[mythtv-users] MythTV needs to listen on 2 ports

Michael A Weber mweberjunk01 at gmail.com
Fri Oct 31 16:44:05 UTC 2014 

On Oct 31, 2014, at 2:26 AM, Joseph Fry <joe at thefrys.com> wrote:

> 
> I am a new user to the is group.  And ran into a brick wall trying to understand an use MythTV the way its intended in my network.  Which I will admit is a bit complex.
> 
>  
> 
> I am running a MythBuntu server (ver 14.04.1) running MythTV 0.27.  This server has 2 network cards on 2 different networks with static IPs set…
> 
> 192.168.2.0/26 (Parents Network)
> 
> 192.168.3.0/26 (Kids Network)
> 
>  
> 
> What I am trying to find out is if it’s possible for the MythTV backend service to listen on more than 1 port.  Depending on which network I have it configured to listen too, will depend on which clients can connect.  Not just the SQL DB.  But the service which uses ports 6544 & 6543 that the clients connect to.
> 
>  
> 
> After using grep to look thru the entire file structure to locate where the backend setting was, I decided to install MySQL Workbench an found the backend setting in the SETTING Table in Mythconverg DB.  And it appears that since there is no Primary Key, MySQL Workbench can only open the DB in Read-Only.  Meaning I cannot make changes to it.
> 
> 
> I think your over complicating this by trying to multi-home the server.
> 
> You have a layer 3 switch (which is basically a router)... just create a new network for the server and assign the server an IP in the new subnet.  Then the clients would route to it like any other machine outside their subnet.  If your worried about throughput using a single 100mb connection to the server, then use bond your nics using LACP (assuming your switch supports it) or whatever proprietary link aggregation protocol your switch supports.
> 
> If your server must retain it's IP's in the existing subnets, your could possibly VLAN trunk the port(s) and assign the IP's from each subnet as well.  Then the server would have 3 IP's assigned to one NIC (or bonded pair), one in each subnet, and one in a separate network dedicated to just the server(s).  Mythtv would use the new IP, but other services could listen on one of the other IP's... for example you have a webserver that should only be accessible by the 192.168.2.0 subnet.
> 
> There are a ton of ways to accomplish what you want... but the above is probably the ideal solution.  You couldn't do it with a lesser switch, but since you have a layer 3 switch, you may as well use it!
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://www.mythtv.org/mailman/listinfo/mythtv-users
> http://wiki.mythtv.org/Mailing_List_etiquette
> MythTV Forums: https://forum.mythtv.org

I think Joe has touched upon a very valid solution, and quite possibly the industry-accepted solution, which is in reality a similar solution to creating a subnet ON the Mythbuntu box itself, but perhaps more secure.  Why?  As someone who has done multi-homing of servers (and Microsoft servers at that) as you are trying to do, I also found out along the way that it’s a terribly undesirable solution from a security standpoint.  Straddling two disconnected networks with a single piece of hardware poses a risk in that if that hardware gets compromised, there goes your security.

And, since it appears from this thread that security is of utmost importance against those malicious little demons you’re raising, I think that security needs to be kept in mind.  Rather than taking the easy route of multi-homing (and it is the easy route, not necessarily the best route), taking an approach to only grant access to that which you wish to have accessed would be a much better option.  It’s like Microsoft versus Unix…  years ago, Microsoft gave away the keys to the cottage in the Hamptons and wanted you to take them away from others, while Unix only gave away one key to Root (whoever he/she was) and made Root create keys to give out to others as needed.  The former was far easier, but also far less secure (and Microsoft is still recovering from that approach).  That’s just my $0.02...

Being Halloween, I just had to throw something out there about your kids, which surprises me that someone far more creative than I am - and there are a LOT in this Myth world - hasn’t mentioned a single thing about them.  :)

Happy Halloween!

Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mythtv.org/pipermail/mythtv-users/attachments/20141031/b2bc0e23/attachment.html>

More information about the mythtv-users mailing list