RMI app behind NAT firewall

Discussion in 'Java' started by tobias.weih, Jan 25, 2006.

  1. tobias.weih

    tobias.weih Guest

    I have a problem getting my RMI application to work. Having a RMI
    Server app running in a VMWare that forwards port 1099 in a NAT
    enviroment.
    Physical machines IP on the outside = 9.154.38.47
    Physical machines IP in local area = 192.168.0.1
    Virtual machines IP = 192.168.0.100

    I start a rmiregistry on my virtual machine and since port 1099 is
    NAT-forwarded I can connect to the registry from the outside using
    telnet 9.154.38.47:1099.

    I startup my serverside rmi-app on the virtual machine
    -Djava.rmi.server.hostname=$HOST


    and in my app I do the following binding:
    System.getProperties().put("java.rmi.server.hostname", HOST);
    Registry reg = LocateRegistry.createRegistry Registry.REGISTRY_PORT);
    Naming.rebind("//"+ HOST + ":1099/" + CommandBroker.NAME, this);


    This work fine with HOST=127.0.0.1 or HOST=192.168.0.100 but when
    setting HOST=9.154.38.47 (the public IP address), startup fails with:

    java.rmi.AccessException: Registry.Registry.rebind disallowed; origin
    /9.154.38.47 is non-local host

    When server is running with HOST=127.0.0.1 or HOST=192.168.0.100 (like
    I said using HOST=9.154.38.47 doesn't work at all, the server is not
    allowed to bind) the binding from the outside using my client-app works
    (bind to 9.154.38.47 the public IP) , but however when trying to
    actually use the remote object the client throws the following
    exception:
    Using HOST=127.0.0.1 on serverside

    Operation timed out: connect:could be due to invalid address

    or when server HOST=192.168.0.1

    java.net.ConnectException: Connection refused: connect
    at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:585)


    I assume using the public IP on serverside by setting HOST= to
    9.154.38.47 is the right way, but as stated above binding to the
    rmiregistry is not allowed! What am I missing?

    Thanks alot, your help is very much appreciated.
    Cheers,
    Tobi
     
    tobias.weih, Jan 25, 2006
    #1
    1. Advertising

  2. tobias.weih

    tobias.weih Guest

    my problem is solved, finally. There are a couple of things that caused
    my troubles:
    First of all, binding to localhost is correct, since the host-address
    is only used
    to contact the registry for the rebind operation. When using the public
    IP to bind
    it fails because the connection to 9.154.38.47 is being routed out to
    the NAT and
    back in again, so its origin appears non-local. And as a rule binding
    to a non l
    ocalhost is forbidden.
    As far as an external client being able to use the bound stub, the
    important setting
    is the java.rmi.server.hostname system property, which controls the
    host name or
    address that gets put into the stubs for remote objects exported in
    this VM. Thus
    it has to be 9.154.38.47 in my case.
    Another very interessting thing is the need to explicitly define the
    port the
    Remote Object uses. Therefor I call super(1099) instead of just
    super().
    See
    http://archives.java.sun.com/cgi-bin/wa?A2=ind0302&L=rmi-users&P=3663
    for details.

    tobi
     
    tobias.weih, Jan 30, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jo Voordeckers
    Replies:
    2
    Views:
    877
  2. Robert Dodier
    Replies:
    6
    Views:
    2,372
    Matthias Kraft
    Sep 14, 2004
  3. Janto Dreijer

    UDP packets to PC behind NAT

    Janto Dreijer, Sep 15, 2006, in forum: Python
    Replies:
    12
    Views:
    890
    John J. Lee
    Sep 17, 2006
  4. polaris

    rmi application thru NAT

    polaris, Oct 29, 2006, in forum: Java
    Replies:
    1
    Views:
    599
    Tom Forsmo
    Oct 31, 2006
  5. Kumarforg

    Web Service invocation from behind proxy behind firewall

    Kumarforg, Aug 3, 2004, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    196
    Kumarforg
    Aug 3, 2004
Loading...

Share This Page