連接到遠端伺服器上的 sphinx

我最近將 sphinx 移動到與我們的數據庫相同的伺服器上，所以我們的架構是：

1. 託管我們的網路應用程序的文件伺服器
2. 帶 Sphinx 實例的數據庫伺服器（搜尋）

當我嘗試連接到 sphinx 時，ip.to.db.server出現以下錯誤：

Sphinx response connection to ip.to.db.server:9312 failed (errno=113, msg=No route to host)

為了讓我的網路應用程序可以訪問埠 9312，我需要做些什麼特別的事情嗎？

目前TCP埠LISTEN：

tcp        0      0 0.0.0.0:9306                0.0.0.0:*                   LISTEN      23496/searchd       
tcp        0      0 0.0.0.0:9312                0.0.0.0:*                   LISTEN      23496/searchd 

輸出iptables -L：

Chain INPUT (policy ACCEPT) 
target     prot opt source               destination         
fail2ban-ssh  tcp  --  anywhere             anywhere            multiport dports ssh 
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
RH-Firewall-1-INPUT  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh /* SSH */ 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:lmsocialserver /* monit */ 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https /* HTTPS */ 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webcache /* HTTPProxy */ 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http /* HTTP */ 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql /* MySQL */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  ipremoved_by_poster  anywhere            /* Rackspace monitoring */ 
ACCEPT     all  --  anywhere             anywhere            /* localhost */ 
ACCEPT     icmp --  anywhere             anywhere            icmp any /* ping */ 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain fail2ban-ssh (1 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere 

到目前為止，我已經做了很多搜尋，但沒有運氣。任何幫助深表感謝。

和

問題是IPTABLES阻止我的遠端連接，所以我添加了兩行以確保安全：

vi /etc/sysconfig/iptables

添加以下行：

-A RH-Firewall-1-INPUT -i eth1 -p tcp -m tcp --dport 9312 -m comment --comment "Sphinx" -j ACCEPT
-A RH-Firewall-1-INPUT -s your.remote.ip.address/32 -i eth0 -p tcp -m tcp --dport 9312 -j ACCEPT

將埠調整9312為您有 sphinx 偵聽的埠。

然後我跑了service iptables restart，獅身人面像開始了！

感謝@mdpc 和@sciurus 為我指明了正確的方向。

NOTE:Rackspace 使用RH-Firewall-1-INPUT，但您可能需要使用 justINPUT或其他東西

引用自：https://serverfault.com/questions/592378