[z/OS]

Intelligent Management: port number settings

Identify the default port numbers used in the various configuration processes to avoid port conflicts.

Open certain ports in any firewalls that are running between the deployment manager and node agent server processes to avoid conflicts with other assigned ports when configuring Version 6.1 resources or assigning port numbers to other applications. Additionally, when you configure a firewall, enable access to specific port numbers.

If you modify the ports, or if you want to confirm the assigned port, check the port assignments in the app_server_root/profiles/myprofile/config/cells/mycell/nodes/mynode/serverindex.xml file. If more than one node exists, you must check the port assignment for each node.

Note: For Intelligent Management features to work properly, every WebSphere Application Server process must be able to connect from the local ephemeral ports to the OVERLAY_UDP_LISTENER_ADDRESS, OVERLAY_TCP_LISTENER_ADDRESS, and XDAGENT ports of the deployment manager and all WebSphere Application Server node agents. Ephemeral port ranges are defined based on your operating system. Specifically, If you use firewalls to divide your topology, ensure that the following ports remain open (bi-directionally) for the TCP and UDP protocols:
  • OVERLAY_UDP_LISTENER_ADDRESS
  • OVERLAY_TCP_LISTENER_ADDRESS
  • XD_AGENT_PORT

The following table is a list of port assignments that the node agent server uses by default. When you federate an application server node into a deployment manager cell, the deployment manager instantiates the node agent server process on the application server node. The node agent server uses these port assignments by default. When multiple processes share a port on the same node, the configuration uses the next number in the sequence for the additional processes. For example, if three processes are running, the BOOTSTRAP_ADDRESS port for each process is 2809, 2810, and 2811.

For a complete list of default port definitions, read about port settings. For information on security ports, read about configuring inbound transports.

Table 1. Default port definitions for the node agent server process
Port Name Description Default Value (increments for multiple processes)
BOOTSTRAP_ADDRESS

The TCP/IP port on which the name service listens. This port is also the Remote Method Invocation (RMI) connector port. Specify this port with the administrative console

 2809
ORB_LISTENER_ADDRESS

The TCP/IP port on which the application server Object Request Broker (ORB) listens for requests. This also the port on which the location service daemon for the node listens. Specify this port with the administrative console

 9100
SAS_SSL_SERVERAUTH_LISTENER_ADDRESS

The TCP/IP port on which the Secure Association Services (SAS) listen for inbound authentication requests. Specify this port with the administrative console

 9901
CSIV2_SSL_MUTUALAUTH_LISTENER_ADDRESS

The TCP/IP port on which the Common Secure Interoperability Verison 2 (CSIV2) Service listens for inbound client authentication requests. Specify this port with the administrative console

 9202
CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS

The TCP/IP port on which the Common Secure Interoperability Verison 2 (CSIV2) Service listens for inbound server authentication requests. Specify this port with the administrative console

 9201
NODE_DISCOVERY_ADDRESS

The TCP/IP port on which the node discovery service for the node agent listens. Specify this port with the administrative console

 7272
NODE_MULTICAST_DISCOVERY_ADDRESS

The TCP/IP port for the multicast discovery service on which the node agent listens. Specify this port with the administrative console

 5000
SOAP_CONNECTOR_ADDRESS

This port is required by every WebSphere® process to enable SOAP connectivity for JMX calls when using wsadmin.

 8879
OVERLAY_UDP_LISTENER_ADDRESS

Used for peer-to-peer (P2P) communication.The ODC (On Demand Configuration) and asynchronous PMI components use P2P as their transport. This port is required by every WebSphere Extended Deployment process.

 11001
OVERLAY_TCP_LISTENER_ADDRESS

Used for P2P communication. The ODC (On Demand Configuration) and asynchronous PMI components use P2P as their transport. This port is required by every WebSphere Extended Deployment process.

 11002
XDAGENT_PORT

The deployment manager, the node agents, and the middleware agents each have one XDAGENT_PORT. Note that, unlike the OVERLAY ports, the application servers are not configured with XDAGENT_PORTs. Used to enable communication between the deployment manager, the node agents, and the middleware agents. In cells with security enabled, XDADefaultSSLSettings is used for secure communication between the deployment manager and the node agents, or middleware agents over XDAGENT_PORT. The ODR uses this port to collect information from other servers, including node agents. This port should be available to all servers that the Intelligent Management ODR is managing.

 7061
DRS_CLIENT_ADDRESS
Deprecation: This port is deprecated and is no longer used in the current version of the product.
 7873

During the addNode command operation, the filetransfer application uses port 9090 by default. The filetransfer application uses the same HTTP transport port that is used by the administrative console. If security is enabled, the default secured port 9043 must be opened in the firewall. If you modify the ports, or if you want to confirm the assigned port, check the port assignments in the app_server_root\config\cells\cellname\nodes\nodename\servers\dmgr\server.xml file.

Table 2. Default port definitions for the fileTransfer application
Port Name Default Value
Default fileTransfer application Port 9090
Secured - Default fileTransfer application port 9043

When you federate an application server node with the embedded messaging server feature into a deployment manager cell, the deployment manager instantiates a Java™ Message Service (JMS) server process, jmsserver, on the application server node. The following table lists the port assignments that the JMS server uses by default:

Table 3. Default port definitions for the JMS server
Port Name Default Value
JMSSERVER_DIRECT_ADDRESS 5559
JMSSERVER_QUEUED_ADDRESS 5558
SOAP_CONNECTOR_ADDRESS 8879
JMSSERVER SECURITY PORT 5557