I have written an application that runs in a kind of peer-to-peer framework. Servers connect to a masterserver, which a client then queries to receive a list of servers. The client selects a server and connects to that server directly and both the server and client sever their connections with the masterserver.
Problem: I have the masterserver set up at a location and it is not behind a router or firewall or anything, just directly connected to the internet. I have in a separate location (separate internet connection, too) a server and a client computer on the same network. Both can connect to the masterserver fine. A TCP connection is maintained with clients whilst UDP packets are sent out periodically to both clients and servers. The TCP connection is fine and the UDP packets are always received by the same computer, and always not received by the other one (regardless of which one is the server and which one is the client). When the direct (TCP) connection between the client and server is attempted, however, it doesn't work: "Connection forcefully refused" error message. The standard ports that the application uses are opened for both TCP and UDP on the router. My thoughts are that whilst these ports are set to forward to both computers in the router setup, only one computer receives the UDP packets sent out by the MS and so I'm wondering if the perhaps only one computer is receiving the TCP packets necessary to establish a connection as well.
Notes: If I run the masterserver on the network behind the router and try to connect to it (as either server or client) from the computer directly connected to the internet the connection is fine (I haven't tested the server-client connection from computers on different networks yet). When the masterserver is run on the same network as the server and client and a local address (192.168.x.x) is used for the masterserver everything works perfectly. In the same situation when a non-local IP is used neither computer can connect to the masterserver as either server or client.
I would really appreciate any help on this issue since the application is meant to support two computers on the same network connecting to each other via the external masterserver.
Regards,
AJ
P.S. The router is Open Networks in case that helps.
24 5759 NeoPa 32,556
Expert Mod 16PB
It sounds like one of the machines is not accessible (the one that never receives any UDP packets).
Can you share which subnets the three machines are on. Please include the actual IP address subnets, as well as those which are needed to address them publicly across the internet. This is for working out whether the correct addresses are being shared with the other machines (client/ server etc).
If you are uncomfortable sharing these publicly then please feel free to PM me with the information.
Thanks for your suggestion NeoPa.
OK, an update on the problem:
It turns out that you can't forward the same port to multiple computers.
I solved this problem by allowing the user to specify which port
their machine uses for communication and then forwarding the
appropriate ports.
So now all computers in all situations can communicate via TCP
and UDP correctly with the masterserver. When a client tries to
connect to a server behind the same router (even if the server is
running on the same computer as the client), however, I receive
the "Connection forcefully refused" message. So things have
progressed but are not quite there yet.
I have debugged the server application and can confirm that it
never receives any connection request from the client computer,
so I presume the problem is once again with the router setup.
Also, if I run "netstat -a" I can see the server listening for a
TCP connection on the correct port. When the router is not
present everything works as intended.
Also, if the masterserver is moved behind the router, computers
behind the same router cannot connect to it. Is it possible that
computers behind the same router cannot establish a connection to
each other using the external IP?
Thanks again for any help with this new issue,
AJ
NeoPa 32,556
Expert Mod 16PB
Let's determine if it is all happening in the firewall (router), as I suspect.
Try setting it all up, then turning off the machine that normally reports the connection is forcefully closed (I mean one your client PC is trying to connect to).
If you get the same message when the machine is powered off, then you can be fairly sure the error message is originating from the firewall.
I tried turning the machine off and I get the same message, so I guess the problem is with the firewall. Do you have any idea what could cause this problem or how to fix it?
Thanks,
AJ
NeoPa 32,556
Expert Mod 16PB
I can only suggest that the port-forwarding is configured correctly.
This is not something I can help much with as I'm not familiar with the specific firewall, nor exactly what subnets are in use here.
How many firewalls do you have in total, for your three separate machines?
The two machines that are behind the router just have the router (and the Windows firewall), the other machine just has the Windows firewall.
As far as the port forwarding configuration, I have set up rule for each computer for the relevant port and selected TCP/UDP. Since the computer uses the same number TCP port as UDP port and the UDP works, I don't understand why the TCP doesn't. Maybe I could try setting up separate rules for UDP and TCP.
NeoPa 32,556
Expert Mod 16PB @Asja
As I understand it you have three machines. A Master (controlling) Server, a Server and a Client. This answer doesn't make clear which of the machines are behind the firewall/router.
It may be worth turning off the Windows Firewall for those machines behind the firewall router anyway. At least during the development/testing stage.
As a general rule, I would advise configuring a single firewall properly, and not deploy multiple levels. This only says you don't have much confidence in either. Furthermore it makes working out exactly what's going on that much harder. @Asja
I would certainly try that, if for no better reason than it will help you to determine where your problem lies. Finding solutions is often as much about finding what isn't the problem, as it is about finding what is.
The Master Server is behind just the Windows firewall,
The Server and Client are behind the router and Windows firewall.
I will try disabling the Windows firewall for the server and client as you suggest.
I said UDP was working but TCP wasn't. My mistake, none were/are working.
Thanks again for all your help so far,
AJ
NeoPa 32,556
Expert Mod 16PB
No worries Asja. Let me know how you get on.
I tried disabling the Windows firewall for all computers, but it makes no difference.
I just tried connecting to a server behind the router using an external computer and it works, so it only fails when the client is behind the same router as the server.
NeoPa 32,556
Expert Mod 16PB @NeoPa
That sounds very much like an answer to my post #2 (quoted) might be helpful. Please be very careful to get these details right, as they have been know to confuse people. If you need any help, just ask.
------
Router
------
External IP: 118.208.x.x (the last two numbers change periodically)
Network IP: 192.168.1.254
I got these details by running ipconfig on each of the machines:
------
Server
------
Network IP: 192.168.1.101
Subnet Mask: 255.255.255.0
------
Client
------
Network IP: 192.168.1.103
Subnet Mask: 255.255.255.0
NeoPa 32,556
Expert Mod 16PB
Are there not 3 machines involved in this situation? The master server details seem to be missing (quite important info).
The master server IP is 114.76.x.x
Subnet mask: 255.255.240.0
It is just directly connected to the internet, no router/network.
NeoPa 32,556
Expert Mod 16PB
This seems to be saying the Master Server is physically located at a different location from the other two machines. That's fine, but can you say which IP address/Port combinations are returned when the request is made of the Master Server by the Client?
Also, how does the Server that's selected, get the IP address/Port combination of the Client?
You do appreciate I presume that the 192.168.1.x addresses are never known to the Master Server, so will never be used for the Server/Client communications?
PS. To proceed I will need answers to all questions. Leaving out any of the answers will only prolong the process.
The master server is located physically in a different location from the other two machines. I will explain again what takes place, by the time the error occurs, the master server is no longer part of the communication.
1) Master Server listens for TCP connections from clients and UDP packets from servers.
2) The server listens on a TCP port for a client connection and sends UDP packets to the Master Server. These packets contain information about which port the server is listening on that the client will need to connect to.
3) The client establishes a TCP connection to the Master Server.
4) The Master Server sends to the client a list of all the servers, including the server's IP and the port the server is listening on for a client connection.
5) The client selects from the list the server to which it wishes to connect.
6) The client terminates the connection to the Master Server.
7) The client extablishes a connection to the server using the IP/port combination received in step 4 from the Master Server.
8) The server accepts the connection and stops sending UDP packets to the Master Server.
The error occurs in step 7 if the client and server are behind the same router. It should be noted that the port on which the server is listening for a client TCP connection is forwarded by the router to the server. @NeoPa
See step 4. @NeoPa
The client connects to the server, so this is not explicitly needed, but is received when the connection is established. @NeoPa
Yes, I am aware of this.
NeoPa 32,556
Expert Mod 16PB @Asja
This is true, but it is nevertheless an important part of the equation.
Consider that the Server machine is passing an IP Address / Port combination. If this is all within the data of the packet then the IP Address part will reflect the internal (192.168.1.x) address rather than any external one (118.208.x.x). The data portion of packets are not changed by the router. Only the header info can be. If however, the data passed is simply the Port address (more likely I would expect as otherwise only locally connected devices could be made to work), then the IP Address would be taken from the packet header, which would be adjusted by the router in line with NAT. Essentially the internal 192.168.1.x address replaced by the 118.208.x.x one. The port, within the data, would remain unchanged.
Assuming for the moment that the router has been set up correctly to convert any external TCP/IP messages addressed to that (external) address with that port, through to the original (internal) Server IP address on the same port, then communication should be possible from external locations.
Now consider the situation you are in.
Your Client machine has the same information that any other clients on the internet would have (118.208.x.x:Port#). In this specific case though, the proper way to address the Server from the Client would be to use the internal address (192.168.1.x:Port#). Using the external address instead, the Client traffic is transferred to the router to handle. The router recognises its own external IP Address, so knows to handle it itself, but when it checks its rules to see if there is a mapping for that port, it's not looking for a rule handling that port from the external interface. It must check rules for the internal interface.
The chances are that this rule has not been configured for the internal interface at all, but is set up explicitly for the external one only. In that case, the router would throw a wobbly and complain with a " Connection forcefully refused" message. After all, the router itself is trying to handle the traffic for that port in this case.
Does that sound like it may explain your situation?
Yes, that sounds exactly like what's happening. I don't suppose you know how to set this up, I can't see anything resembling "internal interface" in my router's setup options and port forwarding only has a WAN connection option? Is it possible for a router not to have this functionality?
NeoPa 32,556
Expert Mod 16PB
It depends on the router I think. My home routers have never had this facility.
For testing, it may be necessary (although possibly complicated depending on your setup) to set up an alternative route to the internet for the different machines. That way they would use separate routers and the problem would not occur.
Thanks for all your help NeoPa.
NeoPa 32,556
Expert Mod 16PB
No worries Asja.
Did you manage to find a way past this?
No. But at least I know for sure now it's not a code problem. I guess whoever uses my software will just have to have their network set up appropriately if they wish to connect two computers behind the same router, and if this problem arises I may at least be able to point them in the right direction.
NeoPa 32,556
Expert Mod 16PB
Ah 8-)
I'm glad it seems to have helped somewhat at least.
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Max M |
last post by:
I am using ClientCookie for login on to servers and browsing them as
authenticated users.
I kept getting "HTTP Error 400: Bad Request" errors when submitting my
forms. So I boiled it down to a...
|
by: Sandeep Arya |
last post by:
Thanks linuxfreak and sybren for positive comments
My application will be running on Linux.
How to send ICMP ECHO as broadcast packets. I do not know this. Please tell
me how to?
Sybren.....
|
by: J Smith |
last post by:
I'm making a website where each page has the same design, obviously its
a bad idea to put the same code/html in each page so what is the best
way to do this?
What I'm doing at the moment is...
|
by: Steve |
last post by:
Hi all
How would i get a list of all Active Computers on a network? All I need are
the computer names.
Kind Regards,
Steve.
|
by: dylpkls91 |
last post by:
I have been researching this topic and come up with some code to make
it work. It uses SSL and requires the 3rd party package Paramiko (which
requires PyCrypto). However, at this moment I have no...
|
by: brosner |
last post by:
I installed MSSQL 2000 on my desktop (running NT 2000). No problem. I created an adp and attached it to a database within MSSQL 2000, no problem.
When I go into MS Access, on another PC (running...
|
by: Vyas111111 |
last post by:
Hello all
I want to delete a file which is not placed on my local machine, it is placed on diffrent machine but in the same network. How can i delete that file , i am using VBScript -ASP
Thanks in...
|
by: jellychai |
last post by:
I'm doing the final year project that related to the SNMP. I need to find the solution for the IP auto detection in C#. When I run the main project, the program can automatically detect the IP for...
|
by: maheshgupta024 |
last post by:
Im very new to PHP, and interseted in network stuff, using php can i enter into different computers from network within my LAN.
Can anyone help on this..
Thanks in Advance
|
by: DolphinDB |
last post by:
Tired of spending countless mintues downsampling your data? Look no further!
In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: Shællîpôpï 09 |
last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
| |