Saturday, 22 August 2015

Firewall problems, enablepredefinedports to the rescue!

 

[JDENET]

enablePredefinedPorts=1

** This needs to be set to '1' for predefined ports to work otherwise the port is completely arbitrary. So, if not set, the port negotiation is fairly random.

So you might see the following ports opened to a JAS server (for example).  The only reason that JAS is going to talk with ENT is jdenet_k – unless there is a database on the ent server, which is not the case here.

TCP10.38.144.5:25282aubdc00-jwb01p:62726ESTABLISHED

TCP10.38.144.5:64291aubdc00-jwb01p:62740ESTABLISHED

TCP10.38.144.5:64302aubdc00-jwb01p:63110ESTABLISHED

TCP10.38.144.5:64454aubdc00-jwb01p:63097ESTABLISHED

Predefined ports must be opened to allow communication between servers. The predefined port range is determined by these two INI parameters located in:
[JDENET]
serviceNameListen=6019
maxNetProcesses=4

The range starts at the port number specified by serviceNameListen, and ends at port resulting from the calculation of (serviceNameListen + maxNetProcesses -1).  For example, 6019 (serviceNameListen) + 4 (maxNetProcesses) - 1 => the range of ports used is 6019 to 6022. Therefore these range must be opened in firewall.

That is nice, you can completely control the ports that are going to be opened between the servers.

No comments:

Extending JDE to generative AI