[omniORB] Firewall/NAT piercing

Jani Niittukari jani.niittukari@saraxa.com
Fri, 25 Jan 2002 11:44:30 +0200 

Hi,

I'm trying to figure out how to call services behind a NAT.
Consider the
following setup:

"client (10.0.0.100) --> Firewall/NAT --> naming service
(192.168.1.100)"

If IOR of naming service (or some other service) is
published to the client
it contains unresolvable host IP (192.168.1.100). Is it
possible to use
-ORBendPoint parameter to override the IP with name
(giop:tcp:service:1234).
And if port (1234) is used does it mean that all CORBA
invocations (within
that ORB) are directed through just one port i.e. I could
reserve port 1234
for all invocations?

Thanks,

Jani

> -----Original Message-----
> From: owner-omniorb-list@uk.research.att.com
> [mailto:owner-omniorb-list@uk.research.att.com]On
> Behalf Of Duncan
> Grisby
> Sent: 8. marraskuuta 2001 19:44
> To: omniorb-list@uk.research.att.com
> Subject: Re: [omniORB] local invocations
>
>
> On Thursday 8 November, Carl Thompson wrote:
>
> > I haven't tried it, but I believe you must
> specifically tell the server to
> > listen to a Unix domain socket using
> -ORBendpoint or equivalent.  The client
> > shouldn't need to do anything special but of
> course it must reside on the
> > same machine as the server and must have access
> to the socket.  The server
> > objects' IORs will properly tell the clients
> how to reach it.
>
> The option is -ORBendPoint. You use it like:
>
>   server -ORBendPoint giop:unix: -ORBendPoint giop:tcp::
>
> If you only specify the giop:unix: endpoint, the
> server is _only_
> accessible through Unix domain sockets, and not
> through TCP.
>
> On my machine, Unix domain sockets make calls
> about 30% faster:
> through the TCP loopback, a null call takes 151
> microseconds; through
> Unix sockets it's 104 ms.
>
>
> For the real speed freaks (Hi Stefan and
> Stephen!) I've just checked
> in a shortcut mechanism for in-process colocated
> calls. This reduces
> the time for a colocated call from 2000
> nanoseconds to 70 ns, at the
> expense of no longer being CORBA compliant.
>
> The details about the shortcut mechanism are here:
>
>
> http://www.uk.research.att.com/cgi-bin/omni-wiki/m
oin.cgi/OmniOrb4DevelopmentStatus#line504

Details about Unix domain socket things are elsewhere on the
same
page.

Cheers,

Duncan.

--
 -- Duncan Grisby  \  Research Engineer  --
  -- AT&T Laboratories Cambridge          --
   -- http://www.uk.research.att.com/~dpg1 --