Re: websockets and limitations of AWS ELB

Sunil Babu <cloudgrp.assist@...>


Check with 8080 port

Pls let me know is it https u r using as the port mentioned is secure one

In addition u can use Soap port in the protocol and port range definition

Other option is to use udp or icmp in addition to the prtocols used so that
from the pool of ports socket request will be. Handled


On Tuesday, April 26, 2016, Shannon Coen <scoen(a)> wrote:

I'm interested to hear from operators how you're supporting websockets for
CF on AWS, both for user tailing of app logs from Loggregator, and for apps
running on CF that take websocket requests.

Websockets are supported in CF by having a HTTP request containing the
Upgrade header reach Gorouter, which will establish a TCP connection to the
backend (app instance). Since we need Gorouter to handle the upgrade, your
ELB must be configured to listen on a port in TCP mode. However, in TCP
mode an ELB wouldn't be able to append the required X-Forwarded-For and
X-Forwarded-Proto headers. Assuming you'll keep HTTP over TLS on port 443,
you'll need to open an additional port on the ELB for websockets.

To support apps on PWS that take websocket requests, we've added port 4443
to the ELB in TCP mode. In response to feedback that this port is blocked
to corporate firewalls, we run a second ELB just for Loggregator, listening
on 443 in TCP mode. The domain name for Loggregator's route resolves to
this second ELB.

How are you working around this limitation? Do your users have issues with
configuring clients to make websocket requests on a non-standard port?

Thank you,

Shannon Coen
Product Manager, Cloud Foundry
Pivotal, Inc.
Thanks & Regards
Sunil Babu K C

Join to automatically receive all group messages.