New issue created https://issues.apache.org/jira/browse/ARTEMIS-6004
When we have relied on Core protocol, we had solved DNS issue in a very similar way like you Gašper. Split DNS view for different type of clients does the trick. Actually, I even filled an issue previously about this https://issues.apache.org/jira/browse/ARTEMIS-3640 . That issue is now closed and points to https://artemis.apache.org/components/artemis/documentation/latest/ha.html#use-client-connectors-to-fail-over as a fix. I cannot test it though, since we don’t use Core for external clients anymore. As you correctly pointed out, sadly, DNS workaround doesn’t work for ports. -- Vilius From: Gašper Čefarin <[email protected]> Sent: Tuesday, April 14, 2026 10:20 AM To: [email protected] Cc: Vilius Šumskas <[email protected]> Subject: Re: broker topology list for AMQP connections I also came across this "issue" and I would also like this feature to be implemented. I wanted to be able to use different ip addresses (or network interfaces) for acceptors and connectors. I came across the idea of using domain names instead of IP addresses for connectors and acceptors, so that brokers would resolve primaryA.domain.local to [10.10.10.10] for example - overwritten in brokers' hosts files - and clients would resolve it to [10.20.20.20] (resolved by dns). This is more of a hack, though, and doesn't solve the different ports issue :) Gašper Čefarin T: +386 5 662 2700 E: [email protected]<mailto:[email protected]> W: www.actual-it.si<https://www.actual-it.si/> ACTUAL PRO d.o.o., Ferrarska ulica 14, 6000 Koper - Slovenija [Actual_PRO_hor_rgb_72dpi.png] ________________________________ From: Vilius Šumskas via users <[email protected]<mailto:[email protected]>> Sent: Tuesday, April 14, 2026 08:14 To: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> Cc: Vilius Šumskas <[email protected]<mailto:[email protected]>> Subject: RE: broker topology list for AMQP connections Yes, I could think of at least 3 cases where that would be useful: 1. For security reasons Core protocol is not exposed to clients and they need to connect through different port than cluster connectors (AMQP, MQTT). 2. Clients connect through SSL, but cluster connector topology don't need SSL. 3. Clients connect through load balancer and external DNS is used, but the same load balancer cannot be used internally and cluster connectors rely on internal DNS. Is it correct topology or not, I think it's debatable. Core clients do not have this issue because usually connector and acceptor ports match in that case (i.e. Core protocol is used for both, to form a cluster, and to serve external clients). However, clients really connect to acceptors, not connectors. I understand that every Artemis node knows only about his acceptors, so there is probably no way to generate topology hostname list from the acceptor list. But maybe there are better ways. I will create a ticket in a few. -- Vilius >-----Original Message----- >From: Justin Bertram <[email protected]<mailto:[email protected]>> >Sent: Tuesday, April 14, 2026 5:48 AM >To: [email protected]<mailto:[email protected]> >Subject: Re: broker topology list for AMQP connections > >> Is there a way to send a correct broker topology port from the broker side >without changes to the clients? > >In short, no, not for your use-case. As far as the broker is concerned, it is >sending >the correct topology to the AMQP client because that's all it knows about >based on >what is being broadcast around the cluster. This is how it work for Core >clients as >well. > >There is no way on the broker to tell it to not send that information to the >client, >but that seems like a worthwhile feature to implement. > > >Justin > >On Mon, Apr 13, 2026 at 3:24 PM Vilius Šumskas via users ><[email protected]<mailto:[email protected]>> wrote: >> >> Hello, >> >> >> >> let’s say we have a HA cluster with one primary and one backup node. >Configuration is straight forward: >> >> >> >> <connectors> >> >> <connector >> name="artemis-primary">tcp://primaryA:61616</connector> >> >> <connector >> name="artemis-backup">tcp://backupB:61616</connector> >> >> </connectors> >> >> >> >> Since we want to use this cluster with external AMQP clients we have >> configured >standard 5672 port with just that protocol and exposed it through the >firewall. Port >61616 is used just to form a cluster. For security reasons it is unavailable to >external clients. >> >> >> >> <acceptors> >> >> <acceptor >> name="artemis">tcp://0.0.0.0:61616?tcpSendBufferSize=1048576;tcpReceiv >> >eBufferSize=1048576;amqpMinLargeMessageSize=102400;protocols=CORE,AMQP >> >,STOMP,HORNETQ,MQTT,OPENWIRE;useEpoll=true;amqpCredits=1000;amqpLow >Cre >> dits=300;amqpDuplicateDetection=true;supportAdvisory=false;suppressInt >> ernalManagementObjects=false</acceptor> >> >> >> >> <acceptor >> name="amqp">tcp://0.0.0.0:5672?tcpSendBufferSize=1048576;tcpReceiveBuf >> ferSize=1048576;protocols=AMQP;useEpoll=true;amqpCredits=1000;amqpLowC >> redits=300;amqpMinLargeMessageSize=102400;amqpDuplicateDetection=true< >> /acceptor> >> >> </acceptors> >> >> >> >> We also have one more acceptor for SSL connections on port 5671 for these >external clients, but for simplicity I omitted it. The problem can be repeated >on >standard plaintext AMQP. >> >> >> >> In Qpid JMS client we use the following connection URL: >> failover:(amqp://primaryA:5672,amqp://backupB:5672) >> >> >> >> Under normal circumstances this works, but if we do a broker failover, or if >> we >(for testing reason) kill network reachability of primary node, Qpid client >then tries >to connect to amqp://backupB:616161 instead of port 5672. When debugging I >see that this port comes as a part of AMQP “open” frame which then replaces >client’s connection URL. >> >> >> >> As a workaround I found amqpOpenServerListAction=IGNORE transport option. >However, this means that we would have to update hundreds of our Qpid JMS >clients we don’t really control with a new connection URL. >> >> >> >> Is there a way to send a correct broker topology port from the broker side >without changes to the clients? >> >> >> >> I remembered that Artemis has >https://artemis.apache.org/components/artemis/documentation/latest/ha.html#<https://artemis.apache.org/components/artemis/documentation/latest/ha.html> >use-client-connectors-to-fail-over but I assume this works only for Core >clients? Or >maybe it works with Artemis JMS client? >> >> >> >> -- >> >> Best Regards, >> >> >> >> Vilius Šumskas >> >> Rivile >> >> IT manager > >--------------------------------------------------------------------- >To unsubscribe, e-mail: >[email protected]<mailto:[email protected]> >For additional commands, e-mail: >[email protected]<mailto:[email protected]>
