next up previous contents
Next: Implementing Protocols Using JChannel Up: Firewalls Previous: Using TUNNEL and Router

Using multiple Routers

The first, second and third problem can be solved by using multiple instances of Router. Multiple Routers can be used when IP multicast is enabled outside the firewall, and only a few channels are actually located behind firewalls: every channel behind a firewall would connect to a Router (outside the firewall) via TCP (as in the current solution), but the Routers would use IP multicast to forward messages between themselves instead of TCP. This is shown in fig. 3.6.

  
Figure 3.6: Modified Router using IP multicasting
\begin{figure} \center{\epsfig{file=/home/bba/JavaGroups/Papers/UsersGuide/figs/McastRouting.eps,width=.6\textwidth} } \end{figure}

Every channel that is not behind a firewall would use IP multicasting to broadcast and receive messages to/from other group members: their protocol stack would contain UDP as bottommost layer. Every channel behind a firewall would use a Router (outside the firewall), behaving like a regular channel. The Router would listen on the group's multicast address and port for incoming IP multicast traffic, and forward it to the channel behind the firewall via the TCP connection established by the latter. The channel behind the firewall would use the TUNNEL protocol as its bottommost layer.

next up previous contents
Next: Implementing Protocols Using JChannel Up: Firewalls Previous: Using TUNNEL and Router

1999-12-13