How to fix client ip for cross-cluster search (fw in between)


(Alberto Yoldi) #1

The situation is we have a ES cluster (A) on a security zone A and another cluster (B) on a different security zone B. Both zones are separated using a firewall. We would like to use the cross-cluster search from the ES cluster on zone A to the on on the zone B. The components of the cluster have several ip addresses (physical and virtual) and the one allowed to cross the FW is the virtual one (the cluster nodes can be moved to a different physical host but the virtual ip remains the same). But as I got from a tcpdump, the connection is not working due to ES using the physical ip address as client for the connection A -> B:9300. I guess ES simply asks the OS to open the connection and therefore the OS uses the first defined ip address, that is the physical one.

I tried setting all the network/transport parameters to the virtual IP but ES continues using the wrong one. I tried even the transport.profiles.client parameters:

transport.profiles.client.bind_host: <virtual.ip>
transport.profiles.client.port: 9500-9600

Any of you have any idea of how to force ES to use a fixed client ip address when contacting a remote cluster via cross cluster feature?

Any help is much appreciated!

Thanks in advance.


(Alberto Yoldi) #2

No one knows anything?? :_____(


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.