“Connection refused” vs “No route to host”
2016-03-25 15:16
337 查看
曾经在http://blog.csdn.net/bisal/article/details/42496583这篇博文中提到一个端口连接的验证:
“ora10g@localhost.localdomain$telnet 172.101.19.57 1521
Trying 172.101.19.57...
telnet: connect to address 172.101.19.57: No route to host
如果端口未开,实际报错:
ora10g@localhost.localdomain$telnet 172.27.19.56 1521
Trying 172.27.19.56...
telnet: connect to address 172.27.19.56: Connection refused
是不是防火墙的问题???
从数据库服务器关闭防火墙:
[root@dcsopen2Node ~]# service iptables stop
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: nat mangle filter [ OK ]
iptables: Unloading modules: [ OK ]
再从远程机器执行:
ora10g@localhost.localdomain$telnet 172.101.19.571521
Trying 172.101.19.57...
Connected to 172.101.19.57.
Escape character is '^]'.
说明端口已开,更重要的是,明确了,就是防火墙问题。”
通过实验再次说明下“Connection refused”和“No route to host”的区别和问题诊断思路。
首先,网上有篇帖子说明“Connection refused” vs “No route to host”(http://superuser.com/questions/720851/connection-refused-vs-no-route-to-host):
"Connection refused" means that the target machine actively rejected the connection. With port 80 as the context, one of the following things is likely the reason:
Nothing is listening on 127.0.0.1:80 and 132.70.6.157:80
Nothing is listening on *:80
The firewall is blocking the connection with REJECT
So check your Apache and iptables config.
"No route to host" refers to a network problem. It is not a reply from the target machine.
说的是“Connection refused”是目标主机明确拒绝了这次连接,有可能是该端口没有启动监听,或者因为防火墙。“No route to host”则可能是一个网络问题,不是目标主机的回复。
一个实验模拟:
客户端机器ip:172.1.1.1
目标机ip:172.1.2.1
1. 从客户端telnet目标机的一个已启动端口1521,但防火墙中未添加例外。
从172.1.1.1 telnet 172.1.2.1 1521,提示no route to host。
Trying 172.1.2.1...
telnet: connect to address 172.1.2.1: No route to host
在防火墙配置中iptables添加1521端口,telnet正常。
2. 从客户端telnet目标机的一个未启动监听的端口
172.1.2.1的10001端口没有启用,netstat -an | grep 10001不存在。
从172.1.1.1 telnet 172.1.2.1 10001,提示connection refused。
Trying 172.1.2.1...
telnet: connect to address 172.1.2.1: Connection refused
结论:说明No route to host是防火墙的返回,先经过防火墙,不管端口有没有。然后如果通过了防火墙,但监听未启动,则提示Connection refused的错误。
“ora10g@localhost.localdomain$telnet 172.101.19.57 1521
Trying 172.101.19.57...
telnet: connect to address 172.101.19.57: No route to host
如果端口未开,实际报错:
ora10g@localhost.localdomain$telnet 172.27.19.56 1521
Trying 172.27.19.56...
telnet: connect to address 172.27.19.56: Connection refused
是不是防火墙的问题???
从数据库服务器关闭防火墙:
[root@dcsopen2Node ~]# service iptables stop
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: nat mangle filter [ OK ]
iptables: Unloading modules: [ OK ]
再从远程机器执行:
ora10g@localhost.localdomain$telnet 172.101.19.571521
Trying 172.101.19.57...
Connected to 172.101.19.57.
Escape character is '^]'.
说明端口已开,更重要的是,明确了,就是防火墙问题。”
通过实验再次说明下“Connection refused”和“No route to host”的区别和问题诊断思路。
首先,网上有篇帖子说明“Connection refused” vs “No route to host”(http://superuser.com/questions/720851/connection-refused-vs-no-route-to-host):
"Connection refused" means that the target machine actively rejected the connection. With port 80 as the context, one of the following things is likely the reason:
Nothing is listening on 127.0.0.1:80 and 132.70.6.157:80
Nothing is listening on *:80
The firewall is blocking the connection with REJECT
So check your Apache and iptables config.
"No route to host" refers to a network problem. It is not a reply from the target machine.
说的是“Connection refused”是目标主机明确拒绝了这次连接,有可能是该端口没有启动监听,或者因为防火墙。“No route to host”则可能是一个网络问题,不是目标主机的回复。
一个实验模拟:
客户端机器ip:172.1.1.1
目标机ip:172.1.2.1
1. 从客户端telnet目标机的一个已启动端口1521,但防火墙中未添加例外。
从172.1.1.1 telnet 172.1.2.1 1521,提示no route to host。
Trying 172.1.2.1...
telnet: connect to address 172.1.2.1: No route to host
在防火墙配置中iptables添加1521端口,telnet正常。
2. 从客户端telnet目标机的一个未启动监听的端口
172.1.2.1的10001端口没有启用,netstat -an | grep 10001不存在。
从172.1.1.1 telnet 172.1.2.1 10001,提示connection refused。
Trying 172.1.2.1...
telnet: connect to address 172.1.2.1: Connection refused
结论:说明No route to host是防火墙的返回,先经过防火墙,不管端口有没有。然后如果通过了防火墙,但监听未启动,则提示Connection refused的错误。
相关文章推荐
- PAT (Advanced Level) Practise 1086 Tree Traversals Again (25)
- github初步使用
- MagicalRecord的拖入工程文件时报错MagicalRecord/MagicalRecordDeprecationMacros.h file not find。
- Http、TCP/IP协议与Socket之间的区别(转载)
- css读书笔记4:字体和文本
- ip地址的组成(网络位+主机位)
- C# Activator.CreateInstance()方法使用
- 导数据问题汇总
- 浅析通用爬虫软件—— 集搜客与八爪鱼采集器
- Step by Step - Exchange 2013 Email Message Size Restriction Detail
- 父类和子类 同名成员变量和静态成员变量
- Bzoj3589:动态树:树链剖分+容斥原理+树链的并
- 庆祝三周年:Docker 推出面向 Mac/Windows 平台的测试版
- Launcher3 翻页动画详解与修改
- 二叉树的深度优先遍历和广度优先遍历
- linux下top命令参数解释+free -m
- IDEA 错误: 找不到符号
- 关于sqlite数据库的优化
- JSF学习五Ajax
- 机器学习&数据挖掘笔记_16(常见面试之机器学习算法思想简单梳理) 常用模型汇总