• can't access a service to a remate hosts

    From xeon Mailinglist@1:0/0 to All on Sun Feb 23 14:30:40 2014
    I have this network. host1 <-> router1 <-> router2 <-> router3 <-> router4 =
    <-> host2. I can ping from host1 to host2, but I can access a service that=
    is running in the port 50070. How can I find what is going on? I don't hav=
    e access to the routers, only to the hosts.

    Both hosts run linux in terminal mode.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Ulf Volmer@110:110/2002 to All on Sun Feb 23 14:39:01 2014
    xeon Mailinglist <xeonmailinglist@gmail.com> schrieb:
    I have this network. host1 <-> router1 <-> router2 <-> router3 <-> router4
    <-> host2. I can ping from host1 to host2, but I can access a service that is
    running in the port 50070. How can I find what is going on? I don't have access to the routers, only to the hosts.

    Both hosts run linux in terminal mode.

    You can test with tcptraceroute if any route blocks your ports:

    tcptracerouet host2 50070

    regards
    Ulf

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: www.u-v.de (110:110/2002@linuxnet)
  • From xeon Mailinglist@1:0/0 to All on Sun Feb 23 14:55:35 2014
    I did tcptraceroute, and I get this output. It seems that it has connected,=
    but when I access the service with a browser, I get Connection refused.

    Am I reading right? The output got show that I connected to the destination=
    ?

    HadoopWorkers-rci-0:~# tcptraceroute 10.103.0.20 50070
    traceroute to 10.103.0.20 (10.103.0.20), 30 hops max, 60 byte packets
    1 HadoopWorkers-fiu-0 (10.103.0.20) <rst,ack> 1.087 ms 1.016 ms 0.960 =
    ms



    On Sunday, February 23, 2014 2:39:01 PM UTC, Ulf Volmer wrote:
    xeon Mailinglist <xeonmailinglist@gmail.com> schrieb:
    =20
    I have this network. host1 <-> router1 <-> router2 <-> router3 <-> rout=
    er4 <-> host2. I can ping from host1 to host2, but I can access a service = that is running in the port 50070. How can I find what is going on? I don't=
    have access to the routers, only to the hosts.
    =20

    =20
    Both hosts run linux in terminal mode.
    =20
    =20
    =20
    You can test with tcptraceroute if any route blocks your ports:
    =20
    =20
    =20
    tcptracerouet host2 50070
    =20
    =20
    =20
    regards
    =20
    Ulf


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Tauno Voipio@110:110/2002 to All on Sun Feb 23 16:33:21 2014
    On 23.2.14 16:55, xeon Mailinglist wrote:
    I did tcptraceroute, and I get this output. It seems that it has connected,
    but when I access the service with a browser, I get Connection refused.

    Am I reading right? The output got show that I connected to the destination?

    HadoopWorkers-rci-0:~# tcptraceroute 10.103.0.20 50070
    traceroute to 10.103.0.20 (10.103.0.20), 30 hops max, 60 byte packets
    1 HadoopWorkers-fiu-0 (10.103.0.20) <rst,ack> 1.087 ms 1.016 ms 0.960
    ms

    The target host (10.103.0.20) refused the TCP connection.
    Are you sure that there is anything listening tp port 50070?

    --

    Tauno Voipio



    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From xeon Mailinglist@1:0/0 to All on Sun Feb 23 17:33:09 2014
    Yes, i am. I accessed the service from the machine.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From xeon Mailinglist@1:0/0 to All on Sun Feb 23 17:34:27 2014
    I just can't access the service from a remote hosts.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: The Kofo System II BBS telnet://fido2.kofobb
  • From Tauno Voipio@110:110/2002 to All on Sun Feb 23 18:03:45 2014
    On 23.2.14 19:34, xeon Mailinglist wrote:
    I just can't access the service from a remote hosts.


    Are you sure that the accessed host is what you think it is?

    The 10.x.y.z are RFC1918 private addresses, which can mean
    different hosts in different local networks. If the routers
    obey the RFC's, they must not forward the 10 -series addresses
    if there is any hop in the public network.

    --

    -TV


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From Ulf Volmer@110:110/2002 to All on Sun Feb 23 18:15:45 2014
    xeon Mailinglist <xeonmailinglist@gmail.com> schrieb:
    I did tcptraceroute, and I get this output. It seems that it has connected,
    but when I access the service with a browser, I get Connection refused.

    Am I reading right? The output got show that I connected to the destination?

    HadoopWorkers-rci-0:~# tcptraceroute 10.103.0.20 50070
    traceroute to 10.103.0.20 (10.103.0.20), 30 hops max, 60 byte packets
    1 HadoopWorkers-fiu-0 (10.103.0.20) <rst,ack> 1.087 ms 1.016 ms 0.960
    ms
    ^^^

    The server refuse your connection. Is the Server listening on the right (all) interfaces?
    Are there any firewall on the server?

    regards
    Ulf


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: www.u-v.de (110:110/2002@linuxnet)
  • From Pascal Hambourg@110:110/2002 to All on Sun Feb 23 18:46:12 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    Ulf Volmer a ‚crit :
    xeon Mailinglist <xeonmailinglist@gmail.com> schrieb:
    I did tcptraceroute, and I get this output. It seems that it has connected

    No it's not. rst = RESET = connection refused.

    Am I reading right? The output got show that I connected to the destination?

    Not quite. It stopped a the first hop, not even reaching the finale
    destination (unless all routers along the path do not decrease the TTL,
    which would be against the IP standard).

    HadoopWorkers-rci-0:~# tcptraceroute 10.103.0.20 50070
    traceroute to 10.103.0.20 (10.103.0.20), 30 hops max, 60 byte packets
    1 HadoopWorkers-fiu-0 (10.103.0.20) <rst,ack> 1.087 ms 1.016 ms 0.960 ms
    ^^^
    The server refuse your connection.

    Nope. The first hop refused the connection.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From Pascal Hambourg@110:110/2002 to All on Sun Feb 23 18:50:13 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    Tauno Voipio a ‚crit :

    Are you sure that the accessed host is what you think it is?

    Wise question.

    The 10.x.y.z are RFC1918 private addresses, which can mean
    different hosts in different local networks. If the routers
    obey the RFC's, they must not forward the 10 -series addresses
    if there is any hop in the public network.

    Agreed, but then they should not reply with a TCP RST, should they ?

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From William Unruh@110:110/2002 to All on Sun Feb 23 19:47:09 2014
    On 2014-02-23, xeon Mailinglist <xeonmailinglist@gmail.com> wrote:
    I have this network. host1 <-> router1 <-> router2 <-> router3 <-> router4
    <-> host2. I can ping from host1 to host2, but I can access a service that is
    running in the port 50070. How can I find what is going on? I don't have access to the routers, only to the hosts.

    routers running firewall? Nothing on host 2 listening to port 50070?

    tcpdump on host 2 to see if packets coming through.


    Both hosts run linux in terminal mode.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From William Unruh@110:110/2002 to All on Sun Feb 23 19:48:57 2014
    On 2014-02-23, xeon Mailinglist <xeonmailinglist@gmail.com> wrote:
    I did tcptraceroute, and I get this output. It seems that it has connected,
    but when I access the service with a browser, I get Connection refused.

    That is a different issue. The program listening to port 50070 is
    refusing the connection. Look at that program ( which you never told us
    about)


    Am I reading right? The output got show that I connected to the destination?

    HadoopWorkers-rci-0:~# tcptraceroute 10.103.0.20 50070
    traceroute to 10.103.0.20 (10.103.0.20), 30 hops max, 60 byte packets
    1 HadoopWorkers-fiu-0 (10.103.0.20) <rst,ack> 1.087 ms 1.016 ms 0.960
    ms



    On Sunday, February 23, 2014 2:39:01 PM UTC, Ulf Volmer wrote:
    xeon Mailinglist <xeonmailinglist@gmail.com> schrieb:

    I have this network. host1 <-> router1 <-> router2 <-> router3 <-> router4 <-> host2. I can ping from host1 to host2, but I can access a service that is running in the port 50070. How can I find what is going on? I don't have access to the routers, only to the hosts.



    Both hosts run linux in terminal mode.



    You can test with tcptraceroute if any route blocks your ports:



    tcptracerouet host2 50070



    regards

    Ulf


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From Tauno Voipio@110:110/2002 to All on Sun Feb 23 21:32:28 2014
    On 23.2.14 20:50, Pascal Hambourg wrote:
    Tauno Voipio a ‚crit :

    Are you sure that the accessed host is what you think it is?

    Wise question.

    The 10.x.y.z are RFC1918 private addresses, which can mean
    different hosts in different local networks. If the routers
    obey the RFC's, they must not forward the 10 -series addresses
    if there is any hop in the public network.

    Agreed, but then they should not reply with a TCP RST, should they ?


    That's right, but it is prefectly correct to have a host
    with the targeted IP in the network he's attempting access
    from, so the SYN segment goes to a completely different
    host the OP is targeting.

    There is a clue in this direction in the trace he posted:
    the RST comes from the address he wants to connect to, but
    without the router hops he claims there are.

    The RST comes from an unprepared host or from a firewall
    which is configured to assassin TCP to unallowed ports.

    --

    -TV


    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From Pascal Hambourg@110:110/2002 to All on Sun Feb 23 23:14:58 2014
    Reply-To: pascal.news@plouf.fr.eu.org

    Tauno Voipio a ‚crit :
    On 23.2.14 20:50, Pascal Hambourg wrote:

    The 10.x.y.z are RFC1918 private addresses, which can mean
    different hosts in different local networks. If the routers
    obey the RFC's, they must not forward the 10 -series addresses
    if there is any hop in the public network.
    Agreed, but then they should not reply with a TCP RST, should they ?

    That's right, but it is prefectly correct to have a host
    with the targeted IP in the network he's attempting access
    from, so the SYN segment goes to a completely different
    host the OP is targeting.

    There is a clue in this direction in the trace he posted:
    the RST comes from the address he wants to connect to, but
    without the router hops he claims there are.

    Unlike ICMP errors, a TCP RST always appears to come from the target
    address, even when sent by an intermediate firewall. Otherwise the
    original sender would not accept it.

    The RST comes from an unprepared host or from a firewall
    which is configured to assassin TCP to unallowed ports.

    Not from the expected destination host, anyway.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: Plouf ! (110:110/2002@linuxnet)
  • From Joe Beanfish@110:110/2002 to All on Mon Feb 24 15:01:50 2014
    On Sun, 23 Feb 2014 18:33:21 +0200, Tauno Voipio wrote:

    On 23.2.14 16:55, xeon Mailinglist wrote:
    I did tcptraceroute, and I get this output. It seems that it has
    connected, but when I access the service with a browser, I get
    Connection refused.

    Am I reading right? The output got show that I connected to the
    destination?

    HadoopWorkers-rci-0:~# tcptraceroute 10.103.0.20 50070 traceroute to
    10.103.0.20 (10.103.0.20), 30 hops max, 60 byte packets
    1 HadoopWorkers-fiu-0 (10.103.0.20) <rst,ack> 1.087 ms 1.016 ms
    0.960 ms

    The target host (10.103.0.20) refused the TCP connection. Are you sure
    that there is anything listening tp port 50070?

    Perhaps the server is bound to localhost only? On the server try
    netstat -nlp |grep :50070
    to check it out.

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: A noiseless patient Spider (110:110/2002@linuxnet)
  • From Andrew Gideon@110:110/2002 to All on Wed Feb 26 14:16:10 2014
    On Sun, 23 Feb 2014 09:34:27 -0800, xeon Mailinglist wrote:

    I just can't access the service from a remote hosts.

    Try "lsof -p 50070" on the listening host. The listerer may be listening
    only on the localhost IP (or some other set of IPs not including the one
    to which you are attempting to connect).

    - Andrew

    --- MBSE BBS v1.0.1 (GNU/Linux-i386)
    * Origin: UsenetServer - www.usenetserver.com (110:110/2002@linuxnet)