Bobcares

Google Cloud Error code 4003 – How can we fix it?

by | Jun 6, 2021

Stuck with the Google Cloud Error code 4003? We can help you.

This error can mean, either the instance isn’t listening on the port we’re trying to connect to or the firewall is closed.

Both of which can cause the start-up connectivity test to the VM instance to fail.

As part of our Google Cloud Platform Services, we assist our customers with several Google Cloud queries.

Today, let us see how to resolve the Google Cloud error.

 

Google Cloud Error code 4003

In order to fix this error, we need to ensure that the listening process on the VM runs and listens on the correct port.

Then, we verify if the Google Cloud firewall is configured correctly and open.

 

Configure Firewall Rules

Let us now discuss how to configure Firewall rules in Google Cloud.

a) Conditions that require firewall ingress rule configuration:

We need to create a firewall ingress rule to enable traffic from Filestore instances to your clients if:

  • We use NFS file locking in the applications accessing the Filestore instance.
  • The VPC network we use has firewall rules that block TCP port 111 or the ports used by the statd or nlockmgr daemons.

Our Support Techs strongly recommend setting the statd and nlockmgr ports if they are not.

b) Conditions that require firewall egress rule configuration:

Suppose the VPC network we use has a firewall egress rule that blocks traffic to TCP ports 111, 2046, 2049, 2050, or 4045. In addition, it targets the IP address ranges the Filestore instances use.

Then we need to create a firewall egress rule to enable traffic from the clients to our Filestore instances.

We can get the reserved IP address range for any Filestore instance from the Filestore instances page. Or we can run the gcloud filestore instances describe.

 

Create a firewall ingress rule

Our Support Techs suggest the below steps to create a firewall rule. This will enable traffic from Filestore instances.

  1. Initially, we check the current port settings.
  2. Then on the Firewall page in the Google Cloud Console, we click Create a firewall rule.
  3. We enter a unique Name for it.
  4. We specify the Network in which we implement the firewall rule.
  5. Then we specify the Priority of the rule. If this rule will not conflict with any other rules, we leave the default of 1000. Otherwise, we set a lower value.
  6. Choose Ingress for Direction of traffic and Allow for Action on the match.
  7. For Targets, we take one of the following actions:
    a) To allow traffic to all clients in the network from Filestore instances, we choose All instances in the network.
    b) To allow traffic to specific clients, we choose Specified target tags. We can type the instance names of the clients in Target tags.
  8. Leave the default value of IP ranges for the Source filter.
  9. For Source IP ranges, we type the IP address ranges of the Filestore instances we want to allow access from. We must use CIDR notation.
  10. We leave the default value None for the Second source filter.
  11. For Protocols and ports, we choose Specified protocols and ports and then:
    a) Select the tcp check box and enter 111,STATDOPTS,nlm_tcpport in the associated field, where:
    b) (High Scale SSD only) Select the udp check box and enter the value of nlm_udpport, the udp port nlockmgr uses.
  12. Finally, we select Create.

 

Create a firewall egress rule

Use the following procedure to create a firewall rule to enable traffic to Filestore instances.

  1. Initially, we go to the Firewall page in the Google Cloud Console.
  2. Then click Create a firewall rule.
  3. Here, we enter a unique Name for the firewall rule.
  4. We specify the Network in which we want to implement the firewall rule.
  5. Then we specify the Priority of the rule.
  6. Choose Egress for Direction of traffic and Allow for Action on the match.
  7. For Targets, take one of the following actions:
    Like the above, to allow traffic from all clients in the network to Filestore instances, we choose All instances.
    Then to allow traffic from specific clients to Filestore instances, we choose Specified target tags.
  8. For Destination IP ranges, we type the IP address ranges of the Filestore instances we want to allow access to.
  9. For Protocols and ports, choose Specified protocols and ports.
  10. Then we select the tcp check box and enter 111,2046,2049,2050,4045 in the associated field.
  11. Finally, we select Create.

[Need help with the fix? We’d be happy to assist you]

 

Conclusion

In short, we saw how our Support Techs fix the Google Cloud Error code 4003 for our customers.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.