Binding to a specific IP address

An IP stack may be configured with one or more IP addresses, also known as interfaces. You can configure WebSphere Application Server for z/OS to listen for requests on all available IP addresses or only a specific IP address. In a multiple IP stack environment, the IP addresses on which WebSphere Application Server listens may be on a single IP stack or may exist across multiple IP stacks. By default, WebSphere Application Server for z/OS listens across multiple IP stacks, if available. See Warning: no string named [crun_tcpip_consider] found. for information on how to control the IP stack on which WebSphere Application Server for z/OS listens.

For all non-multicast ports, WebSphere Application Server for z/OS is configured, by default, to listen on all IP addresses. Multicast ports, by their nature, are opened on a specific multicast IP address. Multicast IP addresses exist within a range established by your system TCP/IP configuration.

To configure WebSphere Application Server for z/OS to listen on a specific IP address, you must modify the IP configuration for each socket defined in the WebSphere Application Server for z/OS configuration. This must be done separately for each server that you intend to limit to a specific IP address. There are several server types, each with a distinct set of socket definitions. Each server type has multiple non-multicast socket definitions, as described below:

Daemon

Application Server

Deployment manager

Node agent

Configure each socket type to bind to a specific IP address, as follows:

HTTP transports

For an application server, find the HTTP transports configuration in the administrative console by clicking Administration > server_name > Web Container > HTTP Transports.

For a Version 5.1 deployment manager, find the HTTP transports configuration in the administrative console by clicking System Adminstration > Deployment Manager > HTTP Transports.

By default, the host attribute of the HTTP Transports is set to * (asterisk).

Whether you are configuring an application server or a deployment manager, set the host attribute of each HTTP transport to the appropriate IP name or address. If you specify an IP name, ensure that the IP name is one that can only resolve to a single IP address. For that reason, it is safer to specify only an IP address.

For a Version 5.0.2 deployment manager, you must locate the deployment manager server's server.xml file and modify the transport statements. The server.xml file is located in /WebSphereHomeDirectory/config/cells/cellName/nodes/nodeName/server/dmgr/server.xml, where

Locate the transport statements in the deployment manager server's server.xml file and edit the host values to contain the appropriate IP name or address:
     <transports xmi:type="applicationserver.webcontainer:HTTPTransport" xmi:id="HTTPTransport_1" sslEnabled="false">
          <address port="9091" host="" xmi:id="EndPoint_1"/>
     </transports> 

     <transports xmi:type="applicationserver.webcontainer:HTTPTransport" xmi:id="HTTPTransport_2" sslEnabled="true: sslConfig="FIGNOLAManager/DefaultSSLSettings">
          <address port="9044" host="" xmi:id="EndPoint_2"/>
          <properties xmi:id="Property_9" name="MaxKeepAliveConnections" value="0" required="false"/>
     </transports>
          

Note: It is important to ensure that your specified host value is enclosed in double quotes.

After updating server.xml, save the file and restart your deployment manager server to make the changes take effect.

End points

Daemon end points are unique and unlike that of the other server types. The daemon IP address is found in the administrative console by clicking System Administration > z/OS Location Service.

The daemon IP address that is specified in the z/OS Location Service configuration is the IP address that is exported in the Interoperable Object References (IORs) that represent the Remote Method Invocation (RMI) objects (for example, Enterprise JavaBeans) available in a server. The daemon IP address is frequently specified as Distributed dynamic virtual IP address, or DVIPA. See IBM z/OS Communications Server: IP Configuration Guide for more information on DVIPAs.

By default, the daemon listens on all available IP addresses.

To configure the daemon to listen on a specific IP address, you must first specify this IP address using WebSphere Managed variable DAEMON_protocol_iiop_listenIPAddress. Set this variable for the daemon by setting a node level WebSphere Managed Variable at Environment > WebSphere Managed Variables. You must specify this variable on each node that is part of the same cell. Please note that you must restart the daemon before this change takes effect. Also note that restarting the daemon terminates all servers on the same LPAR as the daemon you are restarting.

Note that you must do this for each node that you want to limit to a specific IP address. Since multiple Network Deployment nodes in the same cell, and on the same system, share a single daemon, you must explicitly specify the same variable value in each node on that system.

Follow the instructions to set a new variable named DAEMON_protocol_iiop_listenIPAddress to IP Address.

Note the DAEMON prefix on the variable designates that this setting applies only to the daemon. Otherwise, the setting affects all other servers on the node. You can only specify an IP address; an IP name is not allowed.

For an application server, find the end point's configuration in the administrative console by clicking System Administration > Deployment Manager > EndPoints, regardless of whether an application server or a deployment manager set the host attribute of each end point to the appropriate IP name or address.

However, note that certain end points require special handling, as follows:

BootStrap Address
The boot strap address is always specified as an IP name or address. Unlike a server that is running WebSphere Application Server on a distributed platform, a z/OS server does not use the bootstrap address specification to determine a port that is open. On z/OS, the bootstrap address specification's port number must always be the same as the ORB listener address's port number (see below). The bootstrap address is used by clients and other servers in order to establish RMI/IIOP communications with the server.
ORB and ORB SSL Listeners
The host attribute of the ORB and ORB SSL listeners is set to * (asterisk) by default. The asterisk designates that the server is to listen on all available IP addresses. Configure the ORB and ORB SSL listeners to bind to a specific IP address by setting the host attribute of each end point to the appropriate IP address. Note that you can specify only an IP address; you cannot specify an IP name.
SOAP Connector and Discovery Address
The SOAP connector and discovery addresses (non-multicast) are used by clients and other servers to connect to the server; therefore, they must always be specified as an IP address or IP name. If you specify an IP name, be careful that the IP name can only resolve to a single IP address.

By default, the SOAP connector and discovery addresses listen on all available IP addresses. To limit these end point types to listen on only the specified IP address or IP name, you must set JVM property com.ibm.websphere.network.useMultihome to false. Note that the default setting is true. Set this property in the General JVM Arguments attribute of your server's JVM configuration.

To set this property, connect to the administrative console and navigate to the indicated page.

Application server Servers > Application Servers >server_name > Process Definition > Control > Java Virtual Machine
Deployment manager System Administration > Deployment Manager > Process Definition > Control > Java Virtual Machine
Node agent System Administration >Node agents > nodeagent > Process Definition >Control > Java Virtual Machine

Regardless of whether you are doing this for an application server, deployment manager, or node agent, specify -Dcom.ibm.websphere.network.useMultihome=false in the General JVM Arguments attribute field of the Java Virtual Machine settings.




Searchable topic ID:   crunbndspec
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/crun_bndspec.html

Library | Support | Terms of Use | Feedback