Return-Path: X-Original-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 3466C9DA6 for ; Wed, 25 Apr 2012 22:40:10 +0000 (UTC) Received: (qmail 37229 invoked by uid 500); 25 Apr 2012 22:40:10 -0000 Delivered-To: apmail-incubator-cloudstack-dev-archive@incubator.apache.org Received: (qmail 37207 invoked by uid 500); 25 Apr 2012 22:40:10 -0000 Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-dev@incubator.apache.org Received: (qmail 37193 invoked by uid 99); 25 Apr 2012 22:40:10 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 25 Apr 2012 22:40:10 +0000 X-ASF-Spam-Status: No, hits=-5.0 required=5.0 tests=RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of Frank.Zhang@citrix.com designates 66.165.176.89 as permitted sender) Received: from [66.165.176.89] (HELO SMTP.CITRIX.COM) (66.165.176.89) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 25 Apr 2012 22:40:03 +0000 X-IronPort-AV: E=Sophos;i="4.75,483,1330923600"; d="scan'208";a="24552038" Received: from sjcpmailmx01.citrite.net ([10.216.14.74]) by FTLPIPO01.CITRIX.COM with ESMTP/TLS/RC4-MD5; 25 Apr 2012 18:39:42 -0400 Received: from SJCPMAILBOX01.citrite.net ([10.216.4.73]) by SJCPMAILMX01.citrite.net ([10.216.14.74]) with mapi; Wed, 25 Apr 2012 15:39:41 -0700 From: Frank Zhang To: "cloudstack-dev@incubator.apache.org" , "Development discussions for CloudStack (cloudstack-devel@lists.sourceforge.net)" , "CloudStack user/admin discussions (cloudstack-users@lists.sourceforge.net)" Date: Wed, 25 Apr 2012 15:39:41 -0700 Subject: RE: Tips for "No route to host", "Connection refused", "Connection reset" Thread-Topic: Tips for "No route to host", "Connection refused", "Connection reset" Thread-Index: Ac0jMP2ce2SGlJcfSWeHzGfKwiCNUQAAz2yA Message-ID: <93099572B72EB341B81A644E134F240B011CF644726D@SJCPMAILBOX01.citrite.net> References: <93099572B72EB341B81A644E134F240B011CF6447269@SJCPMAILBOX01.citrite.net> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Yes. if you don't have route for 1, it's the same error. However, even I have route but iptable close it, the error message is the s= ame -----Original Message----- From: Ahmad Emneina [mailto:Ahmad.Emneina@citrix.com]=20 Sent: Wednesday, April 25, 2012 3:16 PM To: cloudstack-dev@incubator.apache.org; Development discussions for CloudS= tack (cloudstack-devel@lists.sourceforge.net); CloudStack user/admin discus= sions (cloudstack-users@lists.sourceforge.net) Subject: Re: Tips for "No route to host", "Connection refused", "Connection= reset" 1. Sounds like a routing issue. Packet flow cant reach the destination. 2. Sounds like a firewall/no service issue --=20 =E6 On 4/25/12 3:05 PM, "Frank Zhang" wrote: >This is not only for CloudStack, but they are common issues when you are >playing CloudStack regarding network. >I often suffer these errors, there are some tips from my practice: > > >1. "No route to host" >Most likely iptables rule prevents the port from accessing. First check >iptables rule in your VM, then check SecurityGroup rules in CloudStack. >Finally check the rules in host where the VM is running(in this case, >please file a bug for SecurityGroup) > > >2. "Connection refused" > >The destination port is reachable, however, there is no application >listens on that port > > > >3. "Connection reset" > >The established connection has lost. > >Please correct me if you see anything wrong.