0

On my host Ubuntu 18.04 I am running two lxc containers using default setups. Containers use Ubuntu 18.04 as well. I have an app running on container1 that offers an https based service on https://localhost:3000/. Container2 is not able to even establish a connection with container1.

Container2 can ping container1 and read the html of the default Apache2 server running on localhost (for container1). Testing with netcat, I can establish connection with a few main ports, however I get connection refused for port 3000.

root@c2:~# nc -zv c1 22
Connection to c1 22 port [tcp/ssh] succeeded!
root@c2:~# nc -zv c1 80
Connection to c1 80 port [tcp/http] succeeded!
root@c2:~# nc -zv c1 443
nc: connect to c1 port 443 (tcp) failed: Connection refused
nc: connect to c1 port 443 (tcp) failed: Connection refused
root@c2:~# nc -zv c1 3000
nc: connect to c1 port 3000 (tcp) failed: Connection refused
nc: connect to c1 port 3000 (tcp) failed: Connection refused

The same situation applies between my host and any of my containers. Only ports 22 and 80 seem to be reachable by default. I tried enabling ufw on all containers, but it still doesnt work out:

root@c1:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
22/tcp                     ALLOW       Anywhere                  
22                         ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
873                        ALLOW       Anywhere                  
3000                       ALLOW       Anywhere                  
Anywhere on eth0@if16      ALLOW       Anywhere                  
Apache                     ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
20                         ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
22/tcp (v6)                ALLOW       Anywhere (v6)             
22 (v6)                    ALLOW       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             
873 (v6)                   ALLOW       Anywhere (v6)             
3000 (v6)                  ALLOW       Anywhere (v6)             
Anywhere (v6) on eth0@if16 ALLOW       Anywhere (v6)             
Apache (v6)                ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)             
20 (v6)                    ALLOW       Anywhere (v6)             

Anywhere                   ALLOW OUT   Anywhere on eth0@if16     
Anywhere (v6)              ALLOW OUT   Anywhere (v6) on eth0@if16

Even testing via curl clearly shows me that port connection is closed and thats the issue:

root@c2:~# curl https://10.155.120.175:3000/
curl: (7) Failed to connect to 10.155.120.175 port 3000: Connection refused

I have been stuck in this issue for a week, can anyone help me troubleshoot this?

Mnemosyne
  • 127
  • 5
  • Please show the listening ports. `connection refused` usually indicates that it's not a firewall problem, but rather that nothing is listening on that port. Maybe your application is bound to the wrong port or the wrong interface. – Gerald Schneider Nov 19 '21 at 19:20

0 Answers0