Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Elasticsearch publishes an address/port combination to which it isn't bound #14503

Closed
nik9000 opened this issue Nov 3, 2015 · 4 comments
Closed

Elasticsearch publishes an address/port combination to which it isn't bound #14503

nik9000 opened this issue Nov 3, 2015 · 4 comments
Labels
:Distributed/Network Http and internode communication implementations v2.2.0 v5.0.0-alpha1

Comments

@nik9000
Copy link
Member

nik9000 commented Nov 3, 2015

It looks like you can convince Elasticsearch to publish an address/port combination to which it isn't bound. I'm not 100% sure the cause but it produces fun output like:

[2015-11-03 16:48:37,979][INFO ][transport                ] [external_0] publish_address {127.0.0.1:9400}, bound_addresses {[::1]:9400}, {127.0.0.1:9402}

I checked for a few minutes and didn't see the place where elasticsearch makes sure that its bound both ipv4 and ipv6 under the same port. So maybe it doesnt?
@nik9000 nik9000 added :Distributed/Network Http and internode communication implementations v2.2.0 labels Nov 3, 2015
@nik9000
Copy link
Member Author

nik9000 commented Nov 3, 2015

Found in 2.2.0. I'm not sure how far back it goes nor how important it is.

@rmuir
Copy link
Contributor

rmuir commented Nov 3, 2015

the whole point of having a publish address is to lie about what you are bound to. Its a really expert option like that, you do it if you are behind static NAT or something and have that firewall mapping you via a different ip/port.

personally, i'm not sure its needed at all really, if some code is reworked (e.g. i talk to you on the address you talked to me on). but in any case, this is intentional that its not checked.

but i do think its critical that its adjusted in the documentation, almost nobody should be using this parameter unless they are an expert.

@rmuir
Copy link
Contributor

rmuir commented Nov 3, 2015

I spoke with @nik9000 about this on always on: there are competing problems. One is that automatic publish address selection is just address section, does not select the port number: which could happen if someone binds to [::1]:9200 and 127.0.0.1:9201 (something running on the last one). So in this case, things are simply wrong.

The other is that publish can be manually specified for expert cases, so we have to be careful. Nik is going to look into fixing the code.

Additionally, going along the path of "publish host is pretty confusing for most", more ideas:

  • moving bind.host/publish.host to an expert setting of the docs: "network.host" is preferred.
  • remove warnings about publish host autoselection (in 2.x/master only right now), as we don't want to encourage people specifying it.

@bleskes bleskes mentioned this issue Nov 4, 2015
Closed
@bleskes
Copy link
Contributor

bleskes commented Nov 4, 2015

FYI we have a related build failure: #14513

@nik9000 nik9000 mentioned this issue Nov 4, 2015
Closed
@ywelsch ywelsch mentioned this issue Nov 4, 2015
Merged
@ywelsch ywelsch closed this as completed in 1902c66 Nov 6, 2015
ywelsch pushed a commit that referenced this issue Nov 6, 2015
Port of publishAddress should match port of corresponding boundAddress
18576d6 
Closes #14535
Closes #14503
Closes #14514
Closes #14513
Closes #14476
@ywelsch ywelsch removed the v2.1.0 label Nov 6, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
:Distributed/Network Http and internode communication implementations v2.2.0 v5.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nik9000 @rmuir @bleskes @ywelsch