This is a Canonical Question about Connection Refused

We see a lot of questions to the effect

When I try to connect to a system I get a message

Connection refused

Why is this ?

    We get this a lot in Apache Hadoop, where it is often caused by configuration errors in the client: which host to talk to, what their DNS or /etc/host tables are set up to, or a mismatch between the ports used by a service and that the clients thinks it should use. Accordingly, we have a dedicated wiki entry on the topic. Many of the problems are likely elsewhere, albeit (hopefuily) on a smaller scale. Debugging connection problems in a 1000 node cluster is not fun.
    – stevel
    Commented Jan 3, 2017 at 12:28
    Your dedicated wiki entry link points to this question ;)
    – user9517
    Commented Jan 3, 2017 at 12:46
    good catch. Here is the official link: wiki.apache.org/hadoop/ConnectionRefused. I'll add a cross reference back from there to here for that full loop though.
    – stevel
    Commented Jan 6, 2017 at 14:19
  • @SteveLoughran Cool article - one comment - the link back says Stack Overflow and we're Server Fault ;)
    – user9517
    Commented Jan 6, 2017 at 14:27
    3 main reasons: 1- Server is unable to receive the connection (performance related) 2- Firewall 3- Nothing is listening on the port. I would give this another answer but there's better coverage here: stackoverflow.com/a/2333446/1748266
    – MER
    Commented May 13, 2021 at 17:10

Note: This message is a symptom of the problem you are trying to solve. Understanding the cause of the message will ultimately lead you to solving your problem.

The message 'Connection Refused' has two main causes:

  1. Nothing is listening on the IP:Port you are trying to connect to.
  2. The port is blocked by a firewall.

No process is listening.

This is by far the most common reason for the message. First ensure that you are trying to connect to the correct system. If you are then to determine if this is the problem, on the remote system run netstat or ss1 e.g. if you are expecting a process to be listening on port 22222

sudo netstat -tnlp | grep :22222


ss -tnlp | grep :22222

For OSX a suitable command is

sudo netstat -tnlp tcp | grep '\.80 '

If nothing is listening then the above will produce no output. If you see some output then confirm that it's what you expect then see the firewall section below.

If you don't have access to the remote system and want to confirm the problem before reporting it to the relevant administrators you can use tcpdump (wireshark or similar).

When a connection is attempted to an IP:port where nothing is listening, the response from the remote system to the initial SYN packet is a packet with the flags RST,ACK set. This closes the connection and causes the Connection Refused message e.g.

$ sudo tcpdump -n host and port 22222
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp14s0, link-type EN10MB (Ethernet), capture size 262144 bytes

12:31:27.013976 IP > Flags [S], seq 1207858804, win 29200, options [mss 1460,sackOK,TS val 15306344 ecr 0,nop,wscale 7], length 0

12:31:27.020162 IP > Flags [R.], seq 0, ack 1207858805, win 0, length 0

Note that tcpdump uses a . to represent the ACK flag.

Port is blocked by a firewall

If the port is blocked by a firewall and the firewall has been configured to respond with icmp-port-unreachable this will also cause a connection refused message. Again you can see this with tcpdump (or similar)

$ sudo tcpdump -n icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on enp14s0, link-type EN10MB (Ethernet), capture size 262144 bytes 13:03:24.149897 IP > ICMP tcp port 22222 unreachable, length 68

Note that this also tells us where the blocking firewall is.

So now you know what's causing the Connection refused message you should take appropriate action e.g. contact the firewall administrator or investigate the reason for the process not listening.

1 Other tools are likely available.

    ELI5 version: it means the connection request got to the other computer, and the other computer had no clue what you were talking about. Commented Sep 29, 2015 at 1:56
  • "No process is listening." The major reason ..! Commented Dec 11, 2017 at 13:11
    @ijoseph So nothing was listening then.
    – user9517
    Commented Sep 30, 2018 at 12:21
    Trying to reach a .dev or .local virtual host you've defined in your hosts file? Your problem may be Chrome. At some point they began forcefully upgrading those tlds to https. Try changing to something else like .localhost and your pain may go away! Commented Jul 21, 2020 at 3:37
    @user9517 actually, it's both. When you're developing locally you'd expect that when you type in an insecure URL you'd hit port 80, but Chrome is silently forcing HTTPS on several TLDs (like .dev and .local) so even if you intend to hit port 80, you're actually hitting 443 which you likely do not have open, and it's not obvious on visual inspection what the issue is. I ended up here when trying to diagnose the problem, so posted this for posterity. Commented Mar 5, 2021 at 21:05

For me on Debian 6 squeeze it was as simple as checking the SSH service:

sudo service ssh status

And finding nothing existed (with the message ssh: unrecognized service) just installing the service:

sudo apt-get install openssh-server

This also works if you're not getting an SFTP connection, as SFTP is a subset of SSH (whereas FTPS is a subset of FTP).


What causes the 'Connection Refused' message?

  • Incorrect IP address or port number specified.
  • The server application is not running to listen on that port.
  • The server application is running but not listening on the specified port.
  • Local/Remote firewall blocking the connection.
  • Server overload or resource exhaustion.
  • This is what the accepted answer says.
    – user9517
    Commented Mar 21 at 12:08
  • @user9517 not really, this is shorter. TL;DR Commented Mar 21 at 12:35

