Network Ports Used in Oracle Enterprise Manager 12c
When planning and configuring your Oracle Enterprise Manager 12c implementation, you will have many infrastructure considerations. One of the most often discussed pieces is the network ports that are used and how to configure load balancers, firewalls and ACLs for communication.
This blog post will help identify the typical default port and range for each component, how to identify it and how to modify the port usage.
To modify most ports during installation, select the Advanced Installation and set the appropriate ports on the Port Configuration Details screen.
Once the system is installed, you can use the following EMCTL or OMSVFY commands to validate components and port assignment:
$emctl status oms -details
$omsvfy show opmn
$omsvfy show ports
$omsvfy show opmn
$omsvfy show ports
To verify if a port is free, run the following command:
On Unix:
$netstat -an | grep <port no>
$netstat -an | grep <port no>
On Microsoft Windows:
>netstat -an|findstr <port_no>
>netstat -an|findstr <port_no>
For more information on OMSVFY (part of the EMDIAG toolkit) see MOS Note 421053.1: EMDIAG Troubleshooting Kits Master Index
External Ports
These ports will be used in every Enterprise Manager 12c installation and will require firewall and/or ACL modifications if your network is restricted. These are also the components that will be added to your load balancer configuration.
Default Port
|
Range
|
Component
|
Usage
|
Modify
|
4889
|
4889 – 4898
|
Enterprise Manager OHS Upload HTTP
|
Agent Communication to OMS (unsecure). Used in load balancer.
| |
1159
|
1159, 4899 – 4908
|
Enterprise Manager OHS Upload HTTP SSL
|
Agent Communication to OMS (secure). Used in load balancer.
| |
7788
|
7788 – 7798
|
Enterprise Manager OHS Central Console HTTP (Apache/UI)
|
Web browser connecting to Cloud Control Console (unsecure). Used in load balancer and for EM CLI.
|
To modify after install follow notes1381030.1.
|
7799
|
7799 - 7809
|
Enterprise Manager OHS Central Console HTTP SSL (Apache/UI)
|
Web browser connecting to Cloud Control Console (secure). Used in load balancer and for EM CLI.
|
To modify after install follow note1381030.1.
|
7101
|
7101 - 7200
|
EM Domain WebLogic Admin Server HTTP SSL Port
|
Cloud Control Admin Server.
|
To modify after install follow note1109638.1.
|
3872
|
3872, 1830 – 1849
|
Cloud Control Agent
|
Only the OMS will connect to this port, to either report changes in the monitoring, submit jobs, or to request real-time statistics.
|
Port can be provided during Agent install.
If the agent port needs to be changed at a later date this can be done with the following command on the agent:
emctl setproperty agent -name EMD_URL -value https://hostname.domain:port/emd/main/ This will allow the agent to run on the new port, however the target does not get renamed so continues to show the original port. |
1521*
|
Depends on Listener Configuration
|
Database Targets - SQL*Net Listener
|
For Repository database, only the OMS will connect to store management data from
the agents. For all monitored target databases OMS will retrieve information requested by browser clients.
|
To modify this port for the repository database:
Change the listener.ora file for the EM repository. Restart the listener. Then for every OMS machine using that repository run the following:
emctl stop oms
emctl config oms -store_repos_details -repos_conndesc <connect descriptor of database> -repos_user sysman emctl start oms emctl config emrep -agent <agent name> -conn_desc <connect descriptor of database>
To modify this port for monitored targets, change the listener configuration on the target, then update Monitoring Configuration in EM.
|
7101
|
7101 - 7200
|
FMW Targets – Admin Console
|
Outgoing from OMS, used for managing FMW targets.
|
To modify after install follow note1109638.1.
|
NA
|
NA
|
ICMP
|
Outgoing from OMS to host servers if the Agent is unreachable. Validates if server is up or down.
|
NA
|
Internal Ports
These ports are required for internal Enterprise Manager communication and typically do not require additional firewall/ACL configuration.
Default Port
|
Range
|
Component
|
Usage
|
Modify
|
7201
|
7201 – 7300
|
EM Domain WebLogic Managed Server HTTP Port
|
Used for Fusion Middleware communication.
|
Configured during installation
|
7301
|
7301 – 7400
|
EM Domain WebLogic Managed Server HTTP SSL Port
|
Used for Fusion Middleware communication.
|
Configured during installation
|
7401
|
7401 – 7500
|
Node Manager HTTP SSL Port
|
Used for Fusion Middleware communication.
|
Configured during installation
|
6702
|
6100 - 6199
|
Oracle Notification Server (OPMN) Local
|
Ports used by OPMN can be verified from <MW_HOME> /gc_inst/WebTierIH1
/config /OPMN/opmn/opmn.xml:
<debug comp="" rotation-size="1500000"/> <notification-server interface="any"> <port local="6700" remote="6701"/> |
Modify the opmn.xml to use free ports as below:
1. Stop OMS
2. Take a backup of the existing opmn.xml and ports.prop in the <MW_HOME>/ gc_inst/WebTierIH1/ config /OPMN/opmn directory.
3. Edit the opmn.xml file, under the <notification-server> element, modify the local / remote port, as necessary to the free port available and save the file.
4. Edit the ports.prop file and modify the remote / local port parameters as necessary and save the file.
5. Start the OMS
|
6703
|
6200 - 6201
|
Oracle Notification Server (OPMN) Remote
|
Ports used by OPMN can be verified from <MW_HOME> /gc_inst/WebTierIH1
/config/OPMN/opmn/opmn.xml:
<debug comp="" rotation-size="1500000"/> <notification-server interface="any"> <port local="6700" remote="6701"/> |
Modify the opmn.xml to use free ports as below:
1. Stop OMS
2. Take a backup of the existing opmn.xml and ports.prop in the <MW_HOME> /gc_inst/WebTierIH1/ config/OPMN/opmn directory.
3. Edit the opmn.xml file, under the <notification-server> element, modify the local / remote port, as necessary to the free port available and save the file.
4. Edit the ports.prop file and modify the remote / local port parameters as necessary and save the file.
5. Start the OMS
|
Optional
These ports required only if certain components are to be used and firewall/ACL changes may be needed.
Default Port
|
Range
|
Component
|
Usage
|
Modify
|
443
|
Secure web connection (https - 443) to updates.oracle.com support.oracle.com
ccr.oracle.com
login.oracle.com
aru-akam.oracle.com
|
Outgoing from OMS used for online communication with Oracle for OCM, MOS, Patching, Self-Updates, ASR
|
Proxy settings defined via the UI (Setup -> Proxy Settings)
Do not use the OMS parameters! | |
51099
|
Application Dependency and Performance RMI Registry Port
|
ADP
|
Configured during installation
| |
55003
|
Application Dependency and Performance Java Provider Port
|
ADP
|
Configured during installation
| |
55000
|
Application Dependency and Performance Remote Service Controller Port
|
ADP
|
Configured during installation
| |
4210
|
Listen
|
ADP
|
Configured during installation
| |
4211
|
SSL Listen Port
|
ADP
|
Configured during installation
| |
3800
|
JVM Managed Server Listen
|
JVM
|
Configured during installation
| |
3801
|
JVM Managed Server SSL Listen
|
JVM
|
Configured during installation
| |
9701
|
9701-49152
|
BI Publisher HTTP
|
BI Publisher
|
During install can modify with configureBIP script. Post-install can be modified per Note1524248.1
|
9702
|
9701-49152
|
BI Publisher HTTP SSL Port
|
BI Publisher
|
During install can modify with configureBIP script. Post-install can be modified per Note1524248.1
|
No comments:
Post a Comment