[Spice-devel] Spice required ports

Yaniv Kaul ykaul at redhat.com
Fri Dec 2 11:02:52 PST 2011 

On 12/01/2011 07:39 PM, Alon Levy wrote:
> On Thu, Dec 01, 2011 at 11:01:39AM -0500, Richard Mann wrote:
>>     Just joined.  Not sure where to ask this question.  It relates to
>>     security and opening ports on a firewall through which the Spice
>>     clients and server would communicate.  I would like to know how many
>>     ports will need to be opened on a firewall to support the 6
>>     communications channels between the Spice clients and server.
>>     Excerpt from Spice for Newbies PDF.
>>     --------------------------------------------------------
>>     2.3.2.1 Channels
>>     The client and server communicate via channels. Each channel type is
>>     dedicated to a specific type
>>     of data. Each channel uses a dedicated TCP socket......
>>     The available channels are:
>>     o Main - implemented by RedClient (see above).
>>     o DisplayChannel - handles graphic commands, images and video streams.
>>     o InputsChannel - keyboard and mouse inputs.
>>     o CursorChannel - pointer device position, visibility and cursor shape.
>>     o PlaybackChannel - audio received from the server to be played by the
>>     client .
>>     o RecordChannel - audio captured on the client side.
>>     --------------------------------------------------------
>>     After looking at the Spice PDFs it appears to me that 6 ports would
>>     need to be opened although the default Spice server port appears to be
>>     5930 (just one port and not six).
>>     I would like to know how many ports are required (listening) on the
>>     Spice server to handle all 6 channels (TCP sockets)?  I am assuming
>>     each channel (TCP socket) requires its own port on the Spice server.
>>     Thanks,
>>     Rich
> The docs are correct - it is a single port, opened six times. The same
> way that firefox/$BROWSER opens multiple connections to a single server
> Broswers do this to speed up downloading of multiple images / css etc.,
> but the same idea - single port 80 but multiple connections aka
> sockets.

The word missing is 'destination'. There is a single destination port, 
with 6 different connections performed against it.
And re. HTTP's multiple connections, I'd look at 
http://www.chromium.org/spdy (do we need/want multiple display channel 
connections?)
Y.

>
> To be exact it can be two ports if you use both a ssl and a non ssl
> port, i.e. qemu -spice port=<port>,tls-port=<tls-port>
>
>> _______________________________________________
>> Spice-devel mailing list
>> Spice-devel at lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/spice-devel
> _______________________________________________
> Spice-devel mailing list
> Spice-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/spice-devel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20111202/5c286531/attachment.html>

More information about the Spice-devel mailing list