Dear experts
We have a HANA 2.0 with a Tenant Database.
The hosts of the HANA 2.0 Installation has an internal IP Address.
Adding the System DB and the Tenant DB to HANA Studio inside our local network is possible.
Now we configured the firewall to allow external access and published ports 3xx13 - 3xx15 and configured a rule that routes the incoming traffic to the HANA 2.0 System (Firewall Rule Public IP Port 3xx13 - 3xx15 -> HANA Internal IP Address Port 3xx13- 3xx15)
Adding the system DB to the HANA Studio using the public IP Address is possible but adding the Tenant HT1 will not work because the internal IP address is being queried.
Of course that the internal IP Adress is not accessible outside our network.
A workaround would be to use a VPN but I was wondering if it’s douable without VPN (only configuring the firewall for external access).
Any thoughts ?
Cheers
Please check following guide about the ports range for HANA tenant database:
You can also determine the ports used by the tenant, by executing following script (execute from tenant database):
SELECT SERVICE_NAME, PORT, SQL_PORT, (PORT + 2) HTTP_PORT FROM SYS.M_SERVICES WHERE ((SERVICE_NAME='indexserver' and COORDINATOR_TYPE= 'MASTER') or (SERVICE_NAME='xsengine'))
This sounds a lot like the configuration issue that was faced by users of HANA Express Edition on Google Cloud.
It boils down to setting a global.ini parameter for mapping 'localhost' to the desired IP address.
ALTER SYSTEM ALTER CONFIGURATION (‘global.ini’, ‘SYSTEM’) SET (‘public_hostname_resolution’, ‘map_localhost’) = ‘xx.xx.xx.xx’ WITH RECONFIGURE;
Hi Lars
The comments describe perfectly the current issue.
I've used the mentioned SQL but the HANA Studio is still querying the Internal IP Address
Tried various combinations (also with use_default_route) but unfortunately no luck.
Any other ideas ?
Yes; not only the tenant but the whole HANA Instance was restarted.
Ok, can you check what is actually set in the instance right now?
select * from "PUBLIC"."M_HOST_INFORMATION"
where key like 'net%';
select * from "PUBLIC"."M_INIFILE_CONTENTS"
where
file_name='global.ini'
and section ='public_hostname_resolution';
I've attached 2 screenshots for better understanding (I had to mask the real info due to well known reasons)
Sorry, there might be a misunderstanding.
Can you set the parameter in section public_host_name_resolution to be called map_<actual hostname>?
ALTER SYSTEM ALTER CONFIGURATION ('global.ini', 'SYSTEM')
SET('public_hostname_resolution','map_<<hostname>>')='xx.xx.xx.xx' WITH RECONFIGURE;
On the SYSTEM DATABASE I executed:
ALTER SYSTEM ALTER CONFIGURATION ('global.ini', 'SYSTEM') SET('public_hostname_resolution','map_hostname')='xx.xx.xx.xx' WITH RECONFIGURE;
xx.xx.xx.xx = Public IP Address.
Unfortunately after a couple of moments the tenant is crashing. I think the tenant doesn't like this parameter ...
So I have to delete this parameter and then start the tenant.
Ok, at this point I think it would be easier to open a support issue - this back and forth via comments is not very efficient.
Also, if the tenant crashes, typically there's information on that in the corresponding indexserver tracefile. Reviewing that would be my next step of analysis.