<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 12/01/2011 07:39 PM, Alon Levy wrote:
<blockquote cite="mid:20111201173946.GO19650@garlic.tlv.redhat.com"
type="cite">
<pre wrap="">On Thu, Dec 01, 2011 at 11:01:39AM -0500, Richard Mann wrote:
</pre>
<blockquote type="cite">
<pre wrap=""> Just joined. Not sure where to ask this question. It relates to
security and opening ports on a firewall through which the Spice
clients and server would communicate. I would like to know how many
ports will need to be opened on a firewall to support the 6
communications channels between the Spice clients and server.
Excerpt from Spice for Newbies PDF.
--------------------------------------------------------
2.3.2.1 Channels
The client and server communicate via channels. Each channel type is
dedicated to a specific type
of data. Each channel uses a dedicated TCP socket......
The available channels are:
o Main - implemented by RedClient (see above).
o DisplayChannel - handles graphic commands, images and video streams.
o InputsChannel - keyboard and mouse inputs.
o CursorChannel - pointer device position, visibility and cursor shape.
o PlaybackChannel - audio received from the server to be played by the
client .
o RecordChannel - audio captured on the client side.
--------------------------------------------------------
After looking at the Spice PDFs it appears to me that 6 ports would
need to be opened although the default Spice server port appears to be
5930 (just one port and not six).
I would like to know how many ports are required (listening) on the
Spice server to handle all 6 channels (TCP sockets)? I am assuming
each channel (TCP socket) requires its own port on the Spice server.
Thanks,
Rich
</pre>
</blockquote>
<pre wrap="">
The docs are correct - it is a single port, opened six times. The same
way that firefox/$BROWSER opens multiple connections to a single server
Broswers do this to speed up downloading of multiple images / css etc.,
but the same idea - single port 80 but multiple connections aka
sockets.</pre>
</blockquote>
<br>
The word missing is 'destination'. There is a single destination
port, with 6 different connections performed against it.<br>
And re. HTTP's multiple connections, I'd look at
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a href="http://www.chromium.org/spdy">http://www.chromium.org/spdy</a>
(do we need/want multiple display channel connections?)<br>
Y.<br>
<br>
<blockquote cite="mid:20111201173946.GO19650@garlic.tlv.redhat.com"
type="cite">
<pre wrap="">
To be exact it can be two ports if you use both a ssl and a non ssl
port, i.e. qemu -spice port=<port>,tls-port=<tls-port>
</pre>
<blockquote type="cite">
<pre wrap="">_______________________________________________
Spice-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Spice-devel@lists.freedesktop.org">Spice-devel@lists.freedesktop.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freedesktop.org/mailman/listinfo/spice-devel">http://lists.freedesktop.org/mailman/listinfo/spice-devel</a>
</pre>
</blockquote>
<pre wrap="">
_______________________________________________
Spice-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Spice-devel@lists.freedesktop.org">Spice-devel@lists.freedesktop.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freedesktop.org/mailman/listinfo/spice-devel">http://lists.freedesktop.org/mailman/listinfo/spice-devel</a>
</pre>
</blockquote>
<br>
</body>
</html>