Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-3948

Fuse 6.2 does not fully respect java.rmi.server.hostname

XMLWordPrintable

    • % %
    • Hide

      1. Install Fuse 6.2

      2. Edit bin/setenv to specify the following JVM switch:

      export EXTRA_JAVA_OPTS="-Djava.rmi.server.hostname=fred2"

      3. fabric:create

      4. Map the hostname "fred" to the IP number of the machine

      5. Whilst capturing network traffic using, e.g., tcpdump, connect jconsole to the running Fuse process using the service URL

      service:jmx:rmi://127.0.0.1:44444/jndi/rmi://127.0.0.1:1099/karaf-root

      6. Examine the RMI stubs in the tcpdump output. In mine, for example, I see this:

      6:13:09.093834 IP localhost.rmiregistry > localhost.60637: Flags [P.], seq 17:240, ack 77, win 342, options [nop,nop,TS val 26263201 ecr 26263200], length 223
E..._.@.@............K...j../g.Y...V.......
........Q....w...{e/...O..F..^Msr..javax.management.remote.rmi.RMIServerImpl_Stub...........pxr..java.rmi.server.RemoteStub......e....pxr..java.rmi.server.RemoteObject.a...a3....pxpw0..UnicastRef2...fred2....._...(a..{e/...O..F....x

      Shortly followed by this:

      16:13:11.052334 IP localhost.cognex-dataman > localhost.49072: Flags [P.], seq 305:553, ack 573, win 350, options [nop,nop,TS val 26265160 ecr 26265126], length 248
E..,6L@.@..~..................i....^. .....
...H...&Q....w...{e/...O..F...sr.2javax.management.remote.rmi.RMIConnectionImpl_Stub...........pxr..java.rmi.server.RemoteStub......e....pxr..java.rmi.server.RemoteObject.a...a3....pxpwE..UnicastRef2...vpn1-4-175.ams2.redhat.com.....
`pQ....{e/...O..F....x

      In the second line, the hostname "vpn1-4-175.ams2.redhat.com" is something internal to my test machine, and cannot be reached from outside it. Such a JMX invocation would fail if made remotely.

      Show
      1. Install Fuse 6.2 2. Edit bin/setenv to specify the following JVM switch: export EXTRA_JAVA_OPTS="-Djava.rmi.server.hostname=fred2" 3. fabric:create 4. Map the hostname "fred" to the IP number of the machine 5. Whilst capturing network traffic using, e.g., tcpdump, connect jconsole to the running Fuse process using the service URL service:jmx:rmi://127.0.0.1:44444/jndi/rmi://127.0.0.1:1099/karaf-root 6. Examine the RMI stubs in the tcpdump output. In mine, for example, I see this: 6:13:09.093834 IP localhost.rmiregistry > localhost.60637: Flags [P.], seq 17:240, ack 77, win 342, options [nop,nop,TS val 26263201 ecr 26263200], length 223 E..._.@.@............K...j../g.Y...V....... ........Q....w...{e/...O..F..^Msr..javax.management.remote.rmi.RMIServerImpl_Stub...........pxr..java.rmi.server.RemoteStub......e....pxr..java.rmi.server.RemoteObject.a...a3....pxpw0..UnicastRef2...fred2....._...(a..{e/...O..F....x Shortly followed by this: 16:13:11.052334 IP localhost.cognex-dataman > localhost.49072: Flags [P.], seq 305:553, ack 573, win 350, options [nop,nop,TS val 26265160 ecr 26265126], length 248 E..,6L@.@..~..................i....^. ..... ...H...&Q....w...{e/...O..F...sr.2javax.management.remote.rmi.RMIConnectionImpl_Stub...........pxr..java.rmi.server.RemoteStub......e....pxr..java.rmi.server.RemoteObject.a...a3....pxpwE..UnicastRef2...vpn1-4-175.ams2.redhat.com..... `pQ....{e/...O..F....x In the second line, the hostname "vpn1-4-175.ams2.redhat.com" is something internal to my test machine, and cannot be reached from outside it. Such a JMX invocation would fail if made remotely.

      On machines with multiple network interfaces it is difficult to get remote JMX working for administration. JMX uses RMI for its transport, and the RMI server may return the wrong IP number or hostname in its stub. The system property java.rmi.server.address is provided to overcome this problem, by forcing the RMI implementation to return a specific IP or host to the JMX client. However, Fuse 6.2 does not fully respect this variable, although 6.1 did. When using a service URL like this:

      service:jmx:rmi://127.0.0.1:44444/jndi/rmi://127.0.0.1:1099/karaf-root

      then the stub returned for port 1099 has the correct value set by java.rmi.server.address,whilst the stub returned for port 44444 has a system-derived value, which may be that of an interface that is not reachable from outside the Fuse host.

            pantinor@redhat.com Paolo Antinori
            rhn-support-kboone Kevin Boone
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: