Zebedee with VNC
Habermann, David (DA)
habermann "at" dow.com
Tue, 06 Jun 2000 19:46:24 +0000
Good thought regarding the files. Their text is included below.
Regarding benchmarking, I have only done some informal testing. When connecting between workstations on our LAN at the office, performance is slightly degraded by using zebedee (as expected). Degradation of about 5-10% was seen. To the home machine, the performance is much improved (since the firewall is the limiting factor). Performance improvement will depend on firewall loading, but the improvement is on the order of 30-40% in my case.
Regarding incoming traffic, my corporation is dead set against any incoming traffic through our firewall. My solution has been to set up a zebedee server on my home pc, run the vncviewer in listening mode at home and then send myself an e-mail from home to the office with a special format indicating that a zebedee client be started at the office, then the vnc server at the office is instructed to initiate a server-side initiated connection through the zebedee tunnel to the home machine. The details of this, including my full source code for the e-mail processor and my hacks to the winvnc program, have previously been posted to this mailing list. Please note that the client configuration file shown below is for running my home pc from the office. The server file below does double-duty. To get the client file for running the office pc from home, replace the last three lines with:
remoteport 5500 # port for listening client
localport 5500 # dummy port for local proxy
command "C:\Program Files\ORL\VNC\winvnc.exe -connect localhost"
*********************************************************************************
#
# Default Zebedee server configuration file
#
# $Id: server.zbd,v 1.3 2000/01/08 21:35:22 nwinton Exp nwinton $
verbosity 2 # Set message level
server true # Yes, it's a server!
detached true # Run detached from terminal
serverport 443 # to tunnel through firewall
logfile 'c:\progra~1\zebedee\zbd_server.txt' # Define log file location for server
timestamplog true # Set timestamping in the log files
# Uncomment the following line if you want
# to use a fixed private key stored in a
# static file.
#
# include './server.key'
# Set up allowed redirection ports.
# These should be pretty safe -- but it's
# not a good idea to open up all ports.
redirect "telnet ftp" # Basic services
redirect 5900-5999 # VNC traffic
redirect 5500-5599 # Incoming VNC requests
redirect 6000-6010 # X Window System
redirect "daytime chargen" # Ports useful for testing
compression bzip2:9 # Allow maximum compression
keylength 576 # Allow maximum key length
maxbufsize 16383 # Allow maximum buffer size
#
# Zebedee configuration file to start up a tunnelled VNC session
#
verbosity 1 # Basic messages only
logfile c:\progra~1\zebedee\zbd_client.txt # set log file for messages
timestamplog true # Set timestamping in the log files
server false # It's a client
detached true # Detach from terminal
serverport 443 # To tunnel through firewall
# compression bzip2:1
compression zlib:9 # Zlib seems to work better for VNC traffic
maxbufsize 8192 # read-write buffer size
keylength 128 # Blowfish encryption key length
minkeylength 64 # Minimum allowed Blowfish key length
remotehost my.home.machine.com # IP address for home pc
remoteport 5900 # VNC server port at home
# using telnet to allow direct connect
localport 5901 # dummy port for VNC server zbd proxy
command "C:\Program Files\ORL\VNC\vncviewer -8bit -fullscreen -connect localhost:1"
Dave
-----Original Message-----
From: Wallendahl, Michael/SEA [mailto:mwallend "at" ch2m.com]
Sent: 06 June, 2000 12:34 PM
To: 'habermann "at" dow.com'
Subject: RE: Zebedee with VNC
David:
Thank you for the excellent how-to on setting up VNC to work with ZeBeDee!
Your message is going into my saved items folder!
You are most likely going to have dozens of requests for those two files, as
your assumption that the mailing list strips out attachments was true.
Would you consider posting the text of those attachments to the mailing list
so others can benefit from your hard work?
Thank you again!
-Mike
p.s. I am curious if you have developed a good way to benchmark performance
of VNC via ZeBeDee? I have been thinking of how to figure out if the zlib
compression actually helps, but can't think of a good way to do so, short of
perhaps just starting up different programs and timing how long the screens
take to load.
p.p.s. Did you open a port on your firewall to allow VNC traffic into your
network? I'm trying to think of an elegant solution to control my work
computer from home without having to tunnel in first using PPTP. If I could
have my work computer initiate the connection then the firewall would be
happy. Just wondering if you had already solved this particular problem
before I reinvent the wheel.
-----Original Message-----
From: Habermann, David (DA) [mailto:habermann "at" dow.com]
Sent: Tuesday, June 06, 2000 8:57 AM
To: vnc-list "at" uk.research.att.com
Cc: Jeremy.Peaks "at" maff.gsi.gov.uk
Subject: RE: Zebedee with VNC
Jeremy:
Now that my morning of meetings is over, I can spend a few more minutes
helping you out. Jeremy, you may receive a duplicate message because I
copied you directly. I believe the VNC list is running an attachment
stripper which would have prevented my config files from reaching you.
To the best of my knowledge, there is no command to close the Zebedee
server, although I'm not sure why you want to close it. The client end can
easily be configured for single-use mode so that it shuts down after one
connection has been made and terminated. I just leave the server end
running. If you feel that you must close it, you might consider using
Virtually Unix which has a kill.exe program that can be used to forcibly
kill a process (similarly to what Ctrl+Alt+Del does, although some
programming is required to get the process id and transfer it to the kill
routine - left as an exercise for the student ;<)
As to why you can't get the Zebedee client to contact it's server, here is a
brief discussion of how I do this:
start vnc server listening on normal ports (5800 for web, 5900 for rfb)
(in my case, a PC in my home)
start zebedee server on same machine as vnc server
c:\progra~1\zebedee\zebedee.exe -f c:\progra~1\zebedee\server.zbd
(see attached zebedee server.zbd file)
(reason for serverport 443 is for compatibility with our firewall
start zebedee client on same machine as vnc client
c:\progra~1\zebedee\zebedee.exe -f c:\progra~1\zebedee\tohomepc.zbd
The client file automatically runs the vncviewer.exe program which connects
to the zebedee client on port 5901 (localhost:1 in VNC naming). The zebedee
client the connects to the zebedee server on port 443 through our firewall.
The zebedee server then connects to the vnc server on port 5900 and we are
off to the races. When you first start the zebedee client, NO CONNECTION TO
THE ZEBEDEE SERVER WILL BE MADE. The connection to the zebedee server is
only made when a connection request is received at the zebedee client (in my
case this occurs when the vncviewer.exe program executes.
By the way, be sure to execute the registry item included with the zebedee
distribution causing VNC to allow loopback connections. This seems to be
required both on the client and server end (although the VNC documentation
doesn't seem to read this way and I'm not positive of my facts here).
Keep the faith, zebedee will probably work for you. I, too, was unable to
make Intelicom work for the same reason as you.
Dave Habermann
[demime 0.97b removed an attachment of type application/octet-stream which
had a name of server.zbd]
[demime 0.97b removed an attachment of type application/octet-stream which
had a name of tohomepc.zbd]
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------