Java – jps can’t connect to a remote jstatd

javamonitoring

I'm trying query a remote JVM with jps using jstatd, in order to eventually monitor it using VisualVM.

I got jstatd running with the following security policy:

grant codebase "file:${java.home}/../lib/tools.jar" {

    permission java.security.AllPermission;
};

jstatd is running on a 64-bit Linux box with a 1.6.0_10 version HotSpot vm. The jstatd command is:

jstatd -J-Djava.security.policy=jstatd.tools.policy -J-Djava.rmi.server.logCalls=true

I'm trying to run jps from a Windows 7 machine. Due to firewall restrictions, I'm tunneling the RMI data through an SSH tunnel to my Windows machine such that the jps command line is:

 .\jps.exe -m -l rmi://localhost

When I run jps, I see the connection attempt in the jstatd log, which looks like this:

Feb 1, 2011 11:50:34 AM sun.rmi.server.UnicastServerRef logCall
FINER: RMI TCP Connection(3)-127.0.0.1: [127.0.0.1: sun.rmi.registry.RegistryImpl[0:0:0, 0]: java.rmi.Remote lookup(ja   va.lang.String)]

but on the jps side I get the following error:

Error communicating with remote host: Connection refused to host: 192.168.1.137; nested exception is:
    java.net.ConnectException: Connection refused: connect

Based on the connection attempt listed in the jstatd log, I think jps is actually reaching the host, but for some reason is getting blocked. Is there some security policy I have set or some other setting somewhere I can change so that I can get jps to pull stats from the remote jstatd?

Best Answer

My guess is that you're only forwarding the RMI registry port (1099), but you need to also open another port.

Check which ports on the remote side

# netstat -nap | grep jstatd

tcp        0      0 :::1099     :::*       LISTEN      453/jstatd          
tcp        0      0 :::58204    :::*       LISTEN      453/jstatd

In this case you will need to forward port 58204 as well as 1099

Related Topic