You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Koji Kawamura (JIRA)" <ji...@apache.org> on 2016/10/03 23:57:20 UTC

[jira] [Assigned] (NIFI-2855) NiFi Site-To-Site with port forwarding

     [ https://issues.apache.org/jira/browse/NIFI-2855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Koji Kawamura reassigned NIFI-2855:
-----------------------------------

    Assignee: Koji Kawamura

> NiFi Site-To-Site with port forwarding
> --------------------------------------
>
>                 Key: NIFI-2855
>                 URL: https://issues.apache.org/jira/browse/NIFI-2855
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Bryan Rosander
>            Assignee: Koji Kawamura
>
> It would be useful to be able to use port forwarding with NiFi Site-To-Site.  This would allow NiFi to appear externally to be listening on a privileged port without having been granted elevated permissions.
> For example, an administrator could configure iptables to forward traffic from port 443 to port 9443.  Then users could use NiFi at port 443.  This provides more flexibility as far as firewall configuration is concerned.
> The above scenario causes problems with Site-To-Site though because in a clustered scenario, the nodes will still advertise themselves with port 9443.  This would prevent a Site-To-Site client from being able to talk to them from outside the firewall.
> We need a way (probably a nifi property) to tell NiFi to listen on one port (9443) and advertise another (443) for Site-To-Site purposes to enable this usecase.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)