Firewall Settings (Magic xpa 4.x)
This section describes the changes that you need to make to set fixed ports for the GigaSpaces infrastructure.
There are two settings that should be enabled:
-
The discovery port. (refer to https://docs.gigaspaces.com/xap/11.0/admin/network-over-firewall.html for the default port.)
-
The range of ports for the LRMI (the protocol for internal communication between grid components).
Both settings are disabled by default in the setenv.bat file. They both can be enabled separately in setenv.bat. This means that if you want to keep the default discovery port, and only configure the range of ports for the LRMI, you can enable only the LRMI settings.
|
|
In case of a non-default discovery port, the port needs to be suffixed to the machine name in Magic xpa GS Monitor as well. For example, myserver:4175.
|
The GigaSpaces Wiki gives the following instructions for the firewall settings:
-
Configure the Discovery port and LRMI range (and not based on the randomly selected range of ports).
-
Firewall rules for incoming traffic should include an opening TCP port for each defined listener port.
-
The range of port numbers should be higher than 1024 and lower than 65536. Only free unassigned ports are allowed.
The recommended port ranges are: above 7100 in free unassigned IANA ranges (7102-7120, 7130-7160, 7167-7173, 7175-7199, 7228-7271, 7282-7299, 7366-7390..., 47558-47623, 47625-47805, 47809-47999, 48004-48127, 48620-49150)
