You must plan for data grid traffic between a container
server and a catalog server.
The examples illustrate where you must allow communication between
these servers. You should read the port properties and values that
are defined in
Planning for network ports.
Figure 1. An
intra-domain catalog to container service. Communication between these
servers must be allowed through any firewall.
Figure 2. An inter-domain catalog to container service. If more
domains are configured, then you will not have traffic between a catalog
server and a container server.
- B1: Both sides can initiate traffic.
- If a listener port is not configured on a stand-alone catalog
server, the data grid servers use the default that is set to 2809.
For a stand-alone container server, an ephemeral port is picked at
startup and this port can vary each time that the server is restarted.
In this example, the data grid servers have a listener port that is
set to 2809. For traffic that is initiated
by A.CatServer1 server, outbound traffic uses source port: ephemeral,
destination port: 2809, and return traffic
from A.ContainerServer1 server flows over the same connection. Similarly,
for traffic that is initiated by A.ContainerServer1 server, outbound
traffic uses source port: ephemeral, destination port: 2809,
and return traffic from A.CatServer1 server flows over the same connection.
Note: When
a data grid server operates inside WebSphere Application
Server and uses an Object Request Broker (ORB) transport protocol,
another port ORB_LISTENER_ADDRESS must also be opened. The BOOTSTRAP_ADDRESS
port forwards requests to this port.
- B2: When either an IBM® eXtremeIO (XIO) or Object Request Broker
(ORB) transport protocol is used, Secure Socket Layer (SSL) is an
optional configuration. If SSL is enabled, then both sides can initiate
traffic.
- XIO does not use a separate SSL port and sends SSL traffic over
the listener port. The following applies only when an ORB transport
protocol is used: If an SSL port is not configured, an ephemeral port
is chosen at startup and this port can vary each time that the server
is restarted. In this example, the data grid servers have an SSL port
that is set to 37511. For traffic that is initiated
by A.CatServer1 server, outbound traffic uses source port: ephemeral,
destination port: 37511, and return traffic
from A.ContainerServer1 server flows over the same connection. Similarly,
for traffic that is initiated by A.ContainerServer1 server, outbound
traffic uses source port: ephemeral, destination port: 37511,
and return traffic from A.CatServer1 server flows over the same connection.