Can a port be in the listen state and be closed

Servers running Debian7.7, Mongodb 1.2.0.6-1.1, Nmap6.0 – Thanks for your time.

I've user who can't connect to mongodb from his Win7 desktop. He has mongodb installed on it and he's trying to connect from the CML. There's no firewall between the two. But they are on different VLANs. The user can connect to the server using SSH.

I thought that if a port is in the listen state, it's open and could accept a connection from a client. Is that not the case?

C:\MongoDB-2.6.6\bin>mongo xxx.xx.xx.xxx -u username -p passwd
MongoDB shell version: 2.6.6
connecting to: xxx.xx.xx.xxx/test
2015-01-28T12:58:05.746-0600 warning: Failed to connect to xxx.xx.xx.xxx:27017,
reason: errno:10061 No connection could be made because the target machine actively refused it.
2015-01-28T12:58:05.747-0600 Error: couldn't connect to server xxx.xx.xx.xxx:27017 (xxx.xx.xx.xxx), 
connection attempt failed at src/mongo/shell/mongo.js:148
exception: connect failed

root@xxxxx:/# lsof -i :27017
COMMAND  PID    USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
mongod  5128 mongodb    8u  IPv4   9393      0t0  TCP localhost:27017 (LISTEN)

root@xxxxx:/# nmap -p 27017 xxx.xx.xx.xxx

Starting Nmap 6.00 ( http://nmap.org ) at 2015-01-29 11:20 CST
Nmap scan report for xxxxxx.xxxxxx.xxx (xxx.xx.xx.xxx)
Host is up (0.000031s latency).
PORT      STATE  SERVICE
27017/tcp closed unknown

Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds

Best Answer

The service is listening on the loopback adapter only. If you use the -n option to lsof (or netstat or ss), you'll see that the listening address is 127.0.0.1:27017. This means that connections made to your network IP address will not reach the listening process.

It looks like you need to set the net.bindIp configuration option.

Best Answer

Related Solutions

Windows Networking – How to Check if a Remote Port is Open Using Command Line

Linux – the maximum port number

Related Topic