?
Solved

2 hosts on our subnet get "Connection refused"

Posted on 2002-07-18
5
Medium Priority
?
283 Views
Last Modified: 2010-04-21
2 hosts on our subnet get "Connection refused"

When th1 tries to "telnet 10.16.82.146 80" i got an error "telnet: Unable to connect to remote host: Connection refused".

-----snoop result:
On bh3 (destination host) i can't snoop anything coming in thru the interface 10.16.82.146.
On th1 i could snoop the telnet traffic

# snoop -d qfe0 -x0 10.16.82.146
Using device /dev/qfe (promiscuous mode)
stt-thorium1-be-p -> smspull-piltel-3.sgp.sonerazed.net HTTP C port=29495

           0: 0800 20c8 6bf5 0800 20c7 7f58 0800 4500    .. .kõ.. ..X..E.
          16: 002c 26b3 4000 ff06 9c34 0a10 5232 0a10    .,&.@....4..R2..
          32: 5292 7337 0050 bd2c c115 0000 0000 6002    R.s7.P.,......`.
          48: 832c 6a4c 0000 0204 05b4                   .,jL......

smspull-piltel-3.sgp.sonerazed.net -> stt-thorium1-be-p HTTP R port=29495

           0: 0800 20c7 7f58 0800 20c8 6bf5 0800 4500    .. ..X.. .kõ..E.
          16: 0028 6e09 4000 ff06 54e2 0a10 5292 0a10    .(n.@...T...R...
          32: 5232 0050 7337 0000 0000 bd2c c116 5014    R2.Ps7.....,..P.
          48: 0000 0522 0000 5555 5555 5555              ..."..UUUUUU




-----Interfaces involved:
The relevant interface on Host "th1" is

qfe0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
        inet 10.16.82.50 netmask fffffe00 broadcast 10.16.83.255


The relevant interface on Host "bh3" is

qfe0:17: flags=843<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet 10.16.82.146 netmask fffffe00 broadcast 10.16.83.255
0
Comment
Question by:eng40490
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 

Expert Comment

by:bluez
ID: 7166760
I suggest this a possible framing issue /transport problem
Your ip looks ok you are on a /23 subnet
Telnet uses tcp and ip. connection refused on port 80 is at layer 4.  Check the duplexing of the nic, do not use auto change to 10/half
Also check the www port is 80 and not spoofing for eg 8080
tcp/ip is probably not binding correctly to the card.
you could try another card remove the card relink and add a new card.
do this first
#btmnt -w
cd /stand
cp unix unix.good
cd
btmnt -d
This will give you a good kernel
I hope this helps. If you have a packet analyzer you could capture some frames and check that encapsulation i correct
for example.
Flags: 0x80 802.3
Status 0.00
Packet Length:64
....
...etc.
What you are looking for is www encapsulation and source and destination address, what is more important is the frames FROM your destination address this will show the dynamic port and connection refused on port 80
0
 
LVL 3

Expert Comment

by:gandalf94305
ID: 7166808
Very dumb question: are you sure there is a web service running on port 80 on bh3?

If so, is there a firewall active on that host, causing connection refused for unauthorized clients? Does ping work both ways (th1 to bh3 and bh3 to th1)?

To rule out networking issues, try connecting to a different port on bh3 or try doing a reverse connection from bh3 to th1 (some port, e.g., plain telnet). If that succeeds, check netstat -an on bh3 to make sure the service is properly bound to the correct IP address *AND* port. A web service may be running but just bind to 127.0.0.1:80, thus not be available under the LAN address.

If that still doesn't give you any clue, check if there is IKE, SKIP or some other form of encryption running on your network interfaces. This normally denies connections if the other host does not talk encrypted or if it simply refuses connections.

That's my ideas on the topic. I'm curious to hear what the problem was :-).

Cheers,
--gandalf.
0
 

Author Comment

by:eng40490
ID: 7168533
working now. will update you if i find out what happened.
0
 
LVL 21

Expert Comment

by:tfewster
ID: 7921606
No comment has been added lately, so it's time to clean up this Topic Area.
I will leave a recommendation for this question in the Cleanup topic area as follows:

- PAQ & refund points

Please leave any comments here within the next 7 days

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

tfewster
Cleanup Volunteer
0
 

Accepted Solution

by:
SpideyMod earned 0 total points
ID: 7967229
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month11 days, 9 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question