May 9, 2004 at 6:00 am
Hello,
I have a cople of SQL Servers on my network. When I select "New SQL Server Registration" in Enterprise Manager and click the dropdown list on the right("...") both of the servers show up in the list.
How exactly is this list being populated?
Is there a way to prevent this server list from being populated with active SQL Servers on my network?
I would like to hide the servers in this list from all users on the network.
Does anyone know a way to do this?
I would appreciate any feedback.
Thanks,
John
May 10, 2004 at 5:53 am
Hide server check box on TCP/IP Properties of SQL Server Network Utility
May 10, 2004 at 8:20 am
Thanks for your response. I selected the hide server option but I noticed that by doing this the port is automatically changed to use 2433. It looks like you cannot change it to use any other port while the hide server option is set either.
Do you know if there a way to hide the servers without changing the port to 2433?
May 10, 2004 at 9:50 am
Hide servers does require a change to 2433, no way around that one. You can block udp/1434, which is the SQL Server Listener Service. If it's Windows 2000, you can set up an IPSec Policy rule to do this on the servers themselves. Keep in mind that this means you'll block anything related to udp/1434... so if you have linked servers to other SQL Servers running named instances, you'll have to specify the TCP ports in the linked server connections.
K. Brian Kelley
@kbriankelley
May 11, 2004 at 9:45 am
Hi Brian,
Thanks for your response. I'm sort of new to the networking part of this. What does the SQL Listener Service do exactly?
Also, these two boxes are Windows 2000 machines -If I block udp/1434 is there anything else that I need to worry about breaking besides linked server connections?
I'd appreciate any feedback you may have!
Thanks!
John
May 11, 2004 at 9:56 am
The SQL Server listener service does two key things.
1) When a client asks for a list of SQL Servers on a given subnet, it broadcasts udp/1434 to that subnet. Any SQL Servers on the subnet which haven't been configured to hide themselves will respond back.
2) When you attempt to connect to a named instance, there's no telling what TCP port it is listening on. A default instance listens on tcp/1433 unless changed to something different. Therefore a connection to MyServer using TCP/IP will go to tcp/1433 unless you've told it differently. However, with a named instance, you have no idea what port to talk to. So MyServer\MyInstance could be listening on port 2567 or port 9867. The way the client finds out is by asking the SQL Server listener service for that SQL Server. It sends a request to udp/1434 and the SQL Server responds back with the list of instances and what network ports they are listening on (aha, MyServer\MyInstance is really on 5999 not 2567 or 9867).
Therefore, if you're using Named Instances in any capacity, you'll need to configure connections to use the correct port (and in this case, it's best to go into Server Network Utility or the equivalent interface in Enterprise Manager) for the SQL Server instance and set it to a static port. By default a named instance will listen on the first TCP port it can grab. When that instance is restarted, it'll try and use that same port again, but should it be busy it'll just listen on a different port. This isn't what you want if you have prevented access to the listener service. You want a hard and fast port number to set all your clients to, either through aliases in Client Network Utility (cliconfg) or specified on the connection itself (<server>,<port> like MyServer,5999).
K. Brian Kelley
@kbriankelley
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply