local loopback, but I'm not sure how to do that. Ideally I would like to have vnc listen on both ipv4 and ipv6.
I was able to get the VM to listen on ipv6 by editing the xml to include this in the graphics parameter:
<graphics type='vnc' port='5905' autoport='no' listen='localhost'>
<listen type='address' address='localhost'/>
</graphics>
You can specify this in the virt-install command by using this:
--graphics vnc,listen=localhost,port=5905 \
If you ask me, virt-install should default to localhost instead of it's ipv4 local loopback :/
I am trying this command
ssh username#example -L 27017:10.230.0.6:27017 -L 9201:10.290.0.8:9200 -L 5601:10.210.0.5:5601
The port forwarding works for the 27107 but not the others, do I need to override the ports?
I always get the same error which is:
channel 8: open failed: connect failed: Connection timed out
channel 7: open failed: connect failed: Connection timed out
ssh username#example ... -L 9201:10.290.0.8:9200 -L 5601:10.210.0.5:5601
...
channel 8: open failed: connect failed: Connection timed out
When you connect to port 9201 or 5601 on your local system, that connection is tunneled through your ssh link to the ssh server on the remote ssh server. From there, the ssh server makes a TCP connection to the target of the tunnel--10.290.0.8:9200 or 10.210.0.5:5601--and relays data between the tunneled connection and the connection to target of the tunnel.
The "Connection timed out" error is coming from the remote ssh server when it tries to make the TCP connection to the target of the tunnel. "Connection timed out" means that the ssh server process transmitted a TCP connection request to the target system, and it never received a response.
Common reasons for a connection timeout include:
The target system is down or disconnected from the network.
Some firewall or other network device is blocking traffic between the ssh server and the target system.
The IP address and/or port is incorrect, and the connection attempts are going to the wrong place.
I'm desperate for help. I have spent almost a day now trying to figure out why cURL is suddently throwing curl: (7) Failed to connect to magento.localhost port 80: Connection refused on local vhosts after I restarted macOS High Sierra.
My setup worked without problems before – ping still works, opening the domain in the browser also works as expected. What is going on??
ping magento.localhost
PING magento.localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.034 ms
host magento.localhost
magento.localhost has address 127.0.0.1
magento.localhost has IPv6 address ::1
scutil -r magento.localhost
Reachable
apachectl configtest
Syntax OK
netstat -a | grep http | grep LISTEN
tcp46 0 0 *.http . LISTEN
curl -v magento.localhost
Rebuilt URL to: magento.localhost/
Trying 127.0.0.1...
TCP_NODELAY set
Connection failed
connect to 127.0.0.1 port 80 failed: Connection refused
Failed to connect to magento.localhost port 80: Connection refused
Closing connection 0
curl: (7) Failed to connect to magento.localhost port 80: Connection refused
I have tried every suggestions I found! - thank you so much for your help!
Nic3500, you saved my life! After your comment I found out that my vhosts produced different results than localhost itself.
telnet magento.localhost 80
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection
refused telnet: Unable to connect to remote host
telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
So I have changed /usr/local/etc/dnsmasq.conf to address=/localhost/::1 and
/private/etc/resolver/localhost to nameserver ::1 and now cURL is working alongside with everything else.
Thank you very much!
I have an .ssh/config:
Host host01 host01.in.mynet
User costello
HostName 1.2.3.4
Port 22222
Which is working fine with plain ssh:
ssh host01
costello#host01 ~ »
But fabric is not using that config:
$ fab deploy:host=host01
[host01] Executing task 'deploy'
Fatal error: Low level socket error connecting to host host01 on port 22: Connection refused (tried 1 time)
Underlying exception:
Connection refused
Aborting.
Why is fabric not using the ssh's configuration? I would really like to avoid duplicating the configuration for fabric or, even worse, change the ssh port of my server.
What ports does RabbitMQ Server use or need to have open on the firewall for a cluster of nodes?
My /usr/lib/rabbitmq/bin/rabbitmq-env is set below which I'm assuming are needed (35197).
SERVER_ERL_ARGS="+K true +A30 +P 1048576 \
-kernel inet_default_connect_options [{nodelay,true}] \
-kernel inet_dist_listen_min 35197 \
-kernel inet_dist_listen_max 35197"
I haven't touched the rabbitmq.config to set a custom tcp_listener so it should be listening on the default 5672.
Here are the relevant netstat lines:
tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN 728/epmd
tcp 0 0 0.0.0.0:35197 0.0.0.0:* LISTEN 5126/beam
tcp6 0 0 :::5672 :::* LISTEN 5126/beam
My questions are:
for other nodes to be able to connect to the cluster, do all 3 ports 4369, 5672 and 35197 need to be open?
Why isn't 5672 running on tcp and not just tcp6?
PORT 4369: Erlang makes use of a Port Mapper Daemon (epmd) for resolution of node names in a cluster. Nodes must be able to reach each other and the port mapper daemon for clustering to work.
PORT 35197
set by inet_dist_listen_min/max Firewalls must permit traffic in this range to pass between clustered nodes
RabbitMQ Management console:
PORT 15672 for RabbitMQ version 3.x
PORT 55672 for RabbitMQ pre 3.x
Make sure that the rabbitmq_management plugin is enabled, otherwise you won't be able to access management console on those ports.
PORT 5672 RabbitMQ main port (AMQP)
PORT 5671 TLS-encrypted AMQP (if enabled)
For a cluster of nodes, they must be open to each other on 35197, 4369 and 5672.
For any servers that want to use the message queue, only 5672 (or possibly 5671) is required.
What ports is RabbitMQ using?
Default: 5672, the manual has the answer. It's defined in the RABBITMQ_NODE_PORT variable.
https://www.rabbitmq.com/configure.html#define-environment-variables
The number might be differently if changed by someone in the rabbitmq configuration file:
vi /etc/rabbitmq/rabbitmq-env.conf
Ask the nmap if it can see it:
sudo nmap -p 1-65535 localhost
Starting Nmap 5.51 ( http://nmap.org ) at 2014-09-19 13:50 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00041s latency).
PORT STATE SERVICE
443/tcp open https
5672/tcp open amqp
15672/tcp open unknown
35102/tcp open unknown
59440/tcp open unknown
Oh look, 5672, and 15672
Ask netstat if it can see it:
netstat -lntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:55672 0.0.0.0:* LISTEN
tcp 0 0 :::5672 :::* LISTEN
Oh look 5672.
lsof to see ports:
eric#dev ~$ sudo lsof -i | grep beam
beam.smp 21216 rabbitmq 17u IPv4 33148214 0t0 TCP *:55672 (LISTEN)
beam.smp 21216 rabbitmq 18u IPv4 33148219 0t0 TCP *:15672 (LISTEN)
use nmap from a different machine, find out if 5672 is open:
sudo nmap -p 5672 10.0.1.71
Starting Nmap 5.51 ( http://nmap.org ) at 2014-09-19 13:19 EDT
Nmap scan report for 10.0.1.71
Host is up (0.00011s latency).
PORT STATE SERVICE
5672/tcp open amqp
MAC Address: 0A:40:0E:8C:75:6C (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Try to connect to a port manually with telnet, 5671 is CLOSED:
telnet localhost 5671
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Try to connect to a port manually with telnet, 5672 is OPEN:
telnet localhost 5672
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Check your firewall:
sudo cat /etc/sysconfig/iptables
It should tell you what ports are made open:
-A INPUT -p tcp -m tcp --dport 5672 -j ACCEPT
Reapply your firewall:
sudo service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
To find out what ports rabbitmq uses:
$ epmd -names
Outputs:
epmd: up and running on port 4369 with data:
name rabbit at port 25672
Run these as root:
lsof -i :4369
lsof -i :25672
More about epmd options.
Port Access
Firewalls and other security tools may prevent RabbitMQ from binding to a port. When that happens, RabbitMQ will fail to start. Make sure the following ports can be opened:
4369: epmd, a peer discovery service used by RabbitMQ nodes and CLI tools
5672, 5671: used by AMQP 0-9-1 and 1.0 clients without and with TLS
25672: used by Erlang distribution for inter-node and CLI tools communication and is allocated from a dynamic range (limited to a single port by default, computed as AMQP port + 20000). See networking guide for details.
15672: HTTP API clients and rabbitmqadmin (only if the management plugin is enabled)
61613, 61614: STOMP clients without and with TLS (only if the STOMP plugin is enabled)
1883, 8883: (MQTT clients without and with TLS, if the MQTT plugin is enabled
15674: STOMP-over-WebSockets clients (only if the Web STOMP plugin is enabled)
15675: MQTT-over-WebSockets clients (only if the Web MQTT plugin is enabled)
Reference doc:
https://www.rabbitmq.com/install-windows-manual.html
Check \AppData\Roaming\RabbitMQ\log. If you have a log file there search for started TCP listener on [::].
It should tell you on which port rabbitMq is running. Look for the last entry.
Disclaimer: not the best way to find port, as there might be a chance the port has been changed in the mean time.