OK, I have a question for all the Tomcat gurus out there.
Here is my scenario:
* tomcat machine is behind NAT
* internal ip address is 2.2.2.2 (ip changed to protect the
innocent!)
* external ip is 3.3.3.3
* client accesses servlet with ip 3.3.3.3.
* inside servlet we call RequestDispatcher rd =
getServletContext().getRequestDispatcher( "/another_page.jsp" );
* then we call rd.forward( orig_request, response );
My question is, is that forward call a full http request? If so, what ip
address will it use? I "think" that it is trying to use the 3.3.3.3 address
and the NAT doesn't like it.
Thoughts?
Thanks
emd
----
Erin Dalzell
eXpresso Product Specialist
Epic Data
604.207.7699
-----Original Message-----
From: Eric J. Pinnell [mailto:[EMAIL PROTECTED]
Sent: Friday, July 25, 2003 10:05 AM
To: Tomcat Users List
Subject: RE: Tomcat not working behind a NAT?
I still think you are barking up the wrong tree here. If I had to guess I
would say that 95% of all internet faceing Tomcat servers are behind
some kind of NAT device.
One thing to consider. NAT only translates the IP in the IP header and
doesn't change the data payload. So if you are, for whatever reason,
using an IP address that is getting sent along in the payload and trying
to redirect to it or whatever, NAT won't change that.
Kinda how SQLNet doesn't like NAT devices. Because the users IP is
embedded in the payload as part of the protocol. So it goofs up when the
IP header and the IP in the payload don't match.
But what you are thinking below is the first thing I would do. Make sure
the machine on the outside see's the correct hostname/IP number and the
machine on the inside see's that same hostname as the inside IP address.
You can do that via the hosts file if you like.
-e
On Fri, 25 Jul 2003, Erin Dalzell wrote:
> For this particular Servlet call we are not accessing any databases.
>
> DTDs? Not really familiar with those...I will check.
>
> I don't think we are trying to resolve hosts.
>
> Here is something we got from our client:
> --
> The sniffer log showed the NATed address in one of the http requests ...
> following along the line of tomcat not using a localhost for addressing
> requests even if they're local to the system ...
>
> What options are there to specify the address for tomcat under which to
> start ? It must perform a lookup on DNS to translate the address, can we
use
> the /etc/hosts file to create a 'fixed' address that won't be affected by
> DNS ? This may not resolve it either ... as which one would you actually
put
> in to allow both 'local' access vs 'outside' access ...
> --
>
> ----
> Erin Dalzell
> eXpresso Product Specialist
> Epic Data
> 604.207.7699
>
>
> -----Original Message-----
> From: Tim Funk [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 24, 2003 5:46 PM
> To: Tomcat Users List
> Subject: Re: Tomcat not working behind a NAT?
>
>
> It shouldn't use high ports.
> Are you running any database services or other services?
> Are your dtd's not correct and its trying actually pull foriegn assets via
> http?
> Are you trying to resolve hosts in your access log? (or similar)
>
> Use your sniffer to see the type of request being performed on the hight
> port.
>
> -Tim
>
> Erin Dalzell wrote:
> > Hi there,
> >
> > We have just discovered that our tomcat web app is not working correctly
> > behind a NAT. Our actual web app works fine, but when we try to access
our
> > management pages via http. It doesn't work. Any static pages are served
up
> > correctly through our defined tomcat port (6300), but any dynamic
content
> > (to several different servlets) don't work.
> >
> > When we run a sniffer, it looks like tomcat tries to communicate with
> itself
> > on a very high (and random) port. For example, if our tomcat is
accessible
> > locally as 10.10.10.10 and externally as 204.1.1.1 and we access from
> > withing our network (10.10.x.x) everything works fine and tomcat is able
> to
> > talk to itself on port 45000. But if I access it from an external site,
> > tomcat tries to communicate with itself on the 204.1.1.1 address and the
> NAT
> > doesn't like it.
> >
> > So, I have a few questions:
> > 1) why doesn't tomcat (we are using version 4) use localhost to
> > communicate with itself?
> > 2) anyone else seen this problem?
> > 3) can the high port be configured?
> >
> > Thoughts?
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
> This email and any attachments are intended only for use by the addressees
> named in this email and may contain legally privileged and/or confidential
> information. If you are not the intended recipient of this email, you are
> hereby notified that any use, dissemination, distribution or copying of
this
> e-mail or any attachments is strictly prohibited. If you have received
this
> email in error, please immediately notify me by return email and by phone
at
> 604-273-9146, permanently delete the original and any copy of this email
and
> any attachments from your systems and destroy any printouts of them.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
This email and any attachments are intended only for use by the addressees
named in this email and may contain legally privileged and/or confidential
information. If you are not the intended recipient of this email, you are
hereby notified that any use, dissemination, distribution or copying of this
e-mail or any attachments is strictly prohibited. If you have received this
email in error, please immediately notify me by return email and by phone at
604-273-9146, permanently delete the original and any copy of this email and
any attachments from your systems and destroy any printouts of them.
