Getting “Connection refused”

amazon ec2amazon-web-servicesnetworkingsecurity-groupssocket

I am running a hello-world http server on an ubuntu EC2 instance, let's say, myurl.com. I am unable to curl it from my client:

$ curl myurl.com:4296                     
curl: (7) Failed to connect to myurl.com port 4296: Connection refused

When I try to reach any other port, my connection is timed out:

$ curl myurl.com:4244                   
curl: (7) Failed to connect to myurl.com port 4244: Operation timed out

I have the following inbound rule on AWS:

I am able to curl it on the server:

$ curl localhost:4296
Hello World

My netstat:

$ netstat -a | grep 4296
tcp        0      0 localhost:4296          0.0.0.0:*               LISTEN

What am I doing wrong?

Best Answer

The process on port 4296 listens only on the localhost / 127.0.0.1 address and therefore is not accessible from outside. You have to change the configuration (or the program itself if it's one that you wrote) to listen on 0.0.0.0 - that will make it listen on all addresses.

Here's an example from my system:

~ # netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address    Foreign Address   State       PID/Program name    
tcp        0      0 0.0.0.0:22       0.0.0.0:*         LISTEN      1311/sshd           
tcp        0      0 127.0.0.1:631    0.0.0.0:*         LISTEN      1183/cupsd

Here SSH listens on port 22 on all addresses and is therefore accessible from outside (if firewall and SG permits of course).

On the other hand CUPS listens on port 631 only on the localhost (127.0.0.1) and even if firewall / SG allowed this port it wouldn't be accessible from outside.

Hope that helps :)

Best Answer

Related Solutions

Firewall – GCE firewall with Source Tags

Nginx – Port 443 set up SSL on Nginx + Ubuntu + EC2

Related Topic