5 Replies Latest reply on Mar 16, 2006 6:54 PM by Adam Wynne

    Can a remote client call a bean on a private network?

    Adam Wynne Newbie

      My cluster is on a private network. The "head" node has 2 network interfaces, one of them is public. I want to access the cluster remotely via the public network interface.

      I have a remote jboss client and bean which are very simple. The client does an initialcontext lookup then calls a session bean which just does a println. The bean is deployed to the head node. This works fine if the client runs on another machine in the private network of the cluster. But if I run the client remotely, it times out with error:

      --------------

      [java] Exception in thread "main" javax.naming.CommunicationException [Root
      exception is java.rmi.ConnectException: Connection refused to host: 192.168.10.
      1; nested exception is:
      [java] java.net.ConnectException: Connection timed out: connect]
      [java] at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:70
      7)

      --------------

      The machines are running Windows 2003 and there is no firewall running. I have tried setting up port forwarding on the head node, where I forward the naming ports (1099 and 1100) and rmi port (1098) on the public interface to the private interface. I am confident that I am doing the port forwarding correctly b/c it works with other services, ie http on port 8080.

      Are there other ports that I should be forwarding? Is what I want to do possible?

      Any help is appreciated.

        • 1. Re: Can a remote client call a bean on a private network?
          Adam Wynne Newbie

          I tried port forwarding again on the head node from the external to internal NIC for all the ports listed in one of the firewall docs:
          http://docs.jboss.org/jbossas/jboss4guide/r4/html/ch8.chapter.html#d0e21126

          But, still no luck. However, now the client is hanging during the ctx.lookup(...) call. Running netstat -n on the server shows that I am connected to port 1099 on the internal interface (in state FIN_WAIT_1). Any ideas?

          • 2. Re: Can a remote client call a bean on a private network?
            Joan Horta  Tosas Novice

            In your first post it syas on the error log that you're trying to connect to 192.168.10.1, but that's the private IP, so you cannot access it from the public side of the net. You have to change it for the public IP of the "head" node.

            • 3. Re: Can a remote client call a bean on a private network?
              Adam Wynne Newbie

              Hi,

              Thanks for your response :)

              Actually, I am attempting to connect to the public interface(by using jnp://public.address.of.headnode in my jndi.properties). However, the initial error message I posted references the private address because that is the interface jboss is deployed to. I now believe that error was coming from the client machine, who was refusing to accept the response from the internal interface of the head node.

              I have since gotten one step further by following the steps in the wiki firewall article (although mine isn't exactly a firewall issue): http://wiki.jboss.org/wiki/Wiki.jsp?page=UsingJBossBehindAFirewall.

              Specifically, I followed the steps in that wiki which say to add the following to my run.bat script:

              -Djava.rmi.server.hostname=<external_host_name>
              -Djava.rmi.server.useLocalHostname=false


              This allows me to to a jnp lookup from the client and to receive the EJB stub from the server. However, now my problem is that the subsequent call to the EJB method fails due to a failed connection to a socke. This is the stack trace I get when the client fails:

              [java] Exception in thread "main" java.lang.RuntimeException: cluster invoc
              ation failed, last exception was:
               [java] at org.jboss.aspects.remoting.ClusterChooserInterceptor.invoke(C
              lusterChooserInterceptor.java:129)
               [java] at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInv
              ocation.java:98)
               [java] at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(Cl
              ientTxPropagationInterceptor.java:61)
               [java] at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInv
              ocation.java:98)
               [java] at org.jboss.aspects.security.SecurityClientInterceptor.invoke(S
              ecurityClientInterceptor.java:55)
               [java] at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInv
              ocation.java:98)
               [java] at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInte
              rceptor.java:65)
               [java] at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInv
              ocation.java:98)
               [java] at org.jboss.ejb3.stateless.StatelessClusteredProxy.invoke(State
              lessClusteredProxy.java:100)
               [java] at $Proxy0.test(Unknown Source)
               [java] at clustering.client.StatelessRun.main(StatelessRun.java:20)
               [java] Caused by: org.jboss.remoting.CannotConnectException: Can not get co nnection to server. Problem establishing socket connection.
              


              I have read elsewhere that RMI will use a random port (besides the ones configured in server/all/conf/jboss-service.xml). Is this the case? How can I cause that port to be fixed or to learn which port this is at runtime?

              In another forum message (http://www.jboss.com/index.html?module=bb&op=viewtopic&t=78833), it was suggested to implement my own RMISocketFactory. Is this what I need to do?

              • 4. Re: Can a remote client call a bean on a private network?
                Adam Wynne Newbie

                Here is another recent thread with someone having the same problem. I am running the same version of JBOSS and EJB3RC5. There must be a solution for this.

                http://www.jboss.com/index.html?module=bb&op=viewtopic&t=79325&start=0

                • 5. Re: Can a remote client call a bean on a private network?
                  Adam Wynne Newbie

                  FIXED!

                  The solution is to use the following annotation in your bean:

                  @RemoteBinding(clientBindUrl="socket://public.host.address:3873")


                  The port 3873 is defined in the file server/all/deploy/ejb3.deployer/META-INF/jboss-service.xml:

                  <server>
                  
                   <mbean code="org.jboss.remoting.transport.Connector"
                   xmbean-dd="org/jboss/remoting/transport/Connector.xml"
                   name="jboss.remoting:type=Connector,name=DefaultEjb3Connector,handler=
                  ejb3">
                   <depends>jboss.aop:service=AspectDeployer</depends>
                   <!-- attribute name="InvokerLocator">socket://0.0.0.0:3873</attribute -->
                   <attribute name="InvokerLocator">socket://0.0.0.0:3873</attribute>
                   <attribute name="Configuration">
                   <handlers>
                   <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvoc
                  ationHandler</handler>
                   </handlers>
                   </attribute>
                   </mbean>
                  ...
                  


                  The following is the best thread I found on this topic is here: http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3877360. However, in contrast to that thread, I found that I did not need to explicitly state the external ip address in the above file. The default setting of 0.0.0.0:3873 works, which is good.