使用 VirtualBox 将端口直接转发到来宾操作系统
我目前正在使用 Ubuntu 10.04 进行一些 Rails 开发。它使用 VirtualBox 作为来宾计算机安装在 Windows 7 x64 主机上。
在 Ubuntu 中,我尝试将多个端口从远程服务器直接连接到来宾操作系统,以避免下载远程数据库。
假设我想将远程服务器上的端口 5000 转发到来宾操作系统上的端口 5000。
我已经使用 VBoxManage.exe 在 Windows 端设置了端口转发器。这会将 HostPort 5000 转发到 GuestPort 5000。
然后在 ubuntu 中运行 ssh -L5000:127.0.0.1:5000。但是,每当我尝试访问“127.0.0.1:5000”时,我都会收到消息“通道 7:打开失败:连接失败:连接被拒绝”
我是否遗漏了什么?
感谢您的帮助!
I am currently using Ubuntu 10.04 for some rails development. It is installed as a guest machine using VirtualBox on a Windows 7 x64 host.
Within Ubuntu, I am trying to port tunnel several ports from a remote server directly to the Guest OS in order to avoid having to download a remote database.
Let's say I want to forward port 5000 on the remote server to port 5000 on the guest os.
I have set up a forwarder for the port on the Windows side, using VBoxManage.exe. This forwards HostPort 5000 to GuestPort 5000.
Then within ubuntu I run, ssh -L5000:127.0.0.1:5000. However, whenever I try to access "127.0.0.1:5000", I receive the message "channel 7: open failed: connect failed: Connection refused"
Am I missing something?
Thanks for the help!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
连接失败:连接被拒绝
这意味着您无法连接到远程端的 5000。
如果您仅通过 SSH 隧道从来宾内部使用此连接,则不需要从 VBoxManager 进行转发,因为这将打开 op,以便外部计算机可以直接连接到您的来宾,这对您的来宾没有帮助连接到外部。
您确定您连接 (SSH) 的服务器与运行数据库的服务器是同一台服务器吗?数据库是否在该服务器上运行?
当您连接(SSH)到服务器时,您可以尝试列出哪些端口正在侦听连接,或者您可以尝试使用 telnet 连接到数据库。要列出侦听器,您可以运行“netstat -lnt”(-l 显示侦听,-n 是数字(显示 IP 和端口号),-t 是 tcp)。如果您有一个服务在端口 5000 上侦听 TCP,您应该有一行类似“tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN”的行。要尝试连接,您只需执行“telnet 127.0.0.1 5000”即可,如果您无法从服务器使用 telnet 连接,则数据库不会侦听/允许您的连接,或者服务器正在另一个端口或服务器上运行。
connect failed: Connection refused
This means that you'r not able to connect to 5000 on the remote end.
If you'r only using this connection from within your guest through your SSH tunnel then you don't need the forward from VBoxManager, as this will open op so that outside computers can connect directly to your guest, it won't help your guest connect to the outside.
Are you sure the server you connect (SSH) to is the same server that runs your database? And is the database running on that server?
When you've connected (SSH) to the server, you can try to list what ports are listening for connections or you could try to connect to the database with telnet. To list listeners you can run "netstat -lnt" (-l shows listening, -n is numeric (show IP and port number) and -t is tcp). You should have a line like "tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN" if you have a service listening for TCP on port 5000. To try and connect you can simply do "telnet 127.0.0.1 5000", if you can't connect with telnet from the server then the database ain't listening/allowing your connection, or the server is running on another port or server.
SSH 默认使用 TCP 流量,对吗?
只是为了验证一下,VirtualBox 中的 NAT 确实有这些限制(根据用户手册):
NAT 模式有四个限制,用户应注意:
ICMP 协议限制:一些常用的网络调试工具(例如 ping 或 Tracerouting)依赖 ICMP 协议来发送/接收消息。虽然 VirtualBox 2.1 改进了 ICMP 支持(ping 现在应该可以工作),但其他一些工具可能无法可靠地工作。
UDP 广播的接收不可靠:Guest 无法可靠地接收广播,因为为了节省资源,Guest 只在特定端口上发送 UDP 数据后监听一定的时间。因此,基于广播的 NetBios 名称解析并不总是有效(但 WINS 始终有效)。作为解决方法,您可以在 \server\share 表示法中使用所需服务器的数字 IP。
不支持 GRE 等协议:不支持除 TCP 和 UDP 之外的协议。这意味着某些 VPN 产品(例如 Microsoft 的 PPTP)无法使用。还有其他仅使用 TCP 和 UDP 的 VPN 产品。
无法转发低于 1024 的主机端口:在基于 Unix 的主机(例如 Linux、Solaris、Mac OS X)上,无法从非 root 运行的应用程序绑定到低于 1024 的端口。因此,如果您尝试配置此类端口转发,VM 将拒绝启动。
SSH uses TCP traffic by default, right?
Just to verify, NAT in VirtualBox does have these limitations (per the User Manual):
There are four limitations of NAT mode which users should be aware of:
ICMP protocol limitations: Some frequently used network debugging tools (e.g. ping or tracerouting) rely on the ICMP protocol for sending/receiving messages. While ICMP support has been improved with VirtualBox 2.1 (ping should now work), some other tools may not work reliably.
Receiving of UDP broadcasts is not reliable: The guest does not reliably receive broadcasts, since, in order to save resources, it only listens for a certain amount of time after the guest has sent UDP data on a particular port. As a consequence, NetBios name resolution based on broadcasts does not always work (but WINS always works). As a workaround, you can use the numeric IP of the desired server in the \server\share notation.
Protocols such as GRE are unsupported: Protocols other than TCP and UDP are not supported. This means some VPN products (e.g. PPTP from Microsoft) cannot be used. There are other VPN products which use simply TCP and UDP.
Forwarding host ports lower than 1024 impossible: On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible to bind to ports below 1024 from applications that are not run by root. As a result, if you try to configure such a port forwarding, the VM will refuse to start.
尝试
ssh -L5000:0.0.0.0:5000
而不是ssh -L5000:127.0.0.1:5000
有一种叫做“loopback" 与 127.0.0.1 纠缠在一起,如果尝试从另一台机器访问端口,这会让您感到悲伤。即你的主机。
Try
ssh -L5000:0.0.0.0:5000
instead ofssh -L5000:127.0.0.1:5000
There is something called a "loopback" that is tangled up with 127.0.0.1 that will cause you grief if trying to access ports from a different machine. I.e. your host machine.