Re: [plug] Unable to open the application port in CentOS 5.8

John Homer H Alvero Sat, 20 Oct 2012 08:29:19 -0700

on lpdza1, whats the output of netstat -tunlp ? check if the port is
listening on the correct interface.




On Sat, Oct 20, 2012 at 9:39 PM, Anuerin Diaz <[email protected]> wrote:
> They are using bridged networking. I am using Xen and starting to think
> maybe I should have used Virtual box instead. :|
>
> ciao!
>
> On Oct 20, 2012 8:26 PM, "Heherson Pagcaliwagan" <[email protected]> wrote:
>>
>> How is your networking setup? Are the nodes using bridged networking or
>> simpla NAT?
>>
>> Out of curiosity, what's the virt solution you are using?(i.e. kvm, lc,
>> openvz, vmware, virtualbox, ...)
>>
>> --herson
>>
>> On Oct 20, 2012, at 6:15 PM, Anuerin Diaz <[email protected]> wrote:
>>
>> Hi,
>>
>>    I have 2 virtualized CentOS machines (lpdza1 and lpdza2) where I am
>> setting up clustered WebLogic nodes.  The current problem I have is that I
>> cannot make the port 7028 in lpdza1 accept external connections.  Connection
>> from within lpdza1 works but I need lpdza2 to be able to access the admin
>> port (7028).  I have tried alternately disabling iptables and ip6tables, as
>> well as flushing and stopping them to no avail. I have also tried
>> configuring and disabling them from the desktop GUI
>> (Administration->Securtiy and Firewall settings,
>> Administration->Services->restart). I have tried accessing from other
>> virtual machines (Ubuntu, WindowsXP) to isolate that it is not a problem on
>> the second machine (lpdza2).
>>
>>   What am I missing? Below is the sequence of commands I executed which is
>> based from http://wiki.centos.org/HowTos/Network/IPTables.
>>
>> ======================
>>
>> [root@lpdza1 ~]# iptables -L
>> Chain INPUT (policy ACCEPT)
>> target     prot opt source               destination
>>
>> Chain FORWARD (policy ACCEPT)
>> target     prot opt source               destination
>>
>> Chain OUTPUT (policy ACCEPT)
>> target     prot opt source               destination
>>
>> [root@lpdza1 ~]# netstat -an | grep 7028
>> tcp        0      0 ::ffff:127.0.0.1:7028       :::*
>> LISTEN
>>
>> [root@lpdza1 ~]# service iptables status
>> Table: filter
>> Chain INPUT (policy ACCEPT)
>> num  target     prot opt source               destination
>>
>> Chain FORWARD (policy ACCEPT)
>> num  target     prot opt source               destination
>>
>> Chain OUTPUT (policy ACCEPT)
>> num  target     prot opt source               destination
>>
>>
>> [root@lpdza1 ~]# iptables -P INPUT ACCEPT
>> [root@lpdza1 ~]# iptables -F
>> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 7028 -j ACCEPT
>> [root@lpdza1 ~]# iptables -P INPUT DROP
>> [root@lpdza1 ~]# iptables -P FORWARD DROP
>> [root@lpdza1 ~]# iptables -P OUTPUT ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -i lo -j ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -i eth0 -j ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -m state --state
>> NEW,ESTABLISHED,RELATED -j ACCEPT
>>
>> [root@lpdza1 ~]# /sbin/service iptables save
>> [root@lpdza1 ~]# /sbin/service iptables reload
>> [root@lpdza1 ~]# /sbin/service iptables start
>>
>> [root@lpdza1 ~]# iptables -L -v
>> Chain INPUT (policy DROP 0 packets, 0 bytes)
>>  pkts bytes target     prot opt in     out     source
>> destination
>>   468 35641 ACCEPT     tcp  --  any    any     anywhere
>> anywhere            tcp dpt:ssh
>>    13   708 ACCEPT     tcp  --  any    any     anywhere
>> anywhere            tcp dpt:7028
>>    22  1299 ACCEPT     all  --  lo     any     anywhere
>> anywhere
>>   733  124K ACCEPT     all  --  eth0   any     anywhere
>> anywhere
>>     0     0 ACCEPT     all  --  any    any     anywhere
>> anywhere            state NEW,RELATED,ESTABLISHED
>>
>> Chain FORWARD (policy DROP 0 packets, 0 bytes)
>>  pkts bytes target     prot opt in     out     source
>> destination
>>
>> Chain OUTPUT (policy ACCEPT 1094 packets, 168K bytes)
>>  pkts bytes target     prot opt in     out     source
>> destination
>>
>>
>> [root@lpdza1 ~]# ip6tables -P INPUT ACCEPT
>> [root@lpdza1 ~]# ip6tables -F
>> [root@lpdza1 ~]# ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
>> [root@lpdza1 ~]# ip6tables -A INPUT -p tcp --dport 7028 -j ACCEPT
>> [root@lpdza1 ~]# ip6tables -P INPUT DROP
>> [root@lpdza1 ~]# ip6tables -P FORWARD DROP
>> [root@lpdza1 ~]# ip6tables -P OUTPUT ACCEPT
>> [root@lpdza1 ~]# ip6tables -A INPUT -i lo -j ACCEPT
>> [root@lpdza1 ~]# ip6tables -A INPUT -i eth0 -j ACCEPT
>> [root@lpdza1 ~]# ip6tables -A INPUT -m state --state
>> NEW,ESTABLISHED,RELATED -j ACCEPT
>>
>> [root@lpdza1 ~]# /sbin/service ip6tables save
>> [root@lpdza1 ~]# /sbin/service ip6tables reload
>> [root@lpdza1 ~]# /sbin/service ip6tables start
>>
>> [root@lpdza1 ~]# iptables -P INPUT ACCEPT
>> [root@lpdza1 ~]# iptables -F
>> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 7028 -j ACCEPT
>> [root@lpdza1 ~]# iptables -P INPUT DROP
>> [root@lpdza1 ~]# iptables -P FORWARD DROP
>> [root@lpdza1 ~]# iptables -P OUTPUT ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -i lo -j ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -i eth0 -j ACCEPT
>> [root@lpdza1 ~]# iptables -A INPUT -m state --state
>> NEW,ESTABLISHED,RELATED -j ACCEPT
>>
>> [root@lpdza1 ~]# /sbin/service iptables save
>> [root@lpdza1 ~]# /sbin/service iptables reload
>> [root@lpdza1 ~]# /sbin/service iptables start
>>
>>
>> # test from first CentOS machine
>>
>> [root@lpdza1 ~]# nc -zv -w 2 lpdza1 22
>> Connection to lpdza1 22 port [tcp/ssh] succeeded!
>> [root@lpdza1 ~]# nc -zv -w 2 lpdza1 7028
>> Connection to lpdza1 7028 port [tcp/*] succeeded!
>>
>> #switch to second CentOS machine
>> [adiaz@lpdza2 ~]$ ping -c 1 lpdza1
>> PING lpdza1 (192.168.122.185) 56(84) bytes of data.
>> 64 bytes from lpdza1 (192.168.122.185): icmp_seq=1 ttl=64 time=0.567 ms
>>
>> [adiaz@lpdza2 ~]$ nc -zv -w 2 lpdza1 22
>> Connection to lpdza1 22 port [tcp/ssh] succeeded!
>> [adiaz@lpdza2 ~]$ nc -zv -w 2 lpdza1 7028
>> nc: connect to lpdza1 port 7028 (tcp) failed: Connection refused
>>
>> ======================
>>
>>   Any pointers is very much appreciated. Thank you.
>>
>> ciao!
>>
>> --
>> "Programming, an artform that fights back"
>>
>> Anuerin G. Diaz
>> Registered Linux User #246176
>> http://ramfree17.net/capsule , when you absolutely have nothing else
>> better to do
>>
>> _________________________________________________
>> Philippine Linux Users' Group (PLUG) Mailing List
>> http://lists.linux.org.ph/mailman/listinfo/plug
>> Searchable Archives: http://archives.free.net.ph
>>
>>
>> _________________________________________________
>> Philippine Linux Users' Group (PLUG) Mailing List
>> http://lists.linux.org.ph/mailman/listinfo/plug
>> Searchable Archives: http://archives.free.net.ph
>
>
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph

Re: [plug] Unable to open the application port in CentOS 5.8

Reply via email to