ContextQMD
Back to Mongo

Priority port support

docs/priority_port.md

3.6.17-windows-splunk-v33.6 KB
Original Source

Priority port support

mongod and mongos support a dedicated priority port intended for internal, high-priority operations such as automation monitoring, MongoTune, and critical intra-cluster replication traffic.

With a priority port configured:

  • The database listens on a second TCP port in addition to the main port.
  • Connections accepted on the priority port are exempt from connection limits, connection establishment rate limiting, and ingress request rate limiting.
  • gRPC is not supported.

The feature is disabled by default.

Configuring mongod and mongos

You can configure the priority port via command line or config file:

Command line:

sh
mongod --port <mainPort> --priorityPort <priorityPort> ...
mongos --port <mainPort> --priorityPort <priorityPort> ...

YAML config file:

yaml
net:
  port: <mainPort>
  bindIp: localhost,<hostnames-or-ip-addresses>
  priorityPort: <priorityPort>

When the transport layer starts:

  • A separate listener thread is created for the priority port in the ASIO transport layer.
  • Sessions created from the priority port are tagged so downstream code can distinguish them from main-port sessions (similar to the load balancer port implementation).

Behavior of priority port connections

Priority-port connections differ from normal connections in several ways.

Connection limits

When a new connection is accepted:

  • Connections from the priority port are treated as limit-exempt in the session manager, reusing the existing exemption machinery used for CIDR-based exemptions.
  • These connections can continue to be created even when the normal connection limit is reached.

Metrics:

  • serverStatus.connections.priority counts current connections on the priority port only.
  • These connections are also included in connections.limitExempt (along with CIDR-based exemptions).

Rate limiters

Two ingress-side rate limiters recognize priority-port exemptions:

Logging and profiling

For observability and debugging, the server records whether an operation came through the priority port:

  • CurOp / currentOp output includes a flag indicating the connection is from the priority port.
  • Slow query log and profiler entries include whether the operation was executed via a priority-port connection.
  • Client summary reports also distinguish clients on the main vs priority port.

Connecting clients to the priority port

Replica set connections

To connect to a replica set via the priority port, a user must:

  • Use a connection string that points directly at a specific host and priority port.
  • Set directConnection=true to disable SDAM and prevent the driver from using hello-based host discovery, which currently does not advertise the priority port.

Example:

text
mongodb://hostA:27018/?directConnection=true

Sharded cluster connections via mongos

For mongos:

  • You may connect directly to the mongos priority port.
  • directConnection=true is not required for mongos connections, since SDAM is not used in the same way.

Important limitation:

  • Priority does not automatically propagate:
    • If a client connects to a mongos via the priority port and mongos forwards a command to shards, those shard-side connections still use the main ports and do not inherit priority-port behavior in the current implementation.