Ignite开防火墙注意事项

最新推荐文章于 2021-04-09 12:47:54 发布

chuzhanhuang0199

最新推荐文章于 2021-04-09 12:47:54 发布

阅读量1.1k

点赞数

文章标签： c# java

原文链接：https://my.oschina.net/u/2481460/blog/1537483

版权

首先我们知道Ignite默认端口：

Discovery默认是47500，一般开通47500-47509
Communication默认是47100，一般开通47100-47109

Ignite Client端与Server端的防火墙不能只开通单向client到server的，根据Ignite创始人Dimitry在社区给我回复，communication必须要能够建立双向连接。

Jeff Jiao

Reply | Threaded | More

Jun 01, 2017; 9:11pm

how to let client node connect to server node, not server connect to client

This post was updated on Jun 01, 2017; 10:21pm.

hi guys,

The situation is this:
we want to have C# Ignite Client node run in A environment
we already have 3 Java Ignite Server nodes in B environment
we only opened firewall that A can access B at port 47500-47509 and 47100-47109
we don't want to let B access any ports at A

when we try to start Client node in A, first it can be discoveried by Server node in B by 47500, and then we found that it always that Server nodes want to connect to Client node in A at 47100, it's sure been blocked by firewall...then Node Failed, cannot connect.

Is there a way to control this? only let client node to connect to server node?

Thanks in advance,
Jeff

dkarachentsev

Reply | Threaded | More

Jun 03, 2017; 9:17pm

Re: how to let client node connect to server node, not server connect to client

Hi Jeff,

Unfortunately, you cannot avoid this and you need to open that ports (47100-47109) on client node, because communication must has ability to initiate connection in both directions. Also you may leave those ports open only for hosts where server nodes are running.

Thanks!
-Dmitry

转载于:https://my.oschina.net/u/2481460/blog/1537483