permaculture playing cards*
The moose likes Sockets and Internet Protocols and the fly likes two-way communication between client and server behind firewall Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "two-way communication between client and server behind firewall" Watch "two-way communication between client and server behind firewall" New topic
Author

two-way communication between client and server behind firewall

Yi Meng
Ranch Hand

Joined: May 07, 2003
Posts: 270
What kind of traportation mean shall i use for two-way communication between client and server assuming both of them behind firewall?

Currently my work around is:

1. Client->Server: usual http reuqest using HttpURLConnection
2. Server->Client: I have a DatagramSocket listen on port 80 or 443 running on client and the server just send DatagramPacket to client on 80 or 443. Here the assumption is that the client will not have already made use of port 80 or 443, and very obvious, this assumption will not hold all the time. That is the weak point.

Any comment on this or better way to do this?

Actually, the whole idea is to build a server-push style real time chat application. So the data in transition will be small in size but the latency time should be minimised.


Meng Yi
Rovas Kram
Ranch Hand

Joined: Aug 08, 2003
Posts: 135
What kind of traportation mean shall i use for two-way communication between client and server assuming both of them behind firewall?

If both client and server are behind the firewall why is the firewall even an issue?
Yi Meng
Ranch Hand

Joined: May 07, 2003
Posts: 270
Originally posted by Rovas Kram:

If both client and server are behind the firewall why is the firewall even an issue?


Oh,my god, i mean there are two firewalls between client and server, one sitting in front of the client and another in front of server. It's very common that clients in most commercial organization network are protected by tight firewall and the server is also commonly placed in DMZ.
Warren Dew
blacksmith
Ranch Hand

Joined: Mar 04, 2004
Posts: 1332
    
    2
I'd recommend using TCP, not UDP (that is, regular sockets, not datagram sockets). That way, once the connection is established, you don't have to worry about the firewall any more.

For the initial connection, most firewalls will permit outgoing TCP connections, so you probably only have to worry about the server. Some firewalls don't allow any incoming connections at all; for that kind of firewall, you'll have to get the person managing the firewall to open up a port for your server to listen on. If you're in a DMZ, some ports will be open; you could piggy back on an existing well known port that's likely to be open, though that's not really good practice since some clients will be expecting a different kind of server (e.g., if you use 8080, the alternate HTTP port, you may get people trying to use it for HTTP rather than for your chat protocol).

Can you provide the big picture on what you're trying to do? With more details on your overall purpose, we might be able to come up with a more specific solution.
Yi Meng
Ranch Hand

Joined: May 07, 2003
Posts: 270
Originally posted by Warren Dew:

Can you provide the big picture on what you're trying to do? With more details on your overall purpose, we might be able to come up with a more specific solution.


Actually nothing big, but i am just thinking of a way for point-to-point communication. Something like MSN.

In my case, I do not have any control of client/server network setup. It's not really a p2p architecture but a two way client-server communication. It's not just request-response in the normal case, instead the server should be able to push data to client at any time.
Yi Meng
Ranch Hand

Joined: May 07, 2003
Posts: 270
Originally posted by Warren Dew:
I'd recommend using TCP, not UDP (that is, regular sockets, not datagram sockets). That way, once the connection is established, you don't have to worry about the firewall any more.

For the initial connection, most firewalls will permit outgoing TCP connections, so you probably only have to worry about the server.


Though UDP is known as a not reliable protocol, but it's actually reliable enough for real time applications IMHO.

When you are saying "initial connection", do you mean to hold this "initial connection" afterwards? If yes, then this will definitely cause scalability issues......
Warren Dew
blacksmith
Ranch Hand

Joined: Mar 04, 2004
Posts: 1332
    
    2
Yi Meng:

Actually nothing big, but i am just thinking of a way for point-to-point communication. Something like MSN.

MSN Messenger?

I guess what I was trying to get at was the firewall issue. Do you expect users to be able to ask admins to open ports in the firewalls? Or is the application for "unofficial use" - e.g., chatting with friends while at work - in which case you can't necessarily do anything to modify the firewall?

Though UDP is known as a not reliable protocol, but it's actually reliable enough for real time applications IMHO.

The reason I recommend TCP is not the reliability, but the fact that most firewalls allow outbound TCP connection establishment, and once you get the connection established, you can get inbound ("server push") data as well. Most firewalls block inbound UDP data, though, so if you use UDP you'll have a more difficult time with firewalls.

When you are saying "initial connection", do you mean to hold this "initial connection" afterwards? If yes, then this will definitely cause scalability issues......

For a chat (MSN Messenger / AOL Instant Messenger) type application, you can hold it for as long as the conversation is going, and end it afterwards. A TCP connection uses very little overhead, so it's pretty scalable.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: two-way communication between client and server behind firewall
 
Similar Threads
A question on multiple tcp listeners for the same port?
what is SOAP?
A question on multiple tcp listeners for the same port?
writing SSL client
ways for swing client to connect to weblogic server behind firewall