Quick Links

Re: Pgpool-II 4.7.0 released.

From:	Tatsuo Ishii <ishii(at)postgresql(dot)org>
To:	emond(dot)papegaaij(at)gmail(dot)com
Cc:	pgpool-general(at)lists(dot)postgresql(dot)org
Subject:	Re: Pgpool-II 4.7.0 released.
Date:	2026-01-23 04:35:10
Message-ID:	20260123.133510.1195841695338539350.ishii@postgresql.org
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgpool-general

>> We are thinking to add:
>> wd_listen_addresses0=''
>> heartbeat_listen_addresses0=''
>> :
>> :
>>
>> because watchdog and hearbeat needs separate listen addresses
>> parameter. So if we would add these parameters, users will need to
>> configure number_of_watchdog_nodes * 2 parameters, which will be a
>> pain.
>
> I would expect to only have to configure 2 listen_addresses, because a
> single instance only listens once per service (watchdog and
> heartbeat). Is there a reason to have to configure the listen
> addresses for all nodes on every node? Why does node 0 need to know
> the listen address of nodes 1 and 2?
>
> Isn't it possible to add the configuration like this:
> wd_listen_address = '*'
> wd_port = 9009
> wd_heartbeat_listen_address = '*'
> wd_heartbeat_port = 9694

Ok, that makes sense.

wd_listen_addresses (consistent with listen_addresses)
wd_listen_port (wd_port already exists)
wd_heartbeat_listen_addresses (consistent with listen_addresses)
wd_heartbeat_listen_port (adding "listen" looks more consistent with other params)

> I think it's also better to not assume the listen address and port are
> identical to the address and port on which to connect. For example,
> specific TCP forwarding rules might redirect traffic to entirely
> different addresses and ports. So node 0 might listen at
> 192.168.3.50:10000, but TCP forwarding rules might require node 1 to
> connect to 10.0.3.50:9009 to connect to node 0.

Ok, so we will have following 4 new params?

wd_listen_addresses
wd_listen_port
wd_heartbeat_listen_addresses
wd_heartbeat_listen_port

>> One way to mitigate this is, to consider default values for these
>> parameters if they are not specified. There are two candidate for the
>> default value.
>>
>> (1) "*"
>>
>> This is similar to the pre-4.7 behavior, but less secure.
>>
>> (2) same as hostname0 (for wd_listen_addresses0) and
>> heartbeat_hostname0 (for heartbeat_hostname0).
>>
>> This is current 4.7 behavior and more secure but does not work for
>> your environment.
>>
>> What do you think?
>
> I think, whatever implementation for the new parameters is chosen, the
> default behavior or 4.7 should not change. So I'd go for option 2. I
> don't mind having to change the configuration to get 4.7 working for
> us, but I wouldn't expect a new version to be less secure by default
> than the previous version was.

Agreed.

Best regards,
--
Tatsuo Ishii
SRA OSS K.K.
English: http://www.sraoss.co.jp/index_en/
Japanese:http://www.sraoss.co.jp

In response to

Re: Pgpool-II 4.7.0 released. at 2026-01-22 10:05:20 from Emond Papegaaij

Responses

Re: Pgpool-II 4.7.0 released. at 2026-01-23 07:25:26 from Tatsuo Ishii

Browse pgpool-general by date

	From	Date	Subject
Next Message	Tatsuo Ishii	2026-01-23 07:25:26	Re: Pgpool-II 4.7.0 released.
Previous Message	Emond Papegaaij	2026-01-22 10:05:20	Re: Pgpool-II 4.7.0 released.