HAFM SW 08.08.00 HP StorageWorks HA-Fabric Manager Transition Guide (AA-RV1MD-TE, January 2006)
Table Of Contents
- Contents
- Upgrading to HAFM 8.8
- Comparing HAFM 7.x and 8.x features
- Configuring HAFM through a firewall
- Index
HA-Fabric Manager transition guide 33
-Dsmp.webServer -Dsmp.callback.passive
-Dsmp.flavor=%APP_FLAVOR% Server
...............
:end
popd
endlocal
Configuring TCP port numbers to allow firewall access
This section provides details about configuring TCP port numbers for Remote Method Invocation
(RMI) servers and registries to allow HAFM client and server applications to function across
firewalls.
HAFM function with RMI at TCP port level
The RMI protocol lies between the HAFM application and the TCP/IP layer.
As shown in Figure 3, the HAFM appliance and clients communicate with each other through the
RMI server. This communication is a full-duplex function. However, before the RMI server on the
HAFM client can communicate with the RMI server on the HAFM appliance, it must know the TCP
port number of the RMI server. The function of the RMI registry is to communicate this TCP port
number to the HAFM client. Once this is done successfully, communication can take place between
the RMI server on the HAFM appliance and the HAFM client. (The HAFM appliance obtains the TCP
port number of the RMI server on the client during initial communications.)
Figure 3 HAFM appliance and client communications
The TCP port numbers of the RMI server are randomly and automatically selected on both the HAFM
appliance and client as a full-duplex function. This situation poses a major problem for firewalls
because they need to know which TCP port numbers to pass through and which numbers to block.
Firewalls are configured to block all unknown incoming connections with no mapping of outgoing
connections based on a socket port of TCP and IP.
HAFM appliance
RMI server RMI registry
HAFM client
RMI server RMI registry
RMI servers TCP/IP port #
RMI servers TCP/IP port #
Full-duplex communication