Reputation: 1412
I'm wondering why the Windows Azure Service Bus works through NATs, firewalls, proxies. Microsoft mentions this fact often but they do not mentioned why this works.
I think each participant initiates connections, ok, but this isn't enough. Do they "misuse" some open ports, 80?
Thanks
Upvotes: 2
Views: 4218
Reputation: 4656
The Service Bus will try to use 9350 - 9353 port for TCP connection, if possible, for better performance. If failed it will try to use 80 and 443. Since in most cases firewall doesn't block 80 and 443, your local service can connect to the sb://xxxx/ over 80/443 without any changes on your firewall. Then if a client invoked your service it will firstly hit sb://xxxx/ , then the Service Bus will forward the request to your machine over 80/443, and then you send the reply back to Service Bus and it will forward the reply back to the client.
That's service remoting mode. Similar steps if you are using the eventing mode.
Upvotes: 3
Reputation: 1897
without running Wireshark to be able to tell for sure, my guess be because the client (behind a nat/firewall) initiates connection and keeps calling server (always open) for more information.
let's explain more: as tis works slightly differently in windows sockets (and other socket systems for that matter):
client (C) initiates connection to the server (S) on port 80
server then responds to client: too many calls on 80, let's move the connection to next free socket at port 90000 + rnd() = 90001
Client socket manager counts unused sockets on client, and say finds C:90012 port
client calls server at S:90001 and the proper connection is initiated between C:90012 and S:90001
This is what's gonna be written into nat table on a nat/firewall box and gonna allow communication between C <-> S
Upvotes: 3
Reputation: 181
Simply because each connection is in outbound and the Service Bus act as a "forwarder".
Upvotes: 2
Reputation: 1062512
Under many configurations, it does indeed just use 80 (http) and 443 (https), as shown here. However, it looks like it also sometimes uses 9350, 9351, 9352 and 9353 - so for some scenarios you might need to open those up.
Upvotes: 1