[jira] [Commented] (ARTEMIS-3681) Add the function to define a static port for artemis to connect with client

Fri, 11 Feb 2022 09:28:07 -0800 


    [ 
https://issues.apache.org/jira/browse/ARTEMIS-3681?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17491063#comment-17491063
 ] 

Justin Bertram commented on ARTEMIS-3681:
-----------------------------------------

To be clear, the broker _will_ communicate with most (if not all) clients via 
[ephemeral ports|https://en.wikipedia.org/wiki/Ephemeral_port] just like any 
server/client using TCP. To my knowledge, most firewalls understand this basic 
use-case so  you don't need to explicitly open ports 1024–65535.

> Add the function to define a static port for artemis to connect with client
> ---------------------------------------------------------------------------
>
>                 Key: ARTEMIS-3681
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3681
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>    Affects Versions: 2.20.0
>            Reporter: Ning Kang
>            Priority: Blocker
>
> Artemis uses 3 ports:
> 61616 , 8181 and a random port.
> a. 61616 is the activemq port which is connected by PCMD(Platform Cluster 
> Manager core daemon).
> b. 8161 is the internal port used by activemq NIO(Non-Blocking IO) 
> communication.
> c. Any random port like 37551, 35134 etc. : This port is used to communicate 
> with already connected clients.
>  
> The first 2 ports can be changed, but the last random port cannot be changed. 
> This will bring a problem in a firewall situation because it is very 
> difficult to open a rang of firewall ports for the 3rd port due to security 
> reasons.
>  
> So the question is: is it possible to define a static port for the 3rd one, 
> or disable the usage of the 3rd port? If not, then it will be very helpful to 
> add this function.
>  
> If we do not open the 3rd port on firewall, then it is not possible to make 
> the connection, and the artemis server log will show this error in below. The 
> ip of 111.127.116.95 is the client ip.
> 2022-02-10 18:16:34,047 WARN  [org.apache.activemq.artemis.core.client] 
> AMQ212037: Connection failure to /111.127.116.95:55818 has been detected: 
> AMQ229014: Did not receive data from /111.127.116.95:55818 within the 
> 60,000ms connection TTL. The connection will now be closed. 
> [code=CONNECTION_TIMEDOUT]
>  
> References:
> [https://www.ibm.com/support/pages/ports-used-activemq-hpc]
> [https://www.ibm.com/support/pages/change-default-ports-activemq]
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to