It works. In case somebody will be visiting this via a search link in the future, all I did was to add this as the first entry in /etc/hosts
0.0.0.0 lpdza1 then restart the network and the WebLogic server. These activities changed tcp 0 0 ::ffff:*127.0.0.1*:7028 :::* LISTEN to tcp 0 0 :::7028 :::* LISTEN and the final test: [root@lpdza2 ~]# nc -z -v -w 2 lpdza1 7028 Connection to lpdza1 7028 port [tcp/*] succeeded! Thank you to all who helped derive the solution. :) ciao! On Sun, Oct 21, 2012 at 12:03 AM, Anuerin Diaz <[email protected]> wrote: > I agree as this should be handled on listening service side. I found a > similar discussion in the Oracle forums[1] wherein the fix is to add a new > entry in the hosts file. Im trying that and restarting the network to see > if that will solve this issue. Thanks. > > [1] https://forums.oracle.com/forums/thread.jspa?messageID=3027685 > > > > On Sat, Oct 20, 2012 at 11:59 PM, John Homer H Alvero <[email protected] > > wrote: > >> You can give it a try. You may be in the right direction. But, I guess >> making the app listen on the right interface is a graceful solution. >> >> >> >> On Sat, Oct 20, 2012 at 11:34 PM, Anuerin Diaz <[email protected]> >> wrote: >> > Thanks John. The WebLogic is listening on the localhost interface as >> what >> > was also mentioned here[1]. My problem now is how to make that WebLogic >> > instance listen to eth0, or can I make an iptable rule to redirect all >> 7028 >> > traffic to localhost? >> > >> > [1] http://serverfault.com/a/290006 >> > >> > >> > >> > On Sat, Oct 20, 2012 at 11:29 PM, John Homer H Alvero < >> [email protected]> >> > wrote: >> >> >> >> on lpdza1, whats the output of netstat -tunlp ? check if the port is >> >> listening on the correct interface. >> >> >> >> >> >> >> >> On Sat, Oct 20, 2012 at 9:39 PM, Anuerin Diaz <[email protected]> >> wrote: >> >> > They are using bridged networking. I am using Xen and starting to >> think >> >> > maybe I should have used Virtual box instead. :| >> >> > >> >> > ciao! >> >> > >> >> > On Oct 20, 2012 8:26 PM, "Heherson Pagcaliwagan" <[email protected] >> > >> >> > wrote: >> >> >> >> >> >> How is your networking setup? Are the nodes using bridged >> networking or >> >> >> simpla NAT? >> >> >> >> >> >> Out of curiosity, what's the virt solution you are using?(i.e. kvm, >> lc, >> >> >> openvz, vmware, virtualbox, ...) >> >> >> >> >> >> --herson >> >> >> >> >> >> On Oct 20, 2012, at 6:15 PM, Anuerin Diaz <[email protected]> >> wrote: >> >> >> >> >> >> Hi, >> >> >> >> >> >> I have 2 virtualized CentOS machines (lpdza1 and lpdza2) where I >> am >> >> >> setting up clustered WebLogic nodes. The current problem I have is >> >> >> that I >> >> >> cannot make the port 7028 in lpdza1 accept external connections. >> >> >> Connection >> >> >> from within lpdza1 works but I need lpdza2 to be able to access the >> >> >> admin >> >> >> port (7028). I have tried alternately disabling iptables and >> >> >> ip6tables, as >> >> >> well as flushing and stopping them to no avail. I have also tried >> >> >> configuring and disabling them from the desktop GUI >> >> >> (Administration->Securtiy and Firewall settings, >> >> >> Administration->Services->restart). I have tried accessing from >> other >> >> >> virtual machines (Ubuntu, WindowsXP) to isolate that it is not a >> >> >> problem on >> >> >> the second machine (lpdza2). >> >> >> >> >> >> What am I missing? Below is the sequence of commands I executed >> which >> >> >> is >> >> >> based from http://wiki.centos.org/HowTos/Network/IPTables. >> >> >> >> >> >> ====================== >> >> >> >> >> >> [root@lpdza1 ~]# iptables -L >> >> >> Chain INPUT (policy ACCEPT) >> >> >> target prot opt source destination >> >> >> >> >> >> Chain FORWARD (policy ACCEPT) >> >> >> target prot opt source destination >> >> >> >> >> >> Chain OUTPUT (policy ACCEPT) >> >> >> target prot opt source destination >> >> >> >> >> >> [root@lpdza1 ~]# netstat -an | grep 7028 >> >> >> tcp 0 0 ::ffff:127.0.0.1:7028 :::* >> >> >> LISTEN >> >> >> >> >> >> [root@lpdza1 ~]# service iptables status >> >> >> Table: filter >> >> >> Chain INPUT (policy ACCEPT) >> >> >> num target prot opt source destination >> >> >> >> >> >> Chain FORWARD (policy ACCEPT) >> >> >> num target prot opt source destination >> >> >> >> >> >> Chain OUTPUT (policy ACCEPT) >> >> >> num target prot opt source destination >> >> >> >> >> >> >> >> >> [root@lpdza1 ~]# iptables -P INPUT ACCEPT >> >> >> [root@lpdza1 ~]# iptables -F >> >> >> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 7028 -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -P INPUT DROP >> >> >> [root@lpdza1 ~]# iptables -P FORWARD DROP >> >> >> [root@lpdza1 ~]# iptables -P OUTPUT ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -i lo -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -i eth0 -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -m state --state >> >> >> NEW,ESTABLISHED,RELATED -j ACCEPT >> >> >> >> >> >> [root@lpdza1 ~]# /sbin/service iptables save >> >> >> [root@lpdza1 ~]# /sbin/service iptables reload >> >> >> [root@lpdza1 ~]# /sbin/service iptables start >> >> >> >> >> >> [root@lpdza1 ~]# iptables -L -v >> >> >> Chain INPUT (policy DROP 0 packets, 0 bytes) >> >> >> pkts bytes target prot opt in out source >> >> >> destination >> >> >> 468 35641 ACCEPT tcp -- any any anywhere >> >> >> anywhere tcp dpt:ssh >> >> >> 13 708 ACCEPT tcp -- any any anywhere >> >> >> anywhere tcp dpt:7028 >> >> >> 22 1299 ACCEPT all -- lo any anywhere >> >> >> anywhere >> >> >> 733 124K ACCEPT all -- eth0 any anywhere >> >> >> anywhere >> >> >> 0 0 ACCEPT all -- any any anywhere >> >> >> anywhere state NEW,RELATED,ESTABLISHED >> >> >> >> >> >> Chain FORWARD (policy DROP 0 packets, 0 bytes) >> >> >> pkts bytes target prot opt in out source >> >> >> destination >> >> >> >> >> >> Chain OUTPUT (policy ACCEPT 1094 packets, 168K bytes) >> >> >> pkts bytes target prot opt in out source >> >> >> destination >> >> >> >> >> >> >> >> >> [root@lpdza1 ~]# ip6tables -P INPUT ACCEPT >> >> >> [root@lpdza1 ~]# ip6tables -F >> >> >> [root@lpdza1 ~]# ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT >> >> >> [root@lpdza1 ~]# ip6tables -A INPUT -p tcp --dport 7028 -j ACCEPT >> >> >> [root@lpdza1 ~]# ip6tables -P INPUT DROP >> >> >> [root@lpdza1 ~]# ip6tables -P FORWARD DROP >> >> >> [root@lpdza1 ~]# ip6tables -P OUTPUT ACCEPT >> >> >> [root@lpdza1 ~]# ip6tables -A INPUT -i lo -j ACCEPT >> >> >> [root@lpdza1 ~]# ip6tables -A INPUT -i eth0 -j ACCEPT >> >> >> [root@lpdza1 ~]# ip6tables -A INPUT -m state --state >> >> >> NEW,ESTABLISHED,RELATED -j ACCEPT >> >> >> >> >> >> [root@lpdza1 ~]# /sbin/service ip6tables save >> >> >> [root@lpdza1 ~]# /sbin/service ip6tables reload >> >> >> [root@lpdza1 ~]# /sbin/service ip6tables start >> >> >> >> >> >> [root@lpdza1 ~]# iptables -P INPUT ACCEPT >> >> >> [root@lpdza1 ~]# iptables -F >> >> >> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 7028 -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -P INPUT DROP >> >> >> [root@lpdza1 ~]# iptables -P FORWARD DROP >> >> >> [root@lpdza1 ~]# iptables -P OUTPUT ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -i lo -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -i eth0 -j ACCEPT >> >> >> [root@lpdza1 ~]# iptables -A INPUT -m state --state >> >> >> NEW,ESTABLISHED,RELATED -j ACCEPT >> >> >> >> >> >> [root@lpdza1 ~]# /sbin/service iptables save >> >> >> [root@lpdza1 ~]# /sbin/service iptables reload >> >> >> [root@lpdza1 ~]# /sbin/service iptables start >> >> >> >> >> >> >> >> >> # test from first CentOS machine >> >> >> >> >> >> [root@lpdza1 ~]# nc -zv -w 2 lpdza1 22 >> >> >> Connection to lpdza1 22 port [tcp/ssh] succeeded! >> >> >> [root@lpdza1 ~]# nc -zv -w 2 lpdza1 7028 >> >> >> Connection to lpdza1 7028 port [tcp/*] succeeded! >> >> >> >> >> >> #switch to second CentOS machine >> >> >> [adiaz@lpdza2 ~]$ ping -c 1 lpdza1 >> >> >> PING lpdza1 (192.168.122.185) 56(84) bytes of data. >> >> >> 64 bytes from lpdza1 (192.168.122.185): icmp_seq=1 ttl=64 >> time=0.567 ms >> >> >> >> >> >> [adiaz@lpdza2 ~]$ nc -zv -w 2 lpdza1 22 >> >> >> Connection to lpdza1 22 port [tcp/ssh] succeeded! >> >> >> [adiaz@lpdza2 ~]$ nc -zv -w 2 lpdza1 7028 >> >> >> nc: connect to lpdza1 port 7028 (tcp) failed: Connection refused >> >> >> >> >> >> ====================== >> >> >> >> >> >> Any pointers is very much appreciated. Thank you. >> >> >> >> >> >> ciao! >> >> >> >> >> >> -- >> >> >> "Programming, an artform that fights back" >> >> >> >> >> >> Anuerin G. Diaz >> >> >> Registered Linux User #246176 >> >> >> http://ramfree17.net/capsule , when you absolutely have nothing >> else >> >> >> better to do >> >> >> >> >> >> _________________________________________________ >> >> >> Philippine Linux Users' Group (PLUG) Mailing List >> >> >> http://lists.linux.org.ph/mailman/listinfo/plug >> >> >> Searchable Archives: http://archives.free.net.ph >> >> >> >> >> >> >> >> >> _________________________________________________ >> >> >> Philippine Linux Users' Group (PLUG) Mailing List >> >> >> http://lists.linux.org.ph/mailman/listinfo/plug >> >> >> Searchable Archives: http://archives.free.net.ph >> >> > >> >> > >> >> > _________________________________________________ >> >> > Philippine Linux Users' Group (PLUG) Mailing List >> >> > http://lists.linux.org.ph/mailman/listinfo/plug >> >> > Searchable Archives: http://archives.free.net.ph >> >> _________________________________________________ >> >> Philippine Linux Users' Group (PLUG) Mailing List >> >> http://lists.linux.org.ph/mailman/listinfo/plug >> >> Searchable Archives: http://archives.free.net.ph >> > >> > >> > >> > >> > -- >> > "Programming, an artform that fights back" >> > >> > Anuerin G. Diaz >> > Registered Linux User #246176 >> > Friendly Linux Board @ http://mandrivausers.org/index.php >> > >> > http://ramfree17.net/capsule , when you absolutely have nothing else >> better >> > to do >> > >> > _________________________________________________ >> > Philippine Linux Users' Group (PLUG) Mailing List >> > http://lists.linux.org.ph/mailman/listinfo/plug >> > Searchable Archives: http://archives.free.net.ph >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph >> > > > > -- > "Programming, an artform that fights back" > > Anuerin G. Diaz > Registered Linux User #246176 > Friendly Linux Board @ http://mandrivausers.org/index.php > http://ramfree17.net/capsule , when you absolutely have nothing else > better to do > -- "Programming, an artform that fights back" Anuerin G. Diaz Registered Linux User #246176 Friendly Linux Board @ http://mandrivausers.org/index.php http://ramfree17.net/capsule , when you absolutely have nothing else better to do
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
