Starting frontend xxxx: cannot bind socket

Started by vikozo, November 02, 2020, 09:33:14 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 02, 2020, 09:33:14 PM Last Edit: November 04, 2020, 11:22:27 AM by vikozo
Hello

i wished to add HAProxy to point to a VM on my Setup.
i followed this wonderfull tutorial in German https://schulnetzkonzept.de/opnsense
I think i have done it right but the HAProxy don^t start

Quote/usr/local/etc/rc.d/haproxy: WARNING: failed to start haproxy

i have also a error like
Quotekernel   arp: 32:ea:39:26:d2:c1 attempts to modify permanent entry for 10.147.42.195 on igb1
this ip would be the VM i wish to add to HAProxy

and another error but not sure if it belongs to my HAProxy error
Quoteconfigctl[67179]   error in configd communication Traceback (most recent call last): File "/usr/local/opnsense/service/configd_ctl.py", line 68, in exec_config_cmd line = sock.recv(65536).decode() socket.timeout: timed out
any idea how to find out why HAProxy not start?

have a nice day
vinc

OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
LibreSSL 3.1.4
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
November 03, 2020, 11:41:12 AM #1 Last Edit: November 03, 2020, 12:01:42 PM by vikozo
any idea how to find out why this happen
on all config done a [Test syntax] and [Apply] but never get a error

WARNING: failed to start haproxy

on the HAProxy -> Log File
is only
haproxy[27040]   Proxy Gitlab_backend started.

---------------------------
OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
OpenSSL 1.1.1h 22 Sep 2020
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
November 03, 2020, 12:11:52 PM #2 Last Edit: November 03, 2020, 06:04:14 PM by vikozo
going to the terminal

# /usr/local/etc/rc.d/haproxy start
Starting haproxy.
[ALERT] 307/121028 (88262) : Starting frontend http_dmz_Wan: cannot bind socket [10.147.42.5:80]
[ALERT] 307/121028 (88262) : Starting frontend http_dmz_Wan: cannot bind socket [10.147.42.6:80]
[ALERT] 307/121028 (88262) : Starting frontend https_DMZ_WAN: cannot bind socket [10.147.42.5:443]
[ALERT] 307/121028 (88262) : Starting frontend https_DMZ_WAN: cannot bind socket [10.147.42.6:443]
[ALERT] 307/121028 (88262) : Starting frontend https_DMZ: cannot bind socket [10.147.42.6:443]
/usr/local/etc/rc.d/haproxy: WARNING: failed to start haproxy
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
November 03, 2020, 06:05:09 PM #3
any idea to fix - the internet show only some way to fix it but not working on opnSense. because it is on BSD running
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
November 04, 2020, 08:22:38 PM #4
Hello
because all the error where on the front end - i removed all of them, and yes HAProxy restarted again.
As soon i added something and did a reload it stop working.
But checking the Documentation there
https://docs.opnsense.org/manual/how-tos/haproxy.html

and removing all my config and just add the config with 0.0.0.0:81 and reload the HAProxy and there is no error!
So i changed back to my IP needed, and i got a error.

so why is it not working with my IP Adress, must this ip be somewhere added too?

have a nice day
and hope to get a feedback.

have a nice day
vinc
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
January 26, 2022, 11:51:53 PM #5 Last Edit: January 27, 2022, 12:00:15 AM by tomtra
Hello

I found this thread running into the same issue like the original poster and having errors like:
Code Select
Starting frontend xxxx: cannot bind socket [x.x.x.x:80]
Starting frontend xxxx: cannot bind socket [x.x.x.x:443]


Trying around to find something that already binds the Port 80 (netstat wasn't really helpful here...) on my OPNsense appliance, I found the solution by chance and wanted to leave it here in case someone else find this information helpful.

The HTTP to HTTPS Redirect option of the OPNsense Web GUI was the reason in my case that binds to port 80 if enabled. 

To solve this: Go to System -> Settings -> Administration and make sure to disable the HTTP Redirect option for the Web GUI.

(TCP Port for HTTPS needs also be set to something non-standard, like 44443 if you use haproxy for HTTPS offloading).

See also the image attached for the settings to solve this.
September 07, 2024, 11:28:51 AM #6
Also if you have dynamically assigned IP addresses on you WAN interface, check that the "Listen Addresses" for your HTTP Public Service does not contain an old WAN interface IP-address.

I added my WAN IP like "<wan-ip>:80" in the Listen Addresses and all worked fine until the external IP changed. As far as i understand you do not need to have the WAN IP in the Listen Addresses, only a domain. You will still be able to connect to http://<wan-ip> and have the connection be managed by HAproxy, if you so choose.


Sorry for necro, but this was one of the first hits on google for the error, hopefully it will help someone.
Print
Go Up Pages1
User actions