Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DCOM and NAT Routers 1

Status
Not open for further replies.
Flibble

Flibble

Programmer
Nov 4, 2000
7
0
0
GB
All:

We have a requirement to utilise DCOM across a 2Mb WAN link to a remote server. This will incorporate crossing 2 firewalls (FW/1) and will require network address translation (as the remote end apparently don't read RFC documents ;>). The following document : states that DCOM just doesn't work with NAT. My question is: Is this true or can it be made to work?

The DCOM is in 3rd party middleware so rewriting in COM+ is not an option at this point.

Thanks

Flibble
 
Sort by date Sort by votes
This isn't true. We have this type of setup at one of our sites. Note that this is not supported by Microsoft at this time and firewall environments tend to exacerbate "disconnect" problems that a lot of people in this forum have been reporting (thought it was just me!). So, if you bring microsoft in, guess what they'll blame it on instead of dcom/rpc?

Anyway, on NT4 do the following:

1. Install MS Loopback adapter.
2. Give the loopback the NAT address of the dcom server. i.e. actual ip address of dcom server is 155.48.12.10. DCOM client "sees" servers as 10.10.12.2 Give the loopback the 10 address.
3. Put this adapter first in the tcp/ip binding order.
4. Oh, restrict dcom to tcp/ip in dcomcnfg.
5. Subnetting is important on the loopback and actual adapter. Make sure it's set up so that the server will *never* try to talk to the client (or 3rd tier server depending on what you're doing) via the loopback adapter (for obvious reasons).
6. Do all that fun stuff in that firewall paper you mentioned.
7. Pray.

All this hooey is because NAT doesn't translate the address at the RPC level, but the address has to resolve at the dcom server and loopback enables this. Host names are translated to IP address before transmission (on nt4).

On win2k, hostnames are *not* translated. So you can NAT without anything special if you don't mind exposing your hostnames. Over a WAN you'll probably get stuck using IPs, but I haven't tried it so I don't really know.

Too bad DCOM doesn't have a robust (yet crash happy) facility like Gatekeeper for this stuff.

Hope this helps!

- j

With win2k,
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Viken
  • Locked
  • Question
how to create sample DCOM application in c# ?
Replies
0
Views
158
Viken
Viken
DCARTEAUX
  • Locked
  • Question
Legacy DCOM on Win XP not compatible with TEK TLA using .NET on Win 7
Replies
0
Views
151
DCARTEAUX
DCARTEAUX
bitman2112
  • Locked
  • Question
DCOM Security Context?
Replies
0
Views
138
bitman2112
bitman2112
Boxalld
  • Locked
  • Question
Setup DCOM Object from Command Line
Replies
0
Views
140
Boxalld
Boxalld
Bias
  • Locked
  • Question
DCOM on local machine
Replies
0
Views
125
Bias
Bias

Part and Inventory Search

Sponsor

Back
Top