Configuring your network
IBM® InfoSphere® Information Server exchanges high volumes of data across several network ports, which requires that you carefully configure the host names and ports for your network.
Before you begin
About this task
For performance reasons, do not install separate tiers of InfoSphere Information Server across a wide area network (WAN) because of the data exchanges that are required between them. Although clients can work over a WAN if the latency is low, when the network latency increases, it has a detrimental effect on the clients.
The port numbers in the following tables might vary from those that are used in your system because the installation program automatically computes the port value based on port availability. For example, for the DSRPC port, the installation program starts with port 31538 and increments by 1 until it locates an open port. Ensure that you select the correct ports in your system to open and make available. The port values that are used in your system are stored in the response file that the installation program generates. Before you install the product, check the Response File Review panel in the installation program for the location, name, and contents of your response file.
Procedure
- Set up the name resolution.
- Verify that the computers in the installation can resolve
all the other computers by the name that is returned by the
hostname
command. - Ensure that each of the following tier computers can
resolve the URI addresses of the computers that are listed for that
tier. InfoSphere Information Server relies on the specified URI. Your infrastructure is responsible for determining the network route.
Table 1. Tiers and the computers that they must connect to Tier computer to connect from Tier computers to connect to Repository tierRepository tier computers (in addition to the loopback address
127.0.0.1
)Client tierServices tier computers
Engine tier computers
Repository tier computers (For IBM InfoSphere Information Analyzer, if the IADB is hosted on the same computer as the metadata repository.)
Services tierServices tier computers (in addition to the loopback address
127.0.0.1
)Engine tier computers
Repository tier computers
Engine tierEngine tier computers (in addition to the loopback address
127.0.0.1
)Services tier computers
Repository tier computers (depending on the DSODB configuration)
- Ensure that only
localhost
is mapped to the loopback IP address. The IPv4 version of this address is127.0.0.1
and the IPv6 version is::1/128
. No other entries can maplocalhost
to the IP address of the local computer.The following example shows how these entries are configured in the following files:Operating system File AIX® /etc/hosts Linux® /etc/hosts Windows C:\Windows\system32\drivers\etc\hosts - IPv4:
127.0.0.1 localhost.localdomain localhost xx.xx.xx.xx longhostname shorthostname
- IPv6:
::1/128 localhost.localdomain localhost xx:xx::xx:xx longhostname shorthostname
Where:
- localdomain
- The domain name.
- xx.xx.xx.xx or xx:xx::xx:xx
- The unique IP address for the computer. IPv4 or IPv6 format.
- longhostname shorthostname
- The long and short names for the computer.
- Verify that the computers in the installation can resolve
all the other computers by the name that is returned by the
- For the repository tier, open and make TCP ports available
through firewalls.
Table 2. Port numbers for the repository tier. These are the default port numbers for the database management systems. Choose the ports that are configured for the type of database management system that you are using for the specified uses that are applicable for your configuration. Component Default port numbers Tiers that use the port IBM Db2® database for the metadata repository 50000 Services IBM Db2 database for the analysis database 50000 Services, engine, client Oracle database for the metadata repository 1521 Services Oracle database for the analysis database 1521 Services, engine, client Microsoft SQL Server database for the metadata repository 1433 Services Microsoft SQL Server database for the analysis database 1433 Services, engine, client - For the services tier, open and make TCP ports available
through firewalls. Refer to the table that corresponds to your IBM WebSphere® Application Server configuration.
In addition to the listed ports below, refer to Port number settings.
Table 3. Port numbers for the services tier (basic configuration with IBM WebSphere Application Server Liberty Profile) Component Default port numbers for basic configuration Tiers that use the port InfoSphere Information Server web-based clients (HTTPS) Liberty HTTPS port (9443) Client Note: The Liberty HTTPS port is set during the installation of InfoSphere Information Server.InfoSphere Information Server communication services (Java Remote Method Invocation [RMI] or Inter-ORB Protocol [IIOP]) BOOTSTRAP_ADDRESS (2809)
ORB_LISTENER_ADDRESS (9100)
SAS_SSL_SERVERAUTH_
LISTENER_ADDRESS
(9401)CSIV2_SSL_
MUTUALAUTH_
LISTENER_ADDRESS
(9402)CSIV2_SSL_SERVERAUTH_
LISTENER_ADDRESS
(9403)Services, engine, client InfoSphere Information Server WebSphere HTTPS port (9443 or 9446) Services InfoSphere Information Server IBM Db2 port(50000)
Oracle database port (1521)
DB2 repository InfoSphere Information Server Zookeeper (2181)
Kafka (9092)
Solr and other HTTPS-based services (443)
Note: Zookeeper runs on port 52181, Kafka on 59092 and Solr on 58983Services (EnterpriseSearch) Table 4. Port numbers for the services tier (basic configuration with IBM WebSphere Application Server Network Deployment) Component Default port numbers for basic configuration Tiers that use the port InfoSphere Information Server web-based clients (HTTPS) WC_defaulthost_secure (9443) Client IBM WebSphere Application Server administrative console (redirects to HTTPS) WC_adminhost (9060) Client IBM WebSphere Application Server administrative console (HTTPS) WC_adminhost_secure (9043) Client IBM InfoSphere Information Services Director services with JMS bindings SIB_ENDPOINT_ADDRESS (7276)
SIB_ENDPOINT_SECURE_
ADDRESS (7286)SIB_MQ_ENDPOINT_
ADDRESS (5558)SIB_MQ_ENDPOINT_
SECURE_ADDRESS (5578)Only clients of the Information Services Director services require access to these ports. IBM InfoSphere Information Services Director services with EJB bindings BOOTSTRAP_ADDRESS (2809)
ORB_LISTENER_ADDRESS (9100)
Only clients of the Information Services Director services require access to these ports. Table 5. Port numbers for the services tier (clustered configuration with IBM WebSphere Application Server Network Deployment) Component Default port numbers for clustered configuration Tiers that use the port InfoSphere Information Server web-based clients (HTTPS) Firewall between the client and dispatcher (if any): usually 443. This value varies depending on the configuration of the front-end dispatcher.
Firewall between the dispatcher and cluster members (if any): WC_defaulthost_secure of all cluster members (for example, 9443, 9444, and so on)
Client IBM WebSphere Application Server administrative console (redirects to HTTPS) WC_adminhost (9060) Client IBM WebSphere Application Server administrative console (HTTPS) WC_adminhost_secure (9043) Client InfoSphere Information Server communication services (Java Remote Method Invocation [RMI] or Inter-ORB Protocol [IIOP]) BOOTSTRAP_ADDRESS of all cluster members (9809, 9810, 9811, and so on)
ORB_LISTENER_ADDRESS of all node agents (9100, 9101, and so on)
DCS_UNICAST_ADDRESS (9353)
SAS_SSL_SERVERAUTH_
LISTENER_ADDRESS,
CSIV2_SSL_SERVERAUTH_
LISTENER_ADDRESS,
CSIV2_SSL_
MUTUALAUTH_
LISTENER_ADDRESS
of all cluster members:
(9410, 9411, 9412),
(9411, 9414, 9415),
and so onServices, engine, client IBM InfoSphere Information Services Director services with JMS bindings SIB_ENDPOINT_ADDRESS of all cluster members (7277, 7278, and so on)
SIB_ENDPOINT_SECURE_
ADDRESS of all cluster
members
(7287, 7288, and so on)SIB_MQ_ENDPOINT_
ADDRESS of all cluster
members
(5559, 5560, and so on)SIB_MQ_ENDPOINT_
SECURE_ADDRESS of all
cluster members
(5579, 5580, and so on)Only clients of the Information Services Director services require access to these ports. IBM InfoSphere Information Services Director services with EJB bindings BOOTSTRAP_ADDRESS
ORB_LISTENER_ADDRESS
Only clients of the Information Services Director services require access to these ports. - For the engine tier, open and make TCP ports available
through firewalls.
Table 6. Port numbers for the engine tier Component Default port numbers Tiers that use the port InfoSphere Information Server ASB agent 31531, and a random port number greater than 1024
Instead of using a random port number, you can fix this to a specific port by specifying agent.objectport=# in the IS_install_path/ASBNode/conf/agent.properties file after you complete the installation. After designating a specific port, restart the ASB agent so that the change takes effect.
Services IBM InfoSphere DataStage® service DSRPC (31538) Services, client Parallel job monitors 13400 (port 1) and 13401 (port 2)
Access to port 1 is required only from the conductor node. Access to port 2 is required from the conductor node and the node where the InfoSphere Information Server engine is installed, if that node is different from the conductor node.
Engine Parallel engine APT_PM_STARTUP_PORT (multiple ports, uses a port number of 10000 or greater) Engine Parallel engine remote process startup - Remote Shell and Secure Shell
- 22
- Multiple nodes only
- 514
Engine Parallel engine (multiple nodes only) APT_PLAYER_CONNECTION_PORT (multiple ports, uses a port number of 11000 or greater)
Engine Connector Access Service 30000 - 30010
Based on the range of the port numbers defined, the Agent Handler creates the thread at the first available port. This thread is used to establish a communication between Connector Access Service and the connector. The process request gets initiated based on the agent process identifier, which is a connection instance that is associated with a connector.
Engine - For the client tier, open and make TCP ports available through firewalls.
Table 7. Port numbers for the client tier Component Default port numbers Tiers that use the port IBM InfoSphere Metadata Asset Manager, when bridges are installed. 19443 Services - For the installation program, open and make TCP ports available
through firewalls.
Table 8. Port numbers for the installation program Component Default port numbers Tiers that use the port The installation program 8443 (HTTPS) Services
Any web browser that connects to the computer running the installation program.The Update Installer program 8445 (HTTPS) Any web browser that connects to the computer running the Update Installer program. The SOAP Connector Port (Stand-alone environment)SOAP_CONNECTOR_ADDRESS (8880) Services
Note: The SOAP Connector Port is used during suite install and most Patch and FixPack installations to the Services tier. It is only used from the Services tier computer to the WebSphere Application Server running locally on the same tier (The Services tier computer connects to itself).The SOAP Connector Port for the deployment manager (Clustered environment)SOAP_CONNECTOR_ADDRESS (8879) Services
Note: The SOAP Connector Port is used during suite install and most Patch and FixPack installations to the Services tier. In a clustered WebSphere Application Server environment, it also used for communicating between the deployment manager and remote nodes. It is only used from the Services tier computer to the WebSphere deployment manager running locally on the same tier (The Services tier computer connects to itself).The default value for SOAP_CONNECTOR_ADDRESS for a cluster member (not the deployment manager) is 8880.
- For connecting to external data sources, see the vendor-supplied documentation for additional port assignments.