Duplex Network Connector and Firewalls

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Duplex Network Connector and Firewalls

Eric-AWL
Hi

We developped a quite basic multicast gateway to be able to build networks of brokers beyond local networks limits.

I would want to use duplex network connectors to be able to contact a distant network of broker and be able to receive an answer. I don't want to implement a local multicast network of brokers and ask the contacted brokers to use a network connector on their side because I would want that to be dynamic.

'It's an "unmarked" client that dynamically contact a group of brokers and want to receive answers back'

I don't know how the back connection is created in duplex mode, and if a TCP port is used and I wonder how that could work if there are firewalls between the two sides of the duplex network connector.

If that can't work, is it possible to fix a TCP port and reference it into the duplex configuration to indicate the remote broker the TCP connection to use to send its answers back ?

Regards
Eric-AWL
Reply | Threaded
Open this post in threaded view
|

Re: Duplex Network Connector and Firewalls

rajdavies

On 6 Aug 2009, at 09:23, Eric-AWL wrote:

>
> Hi
>
> We developped a quite basic multicast gateway to be able to build  
> networks
> of brokers beyond local networks limits.
>
> I would want to use duplex network connectors to be able to contact a
> distant network of broker and be able to receive an answer. I don't  
> want to
> implement a local multicast network of brokers and ask the contacted  
> brokers
> to use a network connector on their side because I would want that  
> to be
> dynamic.
>
> 'It's an "unmarked" client that dynamically contact a group of  
> brokers and
> want to receive answers back'
>
> I don't know how the back connection is created in duplex mode, and  
> if a TCP
> port is used and I wonder how that could work if there are firewalls  
> between
> the two sides of the duplex network connector.
>
> If that can't work, is it possible to fix a TCP port and reference  
> it into
> the duplex configuration to indicate the remote broker the TCP  
> connection to
> use to send its answers back ?
>
> Regards
> Eric-AWL
> --
> View this message in context: http://www.nabble.com/Duplex-Network-Connector-and-Firewalls-tp24840835p24840835.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>


When duplex is enabled - the single connection is used by the local  
and remote broker. So to get through firewalls - only the brokers  
outside the firewall should create the network connection - and mark  
it as duplex

cheers,

Rob
Rob Davies
I work here: http://fusesource.com
My Blog: http://rajdavies.blogspot.com/
I'm writing this: http://www.manning.com/snyder/




Reply | Threaded
Open this post in threaded view
|

Re: Duplex Network Connector and Firewalls

Eric-AWL
Ok. It's good news.

If I correctly understood, with a duplex network connector, the same network connection (TCP for me) is used to send and receive all messages, synchronously and asynchronously on the two sides of the connection. And there is no need of a "return" route to configure through the firewall.

Thank you for your quick answer.

Eric-AWL

rajdavies wrote

When duplex is enabled - the single connection is used by the local  
and remote broker. So to get through firewalls - only the brokers  
outside the firewall should create the network connection - and mark  
it as duplex

cheers,

Rob
Rob Davies
I work here: http://fusesource.com
My Blog: http://rajdavies.blogspot.com/
I'm writing this: http://www.manning.com/snyder/



Reply | Threaded
Open this post in threaded view
|

Re: Duplex Network Connector and Firewalls

rajdavies
correct!
On 6 Aug 2009, at 12:19, Eric-AWL wrote:

>
> Ok. It's good news.
>
> If I correctly understood, with a duplex network connector, the same  
> network
> connection (TCP for me) is used to send and receive all messages,
> synchronously and asynchronously on the two sides of the connection.  
> And
> there is no need of a "return" route to configure through the  
> firewall.
>
> Thank you for your quick answer.
>
> Eric-AWL
>
>
> rajdavies wrote:
>>
>>
>>
>> When duplex is enabled - the single connection is used by the local
>> and remote broker. So to get through firewalls - only the brokers
>> outside the firewall should create the network connection - and mark
>> it as duplex
>>
>> cheers,
>>
>> Rob
>> Rob Davies
>> I work here: http://fusesource.com
>> My Blog: http://rajdavies.blogspot.com/
>> I'm writing this: http://www.manning.com/snyder/
>>
>>
>>
>>
>>
>>
>
> --
> View this message in context: http://www.nabble.com/Duplex-Network-Connector-and-Firewalls-tp24840835p24844590.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>

Rob Davies
I work here: http://fusesource.com
My Blog: http://rajdavies.blogspot.com/
I'm writing this: http://www.manning.com/snyder/