you could always fall back to java, there are a number of linked posts about this on stack overflow
http://stackoverflow.com/questions/1721444/how-can-i-bind-an-outbound-of-course-httpurlconnection-to-a-specific-local-ip On Fri, Apr 13, 2012 at 12:25 PM, Steve Onnis <[email protected]> wrote: > Phil > > Of course the IP addresses are all on the firewall. How else is it going to > know what to map. Though the firewall will accept connections on multiple > ip addresses, it will only broadcast out though one ip address. This means > the CHTTP request won't come from the IP address of the NIC, but the primary > IP address of your firewall. It won't matter what sort of proxy you use if > it is behind the firewall as the firewall is the appliance that is doing the > broadcasting, not the NIC on the box or the proxy. > > -----Original Message----- > From: Phil Rasmussen [mailto:[email protected]] > Sent: Friday, 13 April 2012 12:18 PM > To: cfaussie > Subject: [cfaussie] Re: Manipulating CFHTTP Source IP > > Steve the IPs are mapped directly through the firewall to the server so the > 10 IPs bound to the NIC will be the source IPs of outbound requests there is > no question there. My concern was that in previous versions of CF (7 and > lower I think), then source IP of an outgoing CFHTTP request would be the > primary IP bound to the NIC (highest in > stack) regardless of the IIS website IP. > > I think if the headers can't be used to distinguish the requests, the proxy > option sounds like it will work though. > > On Apr 13, 11:50 am, "Steve Onnis" <[email protected]> wrote: >> For that to happen it would need to happen within the firewall or >> after the firewall >> >> >> >> >> >> >> >> -----Original Message----- >> From: Barry Chesterman [mailto:[email protected]] >> Sent: Friday, 13 April 2012 1:29 AM >> To: [email protected] >> Subject: Re: [cfaussie] Re: Manipulating CFHTTP Source IP >> >> x-forwarded-for is really only an additional header stapled onto an >> http request and I would have thought any external system accepting a >> limited number of requests from a specific IP wouldn't even be looking >> at x-forwarded-for for decision making (although it depends how the >> logic is written at that end and at what level it does the ip based >> decision making :)). >> >> If it were me, I'd look at using some sort of proxy / load balancing >> solution that can route traffic out different IP addresses (sounds >> like you are halfway there with your 10 nic box), but you can get >> software which does http forwarding or re-routing so your requests >> would effectively come from different ip's and keep your external service > happy. >> >> On Thu, Apr 12, 2012 at 11:07 AM, Phil Rasmussen <[email protected]> wrote: >> > Hi Blair thanks for that I hadn't seen that X-Forwarded-For header >> > before and that could do the job, though i'm not sure how the >> > request will look at the other end in terms of source IP. Only one >> > way to find out I guess! I was thinking of setting up a proxy and >> > using multiple instances of Tomcat on the same server to setup 10 >> > separate webserver instances each with it's own IP, and then route >> > requests through these though I'd prefer the HTTP header route if that > works. >> >> > Steve the IPs are going through multiple firewalls at the hosting >> > provider before reaching the actual server where the IPs are mapped >> > and then bound to the NIC. >> >> > On Apr 12, 6:42 pm, Blair McKenzie <[email protected]> wrote: >> >> May not work (depending on how the web service is set up) but you >> >> could try using the X-Forwarded-For >> >> <http://en.wikipedia.org/wiki/X-Forwarded-For>header in the requests. >> >> There is also using an HTTP proxy, though I'm not sure how that >> >> affects the IP address of a request. >> >> >> Blair >> >> >> On Thu, Apr 12, 2012 at 5:46 PM, Phil Rasmussen <[email protected]> > wrote: >> >> > Hi Everyone. Had an interesting development topic come up today >> >> > and I'm not sure it's even possible though it's worth a shot. >> >> >> > We have an existing sync process that sends approximately 100 >> >> > traveller profiles a minute to an external web service, and now >> >> > we have the opportunity to increase this throughout 5 fold but >> >> > opening up separate connections (up to 5) as long as we don't >> >> > exceed a total of >> >> > 300 syncs every 60 seconds across all connections in total. Now >> >> > the tricky part is i can't just create new threads to execute the >> >> > parallel processes, the external system will only treat them as >> >> > separate requests if the source IP is different. >> >> >> > With the application sitting on a single webserver with 10 public >> >> > IPs bound to the NIC, i'm wondering if there is a way I can >> >> > create some kind of proxy using IIS to allow sending from different > IPs. >> >> > CFHTTP from what I recall uses the highest IP in the stack on the >> >> > outgoing NIC, so I'm not sure if this is even possible? >> >> >> > If anyone has any thoughts on this would love to hear it. >> >> >> > Cheers >> >> > Phil >> >> >> > -- >> >> > You received this message because you are subscribed to the >> >> > Google Groups "cfaussie" group. >> >> > To post to this group, send email to [email protected]. >> >> > To unsubscribe from this group, send email to >> >> > [email protected]. >> >> > For more options, visit this group at >> >> >http://groups.google.com/group/cfaussie?hl=en. >> >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> "cfaussie" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> [email protected]. >> > For more options, visit this group > athttp://groups.google.com/group/cfaussie?hl=en. >> >> -- >> You received this message because you are subscribed to the Google >> Groups "cfaussie" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group > athttp://groups.google.com/group/cfaussie?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/cfaussie?hl=en. > > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/cfaussie?hl=en. > -- Zac Spitzer Solution Architect / Director Ennoble Consultancy Australia http://www.ennoble.com.au http://zacster.blogspot.com +61 405 847 168 -- You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en.
