Solved

2 hosts on our subnet get "Connection refused"

Posted on 2002-07-18
5
279 Views
Last Modified: 2010-04-21
2 hosts on our subnet get "Connection refused"

When th1 tries to "telnet 10.16.82.146 80" i got an error "telnet: Unable to connect to remote host: Connection refused".

-----snoop result:
On bh3 (destination host) i can't snoop anything coming in thru the interface 10.16.82.146.
On th1 i could snoop the telnet traffic

# snoop -d qfe0 -x0 10.16.82.146
Using device /dev/qfe (promiscuous mode)
stt-thorium1-be-p -> smspull-piltel-3.sgp.sonerazed.net HTTP C port=29495

           0: 0800 20c8 6bf5 0800 20c7 7f58 0800 4500    .. .kõ.. ..X..E.
          16: 002c 26b3 4000 ff06 9c34 0a10 5232 0a10    .,&.@....4..R2..
          32: 5292 7337 0050 bd2c c115 0000 0000 6002    R.s7.P.,......`.
          48: 832c 6a4c 0000 0204 05b4                   .,jL......

smspull-piltel-3.sgp.sonerazed.net -> stt-thorium1-be-p HTTP R port=29495

           0: 0800 20c7 7f58 0800 20c8 6bf5 0800 4500    .. ..X.. .kõ..E.
          16: 0028 6e09 4000 ff06 54e2 0a10 5292 0a10    .(n.@...T...R...
          32: 5232 0050 7337 0000 0000 bd2c c116 5014    R2.Ps7.....,..P.
          48: 0000 0522 0000 5555 5555 5555              ..."..UUUUUU




-----Interfaces involved:
The relevant interface on Host "th1" is

qfe0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
        inet 10.16.82.50 netmask fffffe00 broadcast 10.16.83.255


The relevant interface on Host "bh3" is

qfe0:17: flags=843<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet 10.16.82.146 netmask fffffe00 broadcast 10.16.83.255
0
Comment
Question by:eng40490
5 Comments
 

Expert Comment

by:bluez
ID: 7166760
I suggest this a possible framing issue /transport problem
Your ip looks ok you are on a /23 subnet
Telnet uses tcp and ip. connection refused on port 80 is at layer 4.  Check the duplexing of the nic, do not use auto change to 10/half
Also check the www port is 80 and not spoofing for eg 8080
tcp/ip is probably not binding correctly to the card.
you could try another card remove the card relink and add a new card.
do this first
#btmnt -w
cd /stand
cp unix unix.good
cd
btmnt -d
This will give you a good kernel
I hope this helps. If you have a packet analyzer you could capture some frames and check that encapsulation i correct
for example.
Flags: 0x80 802.3
Status 0.00
Packet Length:64
....
...etc.
What you are looking for is www encapsulation and source and destination address, what is more important is the frames FROM your destination address this will show the dynamic port and connection refused on port 80
0
 
LVL 3

Expert Comment

by:gandalf94305
ID: 7166808
Very dumb question: are you sure there is a web service running on port 80 on bh3?

If so, is there a firewall active on that host, causing connection refused for unauthorized clients? Does ping work both ways (th1 to bh3 and bh3 to th1)?

To rule out networking issues, try connecting to a different port on bh3 or try doing a reverse connection from bh3 to th1 (some port, e.g., plain telnet). If that succeeds, check netstat -an on bh3 to make sure the service is properly bound to the correct IP address *AND* port. A web service may be running but just bind to 127.0.0.1:80, thus not be available under the LAN address.

If that still doesn't give you any clue, check if there is IKE, SKIP or some other form of encryption running on your network interfaces. This normally denies connections if the other host does not talk encrypted or if it simply refuses connections.

That's my ideas on the topic. I'm curious to hear what the problem was :-).

Cheers,
--gandalf.
0
 

Author Comment

by:eng40490
ID: 7168533
working now. will update you if i find out what happened.
0
 
LVL 21

Expert Comment

by:tfewster
ID: 7921606
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- PAQ & refund points

Please leave any comments here within the next 7 days

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster
Cleanup Volunteer
0
 

Accepted Solution

by:
SpideyMod earned 0 total points
ID: 7967229
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question