Interesting issue connecting to Sql server through a firewall..

From: Bill B (fakexxbbaulingyy_at_unitedcenter.com)
Date: 03/31/04 

Date: Tue, 30 Mar 2004 16:22:15 -0600

We have an app in development. The front end of the app is web-based running
tomcat.
This app sits in our DMZ.
This app communicates to a sql 2000 server on our corporate network. The
connection is via microsofts jdbc 2000 connector.

We have allowed the server hosting the app to initiate connections to the
internal sql server on port 1433 only. The sql server can communicat any/any
back to the dmz.

I am seeing some interesting behavior - The front end initiates a connection
to the DB server on 1433 which is successful, but then also tries to
initiate a connection on 137 (named pipes/nbname), of course the firewall
blocks this and it eventually times out. and the opens addtional pool
connection on 1433. This causes the app to load very slowly as the pages
are data driven. If we open up 137 then the app runs at a normal speed.

I dont understant why the front end is trying to communicate to the server
on anything other than 1433. The server is configured for tcp/ip only. The
JDBC driver and app on the front end is doing everything by IP address.

I've thought of trying a host file on the front end resolving the back end.
and vice versa, but this shouldnt matter as everything is IP and not name.

I am now trying to figure out if this is an issue with the microsoft jdbc
driver config - though it looks like you dont have the ability to specify
protocols in it, an issue witht he sql server - perhaps the response to the
initial connection is telling the client to talk named pipes, or if its
just an OS issue.

Leaving 137 open from the dmz app to the internal sql server is not an
option.

Thanks in advance.

Bill

Relevant Pages

  • Re: Deployment + Vista
    ... I'm talking about the user being able to edit the server connection setting ... MSI will allow you to edit the app directory, ... function in order to put together the connection string something like: ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Digging in to trace files
    ... > Ed you are probably aware that even though the server is running MTS ... > you can create a dedicated connection when you need to correct? ... However, the app uses ... to shared server by requiring a high number of concurrent sessions ALSO ...
    (comp.databases.oracle.server)
  • RE: Admin Server 2003 myself? Or find someone to host?
    ... to do yourself -- configuration of SQL for your app and setup of your .Net ... where the server is hosted for an ASP.Net app as a good Internet provider ... These providers all geographically far away from my city ... and share an individual SQL Server instance ...
    (microsoft.public.windows.server.general)
  • Re: General Network Error
    ... connection, but you are not properly prepared to reopen a connection when ... retrieves data from a Sql Server 2000 instance, manipulates that data, ... The app works fine on the emulator during development. ... "General Network error. ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: Bizzare SQL Network Error
    ... The bizzare thing is that, the same connection string, the same code to ... In a windows APP it works fine, in a Web APP I get ... >>I am trying to connect to a default instance of SQL Server 2000 Enterprise ...
    (microsoft.public.dotnet.framework.adonet)