locked
no connection could be made because the target machine actively refused it. 2002

    Question

  • On one of our QA server we have windows service installed. The client code communicate with this service using socket over TCP.  The code has been working for past 6-7 months. But now when client try to connect it, we are getting error "no connection could be made because the target machine actively refused it. 2002..."  We tried using "telnet" command from client machine e.g "telnet 10.10.1.19 6575" and we got the reply back.

    What could be the issue? does "2002" at the end of the error message tells anything?

    here is the error

    Message: Message:

    No connection could be made because the target machine actively refused it [2002:cd30:g3b0:8000:0:5efe:10.10.1.19]:6575

    Type: SocketException

    Stack Trace:

       at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)

       at System.Net.Sockets.Socket.Connect(EndPoint remoteEP)


    • Edited by lax4u Wednesday, November 07, 2012 5:15 AM
    Wednesday, November 07, 2012 4:12 AM

All replies

  • I assume the TCP code also uses port 6575.  I would first try one more time using your TCP code and verify it still fails.  Telnet and TCP are basically the same and when one works the other should work, especially since you have software that has been working for months.  From the symptoms in sounds like your code is probably making a secure connection and telnet is not making a secure connection.  That is why Telnet would work and TCP fail.  Here are some of my thoughts.

    1) Has the code been recompiled?  Has the source code been changes?  Are you debugging in Visual Studio or using the same executable that you always have been using.  Recompiling the code may of caused the problem.

    2) does the code work on a different client?

    3)  Has the Net Library been updated?  Even though the code hasn't changed the compiled code uses dlls.  Some of these dlls are in the windows Net Library folder and others are in the windows\system32 folder.  Check the System32 folder and sort by date. See if there is a recent changes to any of the dlls in this folder.

    4) You may have a virus on the computer. Run your virus protection with the latest updates.

    5) Some virus protection software and/or firewalls block port numbers and sometimes causes these errors.  But  virus protection or firewall would give the same error with both Telnet and TCP.  So I don't think this is the causes.

    6) Some people get a similar error message "that the host refuses" if the Loopback address 127.0.0.1 is used as the Source IP address of the connection.  But this error message from the Net Library always includes the IP address 127.0.0.1.  If this error message occured it would indicate the file

    C:\WINDOWS\system32\drivers\etc\hosts was modified.

    7) A change to the IE setting or a proxy setting could cause the error,  but it doesn't explain why the code has been working unless the Net Library was updated or the source code has changed.  A certificate that expired, or a proxy server not working could also cause the problem.  That would mean Telnet isn't using a secure connection, but you could is using a secure connection.

    8) Are you using a WCF service?  Has the service changed or the xml config file changed?  Is the service running?  Telnet may not be using the service but the visual Studio application can be using the WCF service.

    9) Has anything changed on the Server.  The server may have been upgraded from html1.0 to html 1.1.  Or some header in the Server may of been changed.  Check for changes in the server.  Also make sure you try your code on a different client.

     


    jdweng

    Wednesday, November 07, 2012 5:26 AM
  • The windows service is the Third party service running on QA server, so there is no code change from Windows Service stand point.

    The Client is Windows Workflow Service, it was recompiled and deployed recently BUT there was NO code change that actually makes the call to using TCP socket.  The WF service was updated with some other changes which has nothing to do with socket connection.

    The third party service is also running on DEV environment, We can point our WF service to DEV server and we get back the response. So i think it has nothing to do with our code.

    No virus issue for sure

    The firewall is turned off

    Wednesday, November 07, 2012 4:38 PM
  • MY normal recommendation it to run wireshark while doing the Telnet connection and capture the TCP and HTTP packets.  Then capture packets with wire shark with your code and comare the two results.

    Sometimes brainstorming like my previous posting gets good results.  This time it didn't.  I think it some security issue.  After using wireshark re-read my last posting to see if anything I said makes sense.


    jdweng

    Wednesday, November 07, 2012 5:03 PM
  • Hi,             is your service running on that port? can you run any other sample application and check it on that port?

    Regards.


    Please remember to mark the replies as answers if they help and unmark them if they provide no help , or you may vote-up a helpful post

    Thursday, November 08, 2012 3:34 PM
  • Are there sample applications available that will do SIMPLE client server communication just to make sure the ports are working. I can write small console app but trying to save my time here
    Tuesday, November 13, 2012 9:46 PM
  • The easier way is to run telnet on both machines.  Start one Telnet application as a listener and connect to the local IP address on the computer with a port number.  The 2nd telnet application you conect to the same IP address and port as the 1st.

    jdweng

    Tuesday, November 13, 2012 9:53 PM
  • I think I found it but want to know why?

    Below is my GetConnection method which makes a call to server. I’m using index to get the IP address from the IPHostEntry.AddressList array. Issue is the index ‘0’ used to return actual numeric IP address but now its returning mac address, and after further debugging I found the numeric IP address is at index ‘1’

    I wrote a small console app  that loop through the array of Address and here what I found

    Index 0:  [2002:cd30:g3b0:8000:0:5efe:10.10.1.19]:6575

    Index 1:  10.10.1.19

    What could changed on the server that causing this issue so that I can tell my N/W guys to fix it?? Remember that this code has been working for last 6-7 months and it stopped working after some updates on the server.

     private Socket GetConnection()
            {
                Socket tempSocket = null;
                IPHostEntry hostEntry = Dns.GetHostEntry(this.Host);
                IPAddress hostAddress = hostEntry.AddressList[0];
                if (this.Host == "localhost")
                {
                    hostAddress = IPAddress.Loopback;
                }
    
                IPEndPoint ipe = new IPEndPoint(hostAddress, this.Port);
                bool notconnected = true;
                int numtries = 1;
                while (notconnected)
                {
                    if (numtries < 5)
                    {
                        try
                        {
                            // This is looped for two reasons:
                            // (1) sometimes it takes a few tries to "wake up" the connection
                            // (2) If more than 10 sockets are created in one second, some will fail (Microsoft)
                            tempSocket = new Socket(ipe.AddressFamily, SocketType.Stream, ProtocolType.Tcp);
                            tempSocket.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true);
                            LingerOption lingerOption = new LingerOption(false, 1);
                            tempSocket.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.Linger, lingerOption);
                            tempSocket.Connect(ipe);
                            notconnected = false;
                        }
                        catch (Exception ex)
                        {
                            tempSocket.Close(0);
                            Thread.Sleep(_THREADPAUSEVALUE);
                            LogError(ex, numtries);
                            numtries++;
                        }
                    }
                    else
                    {
                        throw new Exception("Could not connect to server");
                    }
                }
    
                return tempSocket;
            }

    Wednesday, November 14, 2012 4:13 PM
  • Try making this change

    From
    IPHostEntry hostEntry = Dns.GetHostEntry(this.Host);

    To

    LocalHostName = Dns.GetHostName();
    IPHostEntry hostEntry = Dns.GetHostEntry(LocalHostName);
    LocalHostIP = hostEntry.AddressList[0];

     

    Using GetHostName was code I developed that I have seen a lot of people copy.  I was having problems a coule of years ago that my computer at home and at work had the Host file set differently.  In one case the local host was set to 127.0.0.1 (loopback) and in the other case it was an IP address.  So instead of writing a filter like you wrote I developed the new code I posted.


    jdweng

    Wednesday, November 14, 2012 4:56 PM
  • jdweng

    Well the code i posted above is client side code. Your code will give back localhost which client doesnt need.

    IPHostEntry hostEntry = Dns.GetHostEntry(this.Host);

    this.Host is the string IP address of the Server stored in client's configuration file

    Wednesday, November 14, 2012 7:35 PM
  •  The code I posted is for a client side.  The server starts first and does listen at the local IP address.   The client must attach a source IP address as well as the destination IP address.  ther desintation (the server) must know where to send the response.  The source IP address cannot be the loopback address.  My code does exactly what your patch code does.  Try it.  It is possible that your code stopped working because your are incorrectly putting the Server IP address in the form instead of the client IP address.

    jdweng

    Wednesday, November 14, 2012 9:14 PM
  • so you mean the following code will work? i dont think so because in this code client is trying connect to itself. Code does not even connect to Host address anywhere. NOTE that this.Host is the IP address of the server

    Also the issue is AddressList array is returning mac address at index 0 instead of numeric IP address. Please read my erlier post

    private string Host = "10.2.2.81"; // server ip
    private int Port = 11000; // server port
    
    private Socket GetConnection()
            {
                Socket tempSocket = null;
                // IPHostEntry hostEntry = Dns.GetHostEntry(this.Host); old code
                //IPAddress hostAddress = hostEntry.AddressList[0];	
            	
    		// your recommended code
    		string LocalHostName = Dns.GetHostName();
    		IPHostEntry hostEntry = Dns.GetHostEntry(LocalHostName);
    		IPAddress LocalHostIP = hostEntry.AddressList[0];
            
    
    	    
    //            if (this.Host == "localhost")
    //            {
    //                hostAddress = IPAddress.Loopback;
    //            }
    
                IPEndPoint ipe = new IPEndPoint(LocalHostIP, this.Port);
                bool notconnected = true;
                int numtries = 1;
                while (notconnected)
                {
                    if (numtries < 5)
                    {
                        try
                        {
                            // This is looped for two reasons:
                            // (1) sometimes it takes a few tries to "wake up" the connection
                            // (2) If more than 10 sockets are created in one second, some will fail (Microsoft)
                            tempSocket = new Socket(ipe.AddressFamily, SocketType.Stream, ProtocolType.Tcp);
                            tempSocket.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true);
                            LingerOption lingerOption = new LingerOption(false, 1);
                            tempSocket.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.Linger, lingerOption);
                            tempSocket.Connect(ipe);
                            notconnected = false;
                        }
                        catch (Exception ex)
                        {
                            tempSocket.Close(0);
                            Thread.Sleep(_THREADPAUSEVALUE);
                            LogError(ex, numtries);
                            numtries++;
                        }
                    }
                    else
                    {
                        throw new Exception("Could not connect to server");
                    }
                }
    
                return tempSocket;
            }


    • Edited by lax4u Thursday, November 15, 2012 5:19 AM
    Thursday, November 15, 2012 5:17 AM
  • I think the code will work by doing a good visual.  I normally for a TCP client just use a port number and the server IP address for the connection.  The routing table inside the PC should determine which interface (network card) to use to get to the server.  This will work provided the network cards were properly configured with IP address and Mask so ther are no routing loops.  I should also say that all the routers and PCs in the network IP address and Masks were also configured properly. 

    You also chaeck the data the following foile was modified on the PC.  Modifying the Host file may explain why the code stopped working.

    C:\WINDOWS\system32\drivers\etc\hosts

    I'm not sure why it is necessary to loop 5 times while making a TCP connection.  If it doesn't work the 1st time looping won't normally solve the problem unless there are other things wrong with the network.  Looping will just mask the root causes of your network problems.  If TCP doesn't connect the 1st time it indicates the route between the slient and server is taking a very long time to complete.  Your route may be going 1/2 way around the world or going through computer that is in a power down mode.  A good test to make sure your route is good is to disconnect the route for at least 1/2 hour to make sure the route is not in the ARP table.  You can verify that the route is not in the route table by using ARP -a.  Then doing a ping from the client to server and see the response time and verify the 1st echo returns a response.  If the ping always return a response (when not in ARP table) to the first echo then looping is not necessary.

    the comment in your code that you are having issues with more than 10 sockets is also an indication that your masks that you are using may have issues.  Here are some guideline I often recommend.  I worked as a Networked as network engineer configuring different test beds for our network testing and had to solves these type problems many times when other engineers mis-configured our test network.  Use the comand IPCONFIG /All to verify the network card settings

    PC configuration

    1) One and only one Network Card on a PC should have the default gateway maks of 0.0.0.0.

    2) The default route should always lead towards the back bone (outside world) which is the gateway to the internet (not intranet).

    3) You should never have two network cards resolve to the same IP and Mask.  If a PC has more than one network card it should look like this

           a) 192.1.1.1  mask 255.0.0.0

           b) 193.1.1.1 mask  255.0.0.0

    Note you should not have 192.1.1.2 with mask 255.0.0.0 with above.  You can have 192.1.1.2 with mask 255.255.0.0.  You only want to have one route between two computers.  the routing tables in the host will alwaya take the more precise route (255.255.0.0 before 255.0.0.0).

    Subnet configuration  - Computers attached to the same GateWay. if a PC has more than one network card each card is in a different subnet.  The subnet can be a virutal subnet meaing the mask determine the subnet.  It is better network design not to have mutliple subnets connected on the same ethernet cable.

    1) Only one Gateway should exist in the subnet with a mask of 0.0.0.0.  If you want to have a backup gate way use a less restrictive mask like 255.0.0.0.  Then make all other computers in the subnet wiht mask 255.255.255.0.  The Gateway can either be a router or a PC with more than one network card.

    2) No two computers in a subnet should have IP addresses and mask that resolve to exactly the same results.

    3) No two computers should have the same IP address

    4) A subnet should either be configured with fixed IP addreses or use DNS to assigned IP addresses.  Never have a subnet with a mixture of DNS and Fixed IP addresses.  There is nothing that prevents the DNS server from assigning the same IP address to a computer that is already configured with a fixed IP address.  The DNS server has a range of IP addresses that is uses to assign other computers.  The fixed IP address must be outside the range of addresses the the DNS server is using.

    Even using the above rules you can occasionally havve problems.  For example if the DNS server is not on a UPS and looses power which other computers don't shutdown.  The DNS server may assign the same IP address to two computers (one before the power shutdown and one after the power was restored).


    jdweng

    Thursday, November 15, 2012 11:02 AM
  • Thanks Joel

    Thanks for the explanation. I checked the host file there is no special settings in that host file.  It’s a default host file created while installation.

    I wrote a small console app and run it on the server.

    IPHostEntry hostEntry = Dns.GetHostEntry(Dns.GetHostName());
    for (int i = 0; i < hostEntry.AddressList.Length; i++)
    {
      Console.WriteLine(string.Format("Index {0}: {1} {2}", i, hostEntry.AddressList[i], hostEntry.AddressList[i].AddressFamily));
    }

    This code returns the following.( Note that I scrabbled the IP)

    Index 0: fe80::5bfb:11.2.3.62%12 InterNetworkV6

    Index 1: 2002:de11:f3h0:8000:0:5bfb:11.2.3.62 InterNetworkV6

    Index 2: 11.2.3.62 InterNetwork

    In order to connect to server from client I need the Numeric IP address of the server and it looks like the AddressFamily of Numeric IP is InterNetwork. I can just filter the address list using the following code

    var ipaddress = hostEntry.AddressList.First(x=>x. AddressFamily == AddressFamily. InterNetwork);

    And then use this ipaddress to connect

    IPEndPoint remoteEP = new IPEndPoint(ipAddress, port);

    Questions:

    1>     Is it possible that hostEntry.Addresslist or Dns.GetHostAddresses() can return multiple InterNetwork type address? Or there will be always ONE InterNetwork type address in the list?

    2>     Whats InterNetwork IP address?


    To summarize evrything my non working code is trying to connect to server using InterNetworkV6, and server is refusing that connection





    • Edited by lax4u Thursday, November 15, 2012 4:17 PM
    Thursday, November 15, 2012 3:25 PM