Hi - I'm hoping somebody can help.
I have a multi-homed machine and I'm trying to configure sensible bindings for the various services in order that the exposed application interfaces are as limited as possible.
I've investigated the -b (or --host) runtime parameter to set the jboss.bind.address and bind.address (JGroups) bindings. There is some success here, the JNDI and HAJNDI services are listening on the protected interfaces, and the JGroups services UDP traffic is binding over the same interfaces (confirmed via netstat -gn).
However, if I understand correctly, the entire HAJNDI implementation is transparent to the calling EJBs through effectively an internal re-write of the InitialContext() call. However, as such services are typically provided via localhost and such services are no longer bound to this IP address I am receiving the (apparently) classic "javax.naming.CommunicationException: Could not obtain connection to any of these urls: localhost:1100". This error doesn't seem unreasonable given that nothing is listening on the localhost:1100 port.
Am I missing something simple, as I'm sure most enterprise deployments will have experienced such. Additionally, I've seen in various posts mention of 'binding-services' as a way to over-ride key services - however the documentation on this topic is limited to say the least.
Any thoughts or pointers welcomed