wsDualHttpBinding ClientBaseAddress &防火墙 [英] wsDualHttpBinding ClientBaseAddress & firewalls
问题描述
我计划将 wsDualHttpBinding 用于具有回调的 WCF 服务.客户端将是通过 Internet 与服务通信的 Windows 窗体应用程序.显然我无法控制客户端的防火墙,所以我想知道在客户端设置 ClientBaseAddress 的正确方法是什么?
I'm planning on using a wsDualHttpBinding for a WCF service with callbacks. The clients will be a windows form application communicating to the service over the internet. Obviously I have no control over the firewall on the client side, so I'm wondering what is the proper way to set the ClientBaseAddress on the client side?
现在在我的初始测试中,我在同一台电脑上运行服务和客户端,我正在设置绑定如下
Right now in my intiial testing I'm running the service and client on the same pc and i am setting the binding as follows
Dim binding As System.ServiceModel.WSDualHttpBinding = Struct.Endpoint.Binding
binding.ClientBaseAddress = New Uri("http://localhost:6667")
但是我感觉这在通过 Internet 部署时不起作用,因为localhost"不会转换为机器地址(不用担心 NAT 转换)并且该端口可能被客户端防火墙阻止.
But I have a feeling this won't work when deploying over the internet because "localhost" won't translate to the machine address (much less worrying about NAT translation) and that port might be blocked by the clients firewall.
处理回调到远程客户端的基地址的正确方法是什么?
What is the proper way to handle the base address for callbacks to a remote client?
有人告诉我,如果我没有指定 ClientBaseAddress,那么 WCF 基础结构会在端口 80 上创建一个默认客户端基地址,用于来自服务的传入连接.由于端口 80 通常对防火墙开放,所以应该可以正常工作.
some one tell me if i do not specify ClientBaseAddress then WCF infratructure creates a default client base address at port 80 which is used for the incoming connections from the service. Since port 80 is usually open to firewalls, things should just work.
所以告诉我什么时候运行 win form wcf 客户端应用程序,然后我如何打开我的自定义端口,比如6667",并指导我应该使用什么库或什么方法作为结果响应应该来自客户端路由器到电脑和防火墙不会阻止任何东西.请结合现实生活场景讨论这个问题,人们在现实生活中如何处理这种情况.谢谢
so just tell me when win form wcf client apps will run then how can i open my custom port like "6667" and also guide me what library or what approach i should use as a result response should come from client side router to pc and firewall will not block anything. please discuss this issue with real life scenario how people handle this kind of situation in real life. thanks
推荐答案
正确的方法是使用 TCP 传输而不是 HTTP 传输.基于 HTTP 的双工通信需要两个 HTTP 连接——一个从客户端到服务器打开(没关系),第二个从服务器到客户端打开.这仅适用于您可以完全控制两端的场景.有太多的复杂性无法通过猜测使用的地址来避免:
The proper way is to use TCP transport instead of HTTP transport. Duplex communication over HTTP requires two HTTP connections - one opened from client to server (that's OK) and second opened from server to client. This can work only in scenarios where you have full control over both ends. There is simply too many complications which cannot be avoided just by guessing what address to use like:
- 必须配置本地 Windows 或第三方防火墙
- 允许应用程序运行 - 默认情况下不允许监听 HTTP,除非 UAC 关闭或应用程序以管理员身份运行.您必须允许通过 netsh 或 httpcfg(Windows XP 和 2003)侦听端口 - 这又需要管理员权限.
- 端口可能已被另一个应用程序使用.在 80 的情况下,它可以被任何本地 Web 服务器使用 - 例如 IIS.
- 私有网络和网络设备 - 如果您的客户端机器在 NAT 之后,则必须配置端口转发,但如果您有两台机器在同一个私有网络上运行您的应用程序怎么办?您不能从同一个传入端口转发到两台机器.
只有当您可以控制整个基础架构时,才能避免所有这些问题.这就是为什么 HTTP 双工通信主要用于 Intranet 场景的原因,以及为什么例如 Silverlight 提供另一种实现,其中不创建第二个连接,而 Silverlight 客户端会不断轮询服务器以检查是否有任何可用的回调.
All these issues can be avoided mostly only when you have control over whole infrastructure. That is the reason why HTTP duplex communication is useful mostly for intranet scenarios and why for example Silverlight offers another implementation where the second connection is not created and Silverlight client instead polls server continuously to check if there is any callback available.
TCP 传输只需要从客户端到服务器的单一连接,因为 TCP 协议本身是双工的,因此服务器可以通过相同的连接回调客户端.当您部署公共服务时,您通常可以控制服务器端的基础设施,因此您可以对配置进行必要的更改以使其正常工作.
TCP transport requires only single connection from client to server because TCP protocol is natively duplex so the server can call back the client through the same connection. When you deploy a public service you usually have control over infrastructure on the server side so you can make necessary changes in configuration to make it work.
我认为这也回答了您的上一个问题.
I think this also answers your previous question.
这篇关于wsDualHttpBinding ClientBaseAddress &防火墙的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
