I am trying to run a socket server on an Amazon Web Services EC2 instance. The socket is able to run just fine on it's own, and telnetting locally on the instance can connect, but trying to telnet to the socket from the outside is failing. I have gone into the security groups to ensure the ports I am using are open for both TCP and UDP (though the socket server has been configured for TCP). Is there something else I am missing?
The server might be listening on the loopback interface or ipv6 by default. You can check that by running netstat --listen -p which will show you which program listens on which address/port. How to make the program listen on the external ipv4 interface depends on the program/programming language.
Related
I have a web app running on a Amazon EC2 Instance on port 8080, the webapp while starting, starts a Socket io server listening on port 9092.
in the client file connecting to the Socket io server i have this:
io.connect('http://<IPADDRESS>:9092');
Unfortunately, this request is getting blocked as shown :
I thought the problem was about inbound rules of my EC2 instance, i therefore allowed traffic for the purpose as shown:
But the requests are still blocked...
NOTE: When my app is hosted locally, everything works fine.
So why is amazon behaving this way and what am i supposed to do to come across this issue?
UPDATE:
netstat -a -n | grep 9092 outputs this on instance:
Also have a look on what firefox shows me about a request attempt timings:
It turns that i was binding my server to the localhost address, as if it were accessed from the localhost.
Thanks to #robertklep comment, i did bound the server to the ec2 instance address and it's working now.
The easiest way to establish a socket connection with your server from outside of EC2 is to listen to all the incoming traffic:
server.listen(3000, '0.0.0.0');
This is only recommended for testing and development environment. Do not use this for production.
I have a WebSphere application server 8, where I have deployed an enterprise application. Now I want to make that web GUI of that application reachable. So I set up a port (9080), added a web container transport chain, added a virtual host for port 9080, and added that virtual host to my deployed application. However, it is not reachable.
Digging through WebSphere's log, I found this message:
TCPC0001I: TCP Channel TCP_6 is listening on host * (IPv6) port 9080.
So apparently, the channel listens on IPv6, not on IPv4. I verified this with netstat, which indeed shows that the server's process only listens on IPv6. How do I make the channel listen on IPv4 instead? I already tried setting java.net.preferIPv4Stack=true in the server's JVM, but that didn't change anything.
Interestingly, Websphere's console is available via IPv4, but I cannot figure out what part of it is configured differently so that it works, while my setup does not.
On many operating systems IPv6 sockets on the wildcard address (* or ::/0) can accept both IPv4 and IPv6 connections. On for example Mac OS netstat would show such sockets as i.e. tcp46 to show they are dual-stack. Other operating systems, including Linux, just show them as tcp6 even if they also accept IPv4 connections.
So it is probably listening on IPv4 just fine, it's just a confusing way of showing it to the sysadmin.
Specifically, I have a Windows server (Windows 7), but the netstat -an command only shows whether ports are TCP or UDP. I thought these were the only kinds of ports, but node.js seems to distinguish between HTTP ports and TCP ports (example at bottom of linked page). I'm currently using node.js in a program that will run on my server, and it opens HTTP ports by default. These appear as TCP ports under netstat -an.
Is there a command line trick for distinguishing whether an open port on this server is HTTP or TCP? I make requests to my Information Technology office about ports that I need on this server, and they need to know whether these ports will be TCP, UDP, etc.
If necessary to use a remote client, I have a Mac that can do the job.
HTTP is an application protocol. Its definition presumes an underlying and reliable transport layer protocol. The transmission Control Protocol is commonly used. However HTTP can use unreliable protocols too (example SSDP).
Now to answer to your question:
netstat -lt : List TCP Listening Ports
netstat -lu : List UDP Listening Ports
If you want to know wether a TCP Port is running HTTP or not, you can check the standard port on HTTP (grep :80). The standard HTTP port is 80. The standard HTTPS port is 443.
All HTTP traffic is transmitted over TCP Ports. I think what may be causing some confusion is that the first node.js example uses the http module and the second example uses the net module.
The http module is built on top of the net module (which handles the TCP layer underlying HTTP).
Refer to: nodejs - net or http module
EDIT:
Only one process can bind to a port. If you're having difficulties connecting, shut down any other applications that may be using the same port, such as your Java Hello World server. Run netstat -an to make sure you don't see the port listed that you're trying to listen on in you node.js TCP server (port 1337) in the example. If nothing is listening on the port, fire up your node.js TCP server and run netstat -an again to make sure it's actually listening on the intended port.
Another suggestion - temporarily turn off the software firewall then use the telnet client on the local server to attempt to connect to the port using the command telnet 127.0.0.1 1337 (replace 1337 with your port) from the command prompt. This will eliminate any network devices such as firewalls between the client (telnet in this case) and the server. If the screen goes blank, you've connected. If you get the message Could not open connection to the host, on port then it's still not listening on the TCP Port. If you can connect locally from Telnet but you cannot connect remotely then there is something blocking your connection.
I have a client which is intended to connect to a server. For the client, the remote TCP port number is fixed(i.e. 102). I can NOT change it(while I can change the remote IP address). However, the TCP Port number the server is listening on is fixed as well(i.e. 1024) and I can NOT change it too. These two port numbers are different. I want to make the client connect to the server smoothly.
At the first, I had a idea that I setup a proxy listening on localhost:102 and the client connect to 127.0.0.1:102. Then this proxy redirect these TCP traffic to the real address RemoteServerIP:1024. But I found on my windows, there was already a process which is listening on 0.0.0.0:102 and I can NOT change its listening port. So this idea can NOT work.
Thank you very much.
if you cannot do it on the same windows machine running client, why not try to do it on another (linux maybe) machine?
I am using Boost asio in Visual C++. I am trying to connect to a static IP which listens TCP on port 1222. unfortunately i can only connect with Lan and cannot connect from another Lan to the TCP listening PC(203.143..).
It connects perfectly with the EC2 server. Is it something to do with firewall. but when i run the app it ask for the user to allow firewall for the specific port. I can post my code but i guess it's not something to with the code.
Usually a firewall on the server side (the PC you are trying to connect to) have to be configured to allow incoming connections.
Firewall on your side should be OK, it usually allows any type of outgoing connections.
I don't know what you meant by "the app ask for the user to allow firewall for the specific port" (clarify).