I have setup one single environment for around 1500 hosts and more than 20 environment active gates for data collections from different data-center across the country, and by setting up the firewall rules on each environment active gate, each environment active gate only collect the local traffic, which means, applications only be able to connect to the environment active gate locally.
This causes an issue recently. Because the OneAgent in each data-center can only be able to connect to the local active gate, it takes a long time to loop all 20 environment active gates to find the only one active gate that it can connect to, the local one. This has made the application startup really slow.
Do you have any suggestion to speed up the startup?
The official recommendation is to set up firewall rules in your monitored hosts so that they can only communicate to their appropriate ActiveGate. With the rules the agents would not even try to connect to the AGs outside of their data-center.
Let me know if it makes sense.
1. there are thousands of monitored hosts in my environment, so it's not easy to maintain the firewall rules and it's not good for AG extent later on.
2. i doubt that even with the firewall rules set on the monitored hosts, the oneagent still try to connect to the AGs outside of its data-center as the connection is trigger by the oneagent and oneagent won't know that there is a firewall set to stop it from connecting to the AGs outside the DC.
Hi James. Unfortunately we still do not have location awareness for Active Gates. I believe it is in the roadmap but I cannot provide more info, as I am not a Product Manager.
Please share your feedback in the Product Ideas Forum so that we keep your usecase into account when developing future features.