Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Consul 0.8.x LAN servers attempting to connect to each other using TCP/8302 #3058
Description of the Issue (and unexpected/desired result)
While testing upgrades of my Consul servers I noticed the following error message periodically occurring:
These servers are all on the same LAN (no WAN connections have been configured) and they have "firewall rules" (AWS security groups) preventing TCP/8302 connections between each other. The ports used documentation indicates that this should only be used for WAN usage.
Since I'm testing upgrades, the
I have tested the Consul binaries from 0.8.3 down to 0.7.5 and can confirm that this behaviour was introduced in 0.8.0.
Basic connectivity checks:
What I expect:
The Consul LAN servers should not attempt to connect to each other using TCP/8302.
To follow up.
When I allow TCP/8302 between the servers, I see log messages like the following:
This is really confusing since I did not specifically configure WAN networking.
If you use the WAN at all this is always what you want, though we have gotten some folks confused by this that don't use it. We hesitated adding extra config complexity but we are listening to feedback on this. We should update the documentation to make this more clear about port 8302 though.
@slackpad Thanks for the update. I read the release notes and the docs and it wasn't clear to me that this change would have LAN machines connecting to each other on the WAN port. I do however understand the rationale.
This does seem to now be a documentation issue so I'm closing this specific bug report.
For those that come later, I added the following, on my Consul servers, to resolve the issue: