Skip to main content

How to introduce new peer (known IP) that located behind a NAT/Firewall?

10 replies [Last post]
vonazor
Offline
Joined: 2007-09-10

Hi!
Suppose we have two domains, D1 and D2 with NAT/Firewall in between, and in D1 there are some peers (some of them are RDVs, some RELAYs, maybe some RDVs and RELAYs at the same time).
Now new peer P is established in D2. Suppose we have TCP or HTTP communication between two domains, but how peers in D1 can learn about existance of P?
I.e. given that we know IP of P in D2 and that P's JXTA ID, how this information can be added to RDVs or RELAYs?

10x in advance

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
hamada
Offline
Joined: 2003-06-12

For this to work rendezvous/relays in D1/D2 must have a connection amongst each other. Edges then simply connect to any of the infrastructure nodes, and the rest is handled by JXTA.

To reiterate, seed rdv's in D1 with D2, then configure edges to connect to a rdv through either through multicast or seeding to one of the rdv's.

vonazor
Offline
Joined: 2007-09-10

Thiank for reply!
But how do I dynamicly create this first connection between relays/rendevous in D1/D2?
That's the question! I don't want to relay on any preconfigured randevous' URLs. I want the ffirst user of the system that wants to use this connection to define it. I.e. till connection between D1/D2 is not needed it is not even configured, but when it's needed - user can simply enter the IP of some machine that is running randevous in D2.

From what I've seen, there is no such possibility in API, all data about peers comes from PeerVew. And the only way to update PeerVew is for PeerView to get message from another PeerView.
What I'm think of now is how in the runtime one can tell local node to publish it's PeerAdv. to specified IP?
I.e. as a first step I want to enable rendevous service on all peers....

hamada
Offline
Joined: 2003-06-12

> But how do I dynamicly create this first connection
> between relays/rendevous in D1/D2?

if you can not seed (statically, or dynamically through a seeding URI), then the only thing you can rely on is IP multicast.

> That's the question! I don't want to relay on any
> preconfigured randevous' URLs. I want the ffirst user
> of the system that wants to use this connection to
> define it. I.e. till connection between D1/D2 is not
> needed it is not even configured, but when it's
> needed - user can simply enter the IP of some machine
> that is running randevous in D2.

You can run a service whereby rendezvous register their existence, and edges query for them, sort of like DDNS.

>
> From what I've seen, there is no such possibility in
> API, all data about peers comes from PeerVew. And the
> only way to update PeerVew is for PeerView to get
> message from another PeerView.
> What I'm think of now is how in the runtime one can
> tell local node to publish it's PeerAdv. to specified
> IP?

hmm, that's sort of physical address rendezvous seeding, but I am not sure api exists which allows you to do so after startup, I guess you can set it up stop/restart the rendezvous service, or create and locally publish a rendezvous advertisement with the desired physical address, however that may not work since the peerid is not known.

> I.e. as a first step I want to enable rendevous
> service on all peers....

I think you're best bet is to implement (and contribute back to jxta) this DDNS like service for dynamic bootstrapping purposes.

vonazor
Offline
Joined: 2007-09-10

> You can run a service whereby rendezvous register
> their existence, and edges query for them, sort of
> like DDNS.

Could you elaborate more on that idea?
As I understand DDNS, there is still some well known servers from which the query process can be started. What I meant is that in some point of time information about additional peer becaome available and it neeeds to be used to communicate with this peer.

> hmm, that's sort of physical address rendezvous
> seeding, but I am not sure api exists which allows
> you to do so after startup, I guess you can set it up
> stop/restart the rendezvous service, or create and
> locally publish a rendezvous advertisement with the
> desired physical address, however that may not work
> since the peerid is not known.

Actually peerid can be known since their ids can be set up from IP
(like in IDTutorial from name + predefined_name_seed). So how do I publish such a adv.? Again, from what i saw in PeerView and RdvPeerRdvServce, there
is no public API to introduce new peer or randevous.

> I think you're best bet is to implement (and
> contribute back to jxta) this DDNS like service for
> dynamic bootstrapping purposes.

If I'm sure that this will solve my problem, I'll do that (implement and contribute).

hamada
Offline
Joined: 2003-06-12

Bootstrapping is alway a chicken & egg problem, no matter how low you go. The suggestion I made is simply to utilize a simple publish & query service much like DDNS, where rendezvous/relay would publish their access points, and edges would query the service for rendezvous/relay nodes.

> So how do I publish such a adv.? Again, from what i saw in PeerView and RdvPeerRdvServce,
> there is no public API to introduce new peer or randevous.

Simply publishing the advertisement should be picked up by the rendezvous service, where to expedite it, stop/restarting the rendezvous service should do the trick.

>Could you elaborate more on that idea?

It's even possible to use DNS as the service, however it must be expressed as a SVR (Service Record) so that additional parameters maybe expressed, such port and operation mode.

e.g.:

_jxta._tcp.jxta.net. 86400 IN SRV 0 5 9701 rdv.jxta.net

jimbosi
Offline
Joined: 2007-06-14

hmmm, sounds like you might be thinking about things the wrong way around...

It's the responsibility of the lone peer on D2 to notify a rendezvous peer on D1 of his existance. That's the idea of a rendezvous server... it's a well known and (ideally) globally accessible peer where all peers can "rendezvous".

From your description it sounds like the lone peer is able to pass through the firewall to contact one/some of the rendezvous peers on D1 so there shouldn't be any problem. You should know the rendezvous/relay locations beforehand and specify them your configuration.

On the other hand, if P cannot pass through the firewall to D1 then you have a problem. At this point you can do one of 3 things:
1. Move P to a domain where he can access D1
2. Move all the peers on D1 to a domain where they can be accessed from D2
3. Allow P access to D1 (via proxy or open ports)

hope that helped :)

vonazor
Offline
Joined: 2007-09-10

Thanks for reply!!!

The problem is that I want P to find the randevous peer, i.e. I don't want any peer to have any information about anything on the environment. Doesn't JXTA enable on the fly configuration? After all what P will tell the randevous peer is its name and IP (and maybe what he ate at the lunch the other day...). So I wonder if this infomation can be injected to the randevous knowlege.
To complete the scenario think of following:
You come to some peer A in D1 and tell it that it needs to get/share information with 100 peers in D2. Peer A creates special group for its task, but finds out that all 100 peers that it needs to be in touch with are in fact on another subnet, so A can not relay on advertisements - it needs some way to let peers in D2 know about himself.

Now, about well-know randevouz peer: if I want to setup a P2P network for short period of time - say once in a day when some condition evaluates to true, _some_ peers are wakened up and do their deeds. If you had a mechanizm to do without well-known randevous - you would not need to waste resources of some machine that is used only sometimes and would not have to take care of its availability

What say thou?

Message was edited by: vonazor

jimbosi
Offline
Joined: 2007-06-14

Well, I think what we're discussing here is a problem for P2P networks and networking in general.

How do you create a P2P network spanning the internet without a server somewhere?

Consider this:
There's a guy sitting in his office and his boss walks in.
"Johnston! I want you to send these specially encoded letters to 100 people in France. I don't know their names or anything about them, but if you send them to the wrong people, you're fired!"
How does he send the letters to the right people?

It's easy to create an ad hoc p2p network within a subnet and jxta does this very easily by using multicast packets. However, it's impossible to do anything similar across networks (because most routers drop multicast packets), unless you want to try and ping every accessible computer on the network and, of course, even doing that misses all the computers behind firewalls and NAT.

vonazor
Offline
Joined: 2007-09-10

Hmm..
Ho about that:
"Johnston! I want you to send these specially encoded letters to 100 people in France. First one lives in Paris on 192.168.0.100 street apt 9700, second lives in Paris too but on 192.168.0.101 street apt. 9700, ...... Now don't send them the letters before they pay you 5 euro/dollars"

What Johnston will do? He will send 100 letters with following content:
"Dear Sir/Madam, you have won our blah-blah-blah. In order to send you the prise we would like you to deposit....
Congrats, Johnston",
and send those letters to 192.168.0.100:9700, 192.168.0.101:9700 etc.
Pay attention that people in Paris haven't known Johnston before nor his address. But Johnston did know theirs.
If peer in subnet D1 learns dynamicly about IP of peer in D2, it should be able to communicate with it.

I'm sure that there sould be a way to tell a Randevous peer about new peers not only by advertisements coming from those servers.

About creating P2P network: you don't have to have a server - all you need is love. And some information about at least one reachable live peer (that knows another reachable live peer (that knows another reachable live peer ( that...:o) ) )

jimbosi
Offline
Joined: 2007-06-14

Ok, so you have a bunch of IP addresses that you want to connect to!

That I can't help you with I'm afraid. However, a good starting point might be to look at the Endpoint Service. There's also some explanation of the jxta layers here:
http://wiki.cs.uiuc.edu/cs427/JXTA+-+Architecture

I'm not quite sure, but I guess you'd want to do something like:
1. create a peer advertisement for the peer that you want all your other peers to be notified about.
2. Connect to your other peers (using their IP's) via the endpoint service.
3. ???
4. Profit!

good luck!