Bug 536151 - (RHQ-532) Enable socket based transports to listen on more than one network interface
Enable socket based transports to listen on more than one network interface
Status: CLOSED WONTFIX
Product: RHQ Project
Classification: Other
Component: No Component (Show other bugs)
1.0
All All
medium Severity medium (vote)
: ---
: ---
Assigned To: RHQ Project Maintainer
http://jira.rhq-project.org/browse/RH...
: Improvement
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-06-02 10:00 EDT by Charles Crouch
Modified: 2015-02-01 18:25 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-05-13 13:26:50 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Charles Crouch 2008-06-02 10:00:00 EDT
At the moment if you have the following in rhq-server.properties (only the transport is different from the defaults)

# Container configuration
jboss.bind.address=0.0.0.0
# RHQ Server's remote endpoint for agents to talk to
rhq.communications.connector.transport=sslsocket
rhq.communications.connector.bind-address=${jboss.bind.address}

then it appears that JBoss Remoting will still only bind to one interface, rather than all of them (0.0.0.0). In my testing I was trying to connect to 127.0.0.1 but Remoting was using a NAT assigned ip. Which interface it uses can be seen by turning on debug logging. This should only be a problem for JBoss Remoting managed transports such as socket/sslsocket since things like sslservlet and servlet rely on Tomcat to handle the interface binding.

Next steps

1) Update the security documentation to reflect that you shouldnt use 0.0.0.0 as your connector bind-address if you're using sslsocket/socket.

2) Investigate whether Remoting 2.4 addresses this issue. From the release notes it looks like it does:

"JBossRemoting 2.4.0.GA is an incremental release, with dozens of bug fixes and several new features:

   * servers can be bound to multiple IP addresses "
Comment 1 Ian Springer 2008-06-02 10:11:14 EDT
Charles, besides updating the docs, I'd also add a comment in rhq-server.properties.
Comment 2 Joseph Marques 2008-07-19 20:54:21 EDT
charles, yup, multiple homes supported through single-line syntax:

http://www.jboss.org/jbossremoting/docs/guide/2.4/html/ch05.html#d0e1124
Comment 3 Red Hat Bugzilla 2009-11-10 16:11:16 EST
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-532
Comment 4 Joseph Marques 2010-08-10 17:43:06 EDT
The link from 2008-07-19 is stale.  Here is an updated link -- http://docs.jboss.org/jbossremoting/2.5.2.SP3/html_single/#d0e1476

Note: we're currently using 2.2.2.SP8, and the documentation link above explains that the multi-home option was only introduced in 2.4.x, so we would have to upgrade our remoting version in order to take advantage of this functionality.

Note You need to log in before you can comment on or make changes to this bug.