Hi Eric,
> I guess the answer depends on whether the socket libraries use the tomcat
> listening port as the source IP. If you have three tomcat instances listening
> on three different IPs, each instance should be able to open a client
> connection using the same source port, as long as each tomcat uses its
> listening IP as the source IP of the socket.
I think there's couple of snippets of information that could help you
understand this:
- There is no predefined relationship between the incoming request and the
outgoing request : they are normally entirely independent operations
This does not mean that you can't code one should you ever find a good
reason.
- The port to connect to the, e.g., database service is the target port, not
the source port
A browser will connect to :8080 and assign a port on the client for
receiving responses. Tomcat acting as a TCP client will do the same - connect
to the database using :1521 and assign a port for receiving responses. That's
how TCP works.
For good security reasons Tomcat can be deployed on a server with two network
cards. For example, listening on 192.168.5.20:8080 for incoming http requests
to service the application and connecting to a database server at
10.10.40.50:1521 using its network interface for 10.10.40.x. This keeps your
database network one further level removed from the publicly connectable
network(s). The database connection may be made before any client requests
arrive with Tomcat and may remain active even when all of the clients have
"gone away". Our .war application connects to the database to load
configuration on startup before the http endpoint is ready to respond to client
requests and the database connection remains active until Tomcat is shut down.
Does that help?
Thanks,
Tim
--
Tim Scott
OCLC · Senior Software Engineer / Technical Product Manager
cc: IT file
OCLC COVID-19 resources: oc.lc/covid19-service-info
-----Original Message-----
From: Eric Robinson <eric.robin...@psmnv.com>
Sent: 25 June 2021 04:19
To: Tomcat Users List <users@tomcat.apache.org>
Subject: [External] RE: Re-Use TCP Source Ports if the Socket is Unique?
Thanks for the feedback, Daniel.
I guess the answer depends on whether the socket libraries use the tomcat
listening port as the source IP. If you have three tomcat instances listening
on three different IPs, each instance should be able to open a client
connection using the same source port, as long as each tomcat uses its
listening IP as the source IP of the socket.
That's the part I'm still not sure about.
> -----Original Message-----
> From: Daniel Baktiar <dbakt...@gmail.com>
> Sent: Thursday, June 24, 2021 9:16 PM
> To: Tomcat Users List <users@tomcat.apache.org>
> Subject: Re: Re-Use TCP Source Ports if the Socket is Unique?
>
> Hi Eric,
>
> It should behave the same way. The socket client application will be assigned
> an ephemeral port.
>
> On Fri, Jun 25, 2021 at 9:14 AM Eric Robinson <eric.robin...@psmnv.com>
> wrote:
>
> > I guess I may have answered this question for myself. At least I can
> > simulate it with ncat. Note that I have two ncat sessions open to the
> > same remote server using the same source port, but with different source
> IPs.
> >
> > [root@testserver ~]# netstat -antp|grep ncat
> > tcp 0 0 192.168.11.215:3456 192.168.10.59:9000
> > ESTABLISHED 60946/ncat
> > tcp 0 0 192.168.10.58:3456 192.168.10.59:9000
> > ESTABLISHED 60920/ncat
> >
> > Is there any reason why tomcat should not be expected to work the same
> > way? And when I say tomcat, I really mean libraries like the mysql
> > odbc connector that tomcat uses.
> >
> >
> > > -----Original Message-----
> > > From: Eric Robinson <eric.robin...@psmnv.com>
> > > Sent: Thursday, June 24, 2021 3:19 PM
> > > To: Tomcat Users List <users@tomcat.apache.org>
> > > Subject: Re-Use TCP Source Ports if the Socket is Unique?
> > >
> > > Two quick questions.
> > >
> > > Question 1:
> > >
> > > When tomcat creates a TCP connection to a remote server (for
> > > example, a back-end database) tomcat is acting as the TCP client in
> > > that case. Does
> > it use
> > > the IP it is listening on as the source IP for its outbound client
> > connection?
> > >
> > > For example, Server1 has three IPs: 10.0.0.1 (primary), and two
> > additional
> > > IPs, 10.0.0.2 and 10.0.0.3. Tomcat is listening on 10.0.0.2. It
> > > receives
> > a request
> > > that requires it to connect to a database server. When it creates a
> > > TCP connection the database server, which IP does it use as the
> > > source
> > address?
> > >
> > > Question 2:
> > >
> > > Suppose you have two instances of tomcat on the same server. TomcatA
> > > is listening on 10.0.0.2 and TomcatB on 10.0.0.3. First, TomcatA
> > establishes a
> > > connection to a remote server from its source IP 10.0.0.2, source
> > > port
> > 3456.
> > > Can TomcatB, which is listening on a different IP, also establish a
> > connection
> > > to the remote database server using the same source port 3456, given
> > > that the sockets is unique (different source IP)?
> > >
> > > -Eric
> > >
> > >
> > >
> > >
> > >
> > >
> > > Disclaimer : This email and any files transmitted with it are
> > confidential and
> > > intended solely for intended recipients. If you are not the named
> > addressee
> > > you should not disseminate, distribute, copy or alter this email.
> > > Any
> > views or
> > > opinions presented in this email are solely those of the author and
> > might not
> > > represent those of Physician Select Management. Warning: Although
> > > Physician Select Management has taken reasonable precautions to
> > > ensure no viruses are present in this email, the company cannot
> > > accept
> > responsibility
> > > for any loss or damage arising from the use of this email or attachments.
> > Disclaimer : This email and any files transmitted with it are
> > confidential and intended solely for intended recipients. If you are
> > not the named addressee you should not disseminate, distribute, copy or
> alter this email.
> > Any views or opinions presented in this email are solely those of the
> > author and might not represent those of Physician Select Management.
> > Warning: Although Physician Select Management has taken reasonable
> > precautions to ensure no viruses are present in this email, the
> > company cannot accept responsibility for any loss or damage arising
> > from the use of this email or attachments.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> >
Disclaimer : This email and any files transmitted with it are confidential and
intended solely for intended recipients. If you are not the named addressee you
should not disseminate, distribute, copy or alter this email. Any views or
opinions presented in this email are solely those of the author and might not
represent those of Physician Select Management. Warning: Although Physician
Select Management has taken reasonable precautions to ensure no viruses are
present in this email, the company cannot accept responsibility for any loss or
damage arising from the use of this email or attachments.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
