Ed, OSX is notorious for being helpful, check your overall system settings and ensure when you are trying to do your port forward that the OSX system firewall is off. It will helpfully block connects to your virtual machines even though they originate on your host and are going to a guest on an internal network adapter.
On Wednesday, March 25, 2015 at 7:46:57 AM UTC-5, Ed Young wrote: > > Alvaro, > > > > This thread is very helpful(!), but I'm still unable to access my apache > http server on my guest VM. > > ( I'm running Vagrant 1.5.3, on a mac osx 10.9.2 host machine. ) > > I'm running a centos 65 image > > config.vm.box = " > https://developer.nrel.gov/downloads/vagrant-boxes/CentOS-6.5-x86_64-v20140311.box > " > > and I'm provisioning using puppet. > > Note that when I started with vagrant up I got one warning: > > Warning: Could not retrieve fact fqdn > > and when I start apache httpd I get > [root@localhost vagrant]# service httpd start > > *Starting httpd: httpd: Could not reliably determine the server's fully > qualified domain name, using localhost.localdomain for ServerName* > [ OK ] > > root@localhost vagrant]# service httpd status > > httpd (pid 2751) is running... > > My hosts file: > > [root@localhost etc]# cat hosts > 127.0.0.1 localhost localhost.localdomain localhost4 > localhost4.localdomain4 > ::1 localhost localhost.localdomain localhost6 > localhost6.localdomain6 > > > I have the following port forwarding configuration: > > * config.vm.network :forwarded_port, host: 4567, guest: 80* > * config.vm.network :forwarded_port, host: 4568, guest: 8080* > > *I can access the apache server from the guest vm of course: * > > *[root@localhost vagrant]# curl -v http://localhost:80 > <http://localhost:80>* About to connect() to localhost port 80 (#0)* > Trying ::1... connected* Connected to localhost (::1) port 80 (#0)> GET / > HTTP/1.1> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 > NSS/3.16.2.3 <http://3.16.2.3> Basic ECC zlib/1.2.3 libidn/1.18 > libssh2/1.4.2> Host: localhost> Accept: */*>< HTTP/1.1 403 Forbidden< Date: > Wed, 25 Mar 2015 12:13:53 GMT< Server: Apache/2.2.15 (CentOS)< > Accept-Ranges: bytes< Content-Length: 4954< Connection: close< > Content-Type: text/html; charset=UTF-8<<!DOCTYPE html PUBLIC "-//W3C//DTD > XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd > <http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd>">* > > ... > > but not from the host machine (Mac osx 10.9.2) > > ➜ vagrant-centos65 git:(master) ✗ curl -v http://localhost:4567 > * Adding handle: conn: 0x7fb52380aa00 > * Adding handle: send: 0 > * Adding handle: recv: 0 > * Curl_addHandleToPipeline: length: 1 > * - Conn 0 (0x7fb52380aa00) send_pipe: 1, recv_pipe: 0 > * About to connect() to localhost port 4567 (#0) > * Trying 127.0.0.1... > > > I've followed your troubleshooting suggestions, but have not yet figured > out the problem: > > [root@localhost vagrant]# netstat -anp | grep ':80' > tcp 0 0 :::80 :::* > LISTEN 2751/httpd > > > *I'm not sure how to interpret this, but I note that the 0 :::80 might > indicate a problem since you in your troubleshooting advice suggested it > should look like: * > > *:80 LISTEN > > > > or > > > > 0.0.0.0:80 LISTEN > > > *yes?* Therefore, It appears that all ips cannot connect and that might > be my problem. > > Next you advise to try > iptables -L > ( But I don't understand how this might help, or diagnose. ) > > root@localhost vagrant]# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > ACCEPT icmp -- anywhere anywhere > ACCEPT all -- anywhere anywhere > ACCEPT tcp -- anywhere anywhere state NEW tcp > dpt:ssh > REJECT all -- anywhere anywhere reject-with > icmp-host-prohibited > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > REJECT all -- anywhere anywhere reject-with > icmp-host-prohibited > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > > If I clean the iptables > > [root@localhost vagrant]# iptables -F > [root@localhost vagrant]# iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > > It has no effect. > > [root@localhost vagrant]# netstat -anp | grep ':80' > tcp 0 0 :::80 :::* > LISTEN 2751/httpd > > > ➜ vagrant-centos65 git:(master) ✗ curl -v http://localhost:4567 > * Adding handle: conn: 0x7fe9fb804000 > * Adding handle: send: 0 > * Adding handle: recv: 0 > * Curl_addHandleToPipeline: length: 1 > * - Conn 0 (0x7fe9fb804000) send_pipe: 1, recv_pipe: 0 > * About to connect() to localhost port 4567 (#0) > * Trying 127.0.0.1... > > > Note that when I run vagrant reload > > ➜ vagrant-centos65 git:(master) ✗ vagrant reload > ==> default: Attempting graceful shutdown of VM... > ==> default: Clearing any previously set forwarded ports... > ==> default: Clearing any previously set network interfaces... > ==> default: Preparing network interfaces based on configuration... > default: Adapter 1: nat > ==> default: Forwarding ports... > * default: 80 => 4567 (adapter 1)* > * default: 8080 => 4568 (adapter 1)* > * default: 22 => 2222 (adapter 1)* > ==> default: Booting VM... > ==> default: Waiting for machine to boot. This may take a few minutes... > default: SSH address: 127.0.0.1:2222 > default: SSH username: vagrant > default: SSH auth method: private key > default: Warning: Connection timeout. Retrying... > default: Warning: Remote connection disconnect. Retrying... > ==> default: Machine booted and ready! > ==> default: Checking for guest additions in VM... > ==> default: Mounting shared folders... > default: /vagrant => /Users/.../vagrant-centos65 > default: /tmp/vagrant-puppet-1/manifests => > /Users/../vagrant-centos65/manifests > default: /tmp/vagrant-puppet-1/modules-0 => > /Users/.../vagrant-centos65/modules > ==> default: VM already provisioned. Run `vagrant provision` or use > `--provision` to force it > > > So, I've provided a lot of information, because it seems you might be > able to advise further. > > Thanks and I look forward to your reply. > > Ed > > > On Saturday, March 7, 2015 at 5:22:02 AM UTC-7, Alvaro Miranda Aguilera > wrote: >> >> try with firewall >> >> list rules: iptables -L >> >> clean all the rules: iptables -F >> >> Also, paste the output of vagrant up, maybe the host is already using >> port 30000 .. that should be an error/warning on the output of vagrant >> up >> >> Alvaro. >> >> >> >> On Sat, Mar 7, 2015 at 1:00 PM, Ryan Moore <[email protected]> wrote: >> > Greetings, >> > >> > I am having a similar problem...I have a rails server running on my >> vagrant >> > machine serving on port 3000, as shown by the output from netstat. >> > >> > tcp 0 0 127.0.0.1:3000 0.0.0.0:* >> LISTEN >> > 1000 15938 5632/ruby >> > >> > This works fine on the VM... I can run Firefox on the VM and forward it >> > through X11 and view the website on my host machine that way (through >> the >> > x11 windowed Firefox), but when I try to go to 127.0.0.1:3000 or >> > 127.0.0.1:30000 on my host machine's web browser, or with curl, it >> doesn't >> > work. >> > >> > Here is the bit from my Vagrantfile >> > >> > config.vm.network :forwarded_port, guest: 3000, host: 30000 >> > config.vm.network :private_network, type: "dhcp" >> > >> > >> > Any suggestions? >> > >> > Thanks, >> > Ryan >> > >> > On Sunday, January 25, 2015 at 3:35:33 PM UTC-5, Alvaro Miranda >> Aguilera >> > wrote: >> >> >> >> My suggestion would be set a private nic on vagrant, and then change >> the >> >> program to bind to that specific IP, will be easier. >> >> >> >> https://docs.vagrantup.com/v2/networking/private_network.html >> >> >> >> Keep going, and don't give up! >> >> >> >> Alvaro. >> >> >> >> On Mon, Jan 26, 2015 at 2:55 AM, Charles <[email protected]> wrote: >> >>> >> >>> Alvaro: >> >>> >> >>> Thanks you for pointing me in the right direction! >> >>> >> >>> Indeed, the results of netstat showed a difference between apache and >> my >> >>> simple go server: >> >>> >> >>> tcp 0 0 127.0.0.1:3000 0.0.0.0:* >> >>> LISTEN 1406/httpbuddy >> >>> >> >>> vs. >> >>> >> >>> tcp 0 0 0.0.0.0:80 0.0.0.0:* >> >>> LISTEN - >> >>> >> >>> So it looks like I need to get my go server to listen on 0.0.0.0, >> which >> >>> would let all interfaces access it, vs. loopback which is 127.0.0.1? >> Not >> >>> sure how to do that yet, but I'll figure it out. >> >>> BTW, iptables is not running on the virtual machine. >> >>> >> >>> -- >> >>> You received this message because you are subscribed to the Google >> Groups >> >>> "Vagrant" group. >> >>> To unsubscribe from this group and stop receiving emails from it, >> send an >> >>> email to [email protected]. >> >>> For more options, visit https://groups.google.com/d/optout. >> >> >> >> >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Vagrant" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
