+

Search Tips   |   Advanced Search

TCP transport channel settings


To set a TCP transport channels. This type of transport channel handles inbound TCP/IP requests from a remote client.

To view this admin console page ...

Servers > Server Types > WebSphere application servers > server_name > Ports. Click on View associated transports for the port associated with the TCP transport channel whose settings you want to view.

Transport channel name

Name of the TCP transport channel.

The name field cannot contain the following characters: # \ / , : ; " * ? < > | = + & % '

This name must be unique across all channels in a WAS environment. For example, an HTTP proxy inbound channel and a TCP transport channel cannot have the same name if they reside within the same system.

Data type string

Port

Specifies the TCP/IP port this transport channel uses to establish connections between a client and an appserver. The TCP transport channel binds to the hostnames and ports listed for the Port property. We can specify the wildcard * (an asterisk), for the hostname if we want this channel to listen to all hosts that are available on this system. However, before specifying the wildcard value, make sure this TCP transport channel does not have to bind to a specific hostname.

Data type string

Thread pool

This field only applies for i5/OS and distributed platforms. Select from the drop-down list of available thread pools the thread pool you want the TCP transport channel to use when dispatching work.

Maximum open connections

Maximum number of connections that are available for a server to use.

Leave the Maximum open connections property set to the default value 20000, which is the maximum number of connections allowed. The transport channel service by default manages high client connection counts and requires no tuning.

Default 20,000

Inactivity timeout

Amount of time, in seconds, that the TCP transport channel waits for a read or write request to complete on a socket.

If client connections are being closed without data being written back to the client, change the value specified for the Inactivity timeout parameter. This parameter controls the maximum number of connections available for a server's use. Upon receiving a new connection, the TCP transport channel waits for enough data to arrive to dispatch the connection to the protocol specific channels above the TCP transport channel. If not enough data is received during the time period specified for the Inactivity timeout parameter, the TCP transport channel closes the connection.

The default value for this parameter is 60 seconds, which is adequate for most applications. You should increase the value specified for this parameter if the workload involves a lot of connections and all of these connections can not be serviced in 60 seconds.

Avoid trouble: The value specified for this property might be overridden by the wait times established for channels above this channel. For example, the wait time established for an HTTP transport channel overrides the value specified for this property for every operation except the initial read on a new socket.

Data type Integer
Default 60 seconds

Address exclude list

Lists the IP addresses that are not allowed to make inbound connections.

Use a comma to separate the IPv4 or IPv6 or both addresses to which you want to deny access on inbound TCP connection requests.

All four numeric values in an IPv4 address must be represented by a number or the wildcard character * (an asterisk).

Following are examples of valid IPv4 addresses that can be included in an Address exclude list:

*.1.255.0
254.*.*.9
1.*.*.*

All eight numeric values of an IPv6 address must be represented by a number or the wildcard character * (an asterisk). No shortened version of the IPv6 address should be used. Even though a shortened version is processed with no error given, it does not function correctly in this list. Each numeric entry should be a 1- 4 digit hexadecimal number.

Following are examples of valid IPv6 addresses that can be included in an Address exclude list:

0:*:*:0:007F:0:0001:0001 F:FF:FFF:FFFF:1:01:001:0001
1234:*:4321:*:9F9f:*:*:0000   

Avoid trouble: The Address include list and Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it will not be allowed access.

Address include list

Lists the IP addresses that are allowed to make inbound connections.

Use a comma to separate the IPv4 or IPv6 or both addresses to which you want to grant access on inbound TCP connection requests.

All four numeric values in an IPv4 address must be represented by a number or the wildcard character * (an asterisk).

Following are examples of valid IP addresses that can be included in an Address include list:

 *.1.255.0
 254.*.*.9
 1.*.*.*

All eight numeric values of an IPv6 address must be represented by a number or the wildcard character * (an asterisk). No shortened version of the IPv6 address should be used. Even though a shortened version is processed with no error given, it does not function correctly in this list. Each numeric entry should be a 1- 4 digit hexadecimal number.

Following are examples of valid IPv6 addresses that can be included in an Address include list:

0:*:*:0:007F:0:0001:0001 F:FF:FFF:FFFF:1:01:001:0001
1234:*:4321:*:9F9f:*:*:0000   

Avoid trouble: The Address include list and the Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it will not be allowed access.

Host name exclude list

List the host names that are not allowed to make connections. Use a comma to separate the URL addresses to which you want to deny access on inbound TCP connection requests.

A URL address can start with the wildcard character * (an asterisk) followed by a period; for example, *.Rest.Of.Address. If a period does not follow the wildcard character, the asterisk will be treated as a normal non-wildcard character. The wildcard character cannot appear any where else in the address. For example, ibm.*.com is not a valid hostname.

Following are examples of valid URL addresses that can be included in a Host name exclude list:

*.ibm.com www.ibm.com
*.com

Avoid trouble: The Address include list and Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it is not allowed access.

Host name include list

Lists the host names that are allowed to make inbound connections. Use a comma to separate the URL addresses to which you want to grant access on inbound TCP connection requests.

A URL address can start with the wildcard character * (an asterisk) followed by a period; for example, *.Rest.Of.Address. If a period does not follow the wildcard character, the asterisk will be treated as a normal non-wildcard character. The wildcard character cannot appear any where else in the address. For example, ibm.*.com is not a valid hostname.

Following are examples of valid URL addresses that can be included in a hostname include list:

*.ibm.com www.ibm.com
*.com

The Address include list and Host name include list are processed before the Address exclude list and the Host name exclude list. If all four lists are defined:

  • An address that is defined on either inclusion list will be allowed access provided it is not included on either of the exclusion lists.

  • If an address is included in both an inclusion list and in an exclusion list, it is not allowed access.





 

Related tasks


Tuning transport channel services
Set transport chains

 

Related


Object names: What the name string cannot contain