I have installed Mosquitto MQTT in one of the EC2 instance(ubuntu) and broker running fine with localhost.
I can able to publish/subscribe in the local machine and as well another EC2 instance (both EC2 in same subnet 172.31.X.X)
Now, i want to connect the broker from a PC outside for (publish/subscribe). So, i tried to configure the broker IP to EC2 instance public IP.
VirtualBox:cat /etc/mosquitto/mosquitto.conf
# Place your local configuration in /etc/mosquitto/conf.d/
#
# A full description of the configuration file is at
# /usr/share/doc/mosquitto/examples/mosquitto.conf.example
listener 1883 50.24.39.66
pid_file /var/run/mosquitto.pid
persistence true
persistence_location /var/lib/mosquitto/
log_dest file /var/log/mosquitto/mosquitto.log
include_dir /etc/mosquitto/conf.d
VirtualBox:
VirtualBox:sudo mosquitto -c /etc/mosquitto/mosquitto.conf
1495801790: mosquitto version 1.4.8 (build date Fri, 19 Feb 2016 12:03:16 +0100) starting
1495801790: Config loaded from /etc/mosquitto/mosquitto.conf.
1495801790: Opening ipv4 listen socket on port 1883.
1495801790: Error: Cannot assign requested address
carun#carun-VirtualBox:~$
But, while restarting the broker am getting the above error "Cannot assign requested address"
Done so far,
Allowed (inboud/outbound) all access to EC2.
Disabled firewall in EC2
-Allowed all security level access to EC2 security group.
But no luck,
So question,
How to assign a EC2 Public IP to the broker?
How can I access MQTT broker out side of world?
Thanks in advance for your help!
Remove the ip address (50.24.39.66) from the end of listener line (or just remove the whole line) to allow mosquitto to bind to all available IP addresses
Related
I am running Apache NiFi (version1.11.4) on my local machine say on port (8090).
It runs & is working good on my machine.
This is normal setup without registry/certificate/LDAPS/security.
I want to access this NiFi on other machine running with in the private Network.
For this i enabled this 8090 port on my machine's firewall (as inbound rule with TCP)
But not able to access NiFi remotely
I tested both the cases (with default port and custom post):
Case 1: on my local machine NiFi is running on port 8080, i setup firewall inbound rule also on port 8080 Other member should be able to access my NiFi instance remotely on port 8080.
nifi.web.http.host=MY_HOST_NAME
nifi.web.http.port=8080
Case 2: On server machine NiFI is running on port 8090, i setup firewall inbound rule also on port 8090 Other member should be able to access this NiFi instance remotely on port 8090.
nifi.web.http.host=MY_HOST_NAME
nifi.web.http.port=8090
nifi.properties file:
nifi.web.war.directory=./lib
nifi.web.http.host=MY_HOST_NAME
nifi.web.http.port=8080
nifi.web.http.network.interface.default=
nifi.web.https.host=
nifi.web.https.port=
nifi.web.https.network.interface.default=
nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.context.path=
nifi.web.proxy.host=
From my Spring Boot application deployed as a Docker container I need to be able to access the parent node (within a Swarm) by some kind of docker-exposed DNS name so that I can add it to a configuration file and was wondering if there was a DNS name exposed automatically by Docker for this purpose?
Another container that is scheduled on the same host running in "network_mode: host" is running Consul and advertising on port 8500 (real IP is 192.168.1.233).
If I run netstat on the Swarm node (ip 192.168.1.233) I can see it's listening on port 8500:
# netstat -anp | grep 8500
tcp6 0 0 :::8500 :::* LISTEN 25010/docker-proxy
I want to be able to define a connection string as configuration in the Spring Boot app on the swarm node to the local instance of Consul sheduled on the same physical host as the Spring Boot app.
If I refer to "localhost" within the Spring Boot container then there's nothing listening on the 8500 port, proven by running this after shelling into the Spring Boot container (using a sample Consul API call)
# wget http://localhost:8500/v1/status/leader
Connecting to localhost:8500 (127.0.0.1:8500)
wget: can't connect to remote host (127.0.0.1): Connection refused
I've also tried using "host.docker.internal" but that doesn't work:
# ping host.docker.internal
ping: bad address 'host.docker.internal'
The hosts are all Centos 7 hosts, and Docker version 18.09.1, build 4c52b90.
The firewalld service is disabled on all hosts.
I'm in the middle of installing and configuring an XMPP server, using ejabberd on Windows server 2012, running on an EC2 box.
I have opened port 5222 within windows firewall, and added to the security group for the EC2 instance
Custom TCP Rule
TCP
5222
0.0.0.0/0
ejabberd_c2s
Custom TCP Rule
TCP
5222
::/0
ejabberd_c2s
My XMPP logins are not working, and so I've turned to telnet to try and debug - it sees that port 5222 is reporting as closed:
PS C:\WINDOWS\system32> telnet hostname.com 5222
Connecting To hostname.com...Could not open connection to the host, on port 5222: Connect failed
Any guidance or steps towards debugging would be appreciated!
The issue here was in ejabberd's default configuration of "::" as an IP to listen, which forced it to listen only to IPv6.
By updating the ejabbed config to
port: 5222
ip: "0.0.0.0"
module: ejabberd_c2s
I was able to connect via telnet, and able to access the server using XMPP.
I am running an Akka HTTP service on port 8080 in my EC2 instance. It expects web socket connections, but normal HTTP should return 400 bad request.
I use this code to start Akka service:
Http().bindAndHandle(route, "localhost", 8080)
From the remote terminal I have this expected behavior, but not from outside.
$ wget ec2-XX-XXX-XX-XXX.compute-1.amazonaws.com:8080
--2017-10-01 15:27:31-- http://ec2-XX-XXX-XX-XXX.compute-1.amazonaws.com:8080/
Resolving ec2-XX-XXX-XX-XXX.compute-1.amazonaws.com... XX.XXX.XX.XXX
Connecting to ec2-XX-XXX-XX-XXX.compute-1.amazonaws.com|XX.XXX.XX.XXX|:8080... failed: Connection refused.
Here is my inbound rules configuration:
If I do netstat --listen -p the port 8080 does not appear.
Thanks!
I found out the problem. I should be binding the service to the private IP address of the EC2 instance.
I have my Single node Hadoop installed on Google Compute Engine instance and i want to open port 50070 on that machine to access the hadoop dashboard. i configured in the firewall rule as tcp:50070 in compute engine networks. but still i am unable to access my port outside the network (ie . via internet). I tried nmap for the public ip of my GCE instance and i got a result which has only ssh port got opened all other ports are filtered .
Note: i am using debian 7.5 image
Make sure your daemon is listening on port 50070. If you have more than one networks in you project make sure the port is opened on the right network. You can run the following commands to check the information about your instance and network.
lsof -i
gcutil --project= getinstance
gcutil --project= listnetworks
gcutil --project= listfirewalls
gcutil --project= getfirewall
Check if IP/Port is allowed in iptables or not.
iptables -L
would show you all the records.
To allow port in iptables you can do the following:
sudo iptables -A INPUT -p tcp -m tcp --dport 50070 -j ACCEPT
sudo iptables-save -c
Short answer
In addition to configure the firewall rule at GCE web console make sure that your server is listening at 0.0.0.0 instead of 127.0.0.1
Long answer
In the context of servers, 0.0.0.0 means all IPv4 addresses on the local machine. If a host has two IP addresses, 192.168.1.1 and 10.1.2.1, and a server running on the host listens on 0.0.0.0, it will be reachable at both of those IPs - Source
In contrast 127.0.0.1 is the IP address used to stablish a connection to the same machine used by the user this address is usually referred as the localhost.
It's often used when you want a network-capable application to only serve clients on the same host. A process that is listening on 127.0.0.1 for connections will only receive local connections on that socket. - Source
Hence, if you try to stablish a connection to your server from internet and your server is listening at 127.0.0.1 at your GCE machine, then, from the server point of view a request has never been received and as a consequence Goocle Cloud Firewall will refuse the connection because there is no server listening at the opened port (in your case 50070).
I hope this answer helps to solve your problem. Best regards.