I need to use push-technology with WCF through client firewalls. This must be a common problem, and I know for a fact it works in theory (see links below), but I have failed to get it working, and I haven't been able to find a code sample that demonstrates it.
Requirements:
- WCF
- Clients connects to server through tcp port 80 (netTcpBinding).
- Server pushes back information at irregular intervals (1 min to several hours).
- Users should not have to configure their firewalls, server pushes must pass through firewalls that have all inbound ports closed. TCP duplex on the same connection is needed for this, a dual binding does not work since a port has to be opened on the client firewall.
- Clients sends heartbeats to server at regular intervals (perhaps every 15 mins) so server knows client is still alive.
- Server is IIS7 with WAS.
The solution seems to be duplex netTcpBinding. Based on this information:
WCF through firewalls and NATs
Keeping connections open in IIS
But I have yet to find a code sample that works.. I've tried combining the "Duplex" and "TcpActivation" samples from Microsoft's WCF Samples without any luck. Please can someone point me to example code that works, or build a small sample app. Thanks a lot!
I've found a couple of solutions:
ZeroC Ice GPL with a commercial option. Have only tested quickly. Looks more powerful than .NET Remoting and is very actively developed.
RemObjects Commercial, active development, supports everything but does not seem to have all the more advanced features that GenuineChannels use.
GenuineChannels. It uses remoting with a lot of nice added features, the most important one being it works through NATs without the need to open the client firewall. Unfortunately seems to be very dead.
Another solution is to use streaming with IIS, according to this article: Keeping connections open in IIS
The client makes the first connection (http with IIS6, tcp with IIS7) to the server at port 80, the connection is then kept open with a streaming response that never ends.
I haven't had the time to experiment with this, and I haven't found a sample that says it specifically solves the firewall-problem, but here's an excellent sample that probably works: Streaming XML.
I have not tried the scenario you speak of so I can't be too much help, sorry. If all you need to bypass is the client firewall you might want to check out this post.
Good luck.
Have you tried looking at: http://www.codeproject.com/KB/WCF/WCF_Duplex_UI_Threads.aspx
Can you provide examples of what you have already attempted? With details of firewalls etc, error messages?
If both client and server can be addressed directly and firewalls are not an issue, have you considered allowing clients to register a URL providing a supported contract. The server can then call this service whenever it needs to, without the need to establish a long running (but mostly idle connection), avoids the need for heart beating and can be made resilient across sessions\connections.
Have you tried this one? DuplexHttpBinding
It is using smart polling technique encapsulated as custom WCF binding. So it should work out of the box.
In most firewall setups, the TCP connection will be torn down by the firewall if it is idle to conserve resources. The idle timeout is probably not something you can control. Some will tear them down if they are idle and a resource limit is being hit.
Most corp environments won't allow any machines to make an outbound TCP connection anyway.
Also, using this mechanism means you are going to have scaling problems. I think more reliable solution is to queue up information and have your clients poll for them regularly. Utilize caching if possible such that a subsequent client poll will get the cached data from the customers proxy cache, if they are using one.
If you have to push data in a timely manner, in sub-second land (i.e. financial services), then consider some messaging infrastructure such an NServiceBus distributor on client side, but that will require a customer install...
So have you tried using Toredo? Having read that it would appear there it is prob too complicated for a user to setup.
You can do following change in client for accessing duplex web service on Firewall enabled client.