Question & Answer
Question
How do you control ITM process port number usage
Answer
Overview
When an ITM process allocates a TCP/IP port which another application on the same server depends on, the other application may fail to run as expected.
Many details of protocols and protocol modifiers are found in this document:
This current document explains how to use the modifiers to avoid port number conflicts. This is all done with the KDE_TRANSPORT or KDC_FAMILIES environment variable. The examples ignore IPV6 protocols.
For this example, the goal is to ensure all ports used should be equal or higher than 40000.
Introduction
ITM processes typically have one listening port and several ephemeral ports. The listening port is controlled by the base port number and a search for a free port. For example
ip.pipe port 1918
means the ip pipe protocol is enabled and the base port is 1918, which is default. The base port number itself is reserved for a TEMS - in case it should ever be started. ITM uses some port numbers which are registered with IANA [http://www.iana.org/] and 1918 is registered along with some others. This avoids conflicts with other applications which make use of such registrations.
Controlling listening port number
The ITM process checks on port numbers base+N*4096, where N is 1 to 15. For example the first port checked in 1918+1*4096 or 6014. If all 15 are busy, then the communication process fails. One protocol modifier is SKIP and it means the check starts with N being the SKIP value and continues upward to 15. This setting
ip.pipe port 1918 SKIP:10 use:y
means the first port checked is 1918+10*4096 or 42878.
Incidently, for Agents there is nothing magic about 1918. You could set an entirely different base port, like 2345, to use a separate range of tested port numbers.
This setting makes sure the listening port is sufficiently high.
If the EPHEMERAL:Y modifier is used there is no listening port, although other limitations are introduced.
Controlling Ephemeral ports.
Ephemeral ports are allocated by the operating system and are used by ITM to communicate between ITM components. The ITM logic asks the operating system for the next free port and then uses it. If all programs worked like that, the possibility of conflicts are very low since there are 65535 different ports. However, some programs will have a dependence on ports. After an ITM process starts, an ephemeral port could prevent the other program from running successfully,
The protocol modifier POOL is used to control ephemeral port numbers used. For example
ip.pipe port 1918 SKIP:10 POOL:40000-40063
means that any ephemeral ports used by that ITM process on behalf of the ip.pipe protocol will be in the named range.
Each POOL is limited to 1024 numbers. If needed you can supply multiple POOL settings like this
ip.pipe port 1918 SKIP:10 POOL:40000-41023 POOL:41024-42027 use:y
but that use is rare.
Ephemeral ports and protocols
A separate POOL specification is for each protocol. If usage is turned off with a "use:n" then you do not need to worry about listening ports or ephemeral ports.
You also do not need POOL with the IP protocol. That is the UDP protocol and does not use sockets.
Here are the protocols you may have to configure.
ip.pipe
ip.spipe
There are http protocols in use. Each ITM process contains an internal web service by default. The following protocols are used to access the internal web server
ip.tcp.http port:1920
ip.ssl.https port:3661
The POOL settings for the http/https protocols are set like this
ip.tcp POOL:44000-44063
ip.ssl POOL:44064-44127
Here is an example to control all IPV4 pool settings including the web server protocols
ip.pipe port 1918 SKIP:10 POOL:40000-40063 use:y ip use:n ip.spipe use:n ip.tcp POOL:41000-41031 ip.ssl POOL:41064-41027
KDE_GATEWAY
Another source of ephemeral port usage is the KDE_Gateway process. It is used to pass ITM communications past complex firewall and network address translation environments. It has a section in the XML control file to control ephemeral port usage.See the following for details:
http://publib.boulder.ibm.com/infocenter/tivihelp/v15r1/topic/com.ibm.itm.doc_6.2.2fp2/firewall_gateway.htm#firewall_gateway
[One long line]
Summary
This document explains how to control port usage in ITM to avoid conflicts with existing applications.
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg21456737