Solved

2 hosts on our subnet get "Connection refused"

Posted on 2002-07-18
5
273 Views
Last Modified: 2010-04-21
2 hosts on our subnet get "Connection refused"

When th1 tries to "telnet 10.16.82.146 80" i got an error "telnet: Unable to connect to remote host: Connection refused".

-----snoop result:
On bh3 (destination host) i can't snoop anything coming in thru the interface 10.16.82.146.
On th1 i could snoop the telnet traffic

# snoop -d qfe0 -x0 10.16.82.146
Using device /dev/qfe (promiscuous mode)
stt-thorium1-be-p -> smspull-piltel-3.sgp.sonerazed.net HTTP C port=29495

           0: 0800 20c8 6bf5 0800 20c7 7f58 0800 4500    .. .kõ.. ..X..E.
          16: 002c 26b3 4000 ff06 9c34 0a10 5232 0a10    .,&.@....4..R2..
          32: 5292 7337 0050 bd2c c115 0000 0000 6002    R.s7.P.,......`.
          48: 832c 6a4c 0000 0204 05b4                   .,jL......

smspull-piltel-3.sgp.sonerazed.net -> stt-thorium1-be-p HTTP R port=29495

           0: 0800 20c7 7f58 0800 20c8 6bf5 0800 4500    .. ..X.. .kõ..E.
          16: 0028 6e09 4000 ff06 54e2 0a10 5292 0a10    .(n.@...T...R...
          32: 5232 0050 7337 0000 0000 bd2c c116 5014    R2.Ps7.....,..P.
          48: 0000 0522 0000 5555 5555 5555              ..."..UUUUUU




-----Interfaces involved:
The relevant interface on Host "th1" is

qfe0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
        inet 10.16.82.50 netmask fffffe00 broadcast 10.16.83.255


The relevant interface on Host "bh3" is

qfe0:17: flags=843<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet 10.16.82.146 netmask fffffe00 broadcast 10.16.83.255
0
Comment
Question by:eng40490
5 Comments
 

Expert Comment

by:bluez
ID: 7166760
I suggest this a possible framing issue /transport problem
Your ip looks ok you are on a /23 subnet
Telnet uses tcp and ip. connection refused on port 80 is at layer 4.  Check the duplexing of the nic, do not use auto change to 10/half
Also check the www port is 80 and not spoofing for eg 8080
tcp/ip is probably not binding correctly to the card.
you could try another card remove the card relink and add a new card.
do this first
#btmnt -w
cd /stand
cp unix unix.good
cd
btmnt -d
This will give you a good kernel
I hope this helps. If you have a packet analyzer you could capture some frames and check that encapsulation i correct
for example.
Flags: 0x80 802.3
Status 0.00
Packet Length:64
....
...etc.
What you are looking for is www encapsulation and source and destination address, what is more important is the frames FROM your destination address this will show the dynamic port and connection refused on port 80
0
 
LVL 3

Expert Comment

by:gandalf94305
ID: 7166808
Very dumb question: are you sure there is a web service running on port 80 on bh3?

If so, is there a firewall active on that host, causing connection refused for unauthorized clients? Does ping work both ways (th1 to bh3 and bh3 to th1)?

To rule out networking issues, try connecting to a different port on bh3 or try doing a reverse connection from bh3 to th1 (some port, e.g., plain telnet). If that succeeds, check netstat -an on bh3 to make sure the service is properly bound to the correct IP address *AND* port. A web service may be running but just bind to 127.0.0.1:80, thus not be available under the LAN address.

If that still doesn't give you any clue, check if there is IKE, SKIP or some other form of encryption running on your network interfaces. This normally denies connections if the other host does not talk encrypted or if it simply refuses connections.

That's my ideas on the topic. I'm curious to hear what the problem was :-).

Cheers,
--gandalf.
0
 

Author Comment

by:eng40490
ID: 7168533
working now. will update you if i find out what happened.
0
 
LVL 20

Expert Comment

by:tfewster
ID: 7921606
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- PAQ & refund points

Please leave any comments here within the next 7 days

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster
Cleanup Volunteer
0
 

Accepted Solution

by:
SpideyMod earned 0 total points
ID: 7967229
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now