Here's what I've done:
I wrote a minimal web server (using Qt, but I don't think it's relevant here).
I'm running it on a legal Windows 7 32-bit.
The problem:
If I make a request with Firefox, IE, Chrome or Safari it takes takes about one second before my server sees that there is a new connection to be accepted.
Clues:
Using other clients (wget, own test client that just opens a socket) than Firefox, IE, Chrome, Safari seeing the new connection is matter of milliseconds.
I installed Apache and tried the clients mentioned above. Serving the request takes ~50ms as expected.
The problem isn't reproducible when running Windows XP (or compiling and running the same code under Linux)
The problem seems to present itself only when connecting to localhost. A friend connected over the Internet and serving the connection was a matter of milliseconds.
Running the server in different ports has no effect on the 1 second latency
Here's what I've tried without luck:
Stopped the Windows Defender service
Stopped the Windows Firewall service
Any ideas? Is this some clever 'security feature' in Windows 7? Why isn't Apache affected? Why are only the browsers affected?
If you're saying "localhost" instead of "127.0.0.1", you're forcing a name lookup before the actual connection attempt, adding delay.
In addition, some browsers, like Firefox 3.5+, don't use the operating system's DNS lookup mechanism, which is why it can have different performance than, say, wget.
You may be running into some automatic proxy discovery problem. In Firefox, you can disable this in Options | Advanced | Network | Settings; select either "No proxy" or give it explicit values. There's also the Internet Properties control panel, which is IE's network settings, but other browsers on Windows may obey settings here, too. Again, disable auto-proxy discovery. This can speed connections outside localhost, too.
For some reason Windows 7 takes 1 second to resolve address localhost regardless of it being in hosts file.
Adding localhost1 to hosts file and using that works around the problem.
When connecting to localhost on a IPv4/IPv6 dual stack host:
A DNS lookup is performed for localhost.
The DNS server (whether IPv6 enabled or not - this doesn't matter) returns both the AAAA record ::1, and the A record 127.0.0.1.
The client first attempts to connect to ::1.
We assume your server program is not IPv6-capable, which is a common case - due to historical reasons, many servers bind their socket to 0.0.0.0 by default rather than [::].
Here an ECONNREFUSED error would be raised for the client. This happens immediately on most platforms; on Windows however, a single call to connect() would try 3 times in 500ms intervals before giving up, hence taking a bit more than one second (See http://stackoverflow.com/q/19440364 for more details).
The client then creates a connection to 127.0.0.1 instead.
This would explain all your clues above:
If you make a request with Firefox, IE, Chrome, Safari or any other IPv6-capable clients, it takes takes about one second trying for ::1 before connecting to 127.0.0.1.
Your own test client just opens a INET socket, so it won't try ::1 at all.
Using a dual-stack server such as Apache, the clients will connect to ::1 happily.
The problem isn't reproducible on Windows XP, of which IPv6 support is not enabled by default.
The problem seems to present itself only when connecting to localhost, as your friend connected with an IPv4-only network.
Running the server in different ports has no effect on the 1 second latency.
Related
I have an application with a server written in F# and serve web files using suave. I remote login using powershell into another machine in the network to run the application (The application is also in one of the network drives). I do that because that machine have access to third party APIs needed for the server. Now when I do [IPAddress_Of_Remote_Machine]/[html_file] or [name_of_pc]/[html_file] then chrome is waiting forever and doesn't ever return the webpage. This wasn't happening before and I ran into this problem recently. I opened a different port and used it instead of the default one 80. This made things work but the problem keeps showing up after a couple of days. I don't think it's a firewall issue but I'm clueless to why this is happening.
When running netstat -an, this is what I get (I hid the IP address):
As you can see all of the connections are either in CLOSE_WAIT or ESTABLISHED but not LISTENING. All of these TCP connections is probably because I have PhantomJS and two other APIs running in the application as well. However the loop back address is also open on the same port 5959:
I'm not sure what is difference between these two but when using PortQryUI to query the remote server it returns a success!
I have already made an inbound rule for port 5959 on the server so it should be allowed. The web page is stuck at Waiting for [name_of_pc]. Also, sometimes this problem disappears and everything works fine.
What is the potential problem behind this? Why would this happen all of a sudden?
UPDATE:
I re-ran the application today and it's working correctly. It could be that something is dynamically set within the firewall? Not really sure what is going on. The machine I'm running the server on has a bunch of applications running on it as well so maybe there is an external process that is affecting it?
I made a hello world app with Suave and deployed it on the network drive to test if it's going to work. I opened inbound rule for port 6001
Then I ran the app:
However, it's still not working and this time it says the site cannot be reached when I do: http://[name_of_pc]:6001.
Moving this to an answer so that it can be closed:
Could you post the bindings section of your suave cfg? I'm guessing you know where that is since you are using a non-standard port but if you need don't, search for HttpBinding. I suspect you will find it pointing to 127.0.0.1 which is not good enough for remote access. You could try changing it to 0.0.0.0 or to the server's actual IP address. I would try 0.0.0.0 first for the flexibility it provides
I'm trying to establish a connection using sockets between 2 PC's on the same LAN using the Eiffel Programming Language. I'm trying to run the examples that are by default on the installation directory of Eiffel Studio. However right now I'm trying to make it on the same machine by addressing to localhost (127.0.0.1).
It works perfectly on Linux (Ubuntu 15.10) but on windows 7 I'm getting an exception when I try to run the client program. The code of the exception is 24 Unable to establish connection. The server program runs just fine and I already got a connection between a client on linux and a server on windows. I didn't find a solution to this exception on the documentation nor on other sites. Here is a screencap:
Screencap of the debugger
Here is a link to the doc:
https://www.eiffel.org/doc/solutions/Two%20Machines
Thank you in advance.
The issue might be caused by the fact that some ports are used and others are reserved by the system. In particular the port range 0-1023 is designated for use by common system and network services. Ports beyond this range can also be registered (e.g., Service Name and Transport Protocol Port Number Registry or List of TCP and UDP port numbers). System security settings could also prevent applications from using specific port numbers.
The solution is to look for and to use port numbers that are available for user applications. Ports currently used on Windows can be found with netstat -an, what can be used is related to TCP/IP and firewall settings. The simplest approach is to try using some other port numbers, e.g. in the range 1024-49151.
I have some issues with MongoDB (or Linux security, perhaps):
1 I am runing MongoDB 3.0 in an OpenSuSE 13.1 machine (which acts as the data server). I have a local network of 4 computers with different OSs.
2 I can connect from a Windows 8.1 Laptop using the mongo command, using the pymongo Python library, or Robomongo. Everything works just fine: I can query the server and insert things.
3 However, when I try to access port 27017 to see the "It looks like you're accessing..." message, the browser says "The connection was reset".
4 SuSe's Firewall and AppArmor are disabled.
QUESTION: There is one computer that can't access the address of the local server. Said computer is in the same local network and is running Windows 8.1. I tried with many other devices and OSs (see miniupdate in comments) and they all managed to access the 27017 port on the server. Of course, the server simply displayed the message "It looks like you are trying to access MongoDB over HTTP on the native driver port.". Do you have any ideas as to why the browser in the problematic computer keeps saying "Connection was reset" instead of showing the message mentioned above? Please note that this computer can do everything I mentioned in point 2. It's the browser thing that is puzzling me.
MongoDB's default port doesn't speak the http protocol. Which is what a browser can speak (among a few others). If you're looking for the web based status page, then that should be on port 28017 (27017 + 1000).
See http://docs.mongodb.org/manual/reference/default-mongodb-port/ for more details.
Found the solution on my own: disable the "Web shield" of Avast Antivirus. It somehow resets the browser's connection to Mongo.
Again, I realize that Mongo doesn't talk HTTP on that port, but still the fact that all other devices but this one were able to connect (to simply get a message) was bugging me.
All connection attempts on RhodeCode on CentOS 6.3 are refused except from localhost.
Note that iptables is not running, and I am only trying to visit the web interface.
I have googled the exact error message below and looked around SO. I have yet to find a solution.
abort: error: No connection could be made because the target machine actively refused it
If the firewall is down, and I am not trying to modify any repository, what else is preventing me from connecting? EDIT: See #5 below. Not sure how to address it yet.
Things tried and other info
Using localhost, 127.0.0.1 and hostname in production.ini
service iptables stop
Connected over HTTP successfully. In other words, connections are accepted outside RhodeCode.
Made sure no authentication methods were enabled or configured in production.ini
Although the server accepts connections on localhost, netstat -l does not show that port 5000 is listening. Port 5000 is set in production.ini and ps uax | grep paster confirms the server is running. No other software tries to grab port 5000.
Ok, apparently I have been misunderstanding the host configuration. I was running on the assumption that host should be set to 127.0.0.1 or localhost in production.ini for RhodeCode to know what host to look for for another service. This was a faulty presumption on my part, since I am used to pointing web applications to local systems to look for databases.
It turns out that host binds the application to a specific address for access, meaning that it RhodeCode was supposed to only respond to local requests, regardless of what other system policies say. The setup docs did not make this clear because it did not specify that external connections would be refused. All it said was:
This command [paster serve] runs the RhodeCode server. The web app should be available at the 127.0.0.1:5000. This ip and port is configurable via the production.ini file created in previous step
The problem was fixed by binding RhodeCode to 0.0.0.0, which opened it to outside connections. Kudos to Ćukasz Balcerzak for pointing this out in the RC support google group.
When developing and testing WP7 apps you're pc is connected to either a real WP7 phone or to the WP7 Device Emulator. For a specific development-purpose I would like to connect directly to the development pc (let's call it the host pc) from the WP7 app without having to rely on an external toast-server. I'm using plain sockets, System.Net.Sockets.Socket.
There seem to be two options:
Obtain the host pc's LAN IP and connect to that
Connect to localhost
Option 1 usually works well, but not always: The host pc may not necessaily have an IP, in which case there's nothing to connect to. Also, in some scenarios all LAN traffic is directed through a company-wide proxy which will disrupt this mechanism.
That lead me to try out option 2. To my surprise it seems to work, but I need to be more sure than simply "it seems to work". I've googled all over but can't find any definitive answer, not even on Microsoft's site like e.g. http://msdn.microsoft.com/en-us/library/ff754351(v=VS.92).aspx. So this is my question:
What exactly is the defined behavior of connecting to localhost from a WP7 app?
Altrernatively, is there a fool-proof way of connecting back to the host-pc?
(Let me stress this again: For this particular purpose I can't use toasts, because the development pc may not even be online.)
Edit:
I work at EQATEC and the application in question is the EQATEC Profiler. Right now the profiler/app-communication is handled by injecting a socket/http-client into the deployed WP7 app that connects back to the profiler's LAN IP address. It works very well and is really fast, but in some very rare cases users are offline and therefore doesn't have an IP, or have some prohibitive lan proxy rules.
Therefore connecting to "localhost" would be excellent if that somehow magically would always work for everybody. It works for me and a couple of test-users, but does it work for all our many thousand profiler users all over the world? I'd like to be more sure.
"localhost" by definition is the machine running the code (well specifically the NIC doing the communication). For either the Phone or the Emulator, that would mean the phone or the emulator, not the PC they are attached to.
When you attach to a PC, you do have a network - it's an RNDIS connection in which both sides get an IP address which traditionally (pre-WP7) could be resolved with 'ppp-peer', though I've not tested that resolution on the Phone. I suspect it will be the same, since WMDC is still what's connecting and they'd have little reason to change that connection mechanism.
If the emulator is resolving localhost to the PC on which is resides, that's a definite bug and I would not count on it continuing to work as they add more robust socket support to the Phone platform.
System.Net.Sockets.Socket isn't really currently available for WP7 programming, but it might be available at some future point (maybe in Mango... maybe...)
AFAIK, the only way to reliably do what you want to do is to set up an http server on the development PC and to provide your app with an HTTP address of that server - or to route messages via some "Cloud proxy"
I'm surprised localhost works at all on the real device... I can only assume that they are asking the connected PC to resolve that DNS name - but even then I'm surprised 127.0.0.1 works.
The ip you're looking for is "192.168.55.100"
That's the ip address the phone uses to connect to the host pc.
If you'd like to connect to the phone, apparently its ip address will be "192.168.55.101"
For the emulator just use localhost or 127.0.0.1
This is from the old ActiveSync days, so I don't know how official it is or how likely it is to last, but for right now at least it worked on my phone.