Vagrant's port forwarding not working [closed]

V

5

112

I'm running into a small problem at the end of the Getting Started guide for vagrant. I'm working on a CentOS basebox that has Apache2 running (provisioning via Puppet). I've set up port forwarding for web requests using the following line in Vagrantfile:

 config.vm.forward_port "web", 80, 4567

But when I make requests to that port, they fail. The error reported by Safari is 'Safari can’t open the page “http://localhost:4567/” because the server unexpectedly dropped the connection.'

I did a vagrant reload and saw "[default] -- web: 80 => 4567 (adapter 1)" in the scroll, so where should I begin to troubleshoot this? Thanks.

Vitriform answered 12/5, 2011 at 20:42 Comment(5)

What does curl -v 'http://localhost:4567/' say? Sometimes Safari is a bit too nice at hiding error messages. – Kraus 12/5, 2011 at 20:46

Also, does curl 'http://localhost:80' from the VM itself work? If not, the problem isn't the port forwarding. – Kraus 12/5, 2011 at 20:47

@Steve Losh curl from within the VM is working. curl from the host gives me (52) Empty reply from server. – Vitriform 12/5, 2011 at 20:58

The vagrant reload help me on similar question... – Perrin 5/8, 2015 at 3:23

For me the case was with symfony 3: - when run sudo php bin/console server:run which makes server running on 127.0.0.1:8000 then I cannot access from web browser, curl in virtual machine accessed. When ran sudo php -S 0.0.0.0:8000 in web directory, I could access 127.0.0.1:8082/app_dev.php . Do not understand why this happens, but works. – Loiret 8/4, 2016 at 13:30

K

81

I'll make this an actual answer instead of just more comments.

First thing: try curl 'http://localhost:80' from within the VM. If that doesn't work, then it's definitely not the port forwarding.

Next: try curl -v 'http://localhost:4567/' from your host machine. Curl might give you a better error message than Safari.

I'd check that there are no firewalls set up restricting access to port 80. The default Vagrant VM (Ubuntu) doesn't come with a firewall set up, but you said you're using something else, so it might be worth it to check.

If that's not it, try making something other than Apache listed on port 80. Python ships with a simple HTTP server you can use -- go to the folder with index.html and run sudo python -m SimpleHTTPServer 80, then try hitting that with curl from both boxes. If that works, then it's probably an Apache configuration issue. I don't have enough experience with Apache to help if that's the case (I use nginx).

Kraus answered 13/5, 2011 at 13:7 Comment(5)

Basically, I suck at RedHat and iptables. I checked to make sure the default policy was ACCEPT for incoming connections, but didn't pay attention to RedHat's custom rule chain, which has a catch-all REJECT rule as the last rule in the chain. tl;dr I had a firewall in the way and just didn't notice. – Vitriform 14/5, 2011 at 12:53

Thanks! That sneaky firewall rule is what caused my problems on RHEL 5.5. – Specification 25/6, 2012 at 15:7

I reprint Robert's comment below because it is such a trivial way to check: Run service iptables stop as root to quickly rule out a Guest firewall issue. Reenable it later if needed. – Royall 13/5, 2013 at 10:29

had same issue with a weird centos image; iptables was restricting almost everything. I followed this iptable centos guide (solution in section 3 Writing a Simple Rule Set) and it worked like a charm :) – Glance 8/5, 2014 at 18:21

for me curl was working inside so i enabled networking in Vagrantfile and ran command vagrant reload – Linton 6/4, 2017 at 10:39

B

275

I wanted to add an additional note that often this is caused by the server within the VM because it binds to 127.0.0.1, which is loopback. You'll want to make sure that the server is bound to 0.0.0.0 so that all interfaces can access it.

Some built-in app servers such as Django's development servers and some Ruby servers default to 127.0.0.1 by default so this is something to watch out for.

Other than that, what Steve said holds true: Make sure it works from within the VM and try some other simple servers to try and figure out if it is a configuration problem.

Boger answered 14/5, 2011 at 5:11 Comment(8)

This was the fix needed for shotgun running webrick. – Shatterproof 21/2, 2013 at 20:15

This solved the problem for me. To bind Torquebox to 0.0.0.0 run it with: torquebox run -b 0.0.0.0 – Cyndie 23/8, 2013 at 7:47

Yep this was the problem. Need to bind to 0.0.0.0. I wonder if there's a way that Vagrant can automatically make this problem go away in the future? – Mailer 2/6, 2014 at 3:54

same problem with sinatra and webrick: "set :bind, '0.0.0.0'" solved the issue – Airsickness 4/10, 2014 at 20:1

This fixed the problem for me with a nodejs server, binding to 0.0.0.0 instead of 127.0.0.1. – Invective 10/6, 2015 at 7:32

This question helped me figure out how to perform this action with Rails - #28668936 – Assuan 24/11, 2015 at 21:57

I had the same issue with gatsbyjs, so I needed to run like gatsby develop -H 0.0.0.0. Then http://localhost:8000 works :) – Impotence 14/9, 2018 at 5:18

Apologies for adding another useless comment.... BUT this worked for me too :D Thank you!!! – Militarize 9/4, 2019 at 10:56

K

81

I'll make this an actual answer instead of just more comments.

First thing: try curl 'http://localhost:80' from within the VM. If that doesn't work, then it's definitely not the port forwarding.

Next: try curl -v 'http://localhost:4567/' from your host machine. Curl might give you a better error message than Safari.

I'd check that there are no firewalls set up restricting access to port 80. The default Vagrant VM (Ubuntu) doesn't come with a firewall set up, but you said you're using something else, so it might be worth it to check.

If that's not it, try making something other than Apache listed on port 80. Python ships with a simple HTTP server you can use -- go to the folder with index.html and run sudo python -m SimpleHTTPServer 80, then try hitting that with curl from both boxes. If that works, then it's probably an Apache configuration issue. I don't have enough experience with Apache to help if that's the case (I use nginx).

Kraus answered 13/5, 2011 at 13:7 Comment(5)

Basically, I suck at RedHat and iptables. I checked to make sure the default policy was ACCEPT for incoming connections, but didn't pay attention to RedHat's custom rule chain, which has a catch-all REJECT rule as the last rule in the chain. tl;dr I had a firewall in the way and just didn't notice. – Vitriform 14/5, 2011 at 12:53

Thanks! That sneaky firewall rule is what caused my problems on RHEL 5.5. – Specification 25/6, 2012 at 15:7

I reprint Robert's comment below because it is such a trivial way to check: Run service iptables stop as root to quickly rule out a Guest firewall issue. Reenable it later if needed. – Royall 13/5, 2013 at 10:29

had same issue with a weird centos image; iptables was restricting almost everything. I followed this iptable centos guide (solution in section 3 Writing a Simple Rule Set) and it worked like a charm :) – Glance 8/5, 2014 at 18:21

for me curl was working inside so i enabled networking in Vagrantfile and ran command vagrant reload – Linton 6/4, 2017 at 10:39

T

33

I had the same problem on CentOS 6.3 w/ NGINX and found the answer to be in the iptables on the vagrant box.

From bash on the vagrant box, follow these steps:

First list current iptable rules

iptables -L -v

Then flush current rules:

iptables -F

Allow SSH connections on tcp port 22

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Set default policies for INPUT, FORWARD and OUTPUT chains

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

Set access for localhost

iptables -A INPUT -i lo -j ACCEPT

Accept packets belonging to established and related connections

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Save settings

/sbin/service iptables save

List modified rules

iptables -L -v

Curl localhost:[port#] or hit it in your browser from outside vagrant

More info on CentOS iptable configs found here:

http://wiki.centos.org/HowTos/Network/IPTables

Good luck.

Tectrix answered 19/12, 2012 at 1:16 Comment(4)

Thanks for writing this up. I had this same problem on Fedora 18, so it's not specific to CentOS. I hope that helps someone else. :) – Metaphrase 11/2, 2013 at 20:23

This was me on CentOS. service iptables stop – Warnock 22/4, 2013 at 19:9

iptables -F alone did it for me – Nitz 15/2, 2015 at 14:56

I found a solid solution to this with some exec commands listed in this blog post to solve this same issue techie-notebook.blogspot.com/2014/05/… I had to replace my path with the ${os_path} sections as I didn't have that variable available. – Pickaback 22/5, 2016 at 20:16

H

27

A better solution for me is disabling the firewall

service iptables stop
chkconfig iptables off

Hardboiled answered 20/12, 2012 at 18:38 Comment(2)

+1 Worked for me. For using a local VirtualBox instance, I had no need for a firewall. – Craddock 4/6, 2013 at 8:59

it's a good trick if you wanna a temporary fix – Gailgaile 10/7, 2015 at 14:13

L

0

I want to add another note like Mitchell as well. if my case I forward it to 6789 from 80

$ curl -v http://localhost:6789

And I got

<HTML>
<HEAD><TITLE>Redirection</TITLE></HEAD>
<BODY><H1>Redirect</H1></BODY>

Then, I used the IP address instead, it got the correct html message.

Lemmueu answered 19/10, 2011 at 7:20 Comment(0)

Recommended topics

Hot tags