But if I change the cmd to "ncat -l 443 -k -c 'xargs -n1 echo'", test results changed.
<https://lh3.googleusercontent.com/-IlggJCc8qPA/V2134XVqCUI/AAAAAAAAAGU/NejEJWbYn4Msun_hBrzZiOigHSmYil9lQCLcB/s1600/ncat443.PNG> from one US machine, got this. <https://lh3.googleusercontent.com/-nDdiYI11g9w/V214CL4_EoI/AAAAAAAAAGc/txdzJT62kU41q_0IPUtHmSvyj0KZ3X1agCLcB/s1600/telnet443fromUSmachine.PNG> from one China machine, got this. <https://lh3.googleusercontent.com/-p8H5vlpUAqI/V214WQtbmpI/AAAAAAAAAGk/Ypa3xoFp7D8pybjJYKH_Zew5GgTQ-1nPQCLcB/s1600/SG.png> I was wondering is this behavior related to AWS China restrictions that we cannot control? Brant On Saturday, June 25, 2016 at 1:37:55 AM UTC+8, Brant Fortest wrote: > > telnet from one US machine. > > > <https://lh3.googleusercontent.com/-K3xJV3d8wcE/V21u9VmUV9I/AAAAAAAAAFk/FgxDuT-bzGwG8EjPJt8boQhBumoH44vtgCLcB/s1600/telnet80_2.PNG> > > telnet from China. > > > <https://lh3.googleusercontent.com/-skzhAYmjGBU/V21vwLan4KI/AAAAAAAAAF0/aOnXVI_KahE3n1l8CBR20AGsvpGpqz3OwCLcB/s1600/SG.png> > > > Strange! > > On Saturday, June 25, 2016 at 1:30:41 AM UTC+8, Marc O'Brien wrote: >> >> Hi Brant, >> >> Telnet still fails for me: >> >> >> Many thanks, >> Wm. Marc O'Brien >> Scalr Technical Support >> >> >> On Friday, June 24, 2016 at 11:27:44 AM UTC-6, Brant Fortest wrote: >>> >>> Seems fine to telnet 54.222.154.149 80. Please have a try. Thanks! >>> >>> >>> <https://lh3.googleusercontent.com/-orQDsI2L7u8/V21tMcuKWHI/AAAAAAAAAFQ/Zk2MKeg22-gFQ-Q_GlKhHbqbby2pkHKJwCLcB/s1600/telnet80.PNG> >>> >>> Brant >>> >>> On Saturday, June 25, 2016 at 1:13:58 AM UTC+8, Daniele Testa wrote: >>>> >>>> Please stop all scalr services with "scalr-server-manage stop all" >>>> Then start a simple echo server. Something like this: >>>> >>>> ncat -l 80 -k -c 'xargs -n1 echo' >>>> >>>> Then try to telnet to port 80. If you still can't connect, you have a >>>> firewall issue. >>>> >>>> >>>> On Fri, Jun 24, 2016 at 8:06 PM, Brant Fortest <[email protected]> >>>> wrote: >>>> >>>>> In my condition, >>>>> "#{app_server_ip}/32" is '54.222.154.149'/32 >>>>> "#{worker_server_ip}/32" is '54.222.154.88'/32 >>>>> >>>>> >>>>> >>>>> On Saturday, June 25, 2016 at 12:52:46 AM UTC+8, Marc O'Brien wrote: >>>>>> >>>>>> Hi Brant, >>>>>> >>>>>> It also looks like you may have the following configuration value >>>>>> commented out: app[:ip_ranges] = ["#{app_server_ip}/32", >>>>>> "#{worker_server_ip}/32",] >>>>>> >>>>>> Many thanks, >>>>>> Wm. Marc O'Brien >>>>>> Scalr Technical Support >>>>>> >>>>>> On Friday, June 24, 2016 at 10:46:29 AM UTC-6, Marc O'Brien wrote: >>>>>>> >>>>>>> Hi Brant, >>>>>>> >>>>>>> If you are having the same behavior it is likely that there is >>>>>>> either a networking problem or an app server service config problem. >>>>>>> As a >>>>>>> first step you may want to verify what services are listening on what >>>>>>> ports >>>>>>> on this app server with netstat. >>>>>>> >>>>>>> Many thanks, >>>>>>> Wm. Marc O'Brien >>>>>>> Scalr Technical Support >>>>>>> >>>>>>> On Friday, June 24, 2016 at 10:32:20 AM UTC-6, Brant Fortest wrote: >>>>>>>> >>>>>>>> Hi, Marc, >>>>>>>> Thanks for your quick reply. >>>>>>>> I did open both 80/443. >>>>>>>> Telnet 54.222.154.149 80/443 isn't working here for me as well. >>>>>>>> But on 172 is fine. >>>>>>>> >>>>>>>> Any other tips? Thanks! >>>>>>>> >>>>>>>> Brant >>>>>>>> >>>>>>>> On Saturday, June 25, 2016 at 12:26:23 AM UTC+8, Marc O'Brien wrote: >>>>>>>>> >>>>>>>>> Hi Brant, >>>>>>>>> >>>>>>>>> Telnet to port 80 on host 54.222.154.149 fails. You may need to >>>>>>>>> open your security group firewall rules to allow HTTP traffic on this >>>>>>>>> public interface. >>>>>>>>> >>>>>>>>> Many thanks, >>>>>>>>> Wm. Marc O'Brien >>>>>>>>> Scalr Technical Support >>>>>>>>> >>>>>>>>> >>>>>>>>> On Friday, June 24, 2016 at 10:21:12 AM UTC-6, Brant Fortest wrote: >>>>>>>>>> >>>>>>>>>> Hi, Team, >>>>>>>>>> I just set up a "4-server Scalr >>>>>>>>>> <https://github.com/scalr-tutorials/scalr-server-configuration/tree/master/4-server>" >>>>>>>>>> >>>>>>>>>> server stack in aws, but it is only available by accessing it's >>>>>>>>>> private IP >>>>>>>>>> - 172.*.*.* , unavailable by it's public IP. >>>>>>>>>> Anything went wrong? >>>>>>>>>> You can have a try on https://54.222.154.149 >>>>>>>>>> Looking forward to hearing from you asap. Thanks! >>>>>>>>>> >>>>>>>>>> And here's the content of scalr-server.rb file. >>>>>>>>>> >>>>>>>>>> ------------------ >>>>>>>>>> root@ip-172-31-5-21:/etc/scalr-server# cat scalr-server.rb >>>>>>>>>> >>>>>>>>>> ######################################################################################## >>>>>>>>>> # IMPORTANT: This is NOT a substitute for documentation. Make >>>>>>>>>> sure that you understand # >>>>>>>>>> # the configuration parameters you use in your configuration >>>>>>>>>> file. # >>>>>>>>>> >>>>>>>>>> ######################################################################################## >>>>>>>>>> >>>>>>>>>> # Disable all services by default >>>>>>>>>> enable_all false >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> ########################## >>>>>>>>>> # Topology Configuration # >>>>>>>>>> ########################## >>>>>>>>>> >>>>>>>>>> # You can use IPs for the below as well, but hostnames are >>>>>>>>>> preferable. >>>>>>>>>> app_server_host = '54.222.154.149' # This MUST be reachable by >>>>>>>>>> your instances. >>>>>>>>>> main_mysql_server_host = '54.222.215.202' >>>>>>>>>> ca_mysql_server_host = '54.222.215.202' >>>>>>>>>> >>>>>>>>>> # Server IPs. Those MUST be IPs, not hostnames. >>>>>>>>>> app_server_ip = '54.222.154.149' >>>>>>>>>> worker_server_ip = '54.222.154.88' >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> #################### >>>>>>>>>> # External Routing # >>>>>>>>>> #################### >>>>>>>>>> >>>>>>>>>> proto = 'https' # Set up the SSL settings and this to 'https' to >>>>>>>>>> use HTTPS >>>>>>>>>> endpoint = app_server_host >>>>>>>>>> >>>>>>>>>> routing[:endpoint_scheme] = proto >>>>>>>>>> routing[:endpoint_host] = endpoint >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> #################### >>>>>>>>>> # Internal Routing # >>>>>>>>>> #################### >>>>>>>>>> >>>>>>>>>> # Use separate hosts for MySQL >>>>>>>>>> app[:mysql_scalr_host] = main_mysql_server_host >>>>>>>>>> app[:mysql_scalr_port] = 3306 >>>>>>>>>> >>>>>>>>>> app[:mysql_analytics_host] = ca_mysql_server_host >>>>>>>>>> app[:mysql_analytics_port] = 3306 >>>>>>>>>> >>>>>>>>>> # Use Memcached locally (it's running on the same servers as the >>>>>>>>>> app servers) >>>>>>>>>> app[:memcached_servers] = ['127.0.0.1:11211'] >>>>>>>>>> >>>>>>>>>> # Look for the app and graphics locally as well >>>>>>>>>> proxy[:app_upstreams] = ['127.0.0.1:6000'] >>>>>>>>>> proxy[:graphics_upstreams] = ['127.0.0.1:6100'] >>>>>>>>>> proxy[:plotter_upstreams] = ['127.0.0.1:6200'] >>>>>>>>>> proxy[:ssl_enable] = true >>>>>>>>>> proxy[:ssl_redirect] = true >>>>>>>>>> proxy[:ssl_cert_path] = "/etc/ssl/certs/server.pem" >>>>>>>>>> proxy[:ssl_key_path] = "/etc/ssl/private/server.key" >>>>>>>>>> >>>>>>>>>> # Bind the proxy publicly >>>>>>>>>> proxy[:bind_host] = '0.0.0.0' >>>>>>>>>> >>>>>>>>>> # But bind everything else locally, since it'll go through the >>>>>>>>>> proxy >>>>>>>>>> web[:app_bind_host] = '127.0.0.1' >>>>>>>>>> web[:app_bind_port] = 6000 >>>>>>>>>> >>>>>>>>>> web[:graphics_bind_host] = '127.0.0.1' >>>>>>>>>> web[:graphics_bind_port] = 6100 >>>>>>>>>> >>>>>>>>>> service[:plotter_bind_host] = '127.0.0.1' >>>>>>>>>> service[:plotter_bind_port] = 6200 >>>>>>>>>> >>>>>>>>>> # Bind MySQL publicly, because it'll need to be accessed by the >>>>>>>>>> app & worker >>>>>>>>>> mysql[:bind_host] = '0.0.0.0' >>>>>>>>>> mysql[:bind_port] = 3306 >>>>>>>>>> >>>>>>>>>> # The app and Memcached are running on the same server, so bind >>>>>>>>>> locally >>>>>>>>>> memcached[:bind_host] = '127.0.0.1' >>>>>>>>>> memcached[:bind_port] = 11211 >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> ##################### >>>>>>>>>> # App configuration # >>>>>>>>>> ##################### >>>>>>>>>> >>>>>>>>>> app[:ip_ranges] = ["#{app_server_ip}/32", >>>>>>>>>> "#{worker_server_ip}/32",] >>>>>>>>>> app[:instances_connection_policy] = 'public' # 'local' or 'public' >>>>>>>>>> app[:configuration] = {} # Add extra configuration here >>>>>>>>>> >>>>>>>>>> ------------------ >>>>>>>>>> >>>>>>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "scalr-discuss" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> >>>> >>>> -- >>>> Regards, >>>> Daniele Testa | Solutions Architect @ Scalr | [email protected] | >>>> www.scalr.com | blog.scalr.com >>>> >>> -- You received this message because you are subscribed to the Google Groups "scalr-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
