You must plan for data grid traffic between a client and
the data grid servers.
The examples illustrate where you must allow communication between
clients and data grid servers. You should read the port properties
and values that are defined in Planning for network ports.
Figure 1. Client to grid communication: IBM® eXtremeIO (XIO) transport
only. Communication between a client and data grid servers must be
allowed through any firewall.
Figure 2. Client to grid communication: Object Request Broker (ORB)
transport only. Communication between a client and data grid servers
must be allowed through any firewall.
- CL1: Only the client application can initiate traffic.
- If a listener port is not configured, the data grid server uses
the default that is set to 2809. In this example,
the listener port is set to 2809. Client to
data grid server traffic uses source port: ephemeral, destination
port: 2809, and only when the connection is
opened by the client can traffic from the data grid server flow over
the same connection.
Note: When a data grid server operates inside
WebSphere Application Server and uses an Object Request Broker (ORB)
transport protocol, another port ORB_LISTENER_ADDRESS must also be
opened. The BOOTSTRAP_ADDRESS port forwards requests to this port.
- CL2: IBM® eXtremeIO (XIO) transport protocol only. Only the client
can initiate traffic.
- If a listener port is not configured, an ephemeral port is chosen
at startup and this port can vary each time that the server is restarted.
In this example, the listener port is set to 2809.
Client to data grid server traffic uses source port: ephemeral, destination
port: 2809, and only when the connection is
opened by the client can traffic from the data grid server flow over
the same connection.
- CL3: Object Request Broker (ORB) transport protocol only. Both
sides can initiate traffic.
- If a listener port is not configured on the client application
or data grid server, an ephemeral port is chosen at startup and this
port can vary each time that the client application or data grid server
is restarted. In this example, a listener port is set to 2809.
For traffic that is initiated by the client application, outbound
traffic uses source port: ephemeral, destination port: 2809,
and return traffic from A.ContainerServer1 server flows over the same
connection. Similarly, for traffic that is initiated by A.ContainerServer1
server, outbound traffic uses source port: ephemeral, destination
port: 2809, and return traffic from the client
flows over the same connection.
Note: When a client application or
data grid server operates inside WebSphere Application Server and
uses an ORB transport protocol, another port ORB_LISTENER_ADDRESS
must also be opened. The BOOTSTRAP_ADDRESS port forwards requests
to this port.
- CL4, CL5: ORB transport protocol only. When either an ORB or XIO
transport protocol is used, Secure Socket Layer (SSL) is an optional
configuration. Both sides can initiate traffic.
- XIO does not use a separate SSL port and sends SSL traffic over
the listener port. The following applies only when an ORB transport
protocol is used: If an SSL port is not configured on the client application
or data grid server, an ephemeral port is chosen at startup and this
port can vary each time the client application or data grid server
is restarted. If SSL is enabled, then both sides of the data grid
server can initiate traffic. In this example, both sides have an
SSL port that is set to 37511. For traffic
that is initiated by the client, outbound traffic uses source port:
ephemeral, destination port: 37511, and return
traffic from data grid server flows over the same connection. Similarly,
for traffic that is initiated by the data grid server, outbound traffic
uses source port: ephemeral, destination port: 37511,
and return traffic from the client flows over the same connection.