"Connection refused" vs "No route to host", refusedroute

"Connection refused" vs "No route to host", refusedroute

I used:

Ora10g@localhost.localdomain $ telnet 172.101.19.57 1521
Trying 172.101.19.57...
Telnet: connect to address 172.101.19.57:No route to host
If the port is not opened, the following error occurs:
Ora10g@localhost.localdomain $ telnet 172.27.19.56 1521
Trying 172.27.19.56...
Telnet: connect to address 172.27.19.56:Connection refused
Is it a firewall problem ???
Disable the firewall on the slave Database Server:
[Root @ dcsopen2Node ~] # Service iptables stop
Iptables: Flushing firewall rules: [OK]
Iptables: Setting chains to policy ACCEPT: nat mangle filter [OK]
Iptables: Unloading modules: [OK]
Run the following command from a remote machine:
Ora10g@localhost.localdomain $ telnet 172.101.19.571521
Trying 172.101.19.57...
Connected to 172.101.19.57.
Escape character is '^]'.
It indicates that the port has been opened. More importantly, it is clear that it is a firewall problem.."

The experiment illustrates the differences between "Connection refused" and "No route to host" and the troubleshooting ideas.

First, there is a post on the Internet to explain "Connection refused" vs "No route to host" (http://superuser.com/questions/720851/connection-refused-vs-no-route-to-host ):

"Connection refused" means that the target machine actively rejected the connection. With port 80 as the context, one of the following things is likely the reason:
Nothing is listening on 127.0.0.1: 80 and 132.70.6.157: 80
Nothing is listening on *: 80
The firewall is blocking the connection with REJECT
So check your Apache and iptables config.
"No route to host" refers to a network problem. It is not a reply from the target machine.
"Connection refused" indicates that the target host explicitly rejects the Connection. It may be because the port does not start the listener or the firewall. "No route to host" may be a network problem, not a reply from the target host.

An Experiment Simulation:

Client Machine ip: 172.1.1.1

Target ip Address: 172.1.2.1

1. telnet from the client to an enabled port 1521 of the target machine, but no exception is added to the firewall.

Telnet 172.1.2.1 1521 from 172.1.1.1 and the system prompts no route to host.

Trying 172.1.2.1...

Telnet: connect to address 172.1.2.1: No route to host

In the firewall configuration, add port 1521 to iptables. telnet is normal.

2. telnet an unstarted listening port from the client to the target machine

Port 10001 of 172.1.2.1 is not enabled, and netstat-an | grep 10001 does not exist.

Telnet 172.1.2.1 10001 from 172.1.1.1, and a message indicating connection refused is displayed.

Trying 172.1.2.1...

Telnet: connect to address 172.1.2.1: Connection refused

Conclusion: No route to host is returned by the firewall. It goes through the firewall first, No matter whether the port is used or not. If the firewall is passed but the listener is not started, a Connection refused error is prompted.