jps can't connect to a remote jstatd

Question

I'm trying query a remote JVM with jps using jstatd, in order to eventually monitor it using VisualVM.

I got jstatd running with the following security policy:

grant codebase "file:${java.home}/../lib/tools.jar" {

    permission java.security.AllPermission;
};

jstatd is running on a 64-bit Linux box with a 1.6.0_10 version HotSpot vm. The jstatd command is:

jstatd -J-Djava.security.policy=jstatd.tools.policy -J-Djava.rmi.server.logCalls=true

I'm trying to run jps from a Windows 7 machine. Due to firewall restrictions, I'm tunneling the RMI data through an SSH tunnel to my Windows machine such that the jps command line is:

 .\jps.exe -m -l rmi://localhost

When I run jps, I see the connection attempt in the jstatd log, which looks like this:

Feb 1, 2011 11:50:34 AM sun.rmi.server.UnicastServerRef logCall
FINER: RMI TCP Connection(3)-127.0.0.1: [127.0.0.1: sun.rmi.registry.RegistryImpl[0:0:0, 0]: java.rmi.Remote lookup(ja   va.lang.String)]

but on the jps side I get the following error:

Error communicating with remote host: Connection refused to host: 192.168.1.137; nested exception is:
    java.net.ConnectException: Connection refused: connect

Based on the connection attempt listed in the jstatd log, I think jps is actually reaching the host, but for some reason is getting blocked. Is there some security policy I have set or some other setting somewhere I can change so that I can get jps to pull stats from the remote jstatd?

Answer 1

My guess is that you're only forwarding the RMI registry port (1099), but you need to also open another port.

Check which ports on the remote side

# netstat -nap | grep jstatd

tcp        0      0 :::1099     :::*       LISTEN      453/jstatd          
tcp        0      0 :::58204    :::*       LISTEN      453/jstatd          

In this case you will need to forward port 58204 as well as 1099