I have a web server with multiple IP addresses that needs to connect to a database server. The DB server is behind a firewall that's controlled by an IP address whitelist. (If it matters, it's an Oracle server.) Is there a way to specify the IP address used by the web server in the OracleConnection
, so that only one IP needs to be added to the whitelist?
我有一个具有多个IP地址的web服务器,需要连接到数据库服务器。DB服务器位于由IP地址白名单控制的防火墙之后。(如果重要的话,它是一个Oracle服务器。)是否有一种方法可以指定web服务器在OracleConnection中使用的IP地址,从而只需要将一个IP添加到白名单中?
I see there are a few similar questions about specifying outgoing IP addresses (such as this one and a couple linked from there), but none that specifically mention database connections.
我看到有一些类似的问题关于指定传出的IP地址(比如这个和从那里链接的一对),但是没有一个特别提到数据库连接。
3 个解决方案
#1
1
Generally speaking for a web server, you have one or more externally addressable IPs, but only one internal one.
一般来说,对于web服务器,您有一个或多个外部可寻址的ip,但是只有一个内部ip。
The internal address is what is connected to your internal network for communicating with things like database servers. The external ones are used when outside clients connect or for outbound communications..
内部地址是连接到内部网络的东西,用于与数据库服务器之类的东西进行通信。当外部客户端连接或出站通信时使用外部客户端。
#2
2
The database side doesn't come into play (much).
数据库方面没有发挥作用(很多)。
On my simple network, I have a modem/router that gets an internet IP address from my ISP and has a different IP address for the local network. I have configured it to forward requests made on port 80 (the port used for HTTP requests) to a particular IP address on my local network.
在我的简单网络上,我有一个调制解调器/路由器,它从我的ISP那里得到一个互联网IP地址,并且在本地网络上有一个不同的IP地址。我已经将它配置为将端口80(用于HTTP请求的端口)的请求转发到本地网络上的特定IP地址。
IP addresses can by allocated dynamically (DHCP) or statically. Because I want my HTTP requests to go to a particular machine, I need that machine to always have the same IP address. One way to do that is have the machine request a static IP address when it connects to the network. Another is to have the router dynamically allocate an IP address but to always use a specific one for a specific MAC address. I've gone the latter route. Which you choose to do and how you do it depend on your situation (eg OS and network setup).
IP地址可以通过动态分配(DHCP)或静态分配。因为我想把HTTP请求发送到特定的机器,所以我需要这台机器始终具有相同的IP地址。一种方法是让机器在连接到网络时请求一个静态IP地址。另一种方法是让路由器动态地分配一个IP地址,但总是为一个特定的MAC地址使用一个特定的IP地址。我走了后一条路。您选择做什么以及如何做取决于您的情况(如操作系统和网络设置)。
In your situation you want the local network addresses to be static for both the database server and the web server. That's really a networking issue.
在这种情况下,您希望本地网络地址对数据库服务器和web服务器都是静态的。这真的是一个网络问题。
The only time that programming may come into play is if you have multiple network ports. Take my laptop. It has a WiFi card and an Ethernet port. Each of those has a unique MAC address (actually every network device in the world has a unique MAC address). I can connect either or both of those ports to a single network or to two different networks.
只有当您有多个网络端口时,编程才能发挥作用。把我的笔记本电脑。它有一个WiFi卡和一个以太网端口。每一个都有一个独特的MAC地址(实际上,世界上每个网络设备都有一个独特的MAC地址)。我可以将这些端口中的任何一个或两个连接到一个网络或两个不同的网络。
If I connect both devices to the same network, they must have different IP addresses because an IP address needs to be unique to a network so the network knows where to send the messages. If I connect them to two different networks, then they might get the same IP address. [The Internet is one big network, but local area networks (LANs) are independent.]
如果我将两个设备连接到同一个网络,它们必须有不同的IP地址,因为IP地址必须是网络特有的,这样网络才知道发送消息的位置。如果我把它们连接到两个不同的网络,它们可能会得到相同的IP地址。[互联网是一个大网络,但局域网是独立的。]
If your machine has multiple network connections, you may need to direct a particular connection to a certain network (so I might always want my db connections to use the eth0 port and other things to use and eth1 port).
如果您的机器有多个网络连接,您可能需要将一个特定的连接指向一个特定的网络(因此我可能总是希望我的db连接使用eth0端口和其他要使用的东西以及eth1端口)。
#3
0
I would assume that the "multiple IP addresses" are in the DMZ (external network) , and that the database server is in a different (internal) network, no? You should not have this problem.
我假设“多个IP地址”位于DMZ(外部网络)中,而数据库服务器位于不同的(内部)网络中,不是吗?你不应该有这个问题。
#1
1
Generally speaking for a web server, you have one or more externally addressable IPs, but only one internal one.
一般来说,对于web服务器,您有一个或多个外部可寻址的ip,但是只有一个内部ip。
The internal address is what is connected to your internal network for communicating with things like database servers. The external ones are used when outside clients connect or for outbound communications..
内部地址是连接到内部网络的东西,用于与数据库服务器之类的东西进行通信。当外部客户端连接或出站通信时使用外部客户端。
#2
2
The database side doesn't come into play (much).
数据库方面没有发挥作用(很多)。
On my simple network, I have a modem/router that gets an internet IP address from my ISP and has a different IP address for the local network. I have configured it to forward requests made on port 80 (the port used for HTTP requests) to a particular IP address on my local network.
在我的简单网络上,我有一个调制解调器/路由器,它从我的ISP那里得到一个互联网IP地址,并且在本地网络上有一个不同的IP地址。我已经将它配置为将端口80(用于HTTP请求的端口)的请求转发到本地网络上的特定IP地址。
IP addresses can by allocated dynamically (DHCP) or statically. Because I want my HTTP requests to go to a particular machine, I need that machine to always have the same IP address. One way to do that is have the machine request a static IP address when it connects to the network. Another is to have the router dynamically allocate an IP address but to always use a specific one for a specific MAC address. I've gone the latter route. Which you choose to do and how you do it depend on your situation (eg OS and network setup).
IP地址可以通过动态分配(DHCP)或静态分配。因为我想把HTTP请求发送到特定的机器,所以我需要这台机器始终具有相同的IP地址。一种方法是让机器在连接到网络时请求一个静态IP地址。另一种方法是让路由器动态地分配一个IP地址,但总是为一个特定的MAC地址使用一个特定的IP地址。我走了后一条路。您选择做什么以及如何做取决于您的情况(如操作系统和网络设置)。
In your situation you want the local network addresses to be static for both the database server and the web server. That's really a networking issue.
在这种情况下,您希望本地网络地址对数据库服务器和web服务器都是静态的。这真的是一个网络问题。
The only time that programming may come into play is if you have multiple network ports. Take my laptop. It has a WiFi card and an Ethernet port. Each of those has a unique MAC address (actually every network device in the world has a unique MAC address). I can connect either or both of those ports to a single network or to two different networks.
只有当您有多个网络端口时,编程才能发挥作用。把我的笔记本电脑。它有一个WiFi卡和一个以太网端口。每一个都有一个独特的MAC地址(实际上,世界上每个网络设备都有一个独特的MAC地址)。我可以将这些端口中的任何一个或两个连接到一个网络或两个不同的网络。
If I connect both devices to the same network, they must have different IP addresses because an IP address needs to be unique to a network so the network knows where to send the messages. If I connect them to two different networks, then they might get the same IP address. [The Internet is one big network, but local area networks (LANs) are independent.]
如果我将两个设备连接到同一个网络,它们必须有不同的IP地址,因为IP地址必须是网络特有的,这样网络才知道发送消息的位置。如果我把它们连接到两个不同的网络,它们可能会得到相同的IP地址。[互联网是一个大网络,但局域网是独立的。]
If your machine has multiple network connections, you may need to direct a particular connection to a certain network (so I might always want my db connections to use the eth0 port and other things to use and eth1 port).
如果您的机器有多个网络连接,您可能需要将一个特定的连接指向一个特定的网络(因此我可能总是希望我的db连接使用eth0端口和其他要使用的东西以及eth1端口)。
#3
0
I would assume that the "multiple IP addresses" are in the DMZ (external network) , and that the database server is in a different (internal) network, no? You should not have this problem.
我假设“多个IP地址”位于DMZ(外部网络)中,而数据库服务器位于不同的(内部)网络中,不是吗?你不应该有这个问题。