1 2 Previous Next 18 Replies Latest reply on Apr 24, 2013 3:25 PM by Will Tatam

    NAT configuration on JBoss AS7

    Saravanan Muthusamy Newbie

      Hi,

       

      I've googled but could not find a wiki/blog for configuring NAT on AS7. Can any one share the details?.

       

      Thanks a lot.

        • 1. Re: NAT configuration on JBoss AS7
          Stephen Coy Master

          NAT, as in network address translation?

           

          Do you mean virtual hosts?

          • 2. Re: NAT configuration on JBoss AS7
            Saravanan Muthusamy Newbie

            Yes, Server behind NAT(Network Address Translation).

            • 3. Re: NAT configuration on JBoss AS7
              Stephen Coy Master

              This is operating system level functionality and has little to do with your application server.

               

              Are you trying to expose an application server that is hosted on an internal network to the outside world? What operating system are you using?

              • 4. Re: NAT configuration on JBoss AS7
                Saravanan Muthusamy Newbie

                Indeed NAT is at Network layer. I want to configure JBoss AS7 to be able to connect from external world.

                 

                Like the one we do in AS5.

                 

                https://community.jboss.org/message/744506

                • 6. Re: NAT configuration on JBoss AS7
                  Saravanan Muthusamy Newbie

                  No, I need for JMS(I hope it uses Remoting) and RMI communications.

                  • 7. Re: NAT configuration on JBoss AS7
                    Stephen Coy Master

                    You will need some kind of port forwarding solution for this. It's outside of JBoss scope.

                     

                    If you already have this working for AS5, then a similar solution will work with AS7.

                    • 8. Re: NAT configuration on JBoss AS7
                      Saravanan Muthusamy Newbie

                      Thanks Stephen, I just started the migration, let me try and get back to you.

                      • 9. Re: NAT configuration on JBoss AS7
                        Will Tatam Newbie

                        How did you get on? Our application needs remote EJB clients and remote JMS. Poor support for JBoss behind NAT caused us real issues trying to use AS 5.1 on EC2

                        • 10. Re: NAT configuration on JBoss AS7
                          Stephen Coy Master

                          Why is this a JBoss problem and not a network infrastructure problem?

                           

                          What do you think can be done in JBoss that will make this easier?

                          • 11. Re: NAT configuration on JBoss AS7
                            Tomaz Cerar Master

                            Will hi,

                             

                            what exactly is your problem with AS7 in relation to NAT configuration?

                             

                            In all versions before 7 configuration NAT/Firewall was pain as there ware so many ports so many different configuration files etc...

                            Now you have a section of configuration interfaces & especialy socket-binding-group where you have all socket bindings defined in single place.

                            We reduced number of ports needed to run AS and we are working to further reduce this to better work in cloud enviroments where having many ports can be an issue.

                             

                            example of default configuration:

                             

                            <interfaces>

                                    <interface name="management">

                                        <inet-address value="127.0.0.1"/>

                                    </interface>

                                    <interface name="public">

                                        <inet-address value="${jboss.bind.address:127.0.0.1}"/>

                                    </interface>

                                    <!-- TODO - only show this if the jacorb subsystem is added  -->

                                    <interface name="unsecure">

                                        <!--

                                          ~  Used for IIOP sockets in the standard configuration.

                                          ~                  To secure JacORB you need to setup SSL

                                          -->

                                        <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>

                                    </interface>

                                </interfaces>

                                <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

                                    <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>

                                    <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>

                                    <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>

                                    <socket-binding name="ajp" port="8009"/>

                                    <socket-binding name="http" port="8080"/>

                                    <socket-binding name="https" port="8443"/>

                                    <socket-binding name="remoting" port="4447"/>

                                    <socket-binding name="txn-recovery-environment" port="4712"/>

                                    <socket-binding name="txn-status-manager" port="4713"/>

                                    <outbound-socket-binding name="mail-smtp">

                                        <remote-destination host="127.0.0.1" port="25"/>

                                    </outbound-socket-binding>

                                </socket-binding-group>

                            From my point of view if you look at this configuration, you can easily see what ports you should or should not NAT to. it cannot be much easier

                             

                            --

                            tomaz

                            • 12. Re: NAT configuration on JBoss AS7
                              Will Tatam Newbie

                              The key bit about nat is what ip/address jboss actually binds to vs what ip/address should be used for remote items to connect.

                               

                              For example, in the past when trying to call a remote EJB over RMI, you would need to say use -b 192.168.1.123 -Djava.rmi.server.hostname=1.2.3.4 -Djava.rmi.server.useLocalHostname=false as otherwise the rmi proxy stub obtained over jndi would set the ip for the proxy to connect to 192.168.1.123 (or the machine's hostname, e.g myserver.local). For JMS there were similar issues requirig manual configuration of the transport

                              • 13. Re: NAT configuration on JBoss AS7
                                jaikiran pai Master

                                Will Tatam wrote:

                                 

                                The key bit about nat is what ip/address jboss actually binds to vs what ip/address should be used for remote items to connect.

                                 

                                For example, in the past when trying to call a remote EJB over RMI, you would need to say use -b 192.168.1.123 -Djava.rmi.server.hostname=1.2.3.4 -Djava.rmi.server.useLocalHostname=false as otherwise the rmi proxy stub obtained over jndi would set the ip for the proxy to connect to 192.168.1.123

                                We have specifically designed to improve this in AS7 EJB clients. Actually, that requires a bit of documentation since it deserves more than a couple of sentences of explanation. I'll try and get that up soon.

                                • 14. Re: NAT configuration on JBoss AS7
                                  aquee Newbie

                                  I am looking for a same kind of configurations or work arounds for remote look up to a Jboss behind the NAT.

                                  1 2 Previous Next