In my C# application, I have this code:
var factory = new ConnectionFactory
{
Port = 5671,
UserName = "userxxxx",
Password = "passwordxxx",
HostName = "amqps://xxxx.mq.us-east-1.amazonaws.com"
};
using var connection = factory.CreateConnection();
But during the CreateConnection I receive:
RabbitMQ.Client.Exceptions.BrokerUnreachableException
HResult=0x80131620
Message=None of the specified endpoints were reachable
Source=RabbitMQ.Client
The AWS Console shows me:
Endpoint: amqps://xxxx.mq.us-east-1.amazonaws.com:5671
What am I doing wrong?
Use a tool like "netcat" to verify you can connect to port 5671 on the AWS MQ. Netcat should be used from the same host you are trying to connect from. Alternatively, consider using a cloud-based portscanner like https://www.whatismyip.com/port-scanner/ to take your local network out of the equation.
Successful example with netcat:
$ nc -vz myownawsmq.mq.us-east-1.amazonaws.com 5671
Connection to myownawsmq.mq.us-east-1.amazonaws.com 5671 port [tcp/amqps] succeeded!
If you get an error or timeout, then your URL is incorrect or port 5671 is blocked.
When I created my AWS RabbitMQ instance, port 5671 was open to the internet because publicly accessible is the default. You cannot use a security group with RabbitMQ instance that is publicly accessible. If you set Private Access for the RabbitMQ instance, you won't be able to reach it externally.
It's also possible 5671 is blocked by local firewall rules. Check the firewall configuration in your local network to make sure 5671 is allowed. If a cloud-based port scanner can connect to the port, but a local scan can't, it's probably your local network configuration.
Related
I have implemented FTP code with use of WinSCP .NET assembly and hosted it on an Azure AppService.
It works locally and on Azure.
But in very few random times, when hosted on Azure, it throws the following error:
Error transferring file 'D:\local\Temp\test_settings.txt'. Server sent passive reply with unroutable address 10.YYY.YYY.YYY, using host address instead. Copying files to remote side failed. Rejected data connection for transfer of "/test_settings.txt", IP addresses of control and data connection do not match
Since the IP starts with 10. does that mean that it's local in the FTP server's network?
Can I do something to improve the implementation?
Do you think that the solution will have a problem when used concurrently by multiple requests?
My code is a copy of the Simple C# example with the following settings:
SessionOptions sessionOptions = new SessionOptions
{
Protocol = Protocol.Ftp,
UserName = username,
Password = password,
GiveUpSecurityAndAcceptAnyTlsHostCertificate = true,
FtpSecure = FtpSecure.Explicit,
HostName = 'ftp.domain.com'
};
IP addresses of control and data connection do not match
That's a message from FileZilla FTP server. It's a security measure. It might indicate that external IP address of your app service instance changed mid transfer. Or of course, it might indicate that you connection was hijacked (that's what the server tries to detect).
It has nothing to do with WinSCP.
I do not know if the IP address of the Azure app service can be fixed somehow. If not, all you can do is to reconnect and retry the transfer. I believe you would have the same problem with any FTP client. Maybe with IPv6 connection, the problem would not happen. But I'm not sure, it's just a wild guess. Though you cannot force IPv6 with WinSCP (only by disabling IPv4 altogether, but I do not know if that's even possible with the app service).
I have a server where we have installed ActiveMQ and also generate the necessary certificates for SSL.
I have added a broker certificate to my local machine's Keystore and then tried to connect ActiveMQ over SSL but getting an error like: not able to connect using ipaddress:61617.
Everything is working fine with TCP but the problem is when I tried to connect over SSL.
Here is the code snippet for connecting to ActiveMQ.
IConnectionFactory factory = new NMSConnectionFactory(AMQURL);
IConnection AMQConnection = factory.CreateConnection();
AMQConnection.ClientId = ClientId;
AMQConnection.Start();
ISession AMQSession = AMQConnection.CreateSession();
I am referring to this documentation for setting up SSL.
Here is the Active MQ endpoint that I am trying to connect.
activemq:ssl://server-ip-address:61617
I am using Apache.NMS.ActiveMQ version 1.7.2
I have added the following line in trasportconnectors section in activemq.xml file.
In order to connect to the broker your client needs to be configured with information about the SSL certificates it should trust and if using mutual authentication you'd need to supply the client key.
There is an article that covers some details about this process here.
Alternatively I believe there is a means of storing the key and trust store data within the Windows registry and or local machine stores, some documentation here.
I am using this sample code to listen for HTTP requests:
// Create a listener.
HttpListener listener = new HttpListener();
// Add the prefixes.
listener.Prefixes.Add("some URI");
listener.Start();
Console.WriteLine("Listening...");
HttpListenerContext context = listener.GetContext();
HttpListenerRequest request = context.Request;
HttpListenerResponse response = context.Response;
listener.Stop();
But I am having very tough time, because I have no clue what prefix supposed to be. I have read the documentation on this, but whatever I try to enter there, whether it's URI of my computer or t's URI of machine that I am expecting to get response from, I always get exception:
The format of the specified network name is not valid
I tried multiple things, one of them was that I specified URI of my own PC and got exception that these location is unreachable. The more I research the more lost I get.
In the MSDN example on HttpListener I see that URI supposed to have also a port, but if it has to be the URI of external machine I am listening to, then how can I know the port?
Also, I opened ports in firewall (using Windows tools, not commander). I even turned Windows firewall off, but didn't change anything.
My knowledge on networks is very limited, thus I don't even know the exact question I should ask.
I tried hints from related posts, such as:
C# HttpListener The format of the specified network name is not valid
but nothing helped me.
for example use:
listener.Prefixes.Add("http://*:9998/");
listener.Prefixes.Add("https://*:9999/");
If you use * listener will bind to all interfaces. You will need to run as administrator for it to register.
Now if you run this program on host which has a configured IP for example 192.168.178.39
You should connect using:
http://192.168.178.39:9998
https://192.168.178.39:9999
for SSL to work you will need to use the following command:
netsh http add sslcert ipport=0.0.0.0:9999 certhash=Thumbprint appid={GUID}
In the MSDN example on HttpListener I see that URI supposed to have
also a port, but if it has to be the URI of external machine I am
listening to, then how can I know the port?
In that case you should use the default port http 80 or https 443. You will need to use a local IP though on the machine for the prefix do NOT specify the external IP.
If the network has NAT then configure the firewall to allow traffic on port 443 and 80 to desired host.
Now you can connect using external ip and default ports.
Trying to access a MySQL server using the Renci host SSH library.
I got it working by following the info Creating a forwarded port within an SSH tunnel
Specifically this line got my local port sucessfully set up such that it could be bound:
ForwardedPortLocal port = new ForwardedPortLocal("localhost", 3306, "localhost", 3306));
This is fine, but as I understand it the SSH client is binding to 3306 to receive data back from the server. This is a problem if the user has MySQL already installed as it will be using this port so my service cannot. Of course the service can be stopped but this is not a very friendly process.
I was expecting to be able to pass a High - Ephemeral - Port to listen on for the duration of my connection.
I got a bit confused on which parameter I should pass, having originally thought the second port would be the local port I need to bind to. After extensive experimentation on port configs I am at a loss as to how to handle this.
In addition I tried various overloads but none of the 3 other overloads seemed to produce what I wanted.
Any tips?
Thanks,
Andy
Ok I've resolved this now.
The solution is to modify the MySQL connector string so it uses a Ephemeral port. Picked one at random.
server=localhost; uid=;pwd=; database=; port=14324
Then modify the ForwardedLocalPort to bind to this port.
ForwardedPortLocal port = new ForwardedPortLocal("localhost", 14324, "localhost", 3306);
So we're forwarding the connection to localhost 14324 to localhost 3306 on the remote server.
Next challenge how to ensure that the port I use isn't already bound!!
So to do this use the overload that does not require a port number i.e.
ForwardedPortLocal("localhost", "localhost", 3306)
This will allocate an available Ephemeral port to your process which can be found using:
port.Start();
var portNumber = port.BoundPort;
This can then be added to your MySQL connection string.
I recently deployed an Azure app to the staging environment which is supposed to accept TCP packets in port 2993. When run in the Azure emulator, it does this very well, and performs exactly as it should.
However, now that it is on Azure's staging servers, whenever I try to connect to the TCP port, i get the following SocketException:
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
My web app has two instances, one is a worker role (it has 2993 configured in its endpoints) and a web role (only for port 80). Port 80, by the way, functions perfectly. The web app was created with Visual Studio in C#. Why is this happening and how can I fix it?
All help is greatly appreciated.
I would like to explain what was the issue and why adding above code solve this problem for others benefit.
In your worker role, you configure any TCP endpoint along with any port number. When this VM starts the VM is provisioned to use this port and firewall is included an exception to provide access to this port. By the time your is ready to start your Azure VM already have TCP/IP address and configured port is enabled.
Now when your role starts and if you have any service or application required access this port you really need to l
For example If I have Tomcat/Java configured in my worker role, I must have to create a TCP listener on my configured port. This can be done when my worker role starts as below:
Get the IP address and Port number of the current role instance
Create a TCP Listener and start on this IP address and Port
Add the code to perform step 1) and 2) in my worker role OnStart() function.
The code will look like as below:
TcpListener TomcatPortListener = new TcpListener(RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["TomcatWeb80"].IPEndpoint);
TomcatPortListener.Start();
In your case you you did exactly the same you got the IP address and Port number from and then created an endpoint from a socket address using IP/Port:
RoleInstanceEndpoint externalEndPoint = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["TCPin"];
IPEndPoint localEndPoint = new IPEndPoint(externalEndPoint.IPEndpoint.Address, externalEndPoint.IPEndpoint.Port);
localEndPoint.Create();
It is a must setting for any web or worker role which create TCP endpoint.
It seems the problem had something to do with the program's detection of the server's IP address. By using the following server code instead, I managed to fix the problem:
RoleInstanceEndpoint externalEndPoint = RoleEnvironment.CurrentRoleInstance.InstanceEndpoints["TCPin"];
IPEndPoint localEndPoint = new IPEndPoint(externalEndPoint.IPEndpoint.Address, externalEndPoint.IPEndpoint.Port);
The IPEndpoint can then be used with the tcpListener socket.