tencent cloud


Implementing Public Network Access with Iptables-Based Forwarding

Last updated: 2023-03-02 14:43:00


    CTSDB doesn't support direct public network access for the time being. You can use a CVM instance with a public IP for port forwarding so as to access CTSDB over the public network.
    Because iptables-based forwarding may be unstable, we recommend that you do not access instances over the public network in the production environment.


    1. Log in to a CVM instance and enable the IP forwarding feature. For more information, see Logging In To Linux Instance (Web Shell).
    The CVM instance and the database must be under the same Tencent Cloud account and in the same VPC in the same region.
    echo 1 > /proc/sys/net/ipv4/ip_forward
    2. Configure the forwarding rule. The sample code below forwards access requests originally to 26.xx.x.2:10001 (CVM instance public IP with a custom port as desired) to the CTSDB instance with the private IP 10.x.x.5:9200:
    iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 10.x.x.5:9200
    iptables -t nat -A POSTROUTING -d 10.x.x.5 -p tcp --dport 9200 -j MASQUERADE
    3. Configure the security group to open the public port of the CVM instance. We recommend that you configure a security group rule to allow only the source which needs to connect to the Redis instance. For more information, see Adding Security Group Rules.
    4. To connect to the CTSDB instance over the private network at its public IP (26.xx.xx.2:10001 in the sample code), you can use the same way as the private network connection. For more information, see Connecting to Instance.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support