Solved

What are the ports to be opened for JBOSS when running behind firewall

Posted on 2008-10-14
4
532 Views
Last Modified: 2013-12-02
Hi,
What are the ports to be opened for JBOSS when running behind firewall ?
Also, when multiple instances are running behind loadbalancer only for stateless session beans, do we need to configure for session affinity? Does RMI/JRMP requires session affinity for isolated stateless session bean invocations?

Thanks
0
Comment
Question by:ponnen
  • 2
  • 2
4 Comments
 
LVL 1

Expert Comment

by:visorx
ID: 22715500
Hi,
Although there are lot of ports Jboss uses, only three are sufficient for RMI invocation.
You should open three ports through your firewall, which are:
naming service, which is 1099
naming service RmiPort, which is 1098
and jrmp RMIObjectPort, which is 4444.
{I'm assuming the default config for Jboss, replace the ports with actual values}
Also make sure that the jboss-service.xml file in your server configuration is using these fixed ports.
You should have this in jboss-service.xml:
<mbean code="org.jboss.naming.NamingService"
name="jboss:service=Naming">
<attribute name="Port">1099</attribute>
<attribute name="RmiPort">1098</attribute>
</mbean>

and

<!-- RMI/JRMP invoker -->
<mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
name="jboss:service=invoker,type=jrmp">
<attribute name="RMIObjectPort">4444</attribute>
<depends>jboss:service=TransactionManager</depends>
</mbean>

Now on jboss in run script pass these parameters in run.sh or run.bat.

-Djava.rmi.server.hostname=<external-hostname>
-Djava.rmi.server.useLocalHostname=false

external-hostname is the host name of jboss server by which the clients will connect to this jboss instance.
Also the last lines ensure that "localhost" is not pass back to clients OUTSIDE the firewall.
{ if you still get "localhost" on client machine then try setting the useLocalHostname param to true. This is weird but on old jboss I had to use true!!! }

If you still are not able to connect then make sure that external-hostname gets resolved on JBOSS server to localhost.



For your second question: you'll not need to session affinity / state preservation for stateless bean.

Cheers!
0
 

Author Comment

by:ponnen
ID: 22716900
Thanks a lot for the reply. It is very informative.
I have three jboss instances running on seperate machines behind a firewall and load balancer. if I have service1, service2, service3 jboss instances, what should be the -Djava.rmi.server.hostname=<> value? Is it the corresponding service<n> ip address or the load balancer address? My client web app runs in another zone so it needs to go through firewall and load balancer to reach jboss instances.

Thanks in advance.
0
 
LVL 1

Accepted Solution

by:
visorx earned 250 total points
ID: 22718618
Ideally it should be the load-balancer "hostname". Please note that we want the hostname and not IP address here. Hope this helps..
Cheers!
0
 

Author Comment

by:ponnen
ID: 22727426
Thanks. that was helpful.
Could you please enlighten how the lookup works? Is it JNP lookup on port 1099 and then the client side stub communicate with server on JRMP 4444 for remote invocation marshalling/unmarshalling? Does the stub contain info (ip/port) about the server home interface? Would appreciate if anybody could describe the full communication process from lookup to method invocation.

Thanks a lot.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Most of the developers using Tomcat find it easy to configure the datasource in Server.xml and use the JNDI name in the code to get the connection.  So the default connection pool using DBCP (or any other framework) is made available and the life go…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
The viewer will learn how to implement Singleton Design Pattern in Java.
This tutorial covers a practical example of lazy loading technique and early loading technique in a Singleton Design Pattern.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now