Skip navigation.

Configuring and Managing WebLogic Server

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents Index View as PDF   Get Adobe Reader

Configuring Network Resources

Configurable WebLogic Server resources, including network channels and domain-wide administration ports, help you effectively utilize the network features of the machines that host your applications and manage quality of service.

The following sections describe configurable WebLogic Server network resources, examples of their use, and the configuration process:


Overview of Network Configuration

For many development environments, configuring WebLogic Server network resources is simply a matter of identifying a Managed Server's listen address and listen port. However, in most production environments, administrators must balance finite network resources against the demands placed upon the network. The task of keeping applications available and responsive can be complicated by specific application requirements, security considerations, and maintenance tasks, both planned and unplanned.

WebLogic Server allows you to control the network traffic associated with your applications in a variety of ways, and configure your environment to meet the varied requirements of your applications and end users. You can:

You specify these and other connection characteristics by defining a network channel—the primary configurable WebLogic Server resource for managing network connections. You configure a network channel with the Servers-->Protocols-->Channels tab of the Administration Console or by using NetworkAccessPointMBean.

New Network Configuration Features in WebLogic Server

In this version of WebLogic Server, the functionality of network channels is enhanced to simplify the configuration process. Network channels now encompass the features that, in WebLogic Server 7.x, required both network channels and network access points. In this version of WebLogic Server, network access points are deprecated. The use of NetworkChannelMbean is deprecated in favor of NetworkAccessPointMBean.


Understanding Network Channels

The sections that follow describe network channels and the standard channels that WebLogic Server pre-configures, and discusses common applications for channels.

What Is a Channel?

A network channel is a configurable resource that defines the attributes of a network connection to WebLogic Server. For instance, a network channel can define:

Rules for Configuring Channels

Follow these guidelines when configuring a channel.

Custom Channels Can Inherit Default Channel Attributes

If you do not assign a channel to a server instance, it uses WebLogic Server's default channel, which is automatically configured by WebLogic Server, based on the attributes in ServerMBean or SSLMBean. The default channel is described in The Default Network Channel.

ServerMBean and SSLMBean represent a server instance and its SSL configuration. When you configure a server instance's Listen Address, Listen Port, and SSL Listen port, using the Server-->Configuration-->General tab, those values are stored in the ServerMBean and SSLMBean for the server instance.

If you do not specify a particular connection attribute in a custom channel definition, the channel inherits the value specified for the attribute in ServerMBean. For example, if you create a channel, and do not define its Listen Address, the channel uses the Listen Address defined in ServerMBean. Similarly, if a Managed Server cannot bind to the Listen Address or Listen Port configured in a channel, the Managed Server uses the defaults from ServerMBean or SSLMBean.

Why Use Network Channels?

You can use network channels to manage quality of service, meet varying connection requirements, and improve utilization of your systems and network resources. For example, network channels allow you to:

If you use a network channel with a server instance on a multi-homed machine, you must enter a valid Listen Address either in ServerMBean or in the channel. If the channel and ServerMBean Listen Address are blank or specify the localhost address (IP address or 127.*.*.*), the server binds the network channel listen port and SSL listen ports to all available IP addresses on the multi-homed machine. See The Default Network Channel for information on setting the listen address in ServerMBean.

Handling Channel Failures

When initiating a connection to a remote server, and multiple channels with the same required destination, protocol and quality of service exist, WebLogic Server will try each in turn until it successfully establishes a connection or runs out of channels to try.

Upgrading Quality of Service Levels for RMI

For RMI lookups only, WebLogic Server may upgrade the service level of an outgoing connection. For example, if a T3 connection is required to perform an RMI lookup, but an existing channel supports only T3S, the lookup is performed using the T3S channel.

This upgrade behavior does not apply to server requests that use URLs, since URLs embed the protocol itself. For example, the server cannot send a URL request beginning with http:// over a channel that supports only https://.

Standard WebLogic Server Channels

WebLogic Server provides pre-configured channels that you do not have to explicitly define.

The Default Network Channel

Every WebLogic Server domain has a default channel that is generated automatically by WebLogic Server. The default channel is based on the Listen Address and Listen Port defined in the ServerMBean and SSLMBean. It provides a single Listen Address, one port for HTTP communication (7001 by default), and one port for HTTPS communication (7002 by default). You can configure the Listen Address and Listen Port using the Configuration-->General tab in the Administration Console; the values you assign are stored in attributes of the ServerMBean and SSLMBean.

The default configuration may meet your needs if:

Using the default configuration ensures that third-party administration tools remain compatible with the new installation, because network configuration attributes remain stored in ServerMBean and SSLMBean.

Even if you define and use custom network channels for your domain, the default channel settings remain stored in ServerMBean and SSLMBean, and are used if necessary to provide connections to a server instance.

Note: Messages sent via the default channel can contain DNS information about the hosts they originate on or are destined to. If a T3 connection is established across a firewall that has network address translation (NAT) enabled, it is possible that some information about the network configuration behind the firewall will be revealed. Using the firewall to prevent T3 connections through the firewall will prevent this problem.

Administration Port and Administrative Channel

You can define an optional administration port for your domain. When configured, the administration port is used by each Managed Server in the domain exclusively for communication with the domain's Administration Server.

Administration Port Capabilities

An administration port enables you to:

If a administration port is enabled, WebLogic Server automatically generates an administration channel based on the port settings upon server instance startup.

Administration Port Restrictions

The administration port accepts only secure, SSL traffic, and all connections via the port require authentication. Enabling the administration port imposes the following restrictions on your domain:

Administration Port Requires SSL

The administration port requires SSL, which is enabled by default when you install WebLogic Server. If SSL has been disabled for any server instance in your domain, including the Administration Server and all Managed Servers, re-enable it using the Server--> Configuration-->General tab in the Administration Console.

Ensure that each server instance in the domain has a configured default listen port or default SSL listen port. The default ports are those you assign on the Server-->Configuration-->General tab in the Administration Console. A default port is required in the event that the server cannot bind to its configured administration port. If an additional default port is available, the server will continue to boot and you can change the administration port to an acceptable value.

By default WebLogic Server is configured to use demonstration certificate files. To configure production security components, follow the steps in Configuring the SSL Protocol in Managing WebLogic Security.

Configure Administration Port

Enable the administration port as described in Enabling the Domain-Wide Administration Port in Administration Console Online Help.

After configuring the administration port, you must restart the Administration Server and all Managed Servers to use the new administration port.

Booting Managed Servers to Use Administration Port

If you reboot Managed Servers at the command line or using a start script, specify the Administration Port in the port portion of the URL. The URL must specify the https:// prefix, rather than http://, as shown below.

Note: If you use Node Manager for restarting the Managed Servers, it is not necessary to modify startup settings or arguments for the Managed Servers. Node Manager automatically obtains and uses the correct URL to start a Managed Server.

If the hostname in the URL is not identical to the hostname in the Administration Server's certificate, disable hostname verification in the command line or start script, as shown below:

Custom Administrative Channels

If the standard WebLogic Server administrative channel does not satisfy your requirements, you can configure a custom channel for administrative traffic. For example, a custom administrative channel allows you to segregate administrative traffic on a separate NIC.

To configure a custom channel for administrative traffic, configure the channel as described in Configuring a Channel, and select "admin" as the channel protocol. Note the configuration and usage guidelines described in:


Configuring a Channel

You can configure a network channel using Servers-->Protocols-->Channels tab in the Administration Console or using the NetworkAccessPointMBean.

For instructions to configure a channel for a non-clustered Managed Server, see Configuring a Network Channel in Administration Console Online Help. To configure a channel for clustered Managed Servers see, Configuring Network Channels with a Cluster.

For a summary of key facts about network channels, and guidelines related to their configuration, see Configuring Channels: Facts and Rules.

Configuring Channels: Facts and Rules

Follow these guidelines when configuring a channel.

Channels and Server Instances

Configuration Changes are Not Dynamic

Channels and Protocols

Reserved Names

Channels, Proxy Servers, and Firewalls

If your configuration includes a a firewall between a proxy web server and a cluster (as described in Firewall Between Proxy Layer and Cluster, in Using WebLogicServer Clusters, and the clustered servers are configured with two custom channels for segregating https and http traffic, those channels must share the same listen address. Furthermore if both http and https traffic needs to be supported there must be a custom channel for each—it is not possible to use the default configuration for one or the other.

If either of those channels has a PublicAddress defined, as is likely given existence of firewall both channels must define PublicAddress, and they both must define the same PublicAddress.

Configuring Network Channels with a Cluster

To configure a channel for clustered Managed Servers, note the information in Configuring Channels: Facts and Rules, and follow the guidelines described in the following sections.

Create the Cluster

If you have not already configured a cluster you can:

For information and guidelines about configuring a WebLogic Server cluster, see Before You Start in Using WebLogic Clusters.

Create and Assign the Network Channel

Use the instructions in Configuring a Network Channel in Administration Console Online Help to create a new network channel for each Managed Server in the cluster. When creating the new channels:

Increase Packet Size When Using Many Channels

Use of more than about twenty channels in a cluster can result in the formation of multicast header transmissions that exceed the default maximum packet size. The MTUSize attribute in the Server element of config.xml sets the maximum size for packets sent using the associated network card to 1500. Sending packets that exceed the value of MTUSize can result in a java.lang.NegativeArraySizeException. You can avoid exceptions that result from packet sizes in excess of MTUSize by increasing the value of MTUSize from its default value of 1500.


Skip navigation bar  Back to Top Previous Next