Tjyylli

How can I make names more distinctive without making them longer?

How to align text above triangle figure

What would be the ideal power source for a cybernetic eye?

How widely used is the term Treppenwitz? Is it something that most Germans know?

In predicate logic, does existential quantification (∃) include universal quantification (∀), i.e. can 'some' imply 'all'?

What is the logic behind the Maharil's explanation of why we don't say שעשה ניסים on Pesach?

Why did the Falcon Heavy center core fall off the ASDS OCISLY barge?

51k Euros annually for a family of 4 in Berlin: Is it enough?

Error "illegal generic type for instanceof" when using local classes

Can a non-EU citizen traveling with me come with me through the EU passport line?

What's the purpose of writing one's academic biography in the third person?

Why are Kinder Surprise Eggs illegal in the USA?

Why is my conclusion inconsistent with the van't Hoff equation?

What causes the vertical darker bands in my photo?

What's the meaning of 間時肆拾貳 at a car parking sign

What does "fit" mean in this sentence?

Is the Standard Deduction better than Itemized when both are the same amount?

How do pianists reach extremely loud dynamics?

How to bypass password on Windows XP account?

How come Sam didn't become Lord of Horn Hill?

Bete Noir -- no dairy

Fundamental Solution of the Pell Equation

The logistics of corpse disposal

2001: A Space Odyssey's use of the song "Daisy Bell" (Bicycle Built for Two); life imitates art or vice-versa?

Why only part of ports on my machine can be reached from external ip?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}

1

I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.

Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.

The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.

So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.

os: centos7

firewall: off

network: ok

tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    

tcp        0      0 0.0.0.0:5601            0.0.0.0:*               LISTEN      6121/./bin/../node/   

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1403/sshd           

tcp6       0      0 :::443                  :::*                    LISTEN      18807/docker-pro    

tcp6       0      0 :::10460                :::*                    LISTEN      3966/docker-proxy-c    

tcp6       0      0 :::10430                :::*                    LISTEN      4552/docker-proxy-c



telnet 114.116.X.X 10450 

Trying 114.116.X.X...    

Connected to 114.116.X.X.

Escape character is '^]'.   



telnet 114.116.X.X 5601 

Trying 114.116.X.X...

just won't work for 5601 and 2700.

networking telnet netstat

share|improve this question

edited 18 hours ago

grawity

244k37515576

asked 18 hours ago

J.benJ.ben

84

New contributor

J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)
  
  – grawity
  18 hours ago
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?
  
  – J.ben
  17 hours ago
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?
  
  – J.ben
  15 hours ago
  
  
  

  
  
  
  

add a comment | 

1

I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.

Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.

The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.

So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.

os: centos7

firewall: off

network: ok

tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    

tcp        0      0 0.0.0.0:5601            0.0.0.0:*               LISTEN      6121/./bin/../node/   

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1403/sshd           

tcp6       0      0 :::443                  :::*                    LISTEN      18807/docker-pro    

tcp6       0      0 :::10460                :::*                    LISTEN      3966/docker-proxy-c    

tcp6       0      0 :::10430                :::*                    LISTEN      4552/docker-proxy-c



telnet 114.116.X.X 10450 

Trying 114.116.X.X...    

Connected to 114.116.X.X.

Escape character is '^]'.   



telnet 114.116.X.X 5601 

Trying 114.116.X.X...

just won't work for 5601 and 2700.

networking telnet netstat

share|improve this question

edited 18 hours ago

grawity

244k37515576

asked 18 hours ago

J.benJ.ben

84

New contributor

J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Is the IP address attached to a router, or directly to this machine? (i.e. does it show up in ip addr of this machine or not?)
  
  – grawity
  18 hours ago
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @grawity Hi, the IP address (114.116.x.x) does not show up in ip addr, the remote machine is a cloud server like AWS. so i think it's attached to a router?
  
  – J.ben
  17 hours ago
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @grawity Hi again, since you mentioned router, i went to the manager and talked about this. He told me yes that he restricts all the ports exposed from the cloud server regardless of my firewalls off. After he opened those ports for me, i think this problem will be sovled. So thank you for your advice and the editing and the encouraging reputation, it helps a lot. Would you like to fill the answer so i can accept it?
  
  – J.ben
  15 hours ago
  
  
  

  
  
  
  

add a comment | 

I'm trying to achieve my remote service with port 5601. But unfortunately i can't open the website.

Here is something i tried to find out why it's not working:

I logged in remote server and tried "telnet localhost 5601" and "telnet 192.168.x.x 5601", it works fine.

But "telnet 114.116.x.x 5601" failed.

The remote server i use is a cloud server and i can reach it using ssh. And i also checked some of my docker service with port (10450, 10460...), the result is they can be reached using external ip.
SO maybe the problem is on 5601 service. And then i write a little helloworld web program with listening host "0.0.0.0:2700" to find out. turns out it cannot be reached from external ip neither.

So is there something wrong with my service or my network? If there is, how can i fix it? Really appreciated.

os: centos7

firewall: off

network: ok

tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    

tcp        0      0 0.0.0.0:5601            0.0.0.0:*               LISTEN      6121/./bin/../node/   

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1403/sshd           

tcp6       0      0 :::443                  :::*                    LISTEN      18807/docker-pro    

tcp6       0      0 :::10460                :::*                    LISTEN      3966/docker-proxy-c    

tcp6       0      0 :::10430                :::*                    LISTEN      4552/docker-proxy-c



telnet 114.116.X.X 10450 

Trying 114.116.X.X...    

Connected to 114.116.X.X.

Escape character is '^]'.   



telnet 114.116.X.X 5601 

Trying 114.116.X.X...

just won't work for 5601 and 2700.

networking telnet netstat

share|improve this question

edited 18 hours ago

grawity

244k37515576

asked 18 hours ago

J.benJ.ben

84

New contributor

J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

tcp        0      0 0.0.0.0:2700            0.0.0.0:*               LISTEN      6438/python    

tcp        0      0 0.0.0.0:5601            0.0.0.0:*               LISTEN      6121/./bin/../node/   

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1403/sshd           

tcp6       0      0 :::443                  :::*                    LISTEN      18807/docker-pro    

tcp6       0      0 :::10460                :::*                    LISTEN      3966/docker-proxy-c    

tcp6       0      0 :::10430                :::*                    LISTEN      4552/docker-proxy-c



telnet 114.116.X.X 10450 

Trying 114.116.X.X...    

Connected to 114.116.X.X.

Escape character is '^]'.   



telnet 114.116.X.X 5601 

Trying 114.116.X.X...

share|improve this question

edited 18 hours ago

grawity

244k37515576

asked 18 hours ago

J.benJ.ben

84

New contributor

J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

edited 18 hours ago

grawity

244k37515576

asked 18 hours ago

J.benJ.ben

84

New contributor

J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

edited 18 hours ago

grawity

244k37515576

edited 18 hours ago

grawity

244k37515576

asked 18 hours ago

J.benJ.ben

84

New contributor

J.ben is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 18 hours ago

J.benJ.ben

84

1 Answer
1

active

oldest

votes

1

the IP address (114.116.x.x) does not show up in ip addr,

Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)

(This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)

share|improve this answer

answered 15 hours ago

grawitygrawity

244k37515576

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

J.ben is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1425969%2fwhy-only-part-of-ports-on-my-machine-can-be-reached-from-external-ip%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

1

the IP address (114.116.x.x) does not show up in ip addr,

Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)

(This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)

share|improve this answer

answered 15 hours ago

grawitygrawity

244k37515576

add a comment | 

1

the IP address (114.116.x.x) does not show up in ip addr,

Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)

(This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)

share|improve this answer

answered 15 hours ago

grawitygrawity

244k37515576

add a comment | 

the IP address (114.116.x.x) does not show up in ip addr,

Then it's not actually the machine's IP address – it belongs to some sort of NAT gateway. This means that telnet 114.116.x.x is not a simple loopback connection, but actually goes out to the network and is returned back by a router, which can have its own firewall and enforce packet filtering. (As you've eventually found out.)

(This might also indicate that the server is behind 1:many NAT (as in home LANs), in which case the blocking doesn't need to be deliberate, as the router doesn't even know which server is supposed to receive packets unless "port forwarding" rules are manually created.)

share|improve this answer

answered 15 hours ago

grawitygrawity

244k37515576

share|improve this answer

answered 15 hours ago

grawitygrawity

244k37515576

answered 15 hours ago

grawitygrawity

244k37515576

answered 15 hours ago

grawitygrawity

244k37515576