"Connection closed by foreign host error" in Solaris 10

kraljic · November 7, 2012, 9:07am

Version Details

Solaris version :  Oracle Solaris 10 8/11 s10x_u10wos_17b X86
$ uname -a
SunOS tippy178 5.10 Generic_147441-01 i86pc i386 i86pc

The Issue
+++++++++

I have two solaris 10 Virtual Machines created using Virtual Box. One of my applications running on Source was trying to connect to Target

Source: 192.168.0.178
Target : 192.168.0.179

Application got the following error

TCP/IP error 146 (Connection refused), endpoint: 192.168.0.179:15001

So, I did a telnet test from source to target. But I was getting 'Closed by foreign host' error. It seems to get connected for a second, but then I get the 'closed by foreign host' error

$ telnet 192.168.0.179 15001
Trying 192.168.0.179...
Connected to 192.168.0.179.
Escape character is '^]'.
Connection to 192.168.0.179 closed by foreign host.

But , ping is working fine

$ ping 192.168.0.179
192.168.0.179 is alive

And I am able to ssh from source to the target machine without any issues.

After some googling, I uncommented the following line in /etc/inetd.conf

tftp    dgram   udp6    wait    root    /usr/sbin/in.tftpd      in.tftpd -s /tftpboot

But i don't think it has any effect in Solaris 10.

Any suggestions on how to fix this ?

rbatte1 · November 7, 2012, 9:22am

So first of all:-

Why are you targeting port 15001? Port 15001 is not a standard port number that I am aware of. I presume you have some reason for it.
Is the port in /etc/services? Could you post the output from grep 15001 /etc/services
Is the service in /etc/inetd.conf? Using the name returned above (e.g. my-svc tcp/15001) could you post the output from grep my-svc /etc/inetd.conf
Is the server listening? On the target server, could you run netstat -na|grep 15001 and post the response. If you have lsof installed, could you post the output from lsof -i tcp:15001
Is the listener logging an error, if you know where it would?

From your telnet attempt, it would suggest that the server is listening, but doesn't respond to telnet, and why should it. It is presumably a different service.

What more can you tell us?

Thanks, in advance,
Robin
Liverpool/Blackburn
UK

kraljic · November 7, 2012, 9:52am

Thank you Robin.

In Target, I started a process called MANAGER , and I got the following message from its log

2012-11-07 22:43:19  INFO    OGG-00983  Oracle GoldenGate Manager for Oracle, mgr.prm:  Manager started (port 15001).

It seemed to be running. But 15001 port is not listed in /etc/services.

# grep 15001 /etc/services
# netstat -na|grep 15001
      *.15001              *.*                0      0 49152      0 LISTEN
      *.15001                           *.*                             0      0 49152      0 LISTEN
# lsof not installed
# lsof -i tcp:15001
lsof: not found

What is the port range I should be using ? I am not a network person.

Do you want me to cat /etc/services or any other file from Target ?
Thank you.

sylvain · November 7, 2012, 10:22am

hi,

If port 22 (ssh) run fine and the 15001 not :

and if that

# netstat -na|grep 15001
      *.15001              *.*                0      0 49152      0 LISTEN
      *.15001                           *.*                             0      0 49152      0 LISTEN

Me i should ask to the networkteam if firwall rule allow port 15001 on your box.

I have allready seen a firwall that said that to me

$ telnet 192.168.0.179 15001
Trying 192.168.0.179...
Connected to 192.168.0.179.
Escape character is '^]'.
Connection to 192.168.0.179 closed by foreign host.

It was a msg sent by firwall not by your target hosts. For security reason.

hope it help

kraljic · November 7, 2012, 10:30am

In target, I tried to start this service ( 'manager' ) on different ports like 8000, 2000, 1532

Still the issue persists. Currently I am trying to start manager process in 1532 in target.

$ netstat -na| grep 1532
      *.1532               *.*                0      0 49152      0 LISTEN
192.168.0.179.1532   192.168.0.178.32862  49640      0 49640      0 TIME_WAIT
      *.1532                            *.*                             0      0 49152      0 LISTEN

--- Trying telnet from source

$ telnet 192.168.0.179 1532
Trying 192.168.0.179...
Connected to 192.168.0.179.
Escape character is '^]'.
Connection to 192.168.0.179 closed by foreign host.

---------- Post updated at 10:30 AM ---------- Previous update was at 10:24 AM ----------

Thank you Sylvian .
These solaris machines are virtual machines running is my home based network.

Guest OS         : Solaris 10 
Host OS         : Windows 7
Virtual Box version: 4.1.18-78361-Win

I haven't enabled any firewall . Is there any way I could disable it ?

hicksd8 · November 7, 2012, 12:07pm

On each (virtual) machine try:

telnet localhost

to see if it can telnet to itself. This would use port 23, of course.

This will test whether the system will accept connections which are not from "foreign host".

kraljic · November 8, 2012, 9:27am

I tried changing the port to 2012 and restarted the service in target. Now, when I try to telnet from source the telnet command hangs. I kept trying Ctrl+C to get the prompt back, but not luck. I had to close and start another putty session.

Source: 192.168.0.178
Target : 192.168.0.179 (the server which has the port I want to check if it is open)

-- Trying to check if port 2012 in 192.168.0.179 is open
-- From 192.168.0.178 I am running the below telnet command

$ telnet 192.168.0.179 2012
Trying 192.168.0.179...
Connected to 192.168.0.179.
Escape character is '^]'.
^C
^C^C^C^C

^C^C
^D

--- Netstat Output from Target
-- When trying to access 192.168.0.179:2012

$ netstat -na | grep 2012
192.168.0.179.2012   192.168.0.178.32813  49640      0 49617      0 ESTABLISHED
      *.2012               *.*                0      0 49152      0 LISTEN
192.168.0.179.2012   192.168.0.179.32802  49152      0 49256      0 ESTABLISHED
192.168.0.179.2012   192.168.0.178.32809  49640      0 49593      0 CLOSE_WAIT
192.168.0.179.2012   192.168.0.178.32811  49640      0 49613      0 CLOSE_WAIT
      *.2012                            *.*                             0      0 49152      0 LISTEN

Hi Hicksd8 ,

In target i did the telnet test you asked for

-- Trying to telnet to same machine.

$ telnet localhost
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
login: oracle
Password:
Last login: Thu Nov  8 22:18:20 from tigris179
Oracle Corporation      SunOS 5.10      Generic Patch   January 2005
$
$

rbatte1 · November 8, 2012, 9:34am

You still haven't told us what is listening. No point connecting with telnet if that's not what is expected, but if on the server side you see the session ESTABLISHED, then the contact is there. You obviously know how to change the listening port, so what's it for?

What are you actually trying to use?

Robin
Liverpool/Blackburn
UK

kraljic · November 9, 2012, 11:12am

In the target (192.168.0.179) , I am running a process called mgr which is part of an application called Golden Gate.
mgr process seems to have some issue holding on to this port.

I tried running another process (Oracle DB listener) on the same port 2012. This time the it hung for about 40 seconds and I got
Connection closed by foreign host error without hitting Ctrl+C

 $ telnet 192.168.0.179 2012
 Trying 192.168.0.179...
 Connected to 192.168.0.179.
 Escape character is '^]'.            ----------------------> hung for about 40 seconds and then received the below error without the need for Ctrl+C
 Connection to 192.168.0.179 closed by foreign host.

Both processes (mgr and lsnr) are run by the same OS user called oracle.

---------- Post updated at 11:12 AM ---------- Previous update was at 11:09 AM ----------

Since this is just a home based VM setup created for testing, I would like to disable all security/filter features in Solaris.

rbatte1 · November 12, 2012, 6:19am

With the Oracle listener running configured for port 2012, can you open an ODBC connection? You might need to tweak tnsnames.ora on the client side to point to the correct port.

If that opens correctly (as a telnet would not handshake properly) then you have proved that this is not a network error (even if it's between to local VMs) and you need to be looking at the Golden Gate server to see if there is a configuration for that to allow certain connections, e.g. does it have an allowed IP address list, allowed users (e.g. does username/uid on client match username/uid on servers and is it allowed) It might depend how Golden Gate works.

Have you contacted the supplier? I can't find any matches after a quick web-search.

Robin
Liverpool/Blackburn