AWS public DNS for ubuntu instance is not accessible from the browser

0
votes

I am relatively new to AWS and I've been looking at quite a few tutorials for the past couple of days trying to figure out how to make my AWS ubuntu instance accessible from the browser.

What I've done:

1st: I configured security groups to accept all traffic for ssh, http, https just to see if the public DNS listed in the instance is accessible.

2nd: I changed the IP of my instance to an elastic IP

3rd: I wrote a simple node.js file that listens on port: 9000 and console.logs 'hello world'

For some reason ssh works, and I can run my node.js file, but agina I cannot access the remote instance from the browser.

Any help would be greatly appreciated since I've been on this for a couple of days

Thanks!

Thank you everyone for the quick responses!

My issue was I did not include a TCP rule to my specific port. Now I am able to access that port via ec2-DNSNAME:9123.

And, just to clarify, if I want to host that DNS for all traffic I should specify 'anywhere' for the TCP rule, correct?

3
amazon-web-servicesubuntudns

3 Answers

1
votes

I configured security groups to accept all traffic for ssh, http, https

In security groups, "HTTP" does not mean "HTTP on any port"... it means "any traffic on TCP port 80" -- 80 being the standard IANA assigned port for HTTP.

Security groups are not aware of the type of traffic you are passing, only the IP protocol (e.g. TCP, UDP, ICMP, GRE, etc.) and port number (for protocols that use port numbers) and any protocol specific information (ICMP message types).

You need a rule allowing traffic to port 9000.

0
votes

Firstly go to your EC2 and see if curl http://localhost works..

Also, if you are exposing your nodejs on port 9000 ; did u open 9000 also on security groups or not ?

0
votes

Few things to check:

  • Security groups
  • Subnet NACLS (these can function as a subnet level firewall, but unless you've messed with these they should allow all traffic.)
  • On the server if you run netstat -na | grep <PORT> do you see your application listening on the correct ports?
  • You may also check your system for a firewalls that could be short circuiting the requests.

If the above doesn't point you towards where your issue is you can grab tcpdump and filter it just for requests coming from your web browser (e.g after installing tcpdump -vvn host 10.20.30.40 port 8000 Substitute your ip and port). This will let you know if you're running into a network issue (Packets aren't reaching the server) or if its something with the app.

I'd also recommend using IP addresses while doing your initial troubleshooting. That way we can establish it is not network/server configuration before going into DNS.