Opening Ports on the Firewall
When setting up Oracle Communications Session Delivery Manager (SDM) in your network, you may have a firewall between the clients (browsers, SOAP, etc.) and the SDM cluster, and a firewall between the SDM cluster and other devices.
Note:
You cannot have firewalls between the servers in a cluster.If firewalls exist on either side of the SDM cluster, ensure the ports listed in the following table are open. If your operating system comes with a firewall, you need to apply the same criteria. You must switch off the firewall in your operating system or ensure these ports are available.
Port Number | Protocol | Service | Configurable | Affects Firewall? | Purpose |
---|---|---|---|---|---|
Between SDM Cluster and Network Clients | |||||
8443 | TCP | HTTPS | N | Y | Apache port. HTTPS port for client/server communication. |
8080 | HTTP | HTTP | N | Y | HTTP port for client/server communication. |
Between SDM Cluster and Network Devices | |||||
161 | UDP | SNMP | N | Y | SNMP traffic between the SDM server and the device. |
162 | UDP | SNMP | N | Y | SNMP trap reporting from the device to the SDM server. |
22/21 | SFTP/FTP | Used for file transfer (such as Route Manager and LRT updates). | |||
8080 | HTTP | AMI | N | Y | Used by SDM to communicate with 9200 devices via AMI. |
5060 | TCP | N | Y | Used for SDM Trunk Manager (SIPTX) to communicate with SP-SBC. | |
3001/ 3000 | ACP/ACLI | Used by SDM to communicate with all versions of the device except for the Acme Packet 9200. | |||
Between SDM Servers in the Cluster | |||||
1098 | TCP | RMI | N | Y | RMI Communication between host members in a cluster. |
1099 | TCP | RMI Lookup | N | Y | RMI registry port. Used for the RMI communication between host members in a cluster. |
5701 | TCP | Hazelcast | N | Used by Hazelcast communication for distributed data structures, peer-to-peer collective data distribution. | |
5000/ 5801 | TCP | Hazelcast | N | Y | Used by the Hazelcast management console port for the SDM distributed scheduler service. |
54327 | UDP | Hazelcast | N | Y | Used by Hazelcast for cluster member discovery. |
8005 | TCP | HTTP | N | Y | Tomcat shutdown port used by the shutdown script. Can be blocked on a firewall because it is local to the SDM server. |
8009 | TCP | Apache | N | Y | Tomcat port. |
9000 | TCP | Berkeley | N | Y | Berkeley database. |
61616 | TCP | Apache | N | Y | Message broker. |
22 | TCP | SFTP | N | Y | Used to transfer files between SDM servers. |
Either port 8080 (HTTP) or port 8443 (HTTPS) must be open on the firewall, depending on which port you select between the network client and SDM server.
Note:
Ports are assigned dynamically through Remote Method Invocation (RMI) dynamic port allocation. If you are enabling and configuring iptables, all traffic must be allowed between servers in the cluster. Communication between clustered SDM servers must not be restricted.