问题
JMX enabled Java application appears to open a random high order port when JMX client connects
I have successfully configured a helloworld JMX enabled program, and I can connect to it using jconsole JMX client from a remote location.
When I attempt to turn on iptables I noticed that a random high order port is established when a client logs in. Eventually I would like to monitor Java applications in firewall segregated network segments. Can we control the range the random port opens in?
I'll move this question to serverfault.com if suggested.
回答1:
It's possible to control the port used by RMI. See: http://olegz.wordpress.com/2009/03/23/jmx-connectivity-through-the-firewall/
This requires code and a command-line parameter. There's no way that I know of to do this without code (though the code can obviously be packaged in a different jar).
回答2:
Since Java 7u25 the RMI port can be changed with a system property:
-Dcom.sun.management.jmxremote.rmi.port=1234
See this answer for details.
回答3:
Random third port seems to be expected behavior https://bugs.openjdk.java.net/browse/JDK-8035404
回答4:
by the way, this third ephemeral port can be controlled too - https://www.paybackblog.de/java-jmx-how-to-finally-control-your-ports/
回答5:
A workaround is to set the RMI port the same as the JMX port; then only that one port needs to be open on the Firewall.
For example:
-Dcom.sun.management.jmxremote.port=8989
-Dcom.sun.management.jmxremote.rmi.port=8989
See Why Java opens 3 ports when JMX is configured?
来源:https://stackoverflow.com/questions/7163173/jmx-enabled-java-application-appears-to-open-a-random-high-order-port-when-jmx-c