Cannot get fly proxy <local:remote> to work

kilian · June 25, 2024, 12:13pm

Hi,

my ultimate goal is to run fly proxy 4010:4010 on my local dev laptop. This would allow me to connect via localhost:4010 to a REPL of my web app.

Unfortunately, I cannot get this to work. I am getting errors like Connection reset by peer.

When I fly ssh console into my machine, I can run netstat -tnlp which gives:

-bash-5.2# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:4010            0.0.0.0:*               LISTEN      322/app
tcp        0      0 0.0.0.0:5000            0.0.0.0:*               LISTEN      322/app
tcp        0      0 fdaa:1:d67a:a7b:38:5a91:3536:2:22 :::*                    LISTEN      323/hallpass

Port 5000 is the http port of my app. To try something else, I did fly proxy 5000:5000 on my laptop and then ran curl http://localhost:5000. This also gives me a Connection reset by peer.

fly version gives me

flyctl v0.2.72 linux/amd64 Commit: df7529f6da985a662853ffc7003f57ee3c9d8e42 BuildDate: 2024-06-18T23:04:13Z

I am on Arch Linux.

Any ideas how to further investigate this? Is my basic understanding of the fly proxy command correct in the sense that I should be able to do a port forwarding to any port listening in my VM on 0.0.0.0?

Thanks!

Best, Kilian

pavel · June 25, 2024, 12:44pm

Hey @kilian

Make sure your app is listening on ipv6-enabled socket ([::], not 0.0.0.0). flyctl proxy establishes a wireguard connection with you org’s network which has only ipv6 addresses.

kilian · June 25, 2024, 8:44pm

Hey @pavel,

thanks for explaining! Now everything is clear and that feels so much better :).

Currently, it would be too much work for me to patch/rewrite the REPL server to listen on an ipv6 address instead of ipv4.

However, I am able to do what I wanted by following these steps:

Launch a network wrapper on the VM by doing a fly ssh console and then running socat TCP6-LISTEN:4020,fork TCP4:127.0.0.1:4010
On my laptop I run fly proxy 4010:4020
Now, I am able to connect to localhost:4010

Cheers!

system · July 2, 2024, 8:44pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.