Configuring your network

IBM® InfoSphere® Information Server exchanges high volumes of data across several network ports, which requires that you carefully configure the host names and ports for your network.

Before you begin

Ensure that a TCP/IP network is used for all communications in the installation.

About this task

For performance reasons, do not install separate tiers of InfoSphere Information Server across a wide area network (WAN) because of the data exchanges that are required between them. Although clients can work over a WAN if the latency is low, when the network latency increases, it has a detrimental effect on the clients.

The port numbers in the following tables might vary from those that are used in your system because the installation program automatically computes the port value based on port availability. For example, for the DSRPC port, the installation program starts with port 31538 and increments by 1 until it locates an open port. Ensure that you select the correct ports in your system to open and make available. The port values that are used in your system are stored in the response file that the installation program generates. Before you install the product, check the Response File Review panel in the installation program for the location, name, and contents of your response file.

Procedure

  1. Set up the name resolution.
    1. Verify that the computers in the installation can resolve all the other computers by the name that is returned by the hostname command.
    2. Ensure that each of the following tier computers can resolve the URI addresses of the computers that are listed for that tier.
      InfoSphere Information Server relies on the specified URI. Your infrastructure is responsible for determining the network route.
      Table 1. Tiers and the computers that they must connect to
      Tier computer to connect from Tier computers to connect to
      Repository tier

      Repository tier computers (in addition to the loopback address 127.0.0.1)
      Client tier

      Services tier computers

      Engine tier computers

      Repository tier computers (For IBM InfoSphere Information Analyzer, if the IADB is hosted on the same computer as the metadata repository.)
      Services tier

      Services tier computers (in addition to the loopback address 127.0.0.1)

      Engine tier computers

      Repository tier computers
      Engine tier

      Engine tier computers (in addition to the loopback address 127.0.0.1)

      Services tier computers

      Repository tier computers (depending on the DSODB configuration)
    3. Ensure that only localhost is mapped to the loopback IP address. The IPv4 version of this address is 127.0.0.1 and the IPv6 version is ::1/128. No other entries can map localhost to the IP address of the local computer.
      The following example shows how these entries are configured in the following files:
      Operating system File
      AIX® /etc/hosts
      Linux® /etc/hosts
      Windows C:\Windows\system32\drivers\etc\hosts
      IPv4:
      127.0.0.1 localhost.localdomain localhost 
xx.xx.xx.xx longhostname shorthostname
      IPv6:
      ::1/128 localhost.localdomain localhost 
xx:xx::xx:xx longhostname shorthostname

      Where:

      localdomain
      The domain name.
      xx.xx.xx.xx or xx:xx::xx:xx
      The unique IP address for the computer. IPv4 or IPv6 format.
      longhostname shorthostname
      The long and short names for the computer.
  2. For the repository tier, open and make TCP ports available through firewalls.
    Table 2. Port numbers for the repository tier. These are the default port numbers for the database management systems. Choose the ports that are configured for the type of database management system that you are using for the specified uses that are applicable for your configuration.
    Component Default port numbers Tiers that use the port
    IBM DB2® database for the metadata repository 50000 Services
    IBM DB2 database for the analysis database 50000 Services, engine, client
    Oracle database for the metadata repository 1521 Services
    Oracle database for the analysis database 1521 Services, engine, client
    Microsoft SQL Server database for the metadata repository 1433 Services
    Microsoft SQL Server database for the analysis database 1433 Services, engine, client
  3. For the services tier, open and make TCP ports available through firewalls.
    Refer to the table that corresponds to your IBM WebSphere® Application Server configuration.

    In addition to the listed ports below, refer to Port number settings.

    Table 3. Port numbers for the services tier (basic configuration with IBM WebSphere Application Server Liberty Profile)
    Component Default port numbers for basic configuration Tiers that use the port
    InfoSphere Information Server web-based clients (HTTPS) Liberty HTTPS port (9443) Client
    Note: The Liberty HTTPS port is set during the installation of InfoSphere Information Server.
    InfoSphere Information Server communication services (Java Remote Method Invocation [RMI] or Inter-ORB Protocol [IIOP])

    BOOTSTRAP_ADDRESS (2809)

    ORB_LISTENER_ADDRESS (9100)

    SAS_SSL_SERVERAUTH_
    LISTENER_ADDRESS
    (9401)

    CSIV2_SSL_
    MUTUALAUTH_
    LISTENER_ADDRESS
    (9402)

    CSIV2_SSL_SERVERAUTH_
    LISTENER_ADDRESS
    (9403)

    		 Services, engine, client
    Table 4. Port numbers for the services tier (basic configuration with IBM WebSphere Application Server Network Deployment)
    Component Default port numbers for basic configuration Tiers that use the port
    InfoSphere Information Server web-based clients (HTTPS) WC_defaulthost_secure (9443) Client
    IBM WebSphere Application Server administrative console (redirects to HTTPS) WC_adminhost (9060) Client
    IBM WebSphere Application Server administrative console (HTTPS) WC_adminhost_secure (9043) Client
    IBM InfoSphere Information Services Director services with JMS bindings

    SIB_ENDPOINT_ADDRESS (7276)

    SIB_ENDPOINT_SECURE_
    ADDRESS  (7286)

    SIB_MQ_ENDPOINT_
    ADDRESS (5558)

    SIB_MQ_ENDPOINT_
    SECURE_ADDRESS  (5578)

    		 Only clients of the Information Services Director services require access to these ports.
    IBM InfoSphere Information Services Director services with EJB bindings

    BOOTSTRAP_ADDRESS (2809)

    ORB_LISTENER_ADDRESS (9100)

    		 Only clients of the Information Services Director services require access to these ports.
    Table 5. Port numbers for the services tier (clustered configuration with IBM WebSphere Application Server Network Deployment)
    Component Default port numbers for clustered configuration Tiers that use the port
    InfoSphere Information Server web-based clients (HTTPS)

    Firewall between the client and dispatcher (if any): usually 443. This value varies depending on the configuration of the front-end dispatcher.

    Firewall between the dispatcher and cluster members (if any): WC_defaulthost_secure of all cluster members (for example, 9443, 9444, and so on)

    		 Client
    IBM WebSphere Application Server administrative console (redirects to HTTPS) WC_adminhost (9060) Client
    IBM WebSphere Application Server administrative console (HTTPS) WC_adminhost_secure (9043) Client
    InfoSphere Information Server communication services (Java Remote Method Invocation [RMI] or Inter-ORB Protocol [IIOP])

    BOOTSTRAP_ADDRESS of all cluster members (9809, 9810, 9811, and so on)

    ORB_LISTENER_ADDRESS of all node agents (9100, 9101, and so on)

    DCS_UNICAST_ADDRESS (9353)

    SAS_SSL_SERVERAUTH_
    LISTENER_ADDRESS,
    CSIV2_SSL_SERVERAUTH_
    LISTENER_ADDRESS,
    CSIV2_SSL_
    MUTUALAUTH_
    LISTENER_ADDRESS
    of all cluster members:  
    (9410, 9411, 9412),
    (9411, 9414, 9415),
    and so on

    		 Services, engine, client
    IBM InfoSphere Information Services Director services with JMS bindings

    SIB_ENDPOINT_ADDRESS of all cluster members (7277, 7278, and so on)

    SIB_ENDPOINT_SECURE_
    ADDRESS of all cluster
    members
    (7287, 7288, and so on)

    SIB_MQ_ENDPOINT_
    ADDRESS of all cluster
    members
    (5559, 5560,  and so on)

    SIB_MQ_ENDPOINT_
    SECURE_ADDRESS of all
    cluster members
    (5579, 5580, and so on)

    		 Only clients of the Information Services Director services require access to these ports.
    IBM InfoSphere Information Services Director services with EJB bindings

    BOOTSTRAP_ADDRESS

    ORB_LISTENER_ADDRESS

    		Only clients of the Information Services Director services require access to these ports.
  4. For the engine tier, open and make TCP ports available through firewalls.
    Table 6. Port numbers for the engine tier
    Component Default port numbers Tiers that use the port
    InfoSphere Information Server ASB agent

    31531, and a random port number greater than 1024

    Instead of using a random port number, you can fix this to a specific port by specifying agent.objectport=# in the IS_install_path/ASBNode/conf/agent.properties file after you complete the installation. After designating a specific port, restart the ASB agent so that the change takes effect.

    		 Services
    IBM InfoSphere DataStage® service DSRPC (31538) Services, client
    Parallel job monitors

    13400 (port 1) and 13401 (port 2)

    Access to port 1 is required only from the conductor node. Access to port 2 is required from the conductor node and the node where the InfoSphere Information Server engine is installed, if that node is different from the conductor node.

    		Engine
    Parallel engine APT_PM_STARTUP_PORT (multiple ports, uses a port number of 10000 or greater) Engine
    Parallel engine remote process startup
    Remote Shell and Secure Shell
    22
    Multiple nodes only
    514
    		 Engine
    Parallel engine (multiple nodes only)

    APT_PLAYER_CONNECTION_PORT (multiple ports, uses a port number of 11000 or greater)

    		 Engine
  5. For the client tier, open and make TCP ports available through firewalls.
    Table 7. Port numbers for the client tier
    Component Default port numbers Tiers that use the port
    IBM InfoSphere Metadata Asset Manager, when bridges are installed. 19443 Services
  6. For the installation program, open and make TCP ports available through firewalls.
    Table 8. Port numbers for the installation program
    Component Default port numbers Tiers that use the port
    The installation program 8443 (HTTPS)

    Services

    Any web browser that connects to the computer running the installation program.
    The Update Installer program 8445 (HTTPS) Any web browser that connects to the computer running the Update Installer program.
    The SOAP Connector Port
    (Stand-alone environment)
    		 SOAP_CONNECTOR_ADDRESS (8880)

    Services

    Note: The SOAP Connector Port is used during suite install and most Patch and FixPack installations to the Services tier. It is only used from the Services tier computer to the WebSphere Application Server running locally on the same tier (The Services tier computer connects to itself).
    The SOAP Connector Port for the deployment manager
    (Clustered environment)
    		 SOAP_CONNECTOR_ADDRESS (8879)

    Services

    Note: The SOAP Connector Port is used during suite install and most Patch and FixPack installations to the Services tier. In a clustered WebSphere Application Server environment, it also used for communicating between the deployment manager and remote nodes. It is only used from the Services tier computer to the WebSphere deployment manager running locally on the same tier (The Services tier computer connects to itself).

    The default value for SOAP_CONNECTOR_ADDRESS for a cluster member (not the deployment manager) is 8880.

  7. For connecting to external data sources, see the vendor-supplied documentation for additional port assignments.