ElasticSearch 7.7.1 Connection issues with Windows Server 2019 vs Windows Server 2012 R2

I am running the ElasticSearch service fine on Windows 2012 R2 and when performing netstat I see
:\Windows\system32>netstat -ano | find ":9200"
TCP 0.0.0.0:9200 0.0.0.0:0 LISTENING 2276
TCP 10.14.1.65:9200 192.168.15.179:50391 TIME_WAIT 0
TCP 10.14.1.65:9200 192.168.15.179:51150 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58544 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58553 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58554 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58555 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58556 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58557 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58558 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58559 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58564 ESTABLISHED 2276
TCP 127.0.0.1:9200 127.0.0.1:58565 ESTABLISHED 2276
TCP 127.0.0.1:58544 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58553 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58554 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58555 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58556 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58557 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58558 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58559 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58564 127.0.0.1:9200 ESTABLISHED 1712
TCP 127.0.0.1:58565 127.0.0.1:9200 ESTABLISHED 1712
TCP [::]:9200 [::]:0 LISTENING 2276

Yet on Windows Server 2019 with the exact configuration, when trying to connect to the server from another machine I'm getting "Unable to connect to the remote server". Netstat appears as follows
TCP 127.0.0.1:9200 0.0.0.0:0 LISTENING 1692
TCP 127.0.0.1:9200 127.0.0.1:57695 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57722 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57723 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57724 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57725 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57726 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57727 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57751 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57752 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57753 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57758 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57759 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57760 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57761 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57762 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57763 TIME_WAIT 0
TCP 127.0.0.1:9200 127.0.0.1:57803 ESTABLISHED 1692
TCP 127.0.0.1:9200 127.0.0.1:57830 ESTABLISHED 1692
TCP 127.0.0.1:9200 127.0.0.1:57831 ESTABLISHED 1692
TCP 127.0.0.1:9200 127.0.0.1:57832 ESTABLISHED 1692
TCP 127.0.0.1:9200 127.0.0.1:57833 ESTABLISHED 1692
TCP 127.0.0.1:9200 127.0.0.1:57834 ESTABLISHED 1692
TCP 127.0.0.1:57742 127.0.0.1:9200 TIME_WAIT 0
TCP 127.0.0.1:57743 127.0.0.1:9200 TIME_WAIT 0
TCP 127.0.0.1:57744 127.0.0.1:9200 TIME_WAIT 0
TCP 127.0.0.1:57748 127.0.0.1:9200 TIME_WAIT 0
TCP 127.0.0.1:57749 127.0.0.1:9200 TIME_WAIT 0
TCP 127.0.0.1:57750 127.0.0.1:9200 TIME_WAIT 0
TCP 127.0.0.1:57803 127.0.0.1:9200 ESTABLISHED 3312
TCP 127.0.0.1:57830 127.0.0.1:9200 ESTABLISHED 3312
TCP 127.0.0.1:57831 127.0.0.1:9200 ESTABLISHED 3312
TCP 127.0.0.1:57832 127.0.0.1:9200 ESTABLISHED 3312
TCP 127.0.0.1:57833 127.0.0.1:9200 ESTABLISHED 3312
TCP 127.0.0.1:57834 127.0.0.1:9200 ESTABLISHED 3312
TCP [::1]:9200 [::]:0 LISTENING 1692

The config files are identical. Can anyone offer any insight as to what's happening? The config file I'm using is:

======================== Elasticsearch Configuration =========================

NOTE: Elasticsearch comes with reasonable defaults for most settings.
Before you set out to tweak and tune the configuration, make sure you
understand what are you trying to accomplish and the consequences.

The primary way of configuring a node is via this file. This template lists
the most important settings you may want to configure for a production cluster.

Please consult the documentation for further information on configuration options:
https://www.elastic.co/guide/en/elasticsearch/reference/index.html

---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster:

cluster.name: my-application

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

node.name: node-1

Add custom attributes to the node:

node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

path.data: /path/to/data

Path to log files:

path.logs: /path/to/logs

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available
on the system and that the owner of the process is allowed to use this
limit.

Elasticsearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

Set the bind address to a specific IP (IPv4 or IPv6):

network.host: 192.168.0.1

Set a custom port for HTTP:

http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:
The default list of hosts is ["127.0.0.1", "[::1]"]

discovery.seed_hosts: ["host1", "host2"]

Bootstrap the cluster using an initial set of master-eligible nodes:

cluster.initial_master_nodes: ["node-1", "node-2"]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Gateway -----------------------------------

Block initial recovery after a full cluster restart until N nodes are started:

gateway.recover_after_nodes: 3

For more information, consult the gateway module documentation.

---------------------------------- Various -----------------------------------

Require explicit names when deleting indices:

action.destructive_requires_name: true

Did you open the firewall port on the 2019 server.

Yes my IT department confirmed the port is open.

Ask them which profile it's set to domain/private/public. If you try to connect on the 2019 server with a web browser to http://yourservernamehere:9200 what do you end up with? If you do the same to the look back address what do you end up with?

I know it sounds simple but got to start some place. It looks works on loopback so we know its running.

Thanks for the response. I reached out, the Windows Firewall is completely disabled and there's no other firewall on the server.

The server that works returns the elastic search information while the Server 2019 installation has a connection error so I get nothing back in a browser.

Cluster name the same on both? Network host IP set to the NIC on the host?

In your discovery seed host is host1 and host2 set to the name of the other server in the first part. So host1 would have host2 name as the first in it's yaml? Same with initial master?

On the Gateway recovery set it to 1 or comment it out. With 2 nodes you can't meet the min requirements in that setup.

Also just a side note a windows machine without a firewall enabled... Scary idea to say the least.

I understand. I'm not trying to cluster the 2 servers. The 2012 R2 server is my QA server and the 2019 server is my production server. I'm only trying to run one instance and all the config is the default config. The whole file is commented it. It's so strange.

Turns out http.host wasn't set correctly. I didn't have to set it for 2012 R2 but did have to set it for 2019. I guess default configuration doesn't work on Server 2019. Thanks for your help!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.