SSH forwarding error: bind: Cannot assign requested address

Kapil Thangavelu kapil.thangavelu at canonical.com
Sun Jul 29 14:47:55 UTC 2012 

from your listing below this rule is your problem, probably worthwhile to
figure out why its being inserted. I would guess some sort of firewall
management tool (shorewall, etc) with a default deny policy.

REJECT     all  --  anywhere             anywhere reject-with
icmp-port-unreachable

Just to clarify this is your juju client machine as a hostile environment
for using an open port. Hopefully a move to a REST api instead of ssh
tunneling should alleviate that.

hope that helps,

Kapil


On Sat, Jul 28, 2012 at 10:27 PM, David Medinets
<david.medinets at gmail.com>wrote:

> The issue is back. I did remove that rule. To review, juju bootstrap
> works but juju status displays
>
>   SSH forwarding error: bind: Cannot assign requested address
>
> The response from 'iptables -L' is:
>
> medined at affy:~$ sudo iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     all  --  anywhere             anywhere             state
> RELATED,ESTABLISHED
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:2181
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:2888
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:3888
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9000
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9001
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50010
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50020
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50030
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50060
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50070
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50075
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:4560
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9997
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9999
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:11224
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:12234
> ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:50095
> ACCEPT     tcp  --  anywhere             anywhere             state
> NEW tcp dpt:ssh
> ACCEPT     icmp --  anywhere             anywhere             icmp
> echo-request
> LOG        all  --  anywhere             anywhere             limit:
> avg 5/min burst 5 LOG level debug prefix "iptables denied: "
> REJECT     all  --  anywhere             anywhere
> reject-with icmp-port-unreachable
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> REJECT     all  --  anywhere             anywhere
> reject-with icmp-port-unreachable
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
>
> ---
>
> I just don't know enough about iptables and this kind of security to
> resolve the issue. Juju is so promising that I want it to work. Please
> let me know if there is anything I can do on my side to help determine
> where the issue is.
>
> Thank you for your help so far.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju/attachments/20120729/2c529506/attachment.html>

More information about the Juju mailing list