# AMQPConnectionError: connection refused (111) to rabbitmq-host:5672

- **ID:** `communication/rabbitmq-connection-refused-ec2`
- **Domain:** communication
- **Category:** network_error
- **Error Code:** `111`
- **Verification:** ai_generated
- **Fix Rate:** 80%

## Root Cause

The AMQP client cannot establish a TCP connection to the RabbitMQ server because the server is not listening on the specified port, the service is down, or a firewall/security group is blocking inbound traffic.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| RabbitMQ 3.12 | active | — | — |
| Erlang 26 | active | — | — |
| Pika 1.3 | active | — | — |
| amqp-node 0.10 | active | — | — |

## Workarounds

1. **Check if RabbitMQ is running: `systemctl status rabbitmq-server` or `rabbitmqctl status`. If not running, start it: `systemctl start rabbitmq-server`.** (80% success)
   ```
   Check if RabbitMQ is running: `systemctl status rabbitmq-server` or `rabbitmqctl status`. If not running, start it: `systemctl start rabbitmq-server`.
   ```
2. **Verify firewall rules: on Linux, run `sudo ufw status` or `iptables -L -n | grep 5672`. Ensure inbound TCP on port 5672 is allowed. For cloud providers, check security group inbound rules for the instance.** (75% success)
   ```
   Verify firewall rules: on Linux, run `sudo ufw status` or `iptables -L -n | grep 5672`. Ensure inbound TCP on port 5672 is allowed. For cloud providers, check security group inbound rules for the instance.
   ```
3. **If RabbitMQ is listening on a different interface (e.g., localhost only), update the config file `/etc/rabbitmq/rabbitmq.conf` to bind to `0.0.0.0` or the correct IP: `listeners.tcp.default = 0.0.0.0:5672`. Restart RabbitMQ after changes.** (70% success)
   ```
   If RabbitMQ is listening on a different interface (e.g., localhost only), update the config file `/etc/rabbitmq/rabbitmq.conf` to bind to `0.0.0.0` or the correct IP: `listeners.tcp.default = 0.0.0.0:5672`. Restart RabbitMQ after changes.
   ```

## Dead Ends

- **Change the RabbitMQ username and password in the client** — Changing the RabbitMQ user credentials does not fix the connection refusal because the TCP handshake fails before any authentication occurs. (90% fail)
- **Increase the AMQP connection timeout to 60 seconds** — Increasing the connection timeout does not help because the error is immediate (connection refused), not a timeout. (95% fail)
- **Enable TLS/SSL on the AMQP client connection** — Enabling TLS on the client without configuring the server to accept TLS on the same port will still result in connection refusal or a different error. (85% fail)