[UPHPU] Bi-directional Communication Through a Firewall

[Aaron Throckmorton]

On Wed, Jun 10, 2009 at 1:53 PM, thebigdog <bigdog at venticon.com> wrote:
>
> > Problem:
> >
> > I'm building a PHP application that needs to be able to push
> > requests to an application that is running on multiple computers all sitting
> > behind a firewall.
>
>

The reason you can both access google at the same time is that part of
the request you send to Google includes a port number for Google to
connect back on to send the data you requested.

So your computer sends a request to Google on port 80, and picks a
random high port number for Google to connect back on (say for example
9643).  The request actually goes to your firewall, which forwards the
request to Google, but makes a note of the port Google will be coming
back on.
Google then initiates a connection back to your firewall on the
designated port.  The firewall looks at the source IP (Google) and the
port (9643) and knows that this information should go to your
computer.  It allows Google to connect like this because you initiated
the connection.
Googles connection to your computer also contains ANOTHER port number
for you to send information to Google on so that port 80 is can accept
other connection requests on the server side.

Your friends computer would have picked a different port number, so
the firewall knows which information belongs to him.

So your web server (PHP app) will not be able to initiate a connection
to anyone's browser, as the firewall knows your computer didn't
actually initiate the connection.  This is where a lot of people use
an Ajax request to check in with the server to see if there are any
new messages/info/etc.

This information is correct to the best of my knowledge, and if I'm
wrong I would surely like to be corrected.  :)

Aaron Throckmorton