I have a VM with two public IPs. I have installed OpenStack controller node on the VM. I have access from the external network to Horizon and Keystone service running on apache2 web server on ports 80 and 5000 respectively.
However when I run my Node.js Express service on port 3010 I am unable to access it from the external network. I can access it from localhost and from other VMs running on the same host.
I tried to put following rules in iptables:
sudo iptables -A INPUT -p tcp -m tcp --dport 3010 -j ACCEPT
sudo ip6tables -A INPUT -p tcp -m tcp --dport 3010 -j ACCEPT
Following is the output of sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
neutron-linuxbri-INPUT all -- anywhere anywhere
nova-api-INPUT all -- anywhere anywhere
ACCEPT tcp -- anywhere controller tcp dpt:3010
Chain FORWARD (policy ACCEPT)
target prot opt source destination
neutron-filter-top all -- anywhere anywhere
neutron-linuxbri-FORWARD all -- anywhere anywhere
nova-filter-top all -- anywhere anywhere
nova-api-FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
neutron-filter-top all -- anywhere anywhere
neutron-linuxbri-OUTPUT all -- anywhere anywhere
nova-filter-top all -- anywhere anywhere
nova-api-OUTPUT all -- anywhere anywhere
Chain neutron-filter-top (2 references)
target prot opt source destination
neutron-linuxbri-local all -- anywhere anywhere
Chain neutron-linuxbri-FORWARD (1 references)
target prot opt source destination
Chain neutron-linuxbri-INPUT (1 references)
target prot opt source destination
Chain neutron-linuxbri-OUTPUT (1 references)
target prot opt source destination
Chain neutron-linuxbri-local (1 references)
target prot opt source destination
Chain neutron-linuxbri-sg-chain (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain neutron-linuxbri-sg-fallback (0 references)
target prot opt source destination
DROP all -- anywhere anywhere /* Default drop rule for unmatched traffic. */
Chain nova-api-FORWARD (1 references)
target prot opt source destination
Chain nova-api-INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere controller tcp dpt:8775
Chain nova-api-OUTPUT (1 references)
target prot opt source destination
Chain nova-api-local (1 references)
target prot opt source destination
Chain nova-filter-top (2 references)
target prot opt source destination
nova-api-local all -- anywhere anywhere
Following is the output of sudo netstat -nap | grep 3010
tcp6 0 0 :::3010 :::* LISTEN 7538/node
which is same as sudo netstat -nap | grep 80
tcp6 0 0 :::80 :::* LISTEN 2932/apache2
which is also same as sudo netstat -nap | grep 5000
tcp6 0 0 :::5000 :::* LISTEN 2932/apache2
I can't even telnet to 3010 from the external network.
I only have access to the VM and not its host. So I cannot set any NAT or port forwarding on the host.
Also, I don't think any port forwarding rules are set for port 80 and 5000 as these services were started automatically by OpenStack after creation on VM (And I don't have access to host so I can't set these port forwarding rules myself).
The ufw is disabled as well. I checked using it sudo ufw status which shows as inactive.
I need to know what I can do to access by service running on port 3010 from the external network.