NetTcpBinding over internet

Question

Yet another NetTcpBinding over internet question.
But a theoretical one.

Currently our model needs callbacks (duplex). We communicate over the internet. This left us with the choice between the WSDualHttpBinding and the NetTcpBinding. We've tested and evaluated them both, and concluded NetTcpBinding performed better and had no problems with our clients firewalls. So we went for the NetTcpBinding.

Now all over the web you read NetTcpBinding is used for Intra net scenario's and comments like "don't use NetTcp for internet scenario's". But nowhere it states WHY (except for not being compatible with the WS standard leaving you with .NET compatibility only, not a problem in our case). After consulting an expert he told me NetTcp is easy to bring down using DoS by using up connections. But, is this not also true for WsDualHttp (when using sessions)...?

For performance reasons the clients have 1 proxy alive, for 10 minutes. When they make more then 1 call at a time (multithreated) new proxies are created but they are closed after the calls are done (where as that 1 proxy won't be closed and keeps the session for 10 minutes). After 10 minutes the proxy will be idle, if it is afther that time again it is recreated. This has worked without a single problem for the past few months.

- NetTcpBinding has served us well with 10-20 simualtanious clients on a server. But when we take the software in production (hoping for a 1000+ customers), will it start causing problems (offcourse taking in account changed settings, higher limits etc and server capacity) and force us to move to WsHttp?
- Is it recommended to factor out the callbacks and let client software periodically check for updates (our code is threatsafe and never caused a problem yet...)?
- If not, why would WsDualHttp (which in my believe is nothing more than a kind of hack to WsHttp (is it not?)) serve us better?
- Why should NetTcpBinding only be used over a LAN?

Answer 1

NetTcpBinding is perfectly usable over the Internet. The only reasons WSDualHttpBinding is used are for non-.NET compatibility and the fact it runs over HTTP(S). (Some companies go a little crazy with their outbound firewalls, disallowing non-HTTP traffic).

As you discovered, NetTcpBinding is faster. Also, it is not any more vulnerable to DoS than any other protocol - just ensure your timeouts are set to reasonable values.

In short, if interoperability is not a concern, I would recommend NetTcpBinding.

      -Steve

(Microsoft Certified Technology Specialist: .NET Framework 3.5 Windows Communication Foundation Applications)

---

Programming blog: http://nitoprograms.blogspot.com/
  Including my TCP/IP .NET Sockets FAQ

Microsoft Certified Professional Developer

Answer 2

NetTcpBinding is perfectly usable over the Internet. The only reasons WSDualHttpBinding is used are for non-.NET compatibility and the fact it runs over HTTP(S). (Some companies go a little crazy with their outbound firewalls, disallowing non-HTTP traffic).

As you discovered, NetTcpBinding is faster. Also, it is not any more vulnerable to DoS than any other protocol - just ensure your timeouts are set to reasonable values.

In short, if interoperability is not a concern, I would recommend NetTcpBinding.

      -Steve

(Microsoft Certified Technology Specialist: .NET Framework 3.5 Windows Communication Foundation Applications)

---

Programming blog: http://nitoprograms.blogspot.com/
  Including my TCP/IP .NET Sockets FAQ

Microsoft Certified Professional Developer

How about the callbacks... Will they perhaps start to be a problem in the future?

Answer 3

I generally prefer callbacks to polling.

However, there is one natural benefit to polling: it does naturally throttle itself. In WCF, polling has lower overhead than callbacks, too (whereas in most non-remoting communication architectures, polling has a higher overhead than notifications).

It's not possible to say for sure in your scenario. I recommend doing load testing with your current callback solution. If you're expecting sudden surges of customers, have a scale-out plan ready to go.

      -Steve

---

Programming blog: http://nitoprograms.blogspot.com/
  Including my TCP/IP .NET Sockets FAQ

Microsoft Certified Professional Developer

Answer 4

Another WSDualHttpBinding and NetTcpBinding over internet question:

With WSDualHttpBinding, if the server is on internet (with a public IP) and the client is on a intranet with connection outside through a router. The server can be reached from the client but seems that the server cannot reach the client without configure the NAT on the router.

Instead using WSDualHttpBinding, if I use NetTcpBinding, is that problem solved without modifiing NAT's router?

 

Problem solved using NetTcpBinding without modifiing NAT's router!

Answer 5

But, while using NetTCPBinding over internet please take care of Security, please note by default NetTCPBinding has security built in so if you are really not concern for security make sure that you have

 

 <bindings>
      <netTcpBinding>
        <binding name="tcp_Unsecured">
          <security mode="None" />
        </binding>
      </netTcpBinding>
    </bindings>

<endpoint address="" binding="netTcpBinding" name="ClientServiceTcpEndpoint" bindingConfiguration="tcp_Unsecured" contract="AGAI.LoggingServiceInterface.ILogger"/>

in your Configuration