在不同域中使用双工信道的WCF服务

Question

I have a WCF service and a Windows client. They communicate via a Duplex WCF channel which when I run from within a single network domain runs fine, but when I put the server on a separate network domain I get the following message in the WCF server trace...

The message with to

'net.tcp://abc:8731/ActiveAreaService/mex/mex' cannot be processed at the receiver, due to an AddressFilter mismatch at the EndpointDispatcher. Check that the sender and receiver's EndpointAddresses agree.

So, it looks like the communication just work in one direction (from client to server) if the components are in two separate domains.

The Network domains are fully trusted, so I'm a little confused as to what else could cause this?

Server app.config

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <behaviors>
            <serviceBehaviors>
                <behavior name="JobController.ActiveAreaBehavior">
                    <serviceMetadata httpGetEnabled="false" />
                    <serviceDebug includeExceptionDetailInFaults="true" />
                </behavior>
            </serviceBehaviors>
        </behaviors>
        <services>
            <service behaviorConfiguration="JobController.ActiveAreaBehavior"
                     name="JobController.ActiveAreaServer">
                <endpoint address="mex" binding="mexTcpBinding" bindingConfiguration="" contract="IMetadataExchange" />
                <host>
                    <baseAddresses>
                        <add baseAddress="net.tcp://SERVER:8731/ActiveAreaService/" />
                    </baseAddresses>
                </host>
            </service>
        </services>
    </system.serviceModel>

</configuration>

but I also add an end point programmatically in Visual C++

host = gcnew ServiceHost(ActiveAreaServer::typeid);

NetTcpBinding^ binding = gcnew NetTcpBinding();
binding->MaxBufferSize = Int32::MaxValue;
binding->MaxReceivedMessageSize = Int32::MaxValue;
binding->ReceiveTimeout = TimeSpan::MaxValue;

binding->Security->Mode = SecurityMode::Transport;
binding->Security->Transport->ClientCredentialType = TcpClientCredentialType::Windows;

ServiceEndpoint^ ep = host->AddServiceEndpoint(IActiveAreaServer::typeid, binding, String::Empty); // Use the base address

Client app.config

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <bindings>
            <netTcpBinding>
                <binding name="NetTcpBinding_IActiveAreaServer" closeTimeout="00:01:00"
                    openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                    transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
                    hostNameComparisonMode="StrongWildcard" listenBacklog="10"
                    maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10"
                    maxReceivedMessageSize="65536">
                    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                        maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                    <reliableSession ordered="true" inactivityTimeout="00:10:00"
                        enabled="false" />
                    <security mode="Transport">
                        <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" />
                        <message clientCredentialType="Windows" />
                    </security>
                </binding>
            </netTcpBinding>
        </bindings>
        <client>
            <endpoint address="net.tcp://SERVER:8731/ActiveAreaService/"
                binding="netTcpBinding" bindingConfiguration="NetTcpBinding_IActiveAreaServer"
                contract="ActiveArea.IActiveAreaServer" name="NetTcpBinding_IActiveAreaServer">
                <identity>
                    <userPrincipalName value="user@SERVERDOMIAIN.CLIENTDOMAIN.COM" />
                </identity>
            </endpoint>
        </client>
    </system.serviceModel>
</configuration>

Any help is appreciated!

Cheers

Answer 1

If I remember correctly, the callback channel actually occurs on something sort of silly, like port 80. Looking at your choice of address, I would wager there is a firewall in between your two machines and you've explicitly opened a port. You'll likely have to open port 80.

I think you can configure this using the clientBaseAddress property of the binding you are using if port 80 is not your cup of tea.

Let us know how things went.

Answer 2

This is actually my question posted by one of my collegues, odd I know don't ask, I've checked the ports that are being used for the callback channel and they seem to be randomly generated within a certain range. So far I've seen 3501, 4595 and a few others, so I've ruled out the port being the issue..

Any other thoughts?