You must plan for data grid traffic between the monitoring
console and data grid servers.
The examples illustrate where you must allow communication between
these servers. You should read the port properties and values that
are defined in Planning for network ports
Figure 1. Administration traffic consists of traffic from a host
running a monitoring console server. Communication between a monitoring
console server and data grid servers must be allowed through any firewall.
- M1: Only the monitoring console and container servers using an
ORB transport protocol can initiate traffic.
- If a listener port is not configured on a catalog server, it will
default to 2809. If a listener port is not
configured for the monitoring console server or a container server,
an ephemeral port is chosen and this port can vary each time that
the monitoring console or container server is restarted. In this example,
the listener port is set to 2809. Outbound
traffic uses source port: ephemeral, destination port: 2809,
and return traffic from the data grid server flows over the same connection.
Similarly, for traffic that is initiated by a container server, outbound
traffic uses source port: ephemeral, destination port: 2809 and return
traffic flows over the same connection.
Note: When a data grid server
operates inside WebSphere Application Server and uses an Object Request
Broker (ORB) transport protocol, another port ORB_LISTENER_ADDRESS
must also be opened. The BOOTSTRAP_ADDRESS port forwards requests
to this port.
- M2: Only the monitoring console can initiate traffic.
- If a Java Management Extensions (JMX) service port is not configured
for a catalog server, it will default to 1099.
If a JMX service port is not configured for a container server, a
dynamic port is chosen, and this port can vary each time the container
server is restarted. In this example, the JMX service port is set
to 1099. Outbound traffic uses source port:
ephemeral, destination port: 1099, and return
traffic from the data grid server flows over the same connection.
- M3: Only the monitoring console can initiate traffic.
- In this example, a JMX connector port is set to 32701.
Outbound traffic uses source port: ephemeral, destination port: 32701,
and return traffic from data grid server flows over the same connection.
Note: - If Secure Socket Layer (SSL) is not configured, but a JMX connector
port is configured, firewall traffic uses the JMX connector port.
- If SSL is not configured and a JMX connector port is not configured,
firewall traffic uses the JMX service port.
- If SSL is configured, but a JMX connector port is not configured,
an ephemeral port is chosen. This port can vary each time that the
server is restarted. Firewall traffic flows over the ephemeral port.