Private networking issue
Hi! I am trying to use Private networking. I've activated it and now I have a service A calling service B using railway's provided internal hostname.
But I am receiving this error using that private name:
Connection refused: back-end-pizza-catalogue.railway.internal/[fd12:2173:134d:0:0:f:e527:c377]:443
Just to clarify, the application is working using public networking and public railway's hostnames.
May be an issue with the port? :/31 Replies
Project ID:
3e72de25-24dd-4546-bc3f-c79bea6c71e33e72de25-24dd-4546-bc3f-c79bea6c71e3
make sure your app binds to all interfaces, not just all ipv4 interfaces, since internal networking is done over ipv6 only
I am using Java and Spring and IPv6 is supported by default. Otherwise the error would be different.
The error suggest there’s nothing listening on port 443 on back-end-pizza-catalogue.railway.internal
I've tried to make the request manually with a RestTemplate in Spring (since the previous one was done by the framework's load balancer) and the result is the same :/
Caused by: org.apache.http.conn.HttpHostConnectException: Connect to back-end-eureka.railway.internal:443 [back-end-eureka.railway.internal/fd12:2173:134d:0:0:1f:ccb2:ef7] failed: Connection refused
Maybe there are some networking points I don't catch
If I have a service A deployed with PORT env var set to 8761 and I make a request from another service B to A with https://backend-eureka.up.railway.app/eureka (using public domain) then everything is OK
- Since my application is listening on port 8761, I assume there's some kind of port forwarding so when I go to https://backend-eureka.up.railway.app/eureka traffic is being sent to 8761 port.
If I have the same service A deployed and I make a request from another service B to A with https://back-end-eureka.railway.internal/eureka (using private domain) then I got the connection refused error.
- What happens with the port forwarding here?there's no port forwarding internally, if your app is listening on 8761 internally then that is what you would have to make requests to
Yes of course, but with my service deployed with PORT env var set to 8761 why
- GET over https://backend-eureka.up.railway.app/eureka returns 200 OK
- GET over https://back-end-eureka.railway.internal/eureka returns 500 KO (connection refused)
are you trying to make a request to the internal domain from your frontend by chance
nop
from another service in the same environment
and these are both backend services?
it is a microservice trying to register in Eureka server (both services in the same environment, yeah backend)
are you aware that the interface for the internal networking is not bound the instant your app starts, it takes about 100ms, so if you make requests to an internal service in the first 100ms of starting your app it will likely fail
hmmm ok I'll try to add a sleep of 1 second
also, railway does auto generate a PORT for you, you'll want to fix the PORT to a single value by setting PORT = 3000 in your service variables
I have PORT declared in all my services
since every micro runs in a different port
(inherited from local config)
so that means they will always run on the same PORT on every start?
eureka always runs on 8761, ms1 on 8082, ms2 on 8084
for example
yes
okay and are you making sure they bind to all interfaces?
and if you say yes, what makes you sure of it?
As far as I know, Java by default is binded to both Ipv4 and Ipv6, there are some properties to use only of the stacks but by default it binds to all of them
furthermore, the connection attempt recognizes the ip
Connect to back-end-eureka.railway.internal:443 [back-end-eureka.railway.internal/fd12:2173:134d:0:0:31:f7e6:6132] failed: Connection refused
is https supported? should I use http ?this in internal networking, of course you use http
I am using openjdk:17 image, I don't know if maybe there's something wroing with it
don't be fooled by the fancy domain name that railway gives to the internal services, this really is a local internal network
but yes of course it would recognise the IP, since that's the IP that the DNS resolver answered with, but upon connecting to that IP, is where the problem lies, connection refused makes me think that your service is not listening on all interfaces
also, you have requested with 443, but you have told me that none of your services are running on 443
you need to specify the port in the connection string, whether that's 8761, 8082, or 8084
Ok I've changed to
back-end-eureka.railway.internal:8761/eureka
let's seemake sure you are using http
this is the local network, before railways proxy, that means you need to be using http during requests, since your apps are serving http
ooooko
The response status is 200so all good?
Using
http://back-end-eureka.railway.internal:8761/eureka
For future readers:
- Use HTTP instead of HTTPS if you were using public domains before.
- Syntax is http://{railway-internal-domain-provided}:{YOUR_PORT}[/{endpoint}]
greatttyep, you where treating the internal domains like how you would use the external domains
I was trying to replicate the same as public domains
yeah....
I mixed concepts sorry
no worries
have fun playing around with internal domains!
yeah it is super 😄
thanks for your help
no problem!