TCP transport channel settings

 

+

Search Tips   |   Advanced Search

 

This type of transport channel handles inbound TCP/IP requests from a remote client.

To view and configure a TCP transport channels, click...

Servers | Application servers | server | Ports | View associated transports

Transport channel name

Name of the TCP transport channel.

The name field cannot contain the following characters: # \ / , : ; " * ? < > | = + & % '

This name must be unique across all channels in a WebSphere Application Server environment. For example, an HTTP proxy inbound channel and a TCP transport channel cannot have the same name if they reside within the same system.

Data type string

Port

Specify the TCP/IP port this transport channel uses to establish connections between a client and an appserver. The TCP transport channel binds to the hostnames and ports listed for the Port property. You can specify the wildcard * (an asterisk), for the hostname if you want this channel to listen to all hosts that are available on this system. However, before specifying the wildcard value, make sure this TCP transport channel does not have to bind to a specific hostname.

Data type string

Thread pool

This field only applies for i5/OS and distributed platforms. Select from the drop-down list of available thread pools the thread pool you want the TCP transport channel to use when dispatching work.

Maximum open connections

Maximum number of connections that can be open at one time.

Data type Integer between 1 and 20,000 inclusive
Default 20,000

Inactivity timeout

Specifies the amount of time, in seconds, that the TCP transport channel waits for a read or write request to complete on a socket.

The value specified for this property might be overridden by the wait times established for channels above this channel. For example, the wait time established for an HTTP transport channel overrides the value specified for this property for every operation except the initial read on a new socket.

Data type Integer
Default 60 seconds

Address exclude list

Lists the IP addresses that are not allowed to make inbound connections.

Use a comma to separate the IPv4 or IPv6 or both addresses to which you want to deny access on inbound TCP connection requests.

All four numeric values in an IPv4 address must be represented by a number or the wildcard character * (an asterisk). Following are examples of valid IPv4 addresses that can be included in an Address exclude list:

*.1.255.0
254.*.*.9
1.*.*.*

All eight numeric values of an IPv6 address must be represented by a number or the wildcard character * (an asterisk). No shortened version of the IPv6 address should be used. Even though a shortened version is processed with no error given, it does not function correctly in this list. Each numeric entry should be a 1- 4 digit hexadecimal number. Following are examples of valid IPv6 addresses that can be included in an Address exclude list:

0:*:*:0:007F:0:0001:0001
F:FF:FFF:FFFF:1:01:001:0001
1234:*:4321:*:9F9f:*:*:0000   

The Address include list and Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it will not be allowed access.

Address include list

Lists the IP addresses that are allowed to make inbound connections. Use a comma to separate the IPv4 or IPv6 or both addresses to which you want to grant access on inbound TCP connection requests.

All four numeric values in an IPv4 address must be represented by a number or the wildcard character * (an asterisk). Following are examples of valid IP addresses that can be included in an Address include list:

 *.1.255.0
 254.*.*.9
 1.*.*.*

All eight numeric values of an IPv6 address must be represented by a number or the wildcard character * (an asterisk). No shortened version of the IPv6 address should be used. Even though a shortened version is processed with no error given, it does not function correctly in this list. Each numeric entry should be a 1- 4 digit hexadecimal number. Following are examples of valid IPv6 addresses that can be included in an Address include list:

0:*:*:0:007F:0:0001:0001
F:FF:FFF:FFFF:1:01:001:0001
1234:*:4321:*:9F9f:*:*:0000   

The Address include list and the Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it will not be allowed access.

  • If either include list contains an IP address or a host name for the TCP in-bound channel of the WC_adminhost for a deployment manager, the IP addresses or host names of all of the node agents that this deployment manager talks to should also be added to an include list. If these other IP addresses or host names are not added, node synchronization does not work properly.

Host name exclude list

List the host names that are not allowed to make connections. Use a comma to separate the URL addresses to which you want to deny access on inbound TCP connection requests.

A URL address can start with the wildcard character * (an asterisk) followed by a period; for example, *.Rest.Of.Address. If a period does not follow the wildcard character, the asterisk will be treated as a normal non-wildcard character. The wildcard character cannot appear any where else in the address. For example, ibm.*.com is not a valid host name. Following are examples of valid URL addresses that can be included in a Host name exclude list:

*.ibm.com www.ibm.com
*.com

The Address include list and Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it is not allowed access.

Host name include list

Lists the host names that are allowed to make inbound connections. Use a comma to separate the URL addresses to which you want to grant access on inbound TCP connection requests.

A URL address can start with the wildcard character * (an asterisk) followed by a period; for example, *.Rest.Of.Address. If a period does not follow the wildcard character, the asterisk will be treated as a normal non-wildcard character. The wildcard character cannot appear any where else in the address. For example, ibm.*.com is not a valid hostname. Following are examples of valid URL addresses that can be included in a hostname include list:

*.ibm.com www.ibm.com
*.com

The Address include list and Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it is not allowed access.

  • If either include list contains an IP address or a host name for the TCP in-bound channel of the WC_adminhost for a deployment manager, the IP addresses or host names of all of the node agents that this deployment manager talks to should also be added to an include list. If these other IP addresses or host names are not added, node synchronization does not work properly.




 

Related tasks


Configure transport chains

 

Related Reference


Object names: What the name string cannot contain

 

Reference topic