Traversing WANs and Firewalls with TIBCO Rendezvous
The following gives you information on how to traverse WANs and firewalls with:
• TIBCO Rendezvous Daemons (RVD) and Rendezvous Routing Daemons (RVRD)
• TIBCO Rendezvous Secured Daemons (RVSD) and Rendezvous Routing Secured Daemons (RVRSD)
Rendezvous Daemons (RVD) and Rendezvous Routing Daemons (RVRD)
TIBCO’s Rendezvous Daemons (RVD) deliver messages to programs on computers within a single network. Delivering messages beyond network boundaries requires an additional software component called the Rendezvous Routing Daemons (RVRD). RVRDs are a built-in capability of TIBCO Rendezvous and BusinessWorks. Routing daemons efficiently connect Rendezvous programs on separate IP networks, so that messages flow between them as if on a single network. Communicating programs remain decoupled from inter-network addresses and other details. The routing daemons forward Rendezvous messages between networks. When routing daemons are present, Rendezvous programs on one network can listen for subject names and receive messages from other networks transparently-neither the sending nor the receiving programs require any code changes. Administrators retain control over the subject names that can flow in or out of each network.
Use the routing daemon in situations where one or more of these conditions apply:
• Participating networks lie in distant geographic areas.
• Participating networks lie in nearby geographic areas, but are not connected by multicast routing hardware.
• Participating networks are separated by a firewall.
• Messages must traverse expensive or slow WAN links.
Refer to Routing Daemon (RVRD), in the TIBCO Rendezvous Administration manual for a complete explanation.
Rendezvous Secured Daemons (RVSD) and Rendezvous Routing Secured Daemons (RVRSD)
The two ordinary Rendezvous daemons, RVD and RVRD, communicate with clients over non-secure TCP connections. In contrast, their secure counterparts, RVSD and RVSRD, communicate with clients over SSL connections, allowing secure client communication over non-secure networks. Secure daemons restrict client access in three ways:
• Only authorized clients can connect to a secure daemon.
• Secure daemons restrict the combinations of network and UDP or PGM service over which client transports can communicate.
• Secure daemons limit the subject space that its clients can access.
Although they ensure secure client connections, both secure daemons transmit messages as plain text. That is, when they publish messages from clients to local networks, the messages are not encrypted.
See Secure Daemons (RVSD and RVSRD), in the TIBCO Rendezvous Administration manual for a complete explanation.