Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 549
  • Last Modified:

What are the ports to be opened for JBOSS when running behind firewall

Hi,
What are the ports to be opened for JBOSS when running behind firewall ?
Also, when multiple instances are running behind loadbalancer only for stateless session beans, do we need to configure for session affinity? Does RMI/JRMP requires session affinity for isolated stateless session bean invocations?

Thanks
0
ponnen
Asked:
ponnen
  • 2
  • 2
1 Solution
 
visorxCommented:
Hi,
Although there are lot of ports Jboss uses, only three are sufficient for RMI invocation.
You should open three ports through your firewall, which are:
naming service, which is 1099
naming service RmiPort, which is 1098
and jrmp RMIObjectPort, which is 4444.
{I'm assuming the default config for Jboss, replace the ports with actual values}
Also make sure that the jboss-service.xml file in your server configuration is using these fixed ports.
You should have this in jboss-service.xml:
<mbean code="org.jboss.naming.NamingService"
name="jboss:service=Naming">
<attribute name="Port">1099</attribute>
<attribute name="RmiPort">1098</attribute>
</mbean>

and

<!-- RMI/JRMP invoker -->
<mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
name="jboss:service=invoker,type=jrmp">
<attribute name="RMIObjectPort">4444</attribute>
<depends>jboss:service=TransactionManager</depends>
</mbean>

Now on jboss in run script pass these parameters in run.sh or run.bat.

-Djava.rmi.server.hostname=<external-hostname>
-Djava.rmi.server.useLocalHostname=false

external-hostname is the host name of jboss server by which the clients will connect to this jboss instance.
Also the last lines ensure that "localhost" is not pass back to clients OUTSIDE the firewall.
{ if you still get "localhost" on client machine then try setting the useLocalHostname param to true. This is weird but on old jboss I had to use true!!! }

If you still are not able to connect then make sure that external-hostname gets resolved on JBOSS server to localhost.



For your second question: you'll not need to session affinity / state preservation for stateless bean.

Cheers!
0
 
ponnenAuthor Commented:
Thanks a lot for the reply. It is very informative.
I have three jboss instances running on seperate machines behind a firewall and load balancer. if I have service1, service2, service3 jboss instances, what should be the -Djava.rmi.server.hostname=<> value? Is it the corresponding service<n> ip address or the load balancer address? My client web app runs in another zone so it needs to go through firewall and load balancer to reach jboss instances.

Thanks in advance.
0
 
visorxCommented:
Ideally it should be the load-balancer "hostname". Please note that we want the hostname and not IP address here. Hope this helps..
Cheers!
0
 
ponnenAuthor Commented:
Thanks. that was helpful.
Could you please enlighten how the lookup works? Is it JNP lookup on port 1099 and then the client side stub communicate with server on JRMP 4444 for remote invocation marshalling/unmarshalling? Does the stub contain info (ip/port) about the server home interface? Would appreciate if anybody could describe the full communication process from lookup to method invocation.

Thanks a lot.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now