Make ATS listening sockets configurable
---------------------------------------
Key: TS-765
URL: https://issues.apache.org/jira/browse/TS-765
Project: Traffic Server
Issue Type: Improvement
Components: Configuration, Network
Affects Versions: 2.1.8
Reporter: Arno Toell
Priority: Minor
I consider the way how Traffic Server opens listening ports dangerous, or at
least more risky than necessary. Currently ATS allows to configure port numbers
for the related services, but not the listening interface. Instead it binds to
0.0.0.0. Therefore I'd like to suggest
* Allow the user to specify a listening interface, don't assume 0.0.0.0 suits
for all setups.
* Disable the "autoconfiguration port" (i.e. 8083 by default) unless
proxy.local.cluster.type is set to enable clustering (!= 3). I think
_traffic_shell_ and eventually _traffic_line_ use this port to configure ATS
locally. If so it should be bound to the loop back at least or using Unix
Domain Sockets or whatever local socket method you prefer.
* Disable the "reliable service port" (i.e. 8088 by default) unless
proxy.local.cluster.type enables clustering. Similar to the "autoconfiguration
port". If _traffic_cop_ (or something else on the local machine) is using this
port, the same suggestions apply as above.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
