Re: trying to connect to pg from within a local network

Albretch Mueller wrote:

> Now, I am also getting "connection refused" messages even though I do
> know tc is running since I can check it with pdAdmin3
>
> org.postgresql.util.PSQLException: Connection refused. Check that the
> hostname and port are correct and that the postmaster is accepting
> TCP/IP connections.

Bad. pgAdmin3 runs on the server, right?
So local connections are possible. Good to know.

>> You should have the following in postgresql.conf:
>> listen_addresses = '127.0.0.1,10.0.31.5'
>
> I did change it

Good.

>> Allowing certain client IP addresses is done in pg_hba.conf.
>
> OK, I did too, this is how my /data/pg_hba.conf looks like:
>
> # TYPE DATABASE USER CIDR-ADDRESS METHOD
>
> # IPv4 local connections:
> host all all 127.0.0.1/32,10.0.31.62 md5
> # IPv6 local connections:
> #host all all ::1/128 md5

That is not correct, you should have entries like this:

host all all 127.0.0.1/32 md5
host all all 10.0.31.62/32 md5
host all all 0.0.0.0/0 reject

But that should not lead to a "connection refused" message like you
encounter, but to a "there is no pg_hba.conf entry" message.

So that is not the immediate problem, though it will become later on.

>> Try the following on the client: telnet 10.0.31.5 5432
>
> C:\>telnet 10.0.31.5 5432
> Connecting To 10.0.31.5...Could not open connection to the host, on
> port 5432: Connect failed

That means that either
a) the PostgreSQL server is not listening on this port
or
b) a firewall blocks you.

>> Try the following on the server: netstat -a
>
> on the server:
>
> C:\Documents and Settings\Administrator>netstat -a
>
> Active Connections
>
> Proto Local Address Foreign Address State
[...]
> TCP BNG-04:5432 BNG-04.exchange.goodwillny.org:0 LISTENING
[...]

OK, that's your PostgreSQL server listening.

> > Is there a firewall involved?
>
> Not from my box, which is a client to pg

The firewall could also be somewhere between your client and the server.

> //__ "netstat -a" on my client box
> C:\>netstat -a
>
> Active Connections
>
> Proto Local Address Foreign Address State
[...]
> TCP BNG-2008:1152 10.0.31.5:netbios-ssn ESTABLISHED
[...]

That at least shows that it is possible to get TCP connections from
your client to the server. At least on port 139.
Could still be that a firewall blocks other ports.

Ok, let's sum up:

- Your server is up and running (you can connect locally).
- Your server is listening on port 5432.
- You cannot open a TCP connection from client to server on port 5432
(but on port 139 you can).

That looks too me like a network/firewall problem.
I know too little about networks, particularly on Windows, to tell you
how to proceed.

But to confirm my suspicion, there's a few things you can try:

- From the client, try "telnet 10.0.31.5 139".
That should not give you an error message.

- From the server, try "telnet 10.0.31.5 5432".
That should also not give you an error message.

If these two work, but "telnet 10.0.31.5 5432" from the client
gives you a "connection refused", I don't know whom to blame but
the network configuration.

Yours,
Laurenz Albe