Return-Path: Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 86931 invoked from network); 7 Jul 2000 22:16:18 -0000 Received: from nls.net (HELO mail.nls.net) (216.144.3.10) by locus.apache.org with SMTP; 7 Jul 2000 22:16:18 -0000 Received: from [207.71.237.151] by mail.nls.net (NTMail 5.05.0002/NT8427.04.1da0ea15) with ESMTP id mygooaaa for tomcat-user@jakarta.apache.org; Fri, 7 Jul 2000 18:16:22 -0400 From: "Randall Parker" To: "Bedell, Kevin" , "tomcat-user@jakarta.apache.org" Date: Fri, 07 Jul 2000 15:18:58 -0700 Reply-To: "Randall Parker" Priority: Normal X-Mailer: PMMail 98 Professional (2.01.1600) For Windows NT (4.0.1381;6) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: RE: Nonroutable protocol between Apache and Tomcat? Message-Id: <22162242895307@mail.nls.net> The advantage of a nonroutable protocol is precisely that it is not routable. Suppose you happen to have 2 boxes that sit on a LAN that is fully exposed to the public internet (no firewall - I won't get into the why of that here). Suppose that you have a nonroutable protocol that let you talk between those two boxes and that certain services (eg Apache and Tomcat) on those 2 boxes only talked via that non-routable protocol. Then those services couldn't be hacked by the outside world. There'd be no way for an outside source to get the nonroutable protocol onto your local LAN. I am not specifically pining for NetBEUI support. I just want a protocol that is nonroutable. Which one it is I don't care as long as that protocol works. The reasons have to do with security. Can one use SSL on the connection between Apache and Tomcat? Even if that were possible my guess is that'd be mumore computationally intensives. And that overhead ought to be avoided if possible. On Fri, 7 Jul 2000 10:38:52 -0400, Bedell, Kevin wrote: >To my knowledge, Apache and Tomcat communicate using the "ajpv12" >proprietary protocol over TCP/IP - I can't imagine any way to change this. Just put the contents of the messages into a packet that is from a non-IP protocol. The problem as I see it is that there doesn't appear to be support for non-IP protocols in Java. Java is very TCP/IP-centric. > >It may be possible to handle using NetBEUI if you use the Microsoft Nbt >protocol that encapsulates TCP/IP over NetBEUI. This would have to be >handled in the network setup on your NT box - the Apache configuration would >not be impacted - it would still be the default TCPIP settings. > >Switch to TCP/IP - no reason to use NetBEUI! It locks you into MS networking >only! If NetBEUI was implemented on Linux that that would cease to be a lock-in.