EC2, RHEL - No Route To Domain - amazon-ec2

This is probably incredibly simple and I'm just missing one step. The problem I was (originally) trying to solve was how to get a statically allocated hostname, one that would not change with each restart. I've done the following steps:
I have a domain registered on GoDaddy, and it points to my EIP. I use it to connect over SSH (putty) to my EC2 instance, so I know that part is working. I've opened ports 9080, 9060, 9043, and 9443 as well as SSH and FTP ports. And I've installed and started the software that uses those ports, and that stuff normally just works on a local RHEL install, so I think what's different here is the custom domain name.
I've added my EIP and fully qualified host name to my /etc/hosts file.
I've added my fully qualified host name to my /etc/hostname file and modified the /etc/rc.local script to set the hostname properly on a restart, and that works. If I execute the command hostname, it returns my fully qualified hostname, so that looks ok.
I cannot ping my server, but I think that's ok, because probably amazon blocks pings. So I don't think that's a symptom of anything.
I cannot open a to http://myserver.mydomain:9080/, which normally just works. Here it just times out.
If I do a wget http://myserver.mydomain:9080 from inside the EC2 instance, it returns failed: No Route To Host
But if I do a wget against localhost instead of the fully qualified name I get what I expect as a response.
So.... routing tables? Do those need to change? And if so how?

You probably don't want to do what you did. Everything in EC2 is NAT'd. Meaning that the IP assigned to your instance is a private/internal ip and the public IP is mapped to it by the routing system.
So internally, you want everything to resolve to the private IP, or you will get charged for traffic as it has to get routed to the edge and then route back in. Using the public DNS name will resolve correctly from the default DNS servers.
If you are using RHEL, you will need to make sure both the security group and the internal firewall (iptables) have ports opened. You could just disable the internal firewall since its a bit redundant with the security groups. On the other hand, it can provide some options security groups do not if you need them.

Related

Proxmox external VM / CT access

I've just begun the setup of proxmox for our none profit educational VPS service. However, the problem we're facing is a lack of IPv4 addresses available to us.
Is it possible to route a sub-domain to the host servers IP address and then get that forwarded to the individual containers accordingly. For example:
SSH root#node-123.w-a-s-d.me
Will allow a client with the VM ID of 123 to access their server
And the same goes for things like: node-123.w-a-s-d.me
This would be the web address allowing any applications running on port 80 for that specific node
I'm unsure how to go about this and have looked online with no luck. I hope our goal is clear. I look forward to hearing from you. Josh
Exposing SSH that way will not be easy as you can only have one thing listening on port 22 for every given IP address, and while you could just adding random ports to each VPS and the forward it from primary box which holds public IP (and vms are behind nat) this is not exactly the best solution.
What you may want to do instead is set up one public-facing box that people can ssh into via public IP and from it SSH to subsequent private machines by their internal IP. Alternatively you can set that box with openVPN and set it to assign internal IP address to anyone connecting via it. While openVPN takes more time to set up right, it can come with it's own DNS so when connected to it calling out SSH root#node-123.w-a-s-d.me will automatically route you to the private IP address rather than the shared public facing one.
With HTTP this is much easier as you can set up a proxy on the front-facing machines which then proxies requests for given sub domain to specific internal IP address.

Can't join into a cluster on marklogic

I'm working with marklogic database and I tried to create a cluster.
I already have a development key. The OS is the same in all the nodes (win 7 x64).
When you tried to add a node into the cluster, you need to type the host name or the IP adress. For some reason when I type de host name, marklogic sometimes can't find the node , but that doesn't matter, because with the IP, the connection is successfull.
The main problem is when continues trought the process. At the end when marklogic try to transfer cluster configuration information to the new host, the process never ends and finally a message like "No data received" appear in the web browser.
I know that this message doesnt mean that the process fails, because when I change for example the host name, the same message appear.
So, when I check the summary in the first node, the second node appears, so that means the node "joins" into the cluster, but I'm not able to start the admin interface and always the second node appears disconnected even if I restart the service.
Aditionally, I'm able to make a ping from any computer to another.
I tried to create another network, because in my school some ports are not allowed, furthermore I tried to use different development key and the same key in my nodes too,
and finally I already have all the services enabled, but the problem persist.
Any help or comments would be appreciated.
Make sure ports 7998 - 8003 are open on both computers for both inbound and outbound traffic and that you don't have a firewall (Windows firewall, or iptables) blocking these.
You can also start looking into the Logs/ErrorLog.txt file and see if something obvious shows up.
Stick to IP addresses for now as it seems your DNS isn't fully working.
Your error looks like a kind of networking connectivity problem between the hosts.
Also you might get more detailed, or atleast different, answers from the MarkLogic developer mailing list.
http://developer.marklogic.com/discuss
-David Lee
Make sure the host names in MarkLogic configuration match the DNS names at which the hosts can see each other. If those are unreliable, then simply use IP addresses as host names. Go to the Admin interface on both ends, lookup the host name, change the DNS name into IP name, try again.
Also look at DALDEI's suggestion about ports and firewalls, that could be interfering as well.
HTH!

Fake DNS lookup for private IP

I have a machine running lighttpd to allow me to do a small scale web-based project. Up until now I've been accessing the project by using the private IP of the machine running lighttpd. The problem I have is that if I disconnect the server and attempt to run my code to test for all cases is realize that the site hangs (after an AJAX call) instead of returning a 404 error because of the direct IP.
Besides for ensuring that the server never goes offline, how can I make sure that the website won't hang up. Is there a way for me to look up the private IP but going through a DNS Lookup to ensure that if it isn't there I don't try to load it anyways.
If it is a unix-compatible resolver (Linux, *BSD etc.), just add an entry to your private IP in into /etc/hosts, following the same format of the other entries of the file. Like this:
10.0.1.6 my_private_host_name
That solution will only work individually on the machine you changed the /etc/hosts file.
Your second option is to create a private-DNS-server and add the your.domain.internal domain to that DNS, and enable DNS forwarding to your internal network, and set your clients to use that DNS server. This way if you try to call your private domain, your DNS server will be SOA (Start of Authority) and answer for it, but if you ask for something that it isn't SOA for it will just pass your request to the old DNS server, that will answer it the usual way.
Now if you need to use a "real" DNS name for your private IP (I want it it to answer on www.my_company.com), the first /etc/hosts method will do the trick,but if you need to set up a DNS server, follow the tutorials on "Split DNS".

amazon ec2 - name server issue

i have created new instance in amazon ec2, and assigned the elastic ip for instance. But i need to know how to get ip for name server (ns1.abc.com, ns2,abc.com).
I have installed whm in amazon instance. Only domain cannot point to the correct name server. That is because ip cannot load.
Now, my problem is that how i get new ip. Can i add another two elastic ip in amazon? But i configured two elastic ip for name server in dns zone within whm. The name server is not working. And i cannot open the elastic ip in browser. I am confuse for it. Please anyone help me.
There are lots of things that can go wrong here. I'll try to troubleshoot step by-step:
I'll assume the goal is "You want to type 'whm.foo.com' and see your WHM"
1) Go to your domain registrar and make an entry that points "whm.foo.com" to your EIP. (Depending on what you want, maybe you should setup a "*.foo.com" wildcard for that EIP.
2) Test that step #1 worked by typing "ping whm.foo.com" or "dig whm.foo.com" (one linux/mac, not sure about Windows). This should return your EIP. If not, go back to step 1.
3) Check that WMH is acually running. Read the docs to find what port it's running on. (Usually 2083, or 2082 for insecure access)
On your instance, run "curl -v localhost:2083" (or whatever port. It should return a login screen. If it says "couldn't connect to host", then you have the wrong port or it's not running.
4) run "netstat -na | grep :2083" (or whatever port). It should say "0.0.0.0:*". If it says "127.0.0.1:*", then you need to configure it to allow outside access.
5) Make sure your WHM port is enabled in the AWS firewall. Go to the AWS control panel and find the security group for your box. Make sure that port is allowed. Ideally, you'd only add your personal IP instead of opening it up to the world. (If there is a bug in WHM, people will scan all IPs trying to exploit it. They can't exploit your server if the AWS firewall denies them access.)
6) Now type "https://whm.foo.com:2083" (or whatever port) in your browser. (or http://whm.foo.com:2082 for insecure access). It should work!
i need to know how to get ip for name server (ns1.abc.com, ns2,abc.com).
As rdrey said, you need to go to your DNS provider (most registrars also do DNS) and tell them what boxes should point to your EIP.
That is because ip cannot load.
There is no such thing as "ip cannot load". Either "DNS is giving the wrong IP" or "some IP operations (TCP ports) were blocked by a firewall somewhere".
Now, my problem is that how i get new ip
I don't think that should be your goal. You can easily change EIPs, but it won't fix the problem. Nothing works unless everything in between is set up correctly. The goal should be understanding all the steps in the process and verifying that each step was done correctly.
OK, you have two options here:
Use the DNS servers provided by your Domain Registrar OR
Use AWS Route53 to let Amazon provide DNS services for you.
Option 1:
You bought your domain name from a registrar, like one of these: http://lifehacker.com/5683682/five-best-domain-name-registrars
Most, if not all, registrars run a free DNS service for their customers. You should be able to log into some kind of management console and set your domain's DNS zone entries to point at your AWS EIP. (I am using gandi.net and used to use godaddy. You simply leave the DNS Servers as they are and set your AWS EIP as the 'A' record.)
Option 2:
Go to https://console.aws.amazon.com/route53/home and follow instructions. I haven't read up on Route53's pricing, so this option might not be free.
---- EDIT:
Some more help:
The site you've linked to (http://www.intodns.com/xantec.com.sg) states that you've used your EIP (54.251.169.7) as the nameserver for the domain. You don't want that. You're running a cPanel installation, NOT a DNS nameserver.
Put 54.251.169.7 as your site's A record. (Sometimes called the www field.) Remove it from the NS fields and put ns3.thesimpledns.com & ns4.thesimpledns.com into those.

host network solutions domain on an amazon ec-2 box

I have looked this up and what was described in other answers did not work for me. I created a elastic ip from my ec-2 dashboard, and I set the A records of my domain (www, *, and #(none)) but it does not work. When I try to go directly to the ip address it also does not work though so I am not sure why this is happening.
Also where exactly does the elastic ip point? To my home folder, to the ec-2 user? It is not working now so I couldn't test it, but when it does work I still won't know.
Two things: remember that your domain will need to propagate, so leave it a few hours. Also, your elastic IP points to the machine you bound it to.
Almost forgot, you also need to edit your security zone to open up ports to allow incoming connections on those ports, as the default is to block everything except SSH.

Resources