Skip to main content

JXTA Relay

5 replies [Last post]
s_hedrick
Offline
Joined: 2009-08-12

Can JXTA Relay peers be located within a private network (i.e., behind a firewall) and still function as relays? Or, do they always have to be exposed to all incoming traffic?

My situation is this: I'm needing to enable communication among multiple peers. Each of these peers will be located on different subnets and protected by firewalls. I was hoping to simply provision these peers with relay and rendezvous capabilities to enable this behavior. But, from what I'm reading, a relay peer must always be outside of the firewall (exposed to potentially malicious traffic). Is this correct?

Any insight that you could provide would be very much appreciated.

Thx/
Steve

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
godi
Offline
Joined: 2009-07-02

Does this mean that it is impossible to create a private network with different subnets and a peer acting as a relay connecting the different subnets?

I have a private network with two subnets 192.168.119.0/24 and 192.168.120/24 and a machine connected to both networks that acts as a router and as a relay peer that is also connected to the internet through a NAT. I am having problems for connections between one edge peer in a subnet and other edge peer in the other subnet.

Is that because the relay should have a public IP?

It would be a very serious limitation.

I would appreciate any clarification about this issue.

ivarulz
Offline
Joined: 2007-08-17

To be clear.

The rule of thumb is: the Relay peer must be visible to the client peers.
This means you client peer must be able to contact the Relay at the specified address + port.
If this is possible, you can use the Relay.

"Public IP" - if you want to expose the Relay to clients outside your local network, the Relay must run on a machine that has a public internet IP.

I hope I am more helpful this time.

godi
Offline
Joined: 2009-07-02

Thank you for the clarification and the quick answer.

Now I understand better what a relay can do.

ivarulz
Offline
Joined: 2007-08-17

"But, from what I'm reading, a relay peer must always be outside of the firewall (exposed to potentially malicious traffic)"

You are right. must be public IP.

s_hedrick
Offline
Joined: 2009-08-12

Thanks, I really appreciate you taking the time to respond to my question. Unfortunately, though, that limitation will be a show-stopper for our use of this technology in our target environment.

Thanks again,
Steve