If the port used by a website is not open in the firewall of the web server, the webpage will not be accessible. "nc" can be used to check if a network port is open and available on a server. Below result indicates port 7042 is open on server serverName.
$ nc -zv serverName 7042
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Connected to 167.xx.xx.50:7042.
Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.
If nothing is listening on port 7042, the result is different. So make sure the apps service is running before using "nc" to check the status.
$ netstat -tuanp | grep 7042
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
$ nc -zv serverName 7042 <= run it on another server
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: Connection refused.
When the port is used on the server, "nc" message No route to host tells us that the port is blocked by firewall of the server.
$ netstat -tuanp | grep 7043
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp6 0 0 167.xx.xx.50:7032 :::* LISTEN 2915615/java
tcp6 0 0 167.xx.xx.50:7032 167.xx.xx.50:52210 ESTABLISHED 2915615/java
tcp6 0 0 167.xx.xx.50:52210 167.xx.xx.50:7032 ESTABLISHED 2922169/java
$ nc -zv serverName 7043 <= run it on another server
Ncat: Version 7.92 ( https://nmap.org/ncat )
Ncat: No route to host.
root is able to see the list of open ports on the firewall of the server:
$ echo $USER
applmgr
$ sudo su -
[sudo] password for applmgr: <= ONLY if sudo root is granted to applmgr
Hostname: serverName.domain.com
OS: Red Hat Enterprise Linux release 8.10 (Ootpa)
Arch: x86_64
[root@serverName ~]# cd /etc/firewalld
[root@serverName firewalld]# firewall-cmd --list-all
internal (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources:
services: cockpit dhcpv6-client mdns samba-client ssh
ports: ... 443/tcp 7042/tcp 7051/tcp 7052/tcp 8004/tcp 4484/tcp ... 734/udp 757/udp 17430/udp ...
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@serverName firewalld]#
In a multi-node EBS instance, ADOP fs_clone failed on 2nd node with message "The admin server for the patch file system is not running". I started WebLogic services in patch filesystem of Primary node serverName successfully:
$ sh adadminsrvctl.sh start forcepatchfs
... ...
adadminsrvctl.sh: exiting with status 0
... ...
$ grep s_wls_adminport $CONTEXT_FILE
<wls_adminport oa_var="s_wls_adminport" oa_type="PORT" base="7001" step="1" range="-1" label="WLS Admin Server Port">7043</wls_adminport>
But, the problem was that console webpage serverName.domain.com:7043/console did not work and showed generic errors. Too many Java errors and messages in WebLogic logfiles under folder $FMW_HOME/user_projects/domains/EBS_domain/servers/AdminServer/logs
made logs not useful as well. Finally, I found port 7043 was not open on the server. After it was added to the firewall by Linux Admin, the WebLogic website became accessible from browsers and then fs_clone worked.
No comments:
Post a Comment