Try setting: advertised.listeners=EXTERNAL://<networkB>:9093,INTERNAL://<networkA>:9092 inter.broker.listener.name=INTERNAL listener.security.protocol.map=EXTERNAL:PLAINTEXT,INTERNAL:PLAINTEXT
Then you should be able to use <networkB>:9093 as your bootstrap.servers from outside the network or <networkA>:9092 from inside. Obviously the EXTERNAL listener should be EXTERNAL:SSL in production. Hope this helps, Tom Aley thomas.a...@ibm.com From: "周正虎" <yzujk0...@126.com> To: users@kafka.apache.org Date: 21/05/2018 23:59 Subject: Kafka behind NAT We have kafka behind NAT with *only one broker*. Let say we have internal (A) and external (B) network. When we try to reach the broker from external network (we use bootstrap.servers parameter set to B address) then what is obvious the broker responds with internal network's address (A) which is not resolvable in external network. We cannot set advertised.listeners to external network's address because the broker is also used from internal network. I hope that somebody dealt with simillar problem. Thanks for any help. Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
