WebSphere® eXtreme Scale servers
require several ports to operate.
Important: Avoid hard coding port numbers from the ephemeral
range of your operating system. If you set a port that belongs in
the ephemeral range, port conflicts can occur.
Catalog service domain
A catalog service
domain requires the following ports to be defined:
- peerPort
- Specifies the port for the high availability (HA) manager to communicate
between peer catalog servers over a TCP stack. In WebSphere Application Server, this setting is inherited
by the high availability manager port configuration.
Note: This port is only used for peer-to-peer communication
between multiple catalog servers in the same domain.
- clientPort
- Specifies the port that peer catalog servers use to access each
other's service data. While the value defined for peerPort is used
for heartbeat communication between peers that are in the same domain,
the clientPort is the port over which actual data gets exchanged.
In WebSphere Application Server, this port is
set through the catalog service domain configuration.
Note: This port is only used for peer-to-peer communication
between multiple catalog servers in the same domain.
- listenerPort (catalog server)
- Specifies the port number to which
the Object Request Broker or the eXtremeIO
(XIO) transport protocol binds for communication. The port number that is defined for listenerPort
is used for communication between a client and a catalog server, and
communication between a container server and a catalog server that
are in the same domain. It is also used for interdomain and intradomain
communication between catalog servers.
Default: 2809
Note: When a data grid server is run inside WebSphere Application Server and the ORB transport protocol is being used, another port ORB_LISTENER_ADDRESS
must also be opened. The BOOTSTRAP_ADDRESS port forwards requests
to this port. If you are using the XIO
transport protocol, the XIO_ADDRESS port must be opened.
- JMXConnectorPort
- Defines the Secure Sockets Layer
(SSL) port to which the Java Management Extensions (JMX) service binds.
Only required if an SSL transport protocol is needed for JMX data.
Note: If you want to collect JMX data, then
a JMXServicePort port must also be opened.
Note: If SSL is enabled and a value for JMXConnectorPort
is not defined, an ephemeral port is chosen and this port can vary
each time that the server is restarted.
- SSLPort (optional)
- For secure transport of grid data, the SSL port is used only when
the ORB transport protocol is used.The
XIO protocol does not use a separate SSL port but will send SSL traffic
over the listener port. If an SSL port is not configured an
ephemeral port is chosen at startup, and this can vary each time the
catalog server is restarted. When security is enabled, you must use
the following argument on the startOgServer or startXsServer script
to configure the Secure Socket Layer (SSL) port: -jvmArgs
-Dcom.ibm.CSI.SSLPort=<sslPort>.
Container servers
The
WebSphere eXtreme Scale container servers also
require several ports to operate. By default, an
eXtreme Scale container server
generates its HA manager port and listener port automatically. For
an environment that has a firewall, it is advantageous for you to
plan and control ports. For container servers to start with specific
ports, you can use the following options in the
startOgServer or startXsServer command.
- haManagerPort
- Specifies the port used by the High Availability
(HA) manager for heartbeat communication between peer container servers.
The haManagerPort port is only used for peer-to-peer communication
between container servers that are in same domain. If the haManagerPort
property is not defined, then an ephemeral port is used. In WebSphere Application Server, this setting is inherited
by the high availability manager port configuration.
Default: A dynamic port is chosen.
- listenerPort (container server)
- Specifies the port number
to which the ORB or the XIO transport
protocol binds for communication. The
port number that is defined for listenerPort is used for bidirectional
communication between a client and a container server; and between
a catalog server and a container server that are in the same domain.
It is also used for intradomain replication between primary and replica
shards, and interdomain replication between primary shards.
Default: An ephemeral port is chosen.
Note: When a data grid
server is run inside WebSphere Application Server and the ORB transport protocol is being used, another port ORB_LISTENER_ADDRESS
must also be opened. The BOOTSTRAP_ADDRESS port forwards requests
to this port. If you are using the XIO
transport protocol, the XIO_ADDRESS port must be opened.
- JMXConnectorPort
- Defines the Secure Sockets Layer
(SSL) port to which the Java Management Extensions (JMX) service binds.
Only required if an SSL transport protocol is needed for JMX data.
Note: If you want to collect JMX data, then
a JMXServicePort port must also be opened.
Note: If SSL is enabled and a value for JMXConnectorPort
is not defined, an ephemeral port is chosen and this port can vary
each time that the server is restarted.
- JMXServicePort
- Required only for WebSphere eXtreme Scale in a stand-alone environment.
Specifies the port number on which the MBean server listens for communication
with Java Management Extensions (JMX).
Default: 1099
- xioChannel.xioContainerTCPSecure.Port

Deprecated: This property has been deprecated. The value that is specified by
the listenerPort property is used instead.
Specifies the SSL
port number of eXtremeIO on the server. This property is used only
when the transportType property is set to SSL-Supported or SSL-Required.
- xioChannel.xioContainerTCPNonSecure.Port

Deprecated: This property has been deprecated. The value that is specified by
the listenerPort property is used instead.
Specifies the non-secure
listener port number of eXtremeIO on the server. If you do not set
the value, an ephemeral port is used. This property is used only when
the transportType property is set to TCP/IP.Restriction: The xioChannel.xioContainerTCPNonSecure.Port property is not supported
in the Liberty profile.
- SSLPort (optional)
- For secure transport of grid data, the SSL port is used only when
the ORB transport protocol is used. The
XIO protocol does not use a separate SSL port but will send SSL traffic
over the listener port. If an SSL port is not configured an ephemeral
port is chosen at startup, and this can vary each time the container
server is restarted. When security is enabled, you must use the following
argument on the startOgServer or startXsServer script
to configure the Secure Socket Layer (SSL) port: -jvmArgs
-Dcom.ibm.CSI.SSLPort=<sslPort>.
Proper planning of port control is essential
when hundreds of Java™ virtual
machines are started in a server. If a port conflict exists, container
servers do not start.
Clients
When
using an ORB transport protocol, WebSphere eXtreme Scale clients can receive
callbacks from servers when you are using the
DataGrid API
or other multi-partition operations. Use the
listenerPort property
in the client properties file to specify the port on which the client
listens for callbacks from the server.
- listenerPort (client)
- Specifies the port number to
which the ORB or the XIO transport
protocol binds for communication. This setting configures the client
to communicate with the catalog and container service. If a listener
is not configured with the ORB transport protocol, an ephemeral port
is chosen at startup. This port can vary each time the client application
is started.
Default: An ephemeral port is chosen.
Note: When a data grid client is run inside WebSphere Application Server and the ORB transport
protocol is being used, another port ORB_LISTENER_ADDRESS must also
be opened. The BOOTSTRAP_ADDRESS port forwards requests to this port.
- SSLPort (optional)
- For secure transport of grid data, the SSL port is used only when
the ORB transport protocol is used. When the ORB or XIO transport
protocol is used, SSL is an optional configuration. When SSL is enabled
with the XIO protocol, it does not use a separate SSL port and sends
SSL traffic over the listener port. When SSL is enabled with the ORB
transport protocol, both sides can initiate traffic. If an SSL port
is not configured an ephemeral port is chosen at startup, and this
can vary each time the client is restarted. When security is enabled,
you must use the following system property when starting the client
process: -Dcom.ibm.CSI.SSLPort=<sslPort>.
Ports in WebSphere Application Server
- The listenerPort value is inherited. The
value is different depending on the type of transport you are using:
- If you are using the ORB transport, the BOOTSTRAP_ADDRESS and
the ORB_LISTENER_ADDRESS values for each WebSphere Application Server application
server are used.
If you are using the IBM eXtremeIO transport,
the XIO_ADDRESS value is used.
- The haManagerPort and peerPort values
are inherited from the DCS_UNICAST_ADDRESS value
for each WebSphere Application Server application
server.
- The JMXServicePort and JMXConnectorPort values
are inherited from the BOOTSTRAP_ADDRESS value
for each WebSphere Application Server application
server.
- The SSLPort value is inherited from the CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS value
for each WebSphere Application Server application
server.
You can define a catalog service domain in the administrative
console. For more information, see Creating catalog service domains in WebSphere Application Server.
You
can view the ports for a particular server by clicking one of the
following paths in the administrative console:
- WebSphere Application Server Network Deployment Version 7.0 and
later: .
Planning your environment
for firewall communication
In order for correct data grid operations
to occur, you must ensure that all necessary grid communication is
allowed through any firewall. The following topics are based on an
example scenario in which there are two domains: A and B. Each catalog
service domain has two catalog servers and two container servers.
An inter-domain link exists between domain A and domain B. Use this
sample to identify which ports must be opened. Except where noted,
Transport Control Protocol (TCP) transport is used for all firewall
communication.