RMI app behind NAT firewall
2 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Tobias_Weih
Posted On:   Wednesday, January 25, 2006 03:04 PM

I have a problem getting my RMI application to work. Having a RMI Server app running in a VMWare that forwards port 1099 in a NAT enviroment. Physical machines IP on the outside = 9.154.38.47 Physical machines IP in local area = 192.168.0.1 Virtual machines IP = 192.168.0.100 I start a rmiregistry on my virtual machine and since port 1099 is NAT-forwarded I can connect to the registry from the outside using telnet 9.154.38.47:1099. I startup my serverside rmi-app on the virtual machine -Djava.rmi.server.hostname=$HOST and in my app I do the following binding: System.getProperties().put("java.rmi.server.hostname", HOST); Registry reg = LocateRe   More>>

I have a problem getting my RMI application to work. Having a RMI Server app running in a VMWare that forwards port 1099 in a NAT enviroment.
Physical machines IP on the outside = 9.154.38.47
Physical machines IP in local area = 192.168.0.1
Virtual machines IP = 192.168.0.100

I start a rmiregistry on my virtual machine and since port 1099 is NAT-forwarded I can connect to the registry from the outside using telnet 9.154.38.47:1099.

I startup my serverside rmi-app on the virtual machine

			
-Djava.rmi.server.hostname=$HOST


and in my app I do the following binding:
			
System.getProperties().put("java.rmi.server.hostname", HOST);
Registry reg = LocateRegistry.createRegistry Registry.REGISTRY_PORT);
Naming.rebind("//"+ HOST + ":1099/" + CommandBroker.NAME, this);


This work fine with HOST=127.0.0.1 or HOST=192.168.0.100 but when setting HOST=9.154.38.47 (the public IP address), startup fails with:
			
java.rmi.AccessException: Registry.Registry.rebind disallowed; origin /9.154.38.47 is non-local host


When server is running with HOST=127.0.0.1 or HOST=192.168.0.100 (like I said using HOST=9.154.38.47 doesn't work at all, the server is not allowed to bind) the binding from the outside using my client-app works (bind to 9.154.38.47 the public IP) , but however when trying to actually use the remote object the client throws the following exception:
Using HOST=127.0.0.1 on serverside
			
Operation timed out: connect:could be due to invalid address

or when server HOST=192.168.0.1
			
java.net.ConnectException: Connection refused: connect
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:585)


I assume using the public IP on serverside by setting HOST= to 9.154.38.47 is the right way, but as stated above binding to the rmiregistry is not allowed! What am I missing?

Thanks alot, your help is very much appreciated.
Cheers,
Tobi    <<Less

Re: RMI app behind NAT firewall

Posted By:   Tobias_Weih  
Posted On:   Monday, January 30, 2006 06:58 AM

my problem is solved, finally. There are a couple of things that caused my troubles:
First of all, binding to localhost is correct, since the host-address is only used
to contact the registry for the rebind operation. When using the public IP to bind
it fails because the connection to 9.154.38.47 is being routed out to the NAT and
back in again, so its origin appears non-local. And as a rule binding to a non l
ocalhost is forbidden.
As far as an external client being able to use the bound stub, the important setting
is the java.rmi.server.hostname system property, which controls the host name or
address that gets put into the stubs for remote objects exported in this VM. Thus
it has to be 9.154.38.47 in my case.
Another very interessting thing is the need to explicitly define the port the
Remote Object uses. Therefor I call super(1099) instead of just super().
See http://archives.java.sun.com/cgi-bi...mi-users&P=3663 for details. Many thanks to Peter Jones!

tobi

Re: RMI app behind NAT firewall

Posted By:   ankush_purwar  
Posted On:   Wednesday, January 25, 2006 09:18 PM

Are you able to access that machine 9.154.38.47 using different protocol like FTP etc ?
About | Sitemap | Contact