Necessary Firewall rules (Hosts and Ports) to reach Serverless MongoDB

Cristopher_Rosales · June 10, 2022, 4:19pm

Let’s say I have a machine inside my private network, behind a Firewall with all traffic to the Internet Restricted.
What Hosts/Ports do I need to allow so an App can connect to my MongoDB Serverless Instance?

Currently I have an Instance in “AWS / us-east-1” and I can’t reach it from a server inside our Network, I’m being asked to provide Host & Port to whitelist. Initially I took the name from the connection string.

Example: “mongodb+srv://dev:1234678@mydb.iuytw.mongodb.net/my-awesome-db?retryWrites=true&w=majority”

I asked the guys from Networking to whitelist:
Host: mydb.iuytw.mongodb.net
Ports: 27015, 27016, 27017

However it didn’t work. I’ve read that for clusters you need the lists of clusters but for Serverless I don’t think it’s the same. As I said, all I know is that the region is "“AWS / us-east-1”. Thanks in advance.

Jason_Tran · June 20, 2022, 8:07am

Hi @Cristopher_Rosales - Welcome to the community!

In a typical server environment where the topology / architecture is more static / predictable, the adding of hosts or servers to a whitelist will generally work for your use case stated. However, serverless doesn’t currently provide the capability for you to “whitelist” a server / host. This is because in a serverless environment, the situation is a lot more dynamic, where resources are constantly added and removed according to your needs. Thus, the same method that works in a server environment won’t necessarily work the same way (or at all) in a serverless environment.

Having said that, if it suits your use case, please consider setting up a private endpoint for connectivity to serverless instances:

Hope this helps.

Regards,
Jason