Résolu

Opening port does not work (linux)


Hi all,

please feel free to answer in French, my reading skills are ok, my writing skills poor to say the least.

I've been trying to open a port on my machine to the outside world but I can't get it to work. Some info:
  • OS: Linux Mint (17.2 Rafaela)
  • Voo Netgear router in router mode.
  • Cabled connection
  • Fixed local static ip address: 192.168.0.15. Configured in the router.
  • NAT rule added for 192.168.0.15, port 1234 as well as 6112, BOTH
  • Rebooted the router at least twice, to make sure.
  • Disabled ipv6 as a check.
I've removed all firewall rules
code:
$ sudo iptables -F
$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

I listen on a port with
code:
$ nc -l 1234

Locally accessing the port works:
code:
$ nc -vz localhost 1234
Connection to localhost 1234 port [tcp/*] succeeded!

But using my public IP it does not:
code:
$ nc -vz 149.xxx.xxx.xx 1234

this command hangs. Browsing to the url also hangs. I tried the same with nginx on port 80 as well as 81, to no avail. Tried this from my own machine as well as from a remote (outside of my home network) machine.

I'm stumped. Am I missing a step somewhere, or are my ports being blocked at the Voo level? I also tried with ports 80, 81 and 6112 but I got nothing to work. Any help would be appreciated!
icon

Meilleure réponse par pthierry 27 mai 2016, 14:11

Hello adversus,

Did you check if your WAN IP address (in your modem settings) is a public one ? Often one get a private (10.x.x.x) IP for the WAN (because of the use of CGN) which makes it impossible to route incoming trafic.

If it's the case, you simply have to ask VOO to provide you with a public IP address.

Hope it helps,
Thierry.
Afficher l'original

10 commentaires

Niveau d'utilisateur 7
Badge +12
Hello,
Vous êtes probablement sur un CGN ( IP privée)
Pouvez vous me donner les 2 premières séries de chiffres de votre adresse IP WAN dans le diagnostic du modem VOO ?
Si votre IP WAN commence par 10.X vous êtes en IP privée et il faut demander à VOO de vous remettre en IP publique
l' adresse IP 149.x.x.x est l'adresse publique du CGN
In English
You are probably on a CGN (private IP) ( CARRIER GRADE NAT) https://en.wikipedia.org/wiki/Carrier-grade_NAT
Can you give me the first 2 series of numbers of your WAN IP address in the diagnostics of the VOO modem.
If your WAN IP begins by 10.x.x, you are in "private IP" and thus it is necessary to ask to VOO to put back you in public IP.
The 149.x.x.x IP adress is the public adress of the CGN.
Hello adversus,

Did you check if your WAN IP address (in your modem settings) is a public one ? Often one get a private (10.x.x.x) IP for the WAN (because of the use of CGN) which makes it impossible to route incoming trafic.

If it's the case, you simply have to ask VOO to provide you with a public IP address.

Hope it helps,
Thierry.
Niveau d'utilisateur 7
Badge +12
LOL, réponses presque synchros...
Hi both,

wow, crazy response times! You're both right of course, the ip on the voo config shows 10.xx and not 149.xx. I had never heard of "CGN" before, thanks for the TIL. I'll take up contact with Voo *shudder*.

Thanks!

edit: I marked the first answer as "the answer", although I also really appreciated the thoroughness (and bilinguality) of roylion15's.
Niveau d'utilisateur 7
Hi Adversus,

Your Ip should be public now, can you make some tests and come back to me if it's not ok ?

Best,
Hi Adversus,

Your Ip should be public now, can you make some tests and come back to me if it's not ok ?

Best,

Hi Adrien,

thanks for taking the time to reply here, will save both of us some time 🙂 My WAN IP address is still listed as "10.240.xxx.x", public IP is 149.xxx.xxx.xxx (as you can probably see on your support software?). I just left the router powered off for 15 minutes. Tests are not working (note that I switched back to wifi, local ip is still 192.168.0.15). I have nginx running on port 81 if you care to try, I can access it through localhost. Do I need to wait longer?
Niveau d'utilisateur 7
Something went wrong during the switch but it should be solved within 24 hours. Sorry for the delay Adversus.

I'll let you know when it's done 🙂
Something went wrong during the switch but it should be solved within 24 hours. Sorry for the delay Adversus.

I'll let you know when it's done :)

Ok, thanks. Waiting is no problem, it's the not knowing that can be frustrating but you're taking care of that wonderfully 🙂 (note that I shut down everything listening on those ports)
Niveau d'utilisateur 7
Something went wrong during the switch but it should be solved within 24 hours. Sorry for the delay Adversus.

I'll let you know when it's done :)

Ok, thanks. Waiting is no problem, it's the not knowing that can be frustrating but you're taking care of that wonderfully 🙂 (note that I shut down everything listening on those ports)


I had the confirmation this morning that your IP has been switched to public (and I double check juste in case).
So it should be working for you now, let me know if it's not the case 🙂
Thanks for following this up. I checked yesterday evening and everything worked like a charm!

Commenter