hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Joseph Evans (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8227) Allow RPC to limit ephemeral port range.
Date Fri, 30 Mar 2012 15:08:28 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8227?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242412#comment-13242412
] 

Robert Joseph Evans commented on HADOOP-8227:
---------------------------------------------

Yes "security reasons" is very vague. It more accurately is because a very zealous security
minded individual that I work with does not want to open up all of the ACLs for all of the
ports between every compute node in the cluster and all possible clients :).  They would much
rather limit the set of ports, and I tend to agree with them.  Limiting the ports also has
the added benefit of being able to monitor that traffic and know with a greater degree of
certainty that this given connection is an RPC connection to an AM.
                
> Allow RPC to limit ephemeral port range.
> ----------------------------------------
>
>                 Key: HADOOP-8227
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8227
>             Project: Hadoop Common
>          Issue Type: Improvement
>    Affects Versions: 0.23.2
>            Reporter: Robert Joseph Evans
>            Assignee: Robert Joseph Evans
>            Priority: Blocker
>
> This is a sub task of MAPREDUCE-4079.  For security reasons we would like to limit the
range of ports that are used when some RPC servers select a port.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message