Thread: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:

 

Hi, I have 2 cluster databases, running on the same host, Linux with redHat. My fist database port is set to default, 5432, but my second database port is set to 5436 in the postgresql.conf file. While everything is ok with local connections, I cannot connect remotely using any of my tools to the second database with port 5436, including pgAdmin. Please help. Any parameter that I need to modify for the new database with port 5436? I have attached the posgresql.conf.

 

 

Jay

 

Attachment

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
John R Pierce
Date:
On 12/27/11 11:07 AM, Jacques Lamothe wrote:
>
> Hi, I have 2 cluster databases, running on the same host, Linux with
> redHat. My fist database port is set to default, 5432, but my second
> database port is set to 5436 in the postgresql.conf file. While
> everything is ok with local connections, I cannot connect remotely
> using any of my tools to the second database with port 5436, including
> pgAdmin. Please help. Any parameter that I need to modify for the new
> database with port 5436? I have attached the posgresql.conf.
>

is a linux firewall blocking incoming connections to 5436 ?

   iptables -L -vn

to see the full set of firewall rules.

--
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast


Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Adrian Klaver
Date:
On 12/27/2011 11:07 AM, Jacques Lamothe wrote:
> Hi, I have 2 cluster databases, running on the same host, Linux with
> redHat. My fist database port is set to default, 5432, but my second
> database port is set to 5436 in the postgresql.conf file. While
> everything is ok with local connections, I cannot connect remotely using
> any of my tools to the second database with port 5436, including
> pgAdmin. Please help. Any parameter that I need to modify for the new
> database with port 5436? I have attached the posgresql.conf.

My guess is it is one of two things:
1) Did you restart the server after changing the value for listen_addresses?

2) Have you looked at the pg_hba.conf file to see if it allows remote
connections?
http://www.postgresql.org/docs/9.0/interactive/auth-pg-hba-conf.html

>
> Jay
>
>
>
>


--
Adrian Klaver
adrian.klaver@gmail.com

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Raymond O'Donnell
Date:
On 27/12/2011 19:07, Jacques Lamothe wrote:
>
>
> Hi, I have 2 cluster databases, running on the same host, Linux with
> redHat. My fist database port is set to default, 5432, but my second
> database port is set to 5436 in the postgresql.conf file. While
> everything is ok with local connections, I cannot connect remotely using
> any of my tools to the second database with port 5436, including
> pgAdmin. Please help. Any parameter that I need to modify for the new
> database with port 5436? I have attached the posgresql.conf.

What error message are you getting when you try to connect?

Have you a suitable rule in pg_hba.conf to allow remote connections?

Any firewall blocking that port?

Ray.

--
Raymond O'Donnell :: Galway :: Ireland
rod@iol.ie

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:
1) Error:
Error connecting to data database. Connection refused. C heck that hostname and port are correct and postmaster is
acceptingTCP/IP connection. 
2)  pg_hba.conf for both clusters are similar
DB2 - Port 5436 -Amzndev01
# IPv4 local connections:
host            all         all             0.0.0.10/10          trust
host            all         all             xxx.168.0.10/24      trust
host            all         all             xxx.47.37.38/24      trust
hostnossl          amzndev01  viper_logical_1      xx.0.0.0/8           trust
hostnossl          amzndev01  viperuser          xx.0.0.0/8           trust
hostnossl          amzndev01  viper_tx           xx.0.0.0/8           trust
hostnossl          amzndev01  viper_reference_1  xx.0.0.0/8           trust
hostnossl          amzndev01  viper_cache_1      xx.0.0.0/8           trust
hostnossl        all         all             xx.32.81.157/10      trust
# IPv6 local connections:
host            all                     all         ::1/18   trust

DB1 - Port 5432 - amznvpat1
# IPv4 local connections:
host            all         all             0.0.0.0/10          trust
host            all         all             xxx.168.0.0/24      trust
host            all         all             xxx.47.37.37/24     trust
hostnossl          amznvpat1  viper_logical_1      xx.0.0.0/8          trust
hostnossl          amznvpat1  viperuser          xx.0.0.0/8          trust
hostnossl          amznvpat1  viper_tx           xx.0.0.0/8          trust
hostnossl          amznvpat1  viper_reference_1  xx.0.0.0/8          trust
hostnossl          amznvpat1  viper_cache_1      xx.0.0.0/8          trust
hostnossl        all         all             xx.32.81.157/10     trust
# IPv6 local connections:
host            all         all             ::1/128             trust

3)
[root@vpdb1 ~]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

-----Original Message-----
From: Raymond O'Donnell [mailto:rod@iol.ie]
Sent: Tuesday, December 27, 2011 2:21 PM
To: Jacques Lamothe
Cc: pgsql-general@postgresql.org
Subject: Re: [GENERAL] UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

On 27/12/2011 19:07, Jacques Lamothe wrote:
>
>
> Hi, I have 2 cluster databases, running on the same host, Linux with
> redHat. My fist database port is set to default, 5432, but my second
> database port is set to 5436 in the postgresql.conf file. While
> everything is ok with local connections, I cannot connect remotely using
> any of my tools to the second database with port 5436, including
> pgAdmin. Please help. Any parameter that I need to modify for the new
> database with port 5436? I have attached the posgresql.conf.

What error message are you getting when you try to connect?

Have you a suitable rule in pg_hba.conf to allow remote connections?

Any firewall blocking that port?

Ray.

--
Raymond O'Donnell :: Galway :: Ireland
rod@iol.ie

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:
Output

[root@vpdb1 ~]# iptables -L -vn
Chain INPUT (policy ACCEPT 44094 packets, 6327K bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:5436

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 43575 packets, 6143K bytes)
 pkts bytes target     prot opt in     out     source               destination
[root@vpdb1 ~]#



-----Original Message-----
From: pgsql-general-owner@postgresql.org [mailto:pgsql-general-owner@postgresql.org] On Behalf Of John R Pierce
Sent: Tuesday, December 27, 2011 2:17 PM
To: pgsql-general@postgresql.org
Subject: Re: [GENERAL] UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

On 12/27/11 11:07 AM, Jacques Lamothe wrote:
>
> Hi, I have 2 cluster databases, running on the same host, Linux with
> redHat. My fist database port is set to default, 5432, but my second
> database port is set to 5436 in the postgresql.conf file. While
> everything is ok with local connections, I cannot connect remotely
> using any of my tools to the second database with port 5436, including
> pgAdmin. Please help. Any parameter that I need to modify for the new
> database with port 5436? I have attached the posgresql.conf.
>

is a linux firewall blocking incoming connections to 5436 ?

   iptables -L -vn

to see the full set of firewall rules.

--
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast


--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Adrian Klaver
Date:
On 12/27/2011 11:31 AM, Jacques Lamothe wrote:
> 1) Error:
> Error connecting to data database. Connection refused. C heck that hostname and port are correct and postmaster is
acceptingTCP/IP connection. 

So did you restart the server listening on port 5436 after changing the
listen_addresses setting?

--
Adrian Klaver
adrian.klaver@gmail.com

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:
Yes I did

-----Original Message-----
From: Adrian Klaver [mailto:adrian.klaver@gmail.com]
Sent: Tuesday, December 27, 2011 2:39 PM
To: Jacques Lamothe
Cc: rod@iol.ie; pgsql-general@postgresql.org
Subject: Re: [GENERAL] UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

On 12/27/2011 11:31 AM, Jacques Lamothe wrote:
> 1) Error:
> Error connecting to data database. Connection refused. C heck that hostname and port are correct and postmaster is
acceptingTCP/IP connection. 

So did you restart the server listening on port 5436 after changing the
listen_addresses setting?

--
Adrian Klaver
adrian.klaver@gmail.com

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Adrian Klaver
Date:
On 12/27/2011 11:39 AM, Jacques Lamothe wrote:
> Yes I did

More guesses.
Looks like you may be running on Amazon AWS?
If so, did you change the AWS firewall to allow port 5436?

>
>


--
Adrian Klaver
adrian.klaver@gmail.com

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:
Yes I'm running on amazon.aws and yes I requested my admin to open the port, do you know how I can check its status

iptables -L -vn
Chain INPUT (policy ACCEPT 44554 packets, 6381K bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:5436

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 43998 packets, 6200K bytes)
 pkts bytes target     prot opt in     out     source               destination


-----Original Message-----
From: Adrian Klaver [mailto:adrian.klaver@gmail.com]
Sent: Tuesday, December 27, 2011 2:42 PM
To: Jacques Lamothe
Cc: rod@iol.ie; pgsql-general@postgresql.org
Subject: Re: [GENERAL] UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

On 12/27/2011 11:39 AM, Jacques Lamothe wrote:
> Yes I did

More guesses.
Looks like you may be running on Amazon AWS?
If so, did you change the AWS firewall to allow port 5436?

>
>


--
Adrian Klaver
adrian.klaver@gmail.com

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
John R Pierce
Date:
On 12/27/11 11:34 AM, Jacques Lamothe wrote:
> Output
>
> [root@vpdb1 ~]# iptables -L -vn
> Chain INPUT (policy ACCEPT 44094 packets, 6327K bytes)
>   pkts bytes target     prot opt in     out     source               destination
>      0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:5436
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>   pkts bytes target     prot opt in     out     source               destination
>
> Chain OUTPUT (policy ACCEPT 43575 packets, 6143K bytes)
>   pkts bytes target     prot opt in     out     source               destination
> [root@vpdb1 ~]#

it appears there's no iptables based firewall configured at all, the
default policy is ACCEPT, so there's really no point in that rule for 5436


--
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast


Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Adrian Klaver
Date:
On 12/27/2011 11:44 AM, Jacques Lamothe wrote:
> Yes I'm running on amazon.aws and yes I requested my admin to open the port, do you know how I can check its status

The AWS firewall is for an account so it lives outside the instances.
The way I check is using the AWS Management Console. You need account
access for that though, so you may have to talk with the admin.

--
Adrian Klaver
adrian.klaver@gmail.com

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:
Correct, I'll take off

-----Original Message-----
From: pgsql-general-owner@postgresql.org [mailto:pgsql-general-owner@postgresql.org] On Behalf Of John R Pierce
Sent: Tuesday, December 27, 2011 2:46 PM
To: pgsql-general@postgresql.org
Subject: Re: [GENERAL] UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

On 12/27/11 11:34 AM, Jacques Lamothe wrote:
> Output
>
> [root@vpdb1 ~]# iptables -L -vn
> Chain INPUT (policy ACCEPT 44094 packets, 6327K bytes)
>   pkts bytes target     prot opt in     out     source               destination
>      0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:5436
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>   pkts bytes target     prot opt in     out     source               destination
>
> Chain OUTPUT (policy ACCEPT 43575 packets, 6143K bytes)
>   pkts bytes target     prot opt in     out     source               destination
> [root@vpdb1 ~]#

it appears there's no iptables based firewall configured at all, the
default policy is ACCEPT, so there's really no point in that rule for 5436


--
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast


--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

Re: UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

From
Jacques Lamothe
Date:
thanks

-----Original Message-----
From: Adrian Klaver [mailto:adrian.klaver@gmail.com]
Sent: Tuesday, December 27, 2011 2:48 PM
To: Jacques Lamothe
Cc: rod@iol.ie; pgsql-general@postgresql.org
Subject: Re: [GENERAL] UNABLE TO CONNECT REMOTELY TO port 5436 - CRITICAL

On 12/27/2011 11:44 AM, Jacques Lamothe wrote:
> Yes I'm running on amazon.aws and yes I requested my admin to open the port, do you know how I can check its status

The AWS firewall is for an account so it lives outside the instances.
The way I check is using the AWS Management Console. You need account
access for that though, so you may have to talk with the admin.

--
Adrian Klaver
adrian.klaver@gmail.com