bitmite's picture

I don't believe it's a network issue since I can hit the IP and Port. Any help with be mush appreciated!

PS C:\Windows\system32> Test-NetConnection 10.2.77.30 -Port 12321


ComputerName     : 10.2.77.30
RemoteAddress    : 10.2.77.30
RemotePort       : 12321
InterfaceAlias   : Ethernet
SourceAddress    : 10.2.77.70
TcpTestSucceeded : True

Other details:

root@Jellyfin ~# turnkey-version
turnkey-mediaserver-16.1-buster-amd64


root@Jellyfin ~# netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      274/sshd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      454/master
tcp        0      0 0.0.0.0:37017           0.0.0.0:*               LISTEN      276/rpc.mountd
tcp        0      0 0.0.0.0:41689           0.0.0.0:*               LISTEN      276/rpc.mountd
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      330/smbd
tcp        0      0 127.0.0.1:12319         0.0.0.0:*               LISTEN      505/shellinaboxd
tcp        0      0 0.0.0.0:8096            0.0.0.0:*               LISTEN      267/jellyfin
tcp        0      0 0.0.0.0:12320           0.0.0.0:*               LISTEN      270/stunnel4
tcp        0      0 0.0.0.0:2049            0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:12321           0.0.0.0:*               LISTEN      268/stunnel4
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      330/smbd
tcp        0      0 0.0.0.0:33867           0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:59147           0.0.0.0:*               LISTEN      276/rpc.mountd
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/init
tcp        0      0 127.0.0.1:10000         0.0.0.0:*               LISTEN      568/perl
tcp6       0      0 :::60821                :::*                    LISTEN      276/rpc.mountd
tcp6       0      0 :::22                   :::*                    LISTEN      274/sshd
tcp6       0      0 :::443                  :::*                    LISTEN      507/apache2
tcp6       0      0 :::445                  :::*                    LISTEN      330/smbd
tcp6       0      0 :::36543                :::*                    LISTEN      276/rpc.mountd
tcp6       0      0 :::2049                 :::*                    LISTEN      -
tcp6       0      0 :::12322                :::*                    LISTEN      507/apache2
tcp6       0      0 :::139                  :::*                    LISTEN      330/smbd
tcp6       0      0 :::41837                :::*                    LISTEN      276/rpc.mountd
tcp6       0      0 :::43599                :::*                    LISTEN      -
tcp6       0      0 :::111                  :::*                    LISTEN      1/init
tcp6       0      0 :::80                   :::*                    LISTEN      507/apache2



root@Jellyfin ~# systemctl status stunnel4@webmin
* stunnel4@webmin.service - Universal SSL tunnel for network daemons (webmin)
   Loaded: loaded (/lib/systemd/system/stunnel4@.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-10-01 00:01:29 UTC; 1min 37s ago
  Process: 254 ExecStart=/usr/bin/stunnel4 /etc/stunnel/webmin.conf (code=exited, status=0/SUCCESS)
 Main PID: 268 (stunnel4)
    Tasks: 2 (limit: 9830)
   Memory: 1.5M
   CGroup: /system.slice/system-stunnel4.slice/stunnel4@webmin.service
           `-268 /usr/bin/stunnel4 /etc/stunnel/webmin.conf

Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Compiled with OpenSSL 1.1.1b  26 Feb 2019
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Running  with OpenSSL 1.1.1d  10 Sep 2019
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Reading configuration from file /etc/stunnel/webmin.conf
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: UTF-8 byte order mark not detected
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: FIPS mode disabled
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Configuration successful
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Binding service [webmin] to :::12321: Address already in use (98)
Oct 01 00:01:29 Jellyfin stunnel[254]: LOG5[ui]: Switched to chroot directory: /var/lib/stunnel4/
Oct 01 00:01:29 Jellyfin systemd[1]: Started Universal SSL tunnel for network daemons (webmin).

root@Jellyfin ~# systemctl status stunnel4@shellinabox
* stunnel4@shellinabox.service - Universal SSL tunnel for network daemons (shellinabox)
   Loaded: loaded (/lib/systemd/system/stunnel4@.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-10-01 00:01:29 UTC; 2min 0s ago
  Process: 256 ExecStart=/usr/bin/stunnel4 /etc/stunnel/shellinabox.conf (code=exited, status=0/SUCCESS)
 Main PID: 270 (stunnel4)
    Tasks: 2 (limit: 9830)
   Memory: 1.5M
   CGroup: /system.slice/system-stunnel4.slice/stunnel4@shellinabox.service
           `-270 /usr/bin/stunnel4 /etc/stunnel/shellinabox.conf

Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: Running  with OpenSSL 1.1.1d  10 Sep 2019
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: Reading configuration from file /etc/stunnel/shellinabox.conf
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: UTF-8 byte order mark not detected
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: FIPS mode disabled
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: Configuration successful
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: Binding service [shellinabox] to :::12320: Address already in use (98)
Oct 01 00:01:29 Jellyfin stunnel[256]: LOG5[ui]: Switched to chroot directory: /var/lib/stunnel4/
Oct 01 00:01:29 Jellyfin systemd[1]: stunnel4@shellinabox.service: Can't open PID file /var/lib/stunnel4/shellinabox.pid (yet?) after start: No such file or directory
Oct 01 00:01:29 Jellyfin systemd[1]: Started Universal SSL tunnel for network daemons (shellinabox).

 

 

 

Forum: 

The only thing that immediately jumps out to me is that both your logs for "stunnel@webmin" and "stunnel@shellinabox" show

Address already in use (98)

Yet these lines in your netstat output indicate those addresses as being bound by stunnel

tcp        0      0 0.0.0.0:12320           0.0.0.0:*               LISTEN      270/stunnel4
tcp        0      0 0.0.0.0:12321           0.0.0.0:*               LISTEN      268/stunnel4

Even more confusing, the `PIDs` of stunnel in the netstat output, lines up with the output from systemctl, which means it is indeed the expected instance of stunnel4 which is serving on those ports.

Did, by any chance you have any other issues, did you restart or kill any processes within ~half hour prior to noticing this issue?

The only other reason I know of that `Address already in use (98)` can be triggered is if the process which previously bound the address in question didn't cleanly close the socket, usually because it exited unexpectedly.

If this is the issue, only real option you have (afaik) is to wait (usually only a few minutes, but sometimes up to half an hour) or restart. If your issue persists a ~half hour wait and/or a restart, then we can probably rule out the failure to bind as a relavant issue.

bitmite's picture

This is a fresh install, and it hasn't worked yet, and I've rebooted the CT numerous times. I did assign an IP at the firewall level after the initial install, but it's showing the correct URLs in confconsole, and I also reinit after the IP assignment.

That is very odd. I just attempted to replicate this issue but was unable to locally on my proxmox server. And for what it's worth I also had the "address already in use (98)" error. So that's unlikely to be related.

It just occured to me though, you mention your issue was that jellyfin was not "resolving". So just to clarify:

1. Do you have a domain setup, and are contacting it via domain or are you contacting it directly via ip?
2. Are you connecting to it via browser or Windows Explorer "network" section?
3. Have you confirmed if it works or not when you do contact it direct via ip, via a browser or curl?
4. Do you get any error output at all from any of the methods you've tried connecting be it browser, explorer or curl?

If you've setup a net domain and the domain is not resolving, it's most likely a DNS issue. If directly connecting via ip is not working then it's either a routing issue or some bug in the appliance.

My knowledge of windows is very limited, it's been a long time since I've used windows in any technical capacity, so I'm not sure how much I can help if you're attempting to connect via explorer. However there is a least 1 open bug that may break support for explorer in the current release. See here https://github.com/turnkeylinux/tracker/issues/1598 it also includes a work-around Jeremy has found, but as of yet it appears no ody has been able to test it, so perhaps if the issue described there sounds the same as yours you could try out that workaround?

Jeremy is much more knowledgable with both the mediaserver and windows than I but unfortunately he is away for a little over a week.

Jeremy Davis's picture

Hi bitmite. I'm back so if this is still an issue, please let us know and we can try to assist. Having said that, on face value from the info you've provided, my initial guess is a network routing and/or firewall issue (i.e. within your broader network setup; external to TurnKey). But I'm only guessing.

Regardless of whether it's still an issue or not, it'd be great to hear how you are going with it.

bitmite's picture

Hi there, I recreated the LXC with a different IP address and it seems to resolve the issue. Thanks

Jeremy Davis's picture

Glad to hear you're sorted now. Please don't hesitate to ask if you need a hand with anything else and/or have any further feedback for us (ideas that might make things better, etc).

Add new comment