[SOLVED] Can't reach webserver inside Ubuntu VM

rprichard · Feb 7, 2022

I've been running a service (OctoPrint) via Docker inside an Ubuntu VM. It has been working perfectly, with me able to access the service's web UI via port 4000 of the VM. I've had to switch this to a regular install (not inside Docker), and now it isn't working. While I can access the service from inside the VM at 0.0.0.0:5000 (different port vs the Docker install), I can't see it from outside. If I nmap that VM's IP address, it shows all ports are closed. To rule out the service itself, I added a simple Python webserver on port 80. Same result.

I haven't touched any of Proxmox's firewall settings or anything. I have several other VMs (pfSense, Home Assistant, and TrueNAS) which don't have any issues.

With both services running (old Docker install and new install), here's what I see when I nmap the VM from inside itself:

And here's what I see when I nmap the VM from externally:

I'm a total noob with networking stuff, so forgive me if it's a simple answer. I've done a lot of Googling and troubleshooting but seem to be stuck. I'm banging my head against the wall on this (and really wishing I'd spent more time learning networking basics). Can anyone help?

Edit: Also, here's my /etc/network/interfaces if relevant.

Code:

root@pve:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface enp2s0 inet manual

iface enp7s0f0 inet manual

iface enp7s0f1 inet manual

iface enp8s0f0 inet manual

iface enp8s0f1 inet manual

auto vmbr0
iface vmbr0 inet static
        address 192.168.1.100/24
        gateway 192.168.1.1
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0

iface wlp3s0 inet manual

auto vmbr1
iface vmbr1 inet manual
        bridge-ports enp7s0f0
        bridge-stp off
        bridge-fd 0

auto vmbr2
iface vmbr2 inet manual
        bridge-ports enp7s0f1
        bridge-stp off
        bridge-fd 0

auto vmbr3
iface vmbr3 inet manual
        bridge-ports enp8s0f0
        bridge-stp off
        bridge-fd 0

auto vmbr4
iface vmbr4 inet manual
        bridge-ports enp8s0f1
        bridge-stp off
        bridge-fd 0

t.lamprecht · Feb 8, 2022

rprichard said:
I'm a total noob with networking stuff, so forgive me if it's a simple answer. I've done a lot of Googling and troubleshooting but seem to be stuck. I'm banging my head against the wall on this (and really wishing I'd spent more time learning networking basics). Can anyone help?

Can you please also post the VM's config? qm config VMID

And from inside the VM it'd be interesting to see the listening programs/ports: ss -tulpn

rprichard · Feb 8, 2022

Here you are:

Bash:

qm config 100
agent: 1
balloon: 4096
boot: order=sata0;net0
cores: 4
ide2: local:iso/ubuntu-20.04.3-desktop-amd64.iso,media=cdrom,size=2999936K
memory: 16384
name: Ubuntu
net0: virtio=6A:41:B3:01:3D:61,bridge=vmbr0,firewall=1
numa: 0
onboot: 1
ostype: l26
sata0: local-lvm:vm-100-disk-0,size=32G
scsihw: virtio-scsi-pci
smbios1: uuid=a674f56d-043d-4034-b29e-0c2af037066d
sockets: 1
unused0: local-lvm:vm-100-disk-1
usb0: host=7-1,usb3=1
usb2: host=1d50:614e,usb3=1
vmgenid: e59da13c-e0cf-4382-be83-322879318e4e

and:

Bash:

ss -tulpn
Netid State  Recv-Q Send-Q                     Local Address:Port  Peer Address:Port                   Process                                                 
udp   UNCONN 0      0                          127.0.0.53%lo:53         0.0.0.0:*                                                                               
udp   UNCONN 0      0                                0.0.0.0:33251      0.0.0.0:*                                                                               
udp   UNCONN 0      0                                0.0.0.0:631        0.0.0.0:*                                                                               
udp   UNCONN 0      0                                0.0.0.0:1900       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=31))                   
udp   UNCONN 0      0                             172.17.0.1:5353       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=8))                     
udp   UNCONN 0      0                            192.168.1.4:5353       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=7))                     
udp   UNCONN 0      0                              127.0.0.1:5353       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=6))                     
udp   UNCONN 0      0                             172.18.0.1:5353       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=5))                     
udp   UNCONN 0      0                                0.0.0.0:5353       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=4))                     
udp   UNCONN 0      0                                0.0.0.0:5353       0.0.0.0:*                                                                               
udp   UNCONN 0      0                                0.0.0.0:39326      0.0.0.0:*                       users:(("GeckoMain",pid=2286,fd=150))                   
udp   UNCONN 0      0      [fe80::a9fc:4efe:cf0a:7794]%ens18:546           [::]:*                                                                               
udp   UNCONN 0      0                                   [::]:44934         [::]:*                                                                               
udp   UNCONN 0      0                                   [::]:5353          [::]:*                                                                               
tcp   LISTEN 0      128                              0.0.0.0:5000       0.0.0.0:*                       users:(("octoprint",pid=2277,fd=12))                   
tcp   LISTEN 0      5                                0.0.0.0:80         0.0.0.0:*                                                                               
tcp   LISTEN 0      4096                       127.0.0.53%lo:53         0.0.0.0:*                                                                               
tcp   LISTEN 0      5                              127.0.0.1:631        0.0.0.0:*                                                                               
tcp   LISTEN 0      128                                 [::]:5000          [::]:*                       users:(("octoprint",pid=2277,fd=20))                   
tcp   LISTEN 0      5                                  [::1]:631           [::]:*

rprichard · Feb 8, 2022

I figured it out - it had nothing to do with Proxmox. For some reason Ubuntu's firewall was blocking port 5000 but allowing 4000 through. I just added a rule to allow 5000 (sudo ufw allow 5000) and everything is working. Sorry for the trouble!

t.lamprecht · Feb 9, 2022

Thanks for actually reporting that back so that it may help somebody running into this issue in the future!

Search

Search

[SOLVED] Can't reach webserver inside Ubuntu VM

rprichard

New Member

t.lamprecht

Proxmox Staff Member

rprichard

New Member

rprichard

New Member

t.lamprecht

Proxmox Staff Member

We value your privacy