You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@kafka.apache.org by 周正虎 <yz...@126.com> on 2018/05/21 13:05:43 UTC
Kafka behind NAT
We have kafka behind NAT with *only one broker*.
Let say we have internal (A) and external (B) network.
When we try to reach the broker from external network (we use
bootstrap.servers parameter set to B address) then what is obvious the
broker responds with internal network's address (A) which is not resolvable
in external network. We cannot set advertised.listeners to external
network's address because the broker is also used from internal network.
I hope that somebody dealt with simillar problem.
Thanks for any help.
Re: Kafka behind NAT
Posted by Thomas Aley <Th...@ibm.com>.
Try setting:
advertised.listeners=EXTERNAL://<networkB>:9093,INTERNAL://<networkA>:9092
inter.broker.listener.name=INTERNAL
listener.security.protocol.map=EXTERNAL:PLAINTEXT,INTERNAL:PLAINTEXT
Then you should be able to use <networkB>:9093 as your bootstrap.servers
from outside the network or <networkA>:9092 from inside.
Obviously the EXTERNAL listener should be EXTERNAL:SSL in production.
Hope this helps,
Tom Aley
thomas.aley@ibm.com
From: "周正虎" <yz...@126.com>
To: users@kafka.apache.org
Date: 21/05/2018 23:59
Subject: Kafka behind NAT
We have kafka behind NAT with *only one broker*.
Let say we have internal (A) and external (B) network.
When we try to reach the broker from external network (we use
bootstrap.servers parameter set to B address) then what is obvious the
broker responds with internal network's address (A) which is not
resolvable
in external network. We cannot set advertised.listeners to external
network's address because the broker is also used from internal network.
I hope that somebody dealt with simillar problem.
Thanks for any help.
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number
741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU