Consul gossip between clients


i am using a consul cluster with 3 consul servers and 25 consul clients.

In my current configuration, every client communicates with every client over gossip. So i must allow the gossip port from every client to every client, which is not the best for security reasons.

It is possible to configure, that the clients only talks to the consul servers??

Best regards,

Hello Thomas,

thanks for reaching out. Consul’s gossip is using and one of its important features is that it is decentralized. Even when your network is experiencing issues, serf is able to spread information across the whole cluster.
Having said that, it is not possible to restrict gossip communication only to servers.


Hi @i0rek,

thanks for the response!

But why there are consul agents and consul servers, when consul decentralized?
Decentralized means, there is no central server?
If i stop the consul servers, the consul backend is not longer available?

Best regards,

Thats right. Consul uses Serf to get manage about cluster membership. This part is decentralized and doesn’t rely on servers.
Consul provides other features as well like service discovery, kv store, and ultimately a service mesh and this information is stored centrally on the Consul servers.

Hope that makes sense. Thanks,

Ok, all right.

Thanks for response :slight_smile: !