--- Begin Message ---
>louafi wrote:
>
>>HI,
>>
>>I want to use XmlBlaster via SSH channel but i 've some problems :(
>>
>>My configuration is the folowing one :
>>
>>1) I create SSH channels
>>
>>On the client :
>>ssh -L 6040:server:3412 server
>>ssh -L 6043:server:6043 server #for the CallBack server connection
>>
>>On the server :
>>ssh -L 6044:client:6044 client #for the CallBack client connection
>>
>>2) I launch XmlBlaster server :
>>
>>java -DOAIAddr=localhost -DOAPort=6043 -port 3412
>>
>>3) I launch XmlBlaster client :
>>
>>/java -DOAIAddr=localhost -DOAPort=6044 javaclients.ClientSub
-hostname
>>127.0.0.1 -port 6040
>>
>Hi Sebastien,
>
>thanks for sharing your smart configuration with us.
>
>I can see that the localhost fails on local nets.
>I can imaginge those scenarios:
>
>1. Use ssh on local net as well
>
>2. If you have control on the internet clients:
> Change 'localhost' to a specific IP (e.g. 192.168.24.26),
> and add this IP to the internet clients ethernet setup
(multihoming),
> e.g. on Linux
> ifconfig eth0:1 192.168.24.26
>
Hi Marcel,
My final configuration is the following one :
serverIP is a private IP address.
clientIP is a public IP address
I made an alias on the loopback on the client.
Ifconfig lo0:0 serverIP
So, when the server says my callback address is serverIP on port 6043,
the client uses the channel on port 6043 created with tcp_forward and
then use the SSH channel (3) on port 6042 to access server on port 6043.
The SSH channel (1) allows client callback on port 6044.
The SSH channel (2) allows client to access XmlBlaster on port 3412.
On the client :
tcp_forward -f 6043 -t 127.0.0.1:6042
I use tcp_forward because SSH -R can't be use with -g option. -g option
has no effect, the process stills listen on 127.0.0.1 otherwise I need
it listens on 0.0.0.0 to have an access it with the clientIP address. I
can't create SSH tunnel from client because serverIP is private and I
don't want to translate the SSH port.
On the server :
1) SSH -L 6044:clientIP:6044 clientIP
2) SSH -R 6040:127.0.0.1:3412 clientIP
3) SSH -R 6042:clientIP:6043 clientIP
I launch server :
java -DOAIAddr= -DOAPort=6043 -port 3412
I launch client :
java -DOAIAddr=localhost -DOAPort=6044 javaclients.ClientSub -hostname
127.0.0.1 -port 6040
I downloaded tcp_forward from :
http://marginalhacks.com/Hacks/tcp_forward/
This configuration works fine.
Regards,
Seb
>3. Use the SOCKET protocol over internet
> With this setup (-client.protocol SOCKET on java)
> the same socket is used for callbacks.
> This way you don't need to specify any local callback host/port.
> On client:
>
> ssh -L 7607:server:7607 server
>
> On server:
>
> <nothing>
>
>
> Activate SOCKET in xmlBlaster.properties and start xmlBlaster
>
> java org.xmlBlaster.Main
>
> Start the client
>
> java HelloWorld3 -client.protocol SOCKET -socket.hostname localhost
>-socket.port 7607
>
> Now the CORBA driver is not touched and reachable in the local net
> and the client HelloWorld3 is tunneled secure with SSH
>
> The possible SOCKET parameters are:
>---------------------------------------------
>SocketDriver options:
> -socket.port The SOCKET server port [7607].
> -socket.hostname Specify a hostname where the SOCKET server runs.
> Default is the localhost.
> -socket.SoTimeout How long may a socket invocation block [60000]
msec.
> -socket.responseTimeout Max wait for the method return
>value/exception [60000] msec.
> -socket.backlog Queue size for incoming connection request [50].
> -socket.threadPrio The priority 1=min - 10=max of the listener
>thread [5].
> -socket.debug 1 or 2 switches on detailed SOCKET debugging
[0].
>-----------------------------------------------------------------------
---->-------
>
>4. If you need CORBA on both sides, you could add another
> protocol plugin for CORBA.
> Currently this is not possible just by configuration
> (you would need to take a copy of the corba driver
> and change the protocol type 'IOR' to something else
> like 'IOR2' under which you configure the plugin).
>
>Is it OK if we add your configuration to our FAQ?
Of course there is no problem.
>
>regards,
>
>Marcel
>
>PS: One final note: The SOCKET driver is not released for production
>yet. We need doing a final code review,
>to tune the performance and for multi threading issues.
>
>
>It works fine but i can't connect using the default method (without SSH
>channels...) because the callback adresses are localhost.
>
>I don't know how to do :(. I want to use XmlBlaster via SSH channels
>from internet connections and without ssh channels from LAN
connections.
>
>Any idea ?
>
>Thanks and have a good day.
>
>Seb.
>
>
>
>
>
--- End Message ---