Time out when accessed remotelly, OK when accessed from localhost

I started jupyterhub on port :80. The service is available from localhost, but from remote IP addresses seems to be blocked (ERR_CONNECTION_TIMED_OUT).

  • ping from remote IPs is OK
  • firewall is inactive
  • used OS is Ubuntu 20.04
    What could be blocking the service? Could it be problem somewhere in jupyterhub configuration?

Details:

Started Jupyterhub service
> sudo jupyterhub --port 80

Web browser from localhost (commandline from localhost)

The service is accessible from from localhost

lynx $ lynx http://127.0.0.1:80/hub/   (OK from localhost)
lynx $ lynx http://123.123.123.123/   (OK from localhost, TIME OUT from remote IP)

As well ping from remote IPs is successful:

c:\Users>ping 123.123.123.123
Pinging 123.123.123.123 with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=9ms TTL=54
Reply from 123.123.123.123: bytes=32 time=9ms TTL=54

Problem
When accessed from other IP adresses the service seems to be unavailable

ERR_CONNECTION_TIMED_OUT

Firewall status:

:~$ sudo ufw status
Status: inactive

Tried also to enable ufw (no success):

sudo ufw allow 22/tcp
sudo ufw allow http
sudo ufw enable
sudo service ufw start

Open ports:

ss -lntu | grep ':80'
tcp    LISTEN  0        511                                    127.0.0.1:8001                           0.0.0.0:*                                            
tcp    LISTEN  0        128                                    127.0.0.1:8080                           0.0.0.0:*                                            
tcp    LISTEN  0        511                                            *:80                                   *:*

What ip address are you binding to? Try

c.JupyterHub.hub_ip = ‘0.0.0.0’

Second idea: Sometimes a second firewall on the same machine is active, e.g. iptables. You need to do some detective work to figure out which firewall service might be active and with which configuration.

Third idea: There might be a network firewall between the server and the client, e.g. if you are in a corporate network. In this case, maybe you need to contact the network administrators.

1 Like

Thank you. I forgot to iptables.

username@tesla:~/paperai$ sudo iptables -L -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
12189   46M ACCEPT     all  --  lo     any     anywhere             anywhere
    0     0 REJECT     all  --  !lo    any     anywhere             localhost/8          reject-with icmp-port-unreachable
 299K  716M ACCEPT     all  --  any    any     anywhere             anywhere             state RELATED,ESTABLISHED
   16   960 ACCEPT     tcp  --  any    any     123.123.0.0/16       anywhere             tcp dpt:ssh
 2746  168K ACCEPT     icmp --  any    any     anywhere             anywhere             icmp echo-request
  169  8488 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:http
  366 18704 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:https
1146K   94M REJECT     all  --  any    any     anywhere             anywhere             reject-with icmp-port-unreachable

Well, I encountered a similar scenario with ufw and iptables working “in parallel”. ufw uses iptables in the background but it does not show the iptables settings.