Amazon AWS EC2 ports: connection refused

StackOverflow https://stackoverflow.com/questions/22334003

Question

I have just created an EC2 instance on a brand new AWS account, behind a security group, and loaded some software on it. I am running Sinatra on the machine on port 4567 (currently), and have opened that port in my security group to whole world. Further, I am able to ssh into the EC2 instance, but I cannot connect on port 4567. I am using the public IP to connect:

shakuras:~ tyler$ curl **.***.**.***:22
SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1
curl: (56) Recv failure: Connection reset by peer
shakuras:~ tyler$ curl **.***.**.***:4567
curl: (7) Failed connect to **.***.**.***:4567; Connection refused

But my webserver is running, since I can see the site when I curl from localhost:

ubuntu@ip-172-31-8-160:~$ curl localhost:4567
Hello world! Welcome

I thought it might be the firewall but I ran iptables and got: 

ubuntu@ip-172-31-8-160:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I'm pretty lost on what is going on here. Why can't I connect from the outside world?

Was it helpful?

Solution 2

This sounds like issue with the Sinatra binding. Could check this and this and even this link which talks about binding Sinatra to all IP addresses.

OTHER TIPS

Are you sure that the web server is listening on other interfaces than localhost? Check the output of netstat -an | grep 4567

If it isn't listening on 0.0.0.0 then that is the cause.

You are listening on 127.0.0.1 based on your netstat command. This is what the output should be something like this:

tcp        0      0 :::8080                     :::*                        LISTEN

Can you post your Sinatra configs? What are you using to start it ?

This doesnot work on a simple Amazon AMI , with installation as shown in http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-install.html

Step 1 , 2, 3 works (agent installation and starting demon ) as shown

[ec2-user@ip-<ip> ~]$ curl http://localhost:51678/v1/metadata
curl: (7) Failed to connect to localhost port 51678: Connection refused

infact netstat shows some listening tcp ports but one able to connect , definitely not 51678 tcp .

If you're using Amazon EC2 and make sure that you have security rule in Custom TCP for 0.0.0.0 in security groups, and still can't connect; try adding 0.0.0.0 to first line of the /etc/hosts by

sudo vim /etc/hosts
//or
sudo nano /etc/hosts

add space to the last ip on the first line, and it should look like

127.0.0.1 localhost 0.0.0.0

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top