No route to host 1

[Ghodmode]

I have two Red Hat servers. On Server A, I have a server process listening on a specific port. On Server B, I have an application which needs to connect to Server A on this port. The server and the client are both Java processes running under Tomcat. The stack trace on Server B reports a "NoRouteToHostException" and I can get basically the same error message when I try to connect to the port using telnet.

It's not a complete problem with communication between the servers because I can connect to port 80 on Server A and I can also SSH to Server A.

On server A, I am able to confirm that the server is listening to the port using netstat.

I'm not using host names, only IP addresses.

I can't ping either box from the other one.

As far as I can tell, there's no firewall software running on either box. This is based on looking through the output of [tt]ps -ef[/tt] for iptables.

I know that the normal explanation of this problem is that there's a firewall running and blocking the port, but there's no firewall here.

Is there another explanation that anyone knows of?

Any ideas or insight would be greatly appreciated.

Thank you.

--
-- Ghodmode

Give a man a fish and he'll come back to buy more... Teach a man to fish and you're out of business.

 

[Gloups]

Is SeLinux activated ?

 

[Ghodmode]

I don't know anything about configuring SELinux, but it's not related to this problem.

I've just found the answer to this problem. Running [tt]iptables -F[/tt] on Server A fixed it. I don't know anything about configuring iptables, either, but it was definitely not in the process listing.

So, I'd like to change my question: If iptables isn't running, how does it affect access to the server?

Thanks.

--
-- Ghodmode

Give a man a fish and he'll come back to buy more... Teach a man to fish and you're out of business.

 

[gdvissch]

Using the iptables command you reconfigure the network stack. Once the command terminates it leaves your "kernel" in a certain state that will let some packets through and that will stop certain other packets.
Iptables is not the actual firewall, it is the "interface" you use to configure it...

http://www.netfilter.org

CU
G.

 

[lgarner]

iptables -F flushes the tables. Since your default policy is apparently "accept", it fixes the problem.

"service iptables stop" pretty much does the same thinig in this case. "chkconfig iptables off" prevents it from starting at boot.

running "iptables -L" displays the active tables.

 

[QatQat]

You asked:
So, I'd like to change my question: If iptables isn't running, how does it affect access to the server?


Normally flushing the rules (iptables -F) or shutting down iptables will un-restrict access to your server.
Iptables may anyway be doing more than just blocking ports; if your process is running on a redirected port then iptables is needed. This is just an example but there are many configuration that require iptables to be running. I would like also to stress the point that it is never a good idea to shutdown iptables unless your server is protected by some other device; rather open necessary ports using iptables commands and leave iptables running.


QatQat

If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!