Archived

This forum has been archived. Please start a new discussion on GitHub.

Using Ice in an environment with changing IP addresses

hiasl
hiasl
in Help Center
Hi,

i want to use Ice within an environment where the IP addresses of participants change over time. Is it possible to adjust the ip addresses of the proxies (clients are beeing informed) and of the communicator/adapter (server are beeing informed as well)?

My second question is if there is a way to detect the callers ip at servant side?

Thanks & Bye
Matthias

Comments

  • benoit
    benoit Rennes, France
    Hi,

    You should use indirect proxies and the Ice location mechanism to do this. Your clients will invoke on indirect proxies (which don't contain endpoint information) and will contact the locator to get the proxy endpoints. Your servers will register their endpoints with the locator on startup (when the object adapter is activated). Take a look at the "Chapter 35: IcePack" in the Ice manual. It describes the Ice location mechanism and IcePack (an implementation of the location mechanism).

    To get the IP address of the clients from the servant, see [thread=1086]this thread[/thread].

    Let us know if you need more information!

    Benoit.
  • hiasl
    hiasl
    Hi Benoit,

    thanks for your answer. A short look into the documentation gave me the impression that it's not applicable to our scenario. Since we use a self developed "bidirectional-NAT like" gateway to realize "inner" and "outer" networks, which maps all incomming and outgoing traffic to different ip addresses and ports depending on the addressed services (e.g. Ice, ssh, hhtp), all the proxies have to address the gateway not the servant itself. Therefore the servant's address within the Proxy has to be manipulated anyway.

    Using indirect proxies would mean, that the Locator would have to run on the gateway, wouldn't it?

    Bye
    Matthias
  • benoit
    benoit Rennes, France
    Hi Matthias,

    The proxies created by the object adapter can contain the address of the gateway if you properly configure your object adapter, see this FAQ for more information on this configuration. In addition to this, if you configure your object adapter to register its endpoints with the location service, it will register the "published" endpoints.

    I'm not sure what manipulation you would have to do on the proxy, can you detail what you meant by this?

    If your clients use indirect proxies, they'll indeed need to be able to establish connections to the location service. So the location service will either need to be on the public network or accessible through your NAT gateway.

    Benoit.
  • hiasl
    hiasl
    Hi Benoit,

    the FAQ shows in the right direction, thanks. To answer your question: we allow inter-network connections (outer<->inner and instead of simple NAT, connections can be established from both sides) and inner network connections. Therefore we have to configure the proxy's ip depending on the target network.

    would i therefore have to create two adapters with different endpoints? at this moment the proxies are created using current.adapter...

    So, the easiest and IMHO cleanest thing would be to create the proxy, change the endpoint ip in case the client runs at the outer network and send it to the client.
    The IP addresses of the inner network may change. The inner network members and the gateway are getting informed by an low level protocol. After this all proxies holded by clients shall be modified (again the endpoints ip), so that further calls are correct again.

    Another argument possibly against using location services and indirect proxies is that we want to realize a real distributed system within the inner network avoiding single point of failures. So we would have to use more location services as redundancy. Are they addressed by IP/name or via broadcast or multicast? Can i "interconnect "(in case of) more location services to one domain and do they synchronize registry entries?
  • benoit
    benoit Rennes, France
    hiasl wrote:
    Hi Benoit,

    the FAQ shows in the right direction, thanks. To answer your question: we allow inter-network connections (outer<->inner and instead of simple NAT, connections can be established from both sides) and inner network connections. Therefore we have to configure the proxy's ip depending on the target network.

    would i therefore have to create two adapters with different endpoints? at this moment the proxies are created using current.adapter...

    So, the easiest and IMHO cleanest thing would be to create the proxy, change the endpoint ip in case the client runs at the outer network and send it to the client.
    The IP addresses of the inner network may change. The inner network members and the gateway are getting informed by an low level protocol. After this all proxies holded by clients shall be modified (again the endpoints ip), so that further calls are correct again.

    So you have a server that returns proxies and depending on the location of the client you would like to either return a proxy containing the Gateway endpoints or the inner network endpoints?

    It looks like what you would really need here is a new ObjectAdapter method to create a proxy containing the real endpoints of the object adapter -- not the published endpoints (assuming you have configured your object adapter with published endpoints).

    Your clients will still have to update their proxies if the server IP address changes. The only way to do this currently is to update the stringified proxy (you can use communicator->proxyToString() and communicator->stringToProxy() to stringify/un-stringify a proxy).

    In any case, these proxy manipulations seem a little error prone to me :). You'll have to keep track of the proxies and make sure to update all of them... This could become very complicated for a large application!
    hiasl wrote:
    Another argument possibly against using location services and indirect proxies is that we want to realize a real distributed system within the inner network avoiding single point of failures. So we would have to use more location services as redundancy. Are they addressed by IP/name or via broadcast or multicast? Can i "interconnect "(in case of) more location services to one domain and do they synchronize registry entries?

    The Ice location service is accessed with a proxy (configured with the Ice.Default.Locator property). This proxy can contain multiple endpoints pointing to different replicas of the location service (if it supports to be replicated). Note however that IcePack which implements the location service currently doesn't support to be replicated so it's indeed a single point of failure.

    Benoit.
  • hiasl
    hiasl
    benoit wrote:
    It looks like what you would really need here is a new ObjectAdapter method to create a proxy containing the real endpoints of the object adapter -- not the published endpoints (assuming you have configured your object adapter with published endpoints).
    Your clients will still have to update their proxies if the server IP address changes. The only way to do this currently is to update the stringified proxy (you can use communicator->proxyToString() and communicator->stringToProxy() to stringify/un-stringify a proxy).
    Using the string methods seem to avoid the necessity of overwriting the ObjectAdapter method?
    benoit wrote:
    In any case, these proxy manipulations seem a little error prone to me :). You'll have to keep track of the proxies and make sure to update all of them... This could become very complicated for a large application!
    That's why we call it research ;)
  • benoit
    benoit Rennes, France
    Yes, you can change the endpoints using stringified proxies and you can also use them to create proxies (instead of using the object adpater methods). It will just be a little more work since you'll have to parse the stringified proxies.

    Benoit.

Categories