RMI app behind NAT firewall


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 3 of 3

Thread: RMI app behind NAT firewall

  1. #1
    Join Date
    Jan 2006
    Posts
    2

    RMI app behind NAT firewall

    I have a problem getting my RMI application to work. Having a RMI Server app running in a VMWare that forwards port 1099 in a NAT enviroment.
    Physical machines IP on the outside = 9.154.38.47
    Physical machines IP in local area = 192.168.0.1
    Virtual machines IP = 192.168.0.100

    I start a rmiregistry on my virtual machine and since port 1099 is NAT-forwarded I can connect to the registry from the outside using telnet 9.154.38.47:1099.

    I startup my serverside rmi-app on the virtual machine
    Code:
    -Djava.rmi.server.hostname=$HOST
    and in my app I do the following binding:
    Code:
    System.getProperties().put("java.rmi.server.hostname", HOST);
    Registry reg = LocateRegistry.createRegistry Registry.REGISTRY_PORT);
    Naming.rebind("//"+ HOST + ":1099/" + CommandBroker.NAME, this);
    This work fine with HOST=127.0.0.1 or HOST=192.168.0.100 but when setting HOST=9.154.38.47 (the public IP address), startup fails with:
    Code:
    java.rmi.AccessException: Registry.Registry.rebind disallowed; origin /9.154.38.47 is non-local host
    When server is running with HOST=127.0.0.1 or HOST=192.168.0.100 (like I said using HOST=9.154.38.47 doesn't work at all, the server is not allowed to bind) the binding from the outside using my client-app works (bind to 9.154.38.47 the public IP) , but however when trying to actually use the remote object the client throws the following exception:
    Using HOST=127.0.0.1 on serverside
    Code:
    Operation timed out: connect:could be due to invalid address
    or when server HOST=192.168.0.1
    Code:
    java.net.ConnectException: Connection refused: connect
    	at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:585)
    I assume using the public IP on serverside by setting HOST= to 9.154.38.47 is the right way, but as stated above binding to the rmiregistry is not allowed! What am I missing?

    Thanks alot, your help is very much appreciated.
    Cheers,
    Tobi

  2. #2
    Join Date
    Jan 2006
    Posts
    2
    my problem is solved, finally. There are a couple of things that caused my troubles:
    First of all, binding to localhost is correct, since the host-address is only used
    to contact the registry for the rebind operation. When using the public IP to bind
    it fails because the connection to 9.154.38.47 is being routed out to the NAT and
    back in again, so its origin appears non-local. And as a rule binding to a non l
    ocalhost is forbidden.
    As far as an external client being able to use the bound stub, the important setting
    is the java.rmi.server.hostname system property, which controls the host name or
    address that gets put into the stubs for remote objects exported in this VM. Thus
    it has to be 9.154.38.47 in my case.
    Another very interessting thing is the need to explicitly define the port the
    Remote Object uses. Therefor I call super(1099) instead of just super().
    See http://archives.java.sun.com/cgi-bin...i-users&P=3663 for details. Many thanks to Peter Jones!

    tobi

  3. #3
    Join Date
    Mar 2006
    Posts
    1

    RMI app behind NAT

    Hi,

    I'm also having problem with RMI app behind NAT as well. Could you please
    help me to identify problem and to solve it?

    The scenario is as follow:

    - My RMI server is running on Linux machine which is running as guest on VMWare
    with Windows XP is host OS.
    - On XP, physical IP address: 129.94.174.21 (host IP), virtual IP address: 192.168.170.1
    - On Linux, virtual IP address: 192.168.170.128 (guest IP).
    - On Linux, the RMI server is created as follow:

    if (System.getSecurityManager() == null) {
    System.setSecurityManager(new RMISecurityManager());
    }
    try {
    String host = 129.94.174.21;
    int port = 1099;
    java.rmi.registry.Registry reg =
    java.rmi.registry.LocateRegistry.createRegistry(port);
    HelloImpl obj = new HelloImpl(port);
    // Bind this object instance to the name "HelloServer"
    Naming.rebind("//" + host + ":" + port + "/HelloServer", obj);

    - And the server is running with option -Djava.rmi.server.hostname=129.94.174.21.
    - RMI client is on another physical machine and is looking up and invoking on
    host IP 129.94.174.21. And I got "Connection refused to host", as stack trace
    shown below.

    - If I run RMI client on host machine, connection is fine. I've also verified
    that the host machine is accepting incoming calls by running RMI server on
    host machine, and RMI client from the same machine that I run RMI client earlier.
    The connection is OK as well.

    Am I missing something here?

    Thank you very much in advance.
    Regards,
    Van

    =======================================

    -bash-3.1$ ./runclient-desk.sh
    reg 0 HelloServer
    HelloServer found: true
    HelloApplet exception: Connection refused to host: 192.168.170.128; nested
    exception is:
    java.net.ConnectException: Connection timed out
    java.rmi.ConnectException: Connection refused to host: 192.168.170.128; nested
    exception is:
    java.net.ConnectException: Connection timed out
    at sun.rmi.transport.tcp.TCPEndpoint.newSocket(Unknown Source)
    at sun.rmi.transport.tcp.TCPChannel.createConnection(Unknown Source)
    at sun.rmi.transport.tcp.TCPChannel.newConnection(Unknown Source)
    at sun.rmi.server.UnicastRef.invoke(Unknown Source)
    at examples.hello.HelloImpl_Stub.sayHello(Unknown Source)
    at examples.hello.HelloApp.init(HelloApp.java:85)
    at examples.hello.HelloApp.<init>(HelloApp.java:67)
    at examples.hello.HelloApp.main(HelloApp.java:113)
    Caused by: java.net.ConnectException: Connection timed out
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(Unknown Source)
    at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
    at java.net.PlainSocketImpl.connect(Unknown Source)
    at java.net.Socket.connect(Unknown Source)
    at java.net.Socket.connect(Unknown Source)
    at java.net.Socket.<init>(Unknown Source)
    at java.net.Socket.<init>(Unknown Source)
    at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(Unknown
    Source)
    at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(Unknown
    Source)

Similar Threads

  1. RMI and Linux Firewall (IPCHAINS)
    By Diego in forum Java
    Replies: 0
    Last Post: 07-19-2001, 03:35 PM
  2. An open invitation
    By Chris P. in forum Java
    Replies: 0
    Last Post: 12-04-2000, 08:55 PM
  3. An open invitation
    By Chris P. in forum Java
    Replies: 0
    Last Post: 12-04-2000, 08:52 PM
  4. How to make App B modal in App A?
    By Måns in forum VB Classic
    Replies: 2
    Last Post: 11-11-2000, 06:17 PM
  5. How to make App B modal in App A?
    By Måns in forum VB Classic
    Replies: 0
    Last Post: 11-08-2000, 08:28 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center