You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by Oleks K <ol...@gmail.com> on 2018/04/19 07:06:23 UTC
Re: Which ports does ignite cluster need to run normally?
Hi Team,
Coming back to this question with Ignite 2.4.0
Here is what I see in Resource monitor (Windows Server 2012 R2)
Can you comment on these unknown-purpose ports please?
<server node1>
Image PID Address Port Protocol
java.exe 3892 IPv6 unspecified 10800 TCP => ODBC port, I don't need ODBC
so hopefully it can be disabled
java.exe 3892 IPv6 unspecified 11211 TCP => internal http protocol: Is it
for REST API? I tried to access it from browser but with no luck.
java.exe 3892 IPv6 unspecified 47100 TCP => TcpCommunicationSpi: is it
used for both server/client and server/server communications?
java.exe 3892 IPv6 unspecified 47500 TCP => TcpDiscoverySpi
java.exe 3892 IPv6 unspecified 49120 TCP => JMX
java.exe 3892 IPv6 unspecified 56391 TCP => ???
java.exe 3892 IPv6 unspecified 56392 TCP => ???
java.exe 3892 IPv6 unspecified 53085 UDP => ???
java.exe 3892 IPv6 unspecified 53084 UDP => ???
java.exe 3892 IPv6 unspecified 47400 UDP => ???
<server node2>
Image PID Address Port Protocol
...
java.exe 9160 IPv6 unspecified 56903 TCP => ???
java.exe 9160 IPv6 unspecified 56904 TCP => ???
<client node>
java.exe 9824 IPv6 unspecified 10800 TCP => ODBC port
java.exe 9824 IPv6 unspecified 47100 TCP => TcpCommunicationSpi
java.exe 9824 IPv6 unspecified 65310 TCP => ??? (may be this is
non-ignite port as we have other external connections on client node)
--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/
Re: Which ports does ignite cluster need to run normally?
Posted by Juan Carlos Franzoy <jf...@gmail.com>.
I am facing a similar problem, trying to use apache-ignite 2.6.
May be, you can help me.
I set up my discovering using TcpDiscoverySpi and
TcpDiscoveryMulticastIpFinder:
ipFinder.setMulticastGroup(228.10.10.157)
ipFinder.setMulticastPort(10501)
discoverySpi.setLocalPort(10502)
discoverySpi.setLocalPortRange(0)
commSpi.setLocalPort(10003)
commSpi.setLocalPortRange(0)
cfg.setTimeServerPortBase(10004) // actually not using
cfg.setTimeServerPortRange(0)
All work in development environment where there is no firewall. But inside
OpenStack, where only 22 and 10000 to 11000 ports are open (both TCP and
UDP) it does not work.
I use tcpdump to figure out what was happening when e new IgniteServer is
launched.
- ServerA the ignite server that is already running (IP 192.168.6.40)
- When ServerB (IP 192.168.6.41) starts, it sends an UDP datagram to
McastAddr:McastPort using a source ephemeral port
(192.168.6.41:40415) -> (228.10.10.157:10501) data=00 00 47 47
I assume this is a hello everybody message.
- Then ServerA try to send a reply
(192.168.6.40:10501) -> (192.168.6.41:40415) dataLen=584
This datagram *never arrives* because it is sent to a port outside allowed
range (10000/11000)
Is there a way to make Ignite to bind to a localPort / localPortRange in
client TCP and UDP sockets?
Thanks
--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/
Re: Which ports does ignite cluster need to run normally?
Posted by Olexandr K <ol...@gmail.com>.
It looks like that port is not related to Ignite but JVM opens several
ports for JMX
Described here:
https://stackoverflow.com/questions/20884353/why-java-opens-3-ports-when-jmx-is-configured
On Mon, May 7, 2018 at 1:03 PM, Olexandr K <ol...@gmail.com>
wrote:
> Hi Val, Ignite team
>
> Reviewed all opened Ignite ports after your comments.
> Everything is clear except loopback-related ports.
>
> Here is what I see in Resource Monitor (Windows Server 2012 R2)
> (prunsrv.exe is common-daemon java service wrapper running JVM 1.8 inside)
>
> I don't understand what port 62219 is used for.
> I exprimented with Ignite restarts and see that this port is chosen
> dynamically.
> Also, if we have port 62219 opened, we also observe number of loopback
> connections starting from port 62222
> What are all these loopback connections used for?
> Can we disable this or at least configure to use static ports?
>
> <server1>
>
> Listening ports
>
> Image PID Address Port Protocol
> Firewall Status
> prunsrv.exe 2220 IPv4 unspecified 62219 TCP Allowed,
> restricted - ???
> prunsrv.exe 2220 IPv4 unspecified 47500 TCP Allowed,
> restricted - Ignite discovery
> prunsrv.exe 2220 IPv4 unspecified 47100 TCP Allowed,
> restricted - Ignite communication
> prunsrv.exe 2220 IPv4 unspecified 11211 TCP Allowed,
> restricted - HTTP internal
> prunsrv.exe 2220 IPv4 unspecified 10800 TCP Allowed,
> restricted - ODBC
> prunsrv.exe 2220 IPv4 unspecified 9020 TCP Allowed,
> restricted - JMX
>
> TCP Connections
>
> Image PID Local Address Local Port Remote Address Remote
> Port Packet Loss (%) Latency (ms)
> prunsrv.exe 2220 server1_host 47500 visor_host 57550 0
> 10
> prunsrv.exe 2220 server1_host 50607 server2_host 47100
> 0 1
> prunsrv.exe 2220 server1_host 62275 server2_host 47500
> 0 1
>
> prunsrv.exe 2220 IPv4 loopback 62230 IPv4 loopback 62231
> 0 0
> prunsrv.exe 2220 IPv4 loopback 62251 IPv4 loopback 62250
> - -
> prunsrv.exe 2220 IPv4 loopback 62250 IPv4 loopback 62251
> - -
> prunsrv.exe 2220 IPv4 loopback 62249 IPv4 loopback 62248
> - -
> ....
>
>
> On Thu, Apr 26, 2018 at 8:42 PM, vkulichenko <
> valentin.kulichenko@gmail.com> wrote:
>
>> Hi,
>>
>> The configuration is fine and it does eliminate ranges so that node always
>> binds to 47500. The only drawback is that if 47500 is not available for
>> whatever reason, node would not start.
>>
>> -Val
>>
>>
>>
>> --
>> Sent from: http://apache-ignite-users.70518.x6.nabble.com/
>>
>
>
Re: Which ports does ignite cluster need to run normally?
Posted by Olexandr K <ol...@gmail.com>.
Hi Val, Ignite team
Reviewed all opened Ignite ports after your comments.
Everything is clear except loopback-related ports.
Here is what I see in Resource Monitor (Windows Server 2012 R2)
(prunsrv.exe is common-daemon java service wrapper running JVM 1.8 inside)
I don't understand what port 62219 is used for.
I exprimented with Ignite restarts and see that this port is chosen
dynamically.
Also, if we have port 62219 opened, we also observe number of loopback
connections starting from port 62222
What are all these loopback connections used for?
Can we disable this or at least configure to use static ports?
<server1>
Listening ports
Image PID Address Port Protocol
Firewall Status
prunsrv.exe 2220 IPv4 unspecified 62219 TCP Allowed,
restricted - ???
prunsrv.exe 2220 IPv4 unspecified 47500 TCP Allowed,
restricted - Ignite discovery
prunsrv.exe 2220 IPv4 unspecified 47100 TCP Allowed,
restricted - Ignite communication
prunsrv.exe 2220 IPv4 unspecified 11211 TCP Allowed,
restricted - HTTP internal
prunsrv.exe 2220 IPv4 unspecified 10800 TCP Allowed,
restricted - ODBC
prunsrv.exe 2220 IPv4 unspecified 9020 TCP Allowed,
restricted - JMX
TCP Connections
Image PID Local Address Local Port Remote Address Remote
Port Packet Loss (%) Latency (ms)
prunsrv.exe 2220 server1_host 47500 visor_host 57550 0
10
prunsrv.exe 2220 server1_host 50607 server2_host 47100
0 1
prunsrv.exe 2220 server1_host 62275 server2_host 47500
0 1
prunsrv.exe 2220 IPv4 loopback 62230 IPv4 loopback 62231
0 0
prunsrv.exe 2220 IPv4 loopback 62251 IPv4 loopback 62250
- -
prunsrv.exe 2220 IPv4 loopback 62250 IPv4 loopback 62251
- -
prunsrv.exe 2220 IPv4 loopback 62249 IPv4 loopback 62248
- -
....
On Thu, Apr 26, 2018 at 8:42 PM, vkulichenko <va...@gmail.com>
wrote:
> Hi,
>
> The configuration is fine and it does eliminate ranges so that node always
> binds to 47500. The only drawback is that if 47500 is not available for
> whatever reason, node would not start.
>
> -Val
>
>
>
> --
> Sent from: http://apache-ignite-users.70518.x6.nabble.com/
>
Re: Which ports does ignite cluster need to run normally?
Posted by vkulichenko <va...@gmail.com>.
Hi,
The configuration is fine and it does eliminate ranges so that node always
binds to 47500. The only drawback is that if 47500 is not available for
whatever reason, node would not start.
-Val
--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/
Re: Which ports does ignite cluster need to run normally?
Posted by Olexandr K <ol...@gmail.com>.
Thanks Val
one more question on this
if I want to minimize number of potentially-used ports (because of our
security guys)
is it ok to have configuration like below one?
here we have 3 server nodes each running on separate server, they always
use the same 47500 port - no ranges
As I understood if we'll later start one more node at host4:47500 it will
join cluster if at least one from default-configured nodes is up, right?
do you see any drawback in such configuration?
<bean class="org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi">
<property name="localPort" value="47500"/>
<property name="localPortRange" value="1"/>
<property name="ipFinder">
<bean
class="org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder">
<property name="addresses">
<list>
<value>host1:47500</value>
<value>host2:47500</value>
<value>host3:47500</value>
</list>
</property>
</bean>
</property>
</bean>
On Sat, Apr 21, 2018 at 9:49 PM, vkulichenko <va...@gmail.com>
wrote:
> The only place where Ignite uses UDP is multicast IP finder [1]. Default
> number is 47400.
>
> [1]
> https://apacheignite.readme.io/docs/cluster-config#
> multicast-based-discovery
>
> -Val
>
>
>
> --
> Sent from: http://apache-ignite-users.70518.x6.nabble.com/
>
Re: Which ports does ignite cluster need to run normally?
Posted by vkulichenko <va...@gmail.com>.
The only place where Ignite uses UDP is multicast IP finder [1]. Default
number is 47400.
[1]
https://apacheignite.readme.io/docs/cluster-config#multicast-based-discovery
-Val
--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/
Re: Which ports does ignite cluster need to run normally?
Posted by Olexandr K <ol...@gmail.com>.
what about UDP ports? what they are used for in Ignite?
On Thu, Apr 19, 2018 at 10:40 PM, vkulichenko <valentin.kulichenko@gmail.com
> wrote:
> Most of these seem to ephemeral ports assigned to discovery and
> communication
> clients when they connect to well known configured ports on server side.
> That would always happen for any TCP connection.
>
> -Val
>
>
>
> --
> Sent from: http://apache-ignite-users.70518.x6.nabble.com/
>
Re: Which ports does ignite cluster need to run normally?
Posted by vkulichenko <va...@gmail.com>.
Most of these seem to ephemeral ports assigned to discovery and communication
clients when they connect to well known configured ports on server side.
That would always happen for any TCP connection.
-Val
--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/