activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Tully <gary.tu...@gmail.com>
Subject Re: iptables and broker to broker transport
Date Thu, 23 Aug 2012 15:10:57 GMT
you can specify a well known local port in the network connector tcp
url using a slash notation

tcp://xx:61610/xx:51610

So in the duplex case, both port 61610 and local 51610 should be open
in the firewall.

On 23 August 2012 01:41, Sean K <sk92129@gmail.com> wrote:
> So if I set broker centos-test3 as a unidirectional bridge- it cannot
> be a consumer, only a producer on a queue.
>
> how does real world deployments handle data going in both directions?
>
> I can think of two ways:
>
> 1.) put the broker in a less restricted DMZ zone in a company with
> less ports blocked.
> 2.) create two sets of brokers on each side -- one companyA has
> brokerA and broker B.  Broker A is used by producer.  Broker B is used
> by consumer.   And companyB has broker C which is consumer used only
> from broker A, and has broker D which is used by producer only from
> Broker B.
>
> So, there is no way to have a duplex brokers on both sides of two
> companies with a set of ports known?
>
> SSL is already being planned to prevent spoof-ing.   But I think a
> duplex broker on both sides would be nice.
>
> Does activemq 5.6 not handle that?
>
>
>
> On Wed, Aug 22, 2012 at 5:07 PM, ceposta <christian.posta@gmail.com> wrote:
>> The network connector in broker 2 has duplex set to "true"
>> This will open a connection in both directions, which explains the random
>> port on broker1.
>> Can you try having uni-directional network connectors on each broker?
>>
>>
>>
>> -----
>> http://www.christianposta.com/blog
>> --
>> View this message in context: http://activemq.2283324.n4.nabble.com/iptables-and-broker-to-broker-transport-tp4655452p4655464.html
>> Sent from the ActiveMQ - User mailing list archive at Nabble.com.



-- 
http://fusesource.com
http://blog.garytully.com

Mime
View raw message