Intelligent Management: port number settings

Intelligent Management: port number settings

Identify the default port numbers used in the various configuration processes to avoid port conflicts.

Open certain ports in any firewalls running between the deployment manager and node agent server processes to avoid conflicts with other assigned ports when configuring v6.1 resources or assigning port numbers to other applications. Additionally, when we configure a firewall, enable access to specific port numbers.

If we modify the ports, or to confirm the assigned port, check the port assignments in...
app_server_root/profiles/myprofile/config/cells/mycell/nodes/mynode/serverindex.xml

If more than one node exists, we must check the port assignment for each node.

For Intelligent Management features to work properly, every WAS process must be able to connect from the local ephemeral ports to the OVERLAY_UDP_LISTENER_ADDRESS, OVERLAY_TCP_LISTENER_ADDRESS, and XDAGENT ports of the deployment manager and all WAS node agents. Ephemeral port ranges are defined based on the operating system. Specifically, If we use firewalls to divide your topology, ensure that the following ports remain open (bi-directionally) for the TCP and UDP protocols:

OVERLAY_UDP_LISTENER_ADDRESS
OVERLAY_TCP_LISTENER_ADDRESS
XDAGENT_PORT

The following table is a list of port assignments that the node agent server uses by default. When we federate an application server node into a deployment manager cell, the deployment manager instantiates the node agent server process on the application server node. The node agent server uses these port assignments by default. When multiple processes share a port on the same node, the configuration uses the next number in the sequence for the additional processes. For example, if three processes are running, the BOOTSTRAP_ADDRESS port for each process is 2809, 2810, and 2811.

For a complete list of default port definitions, read about port settings. For information on security ports, read about configuring inbound transports.

Port Name Description Default Value (increments for multiple processes)
BOOTSTRAP_ADDRESS The TCP/IP port on which the name service listens. This port is also the Remote Method Invocation (RMI) connector port. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 2809
ORB_LISTENER_ADDRESS The TCP/IP port on which the application server Object Request Broker (ORB) listens for requests. This also the port on which the location service daemon for the node listens. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 9100
SAS_SSL_SERVERAUTH_LISTENER_ADDRESS The TCP/IP port on which the Secure Association Services (SAS) listen for inbound authentication requests. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 9901
CSIV2_SSL_MUTUALAUTH_LISTENER_ADDRESS The TCP/IP port on which the Common Secure Interoperability Verison 2 (CSIV2) Service listens for inbound client authentication requests. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 9202
CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS The TCP/IP port on which the Common Secure Interoperability Verison 2 (CSIV2) Service listens for inbound server authentication requests. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 9201
NODE_DISCOVERY_ADDRESS The TCP/IP port on which the node discovery service for the node agent listens. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 7272
NODE_MULTICAST_DISCOVERY_ADDRESS The TCP/IP port for the multicast discovery service on which the node agent listens. Specify this port with the administrative console(iSeries) or with the chgwassvr script. 5000
SOAP_CONNECTOR_ADDRESS This port is required by every WebSphere process to enable SOAP connectivity for JMX calls when using wsadmin.
8879
OVERLAY_UDP_LISTENER_ADDRESS Used for peer-to-peer (P2P) communication.The ODC (On Demand Configuration) and asynchronous PMI components use P2P as their transport. This port is required by every WebSphere Extended Deployment process.
11001
OVERLAY_TCP_LISTENER_ADDRESS Used for P2P communication. The ODC (On Demand Configuration) and asynchronous PMI components use P2P as their transport. This port is required by every WebSphere Extended Deployment process.
11002
XDAGENT_PORT The deployment manager, the node agents, and the middleware agents each have one XDAGENT_PORT. Note that, unlike the OVERLAY ports, the application servers are not configured with XDAGENT_PORTs. Used to enable communication between the deployment manager, the node agents, and the middleware agents. In cells with security enabled, XDADefaultSSLSettings is used for secure communication between the deployment manager and the node agents, or middleware agents over XDAGENT_PORT. The ODR uses this port to collect information from other servers, including node agents. This port should be available to all servers that the Intelligent Management ODR is managing.
7061
DRS_CLIENT_ADDRESS

Deprecation: This port is deprecated and is no longer used in the current version of the product.
7873

During the addNode command operation, the filetransfer application uses port 9090 by default. The filetransfer application uses the same HTTP transport port used by the administrative console. If security is enabled, the default secured port 9043 must be opened in the firewall. If we modify the ports, or to confirm the assigned port, check the port assignments in the app_server_root\config\cells\cellname\nodes\nodename\servers\dmgr\server.xml file.

Port Name Default Value
Default fileTransfer application Port 9090
Secured - Default fileTransfer application port 9043

When we federate an application server node with the embedded messaging server feature into a deployment manager cell, the deployment manager instantiates a Java Message Service (JMS) server process, jmsserver, on the application server node. The following table lists the port assignments that the JMS server uses by default:

Port Name Default Value
JMSSERVER_DIRECT_ADDRESS 5559
JMSSERVER_QUEUED_ADDRESS 5558
SOAP_CONNECTOR_ADDRESS 8879
JMSSERVER SECURITY PORT 5557

Related:

Middleware nodes and servers
Configure inbound transports
Ports settings
(iSeries) chgwassvr command

Port Name	Description	Default Value (increments for multiple processes)
BOOTSTRAP_ADDRESS	The TCP/IP port on which the name service listens. This port is also the Remote Method Invocation (RMI) connector port. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	2809
ORB_LISTENER_ADDRESS	The TCP/IP port on which the application server Object Request Broker (ORB) listens for requests. This also the port on which the location service daemon for the node listens. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	9100
SAS_SSL_SERVERAUTH_LISTENER_ADDRESS	The TCP/IP port on which the Secure Association Services (SAS) listen for inbound authentication requests. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	9901
CSIV2_SSL_MUTUALAUTH_LISTENER_ADDRESS	The TCP/IP port on which the Common Secure Interoperability Verison 2 (CSIV2) Service listens for inbound client authentication requests. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	9202
CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS	The TCP/IP port on which the Common Secure Interoperability Verison 2 (CSIV2) Service listens for inbound server authentication requests. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	9201
NODE_DISCOVERY_ADDRESS	The TCP/IP port on which the node discovery service for the node agent listens. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	7272
NODE_MULTICAST_DISCOVERY_ADDRESS	The TCP/IP port for the multicast discovery service on which the node agent listens. Specify this port with the administrative console(iSeries) or with the chgwassvr script.	5000
SOAP_CONNECTOR_ADDRESS	This port is required by every WebSphere process to enable SOAP connectivity for JMX calls when using wsadmin.	8879
OVERLAY_UDP_LISTENER_ADDRESS	Used for peer-to-peer (P2P) communication.The ODC (On Demand Configuration) and asynchronous PMI components use P2P as their transport. This port is required by every WebSphere Extended Deployment process.	11001
OVERLAY_TCP_LISTENER_ADDRESS	Used for P2P communication. The ODC (On Demand Configuration) and asynchronous PMI components use P2P as their transport. This port is required by every WebSphere Extended Deployment process.	11002
XDAGENT_PORT	The deployment manager, the node agents, and the middleware agents each have one XDAGENT_PORT. Note that, unlike the OVERLAY ports, the application servers are not configured with XDAGENT_PORTs. Used to enable communication between the deployment manager, the node agents, and the middleware agents. In cells with security enabled, XDADefaultSSLSettings is used for secure communication between the deployment manager and the node agents, or middleware agents over XDAGENT_PORT. The ODR uses this port to collect information from other servers, including node agents. This port should be available to all servers that the Intelligent Management ODR is managing.	7061
DRS_CLIENT_ADDRESS	Deprecation: This port is deprecated and is no longer used in the current version of the product.	7873

Port Name	Default Value
Default fileTransfer application Port	9090
Secured - Default fileTransfer application port	9043

Port Name	Default Value
JMSSERVER_DIRECT_ADDRESS	5559
JMSSERVER_QUEUED_ADDRESS	5558
SOAP_CONNECTOR_ADDRESS	8879
JMSSERVER SECURITY PORT	5557