Introduction

An exact knowledge of all the ports used by a EJB client is necessary for:

  • Proper firewall setup
  • Load balancing of name server lookup using Cisco content switch.

Common Scenario

A client typically uses a node agent as the name service. A JNDI lookup of the home interface is made by the client by connecting to the node agent over the bootstrap port (BOOTSTRAP_ADDRESS end point – 2809 by default). After the name look up is complete, the first remote method call by the client is sent to the node agent over the ORB listener port (ORB_LISTENER_ADDRESS end point of the node agent). The first method call is routed to one of the cluster member application servers for the cluster running the EJB. With the reply data for the method call, the cluster configuration is sent to the client. From that point on, the client directly connects to the member application servers over the ORB listener port of the application server. Important: By default, WebSphere does not define a ORB_LISTENER_ADDRESS end point for the application servers. This causes the system to dynamically pick a port number. It is next to impossible to configure the firewall between the client and the WebSphere machines as long as system is using dynamic port numbers. To resolve this problem, manually create the ORB_LISTENER_ADDRESS end point for each server and assign a unique port number. In summary, the following ports must be opened in the firewall between the client and the WebSphere machines:

  1. BOOTSTRAP_ADDRESS end point port of the node agents.
  2. ORB_LISTENER_ADDRESS end point of the node agents.
  3. ORB_LISTENER_ADDRESS end point of the application servers that are mebers of the cluster where the EJB is deployed.

JNDI Lookup Using Dmgr

Normally, it is recommended that a client does the JNDI lookup using a list of node agents. It is also possible for the client to do a look up by connecting to the deployment manager. In that case, the client uses these ports:

  1. BOOTSTRAP_ADDRESS end point port of the deployment manager.
  2. ORB_LISTENER_ADDRESS end point of the deployment manager.
  3. ORB_LISTENER_ADDRESS end point of the node agents.
  4. ORB_LISTENER_ADDRESS end point of the application servers that are mebers of the cluster where the EJB is deployed.

Availability of Node Agent

For remote clients to successfully make EJB method calls, the node agent process must be running. This is the case even when the client does the JNDI lookup by connecting to the deplyment manager or one of the cluster member application servers.