Made sense to me. :)
John
Eric J. Pinnell wrote:
Hi,
I was unaware that tomcat connects to itself on a high port. Never the less, Tomcat should be completely unaware of the 204.1.1.1 address. If your NAT is totally transparent the only place that IP lives is on the external interface of your firewall/NAT device. I don't see how that IP could sneak back there.
Unless, and I'm going to guess here, your application is looking at the URI of the request and doing something with it. In that case you should use IP numbers and have internal vs. external DNS (or /etc/hosts) set up with the different IP numbers (one for the inside value and one with the 10.x.x.x inside value). So that way if it tries to connect to the same URI that was in the request it will get the right 10.x.x.x IP number.
I don't know if that helped or not.
-e
On Thu, 24 Jul 2003, Erin Dalzell wrote:
Hi there,
We have just discovered that our tomcat web app is not working correctly behind a NAT. Our actual web app works fine, but when we try to access our management pages via http. It doesn't work. Any static pages are served up correctly through our defined tomcat port (6300), but any dynamic content (to several different servlets) don't work.
When we run a sniffer, it looks like tomcat tries to communicate with itself on a very high (and random) port. For example, if our tomcat is accessible locally as 10.10.10.10 and externally as 204.1.1.1 and we access from withing our network (10.10.x.x) everything works fine and tomcat is able to talk to itself on port 45000. But if I access it from an external site, tomcat tries to communicate with itself on the 204.1.1.1 address and the NAT doesn't like it.
So, I have a few questions: 1) why doesn't tomcat (we are using version 4) use localhost to communicate with itself? 2) anyone else seen this problem? 3) can the high port be configured?
Thoughts?
Thanks
emd
---- Erin Dalzell eXpresso Product Specialist Epic Data 604.207.7699
This email and any attachments are intended only for use by the addressees named in this email and may contain legally privileged and/or confidential information. If you are not the intended recipient of this email, you are hereby notified that any use, dissemination, distribution or copying of this e-mail or any attachments is strictly prohibited. If you have received this email in error, please immediately notify me by return email and by phone at 604-273-9146, permanently delete the original and any copy of this email and any attachments from your systems and destroy any printouts of them.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
