你好,互联网智囊团!
我们有一个运行 RDS 的 Windows 2012 R2 机器,并且想要运行 Bloomberg 桌面终端。
我们知道其他人运行此配置,但有一个区别:
-> 我们正在利用彭博的私有 IP 网络(我猜是 T1 上的 MPLS),而不是通过开放互联网连接。
问题:
在我们的测试环境中,Bloomberg 实例将通过互联网连接,但不通过私有 IP(Bloomberg 路由器连接到我们路由器的 WAN 端口)。
问题:
为什么?说真的,我真的很想知道是什么系统服务/ IP 堆栈/差异导致私有 IP 连接失败。
背景:
- 私有 IP 连接适用于正在使用的 Windows 7/8.1 实例(包括 VM)。
- 彭博社将不支持服务器版主机操作系统(这与部署前两次确认计划的呼吁相矛盾)。也就是说,他们不会提供帮助。
- 通过开放互联网(或常规 WAN)连接时,系统可按预期工作。
- 我们已经在干净的 2012 安装上进行了测试,防火墙已禁用,没有 GPO/域、管理员帐户 - 行为相同,因此与 RDS 无关。
迄今为止尝试过
- 验证了 SonicWall 路由器上的网络设置(再次,Win 7 客户端连接良好。)
- 上述“全新安装”
- 在服务器上手动输入所需的彭博“内部” IP 的路由(在 Win 7 上没有必要,但我会这么做。彭博有一个方便的 MakeRoute GUI 实用程序可用于此。)
- 使用进程监视器来识别可能缺失的程序集(与正常运行的 win 7 框相比)。
- 其他事情我很确定,但战争迷雾很棒。
“嗯,这很有趣,但是......”
查看 netstat 时,Bloomberg 支持对与端口 8292 的通信非常感兴趣。
更新 1:静态路由和 Bloomberg 网关 IP
我之前提到过,我尝试使用 Bloomberg 附带的工具来利用静态路由,该工具采用 Bloomberg 网关的 IP(192.168.100.2)并向操作系统插入一系列预定义路由。
实用输出:
Persistent Routes: Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.150.1 Default
199.105.176.0 255.255.248.0 192.168.100.2 1
199.105.184.0 255.255.254.0 192.168.100.2 1
205.183.246.0 255.255.255.0 192.168.100.2 1
208.134.161.0 255.255.255.0 192.168.100.2 1
69.184.0.0 255.255.0.0 192.168.100.2 1
更新 2:IP 地址和端口
**Network Address Specifications**
For a private connection, the Client computer must be able to connect to ALL networks in the following Bloomberg subnets:
208.134.161.0 using the subnet mask of 255.255.255.0
205.183.246.0 using the subnet mask of 255.255.255.0
199.105.176.0 using the subnet mask of 255.255.248.0
199.105.184.0 using the subnet mask of 255.255.254.0
69.184.0.0 using the subnet mask of 255.255.0.0
The above network prefixes are advertised using RIP v2 from the Ethernet ports of the
Bloomberg Routers installed at the client site. Alternatively, clients wishing not to
receive RIP can configure their networks to route statically to the above prefixes
through the Ethernet ports of the Bloomberg Routers.
For Internet connections, the Client PC must be able to connect to the following Bloomberg
subnets:
160.43.250.0 using the subnet mask of 255.255.255.0
206.156.53.0 using the subnet mask of 255.255.255.0
205.216.112.0 using the subnet mask of 255.255.255.0
208.22.56.0 using the subnet mask of 255.255.255.0
208.22.57.0 using the subnet mask of 255.255.255.0
69.191.192.0 using the subnet mask of 255.255.192.0
The Client PC must be able to connect to the following Bloomberg ports:
UDP Destination Ports 48129-48137
TCP Destination Ports
8194-8198
8209-8220
8290-8294
For BRIN connections, the Client PC must be able to connect to ANY IP address on the
above Bloomberg ports.
源 PDF:传输和安全规范
NetStat 输出 (注:测试电脑在192.168.150.x网络,Bloomberg私有网关是192.168.100.2)。
Pinging 192.168.100.2 with 32 bytes of data.
Reply from 192.168.100.2 Time 3 ms TTL 255 Size 32
Reply from 192.168.100.2 Time 1 ms TTL 255 Size 32
Reply from 192.168.100.2 Time 1 ms TTL 255 Size 32
Reply from 192.168.100.2 Time 1 ms TTL 255 Size 32
Ping statistics for 192.168.100.2:
Packets: Sent = 4 Received = 4 Lost = 0
Approximate round trip times in milli-seconds:
Minimum = 0ms Maximum = 3ms Average = 1ms
Active Connections:
Proto Local Address Foreign Address State
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3388 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5504 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49165 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49183 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49187 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49190 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49191 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49192 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49266 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49910 127.0.0.1:49911 ESTABLISHED
TCP 127.0.0.1:49911 127.0.0.1:49910 ESTABLISHED
TCP 127.0.0.1:49912 127.0.0.1:49913 ESTABLISHED
TCP 127.0.0.1:49913 127.0.0.1:49912 ESTABLISHED
TCP 127.0.0.1:49914 127.0.0.1:49915 ESTABLISHED
TCP 127.0.0.1:49915 127.0.0.1:49914 ESTABLISHED
TCP 127.0.0.1:49916 127.0.0.1:49917 ESTABLISHED
TCP 127.0.0.1:49917 127.0.0.1:49916 ESTABLISHED
TCP 127.0.0.1:49918 127.0.0.1:49919 ESTABLISHED
TCP 127.0.0.1:49919 127.0.0.1:49918 ESTABLISHED
TCP 127.0.0.1:49920 127.0.0.1:49921 ESTABLISHED
TCP 127.0.0.1:49921 127.0.0.1:49920 ESTABLISHED
TCP 127.0.0.1:49922 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49923 127.0.0.1:49924 ESTABLISHED
TCP 127.0.0.1:49924 127.0.0.1:49923 ESTABLISHED
TCP 127.0.0.1:49925 127.0.0.1:49926 ESTABLISHED
TCP 127.0.0.1:49926 127.0.0.1:49925 ESTABLISHED
TCP 127.0.0.1:49927 127.0.0.1:49928 ESTABLISHED
TCP 127.0.0.1:49928 127.0.0.1:49927 ESTABLISHED
TCP 127.0.0.1:49929 127.0.0.1:49930 ESTABLISHED
TCP 127.0.0.1:49930 127.0.0.1:49929 ESTABLISHED
TCP 127.0.0.1:49931 127.0.0.1:49932 ESTABLISHED
TCP 127.0.0.1:49932 127.0.0.1:49931 ESTABLISHED
TCP 127.0.0.1:49933 127.0.0.1:49934 ESTABLISHED
TCP 127.0.0.1:49934 127.0.0.1:49933 ESTABLISHED
TCP 127.0.0.1:49935 127.0.0.1:49936 ESTABLISHED
TCP 127.0.0.1:49936 127.0.0.1:49935 ESTABLISHED
TCP 127.0.0.1:49937 127.0.0.1:49938 ESTABLISHED
TCP 127.0.0.1:49938 127.0.0.1:49937 ESTABLISHED
TCP 127.0.0.1:49939 127.0.0.1:49940 ESTABLISHED
TCP 127.0.0.1:49940 127.0.0.1:49939 ESTABLISHED
TCP 127.0.0.1:49941 127.0.0.1:49942 ESTABLISHED
TCP 127.0.0.1:49942 127.0.0.1:49941 ESTABLISHED
TCP 127.0.0.1:49943 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49944 127.0.0.1:49945 ESTABLISHED
TCP 127.0.0.1:49945 127.0.0.1:49944 ESTABLISHED
TCP 192.168.150.32:139 0.0.0.0:0 LISTENING
TCP 192.168.150.32:8290 208.134.161.154:8292SYN_SENT
TCP 192.168.150.32:49262 192.168.150.30:445 ESTABLISHED
TCP 192.168.150.32:49263 192.168.150.30:445 ESTABLISHED
TCP 192.168.150.32:49264 192.168.150.30:445 ESTABLISHED
TCP 192.168.150.32:49265 192.168.150.30:445 ESTABLISHED
TCP 192.168.150.32:49662 212.73.235.22:443 ESTABLISHED
TCP 192.168.150.32:49950 38.113.165.101:443 TIME_WAIT
TCP 192.168.150.32:49951 38.99.185.100:443 TIME_WAIT
TCP 192.168.150.32:49952 192.168.150.30:135 ESTABLISHED
TCP 192.168.150.32:49953 192.168.150.30:49155ESTABLISHED
TCP 192.168.150.32:49955 74.125.226.48:443 ESTABLISHED
TCP 192.168.150.32:49957 74.125.226.38:443 ESTABLISHED
TCP 192.168.150.32:49958 74.125.141.95:443 ESTABLISHED
TCP 192.168.150.32:49959 74.125.226.55:443 ESTABLISHED
TCP 192.168.150.32:49960 74.125.226.35:443 ESTABLISHED
TCP 192.168.150.32:49961 74.125.226.48:443 ESTABLISHED
TCP 192.168.150.32:49962 74.125.226.47:443 ESTABLISHED
TCP 192.168.150.32:49965 74.125.141.95:443 ESTABLISHED
TCP 192.168.150.32:49968 74.125.226.47:443 ESTABLISHED
TCP 192.168.150.32:49976 192.168.150.30:135 TIME_WAIT
TCP 192.168.150.32:49977 192.168.150.30:49155ESTABLISHED
TCP 192.168.150.32:49980 74.125.226.55:443 ESTABLISHED
TCP 192.168.150.32:49981 38.113.165.101:443 TIME_WAIT
TCP 192.168.150.32:49988 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:49989 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:49998 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50000 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50004 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50022 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50024 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50034 74.125.226.35:443 ESTABLISHED
TCP 192.168.150.32:50042 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50054 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50059 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50089 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50110 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50113 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50126 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50127 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50128 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50133 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50134 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50135 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50148 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50151 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50183 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50193 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50209 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50225 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50226 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50229 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50246 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50247 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50248 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50262 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50266 192.168.150.1:9999 TIME_WAIT
TCP 192.168.150.32:50267 192.168.150.1:9999 TIME_WAIT
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:3389 *:*
UDP 0.0.0.0:3391 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:51973 *:*
UDP 0.0.0.0:51975 *:*
UDP 0.0.0.0:51976 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:53451 *:*
UDP 127.0.0.1:53454 *:*
UDP 127.0.0.1:61376 *:*
UDP 127.0.0.1:62320 *:*
UDP 127.0.0.1:62321 *:*
UDP 127.0.0.1:62511 *:*
UDP 127.0.0.1:63318 *:*
UDP 192.168.150.32:137 *:*
UDP 192.168.150.32:138 *:*
UDP 192.168.150.32:1645 *:*
UDP 192.168.150.32:1646 *:*
UDP 192.168.150.32:1812 *:*
UDP 192.168.150.32:1813 *:*
UDP 192.168.150.32:1900 *:*
UDP 192.168.150.32:53450*:*
答案1
我的猜测是 Windows 7 正在使用 IP 源路由,因此数据包首先被发送到 Bloomberg 路由器,然后通过私有网络转发它们,服务器可能已禁用源路由,因此数据包被发送到本地网关/防火墙/路由器,而这些网关/防火墙/路由器的路由表中可能没有 Bloomberg 路由器作为这些 IP 的路由。