WebSpeed
Product Update Bulletin
Using the NameServer Client Port Range Value Settings With a Firewall
In Progress Version 9.1B, Progress introduced support for setting the NameServer client port range minimum and maximum value. The purpose of this section is to review this feature, and to describe how you can use it when there is a firewall between the WebSpeed Messenger and the NameServer.
The Progress WebSpeed Messenger communicates with the NameServer using the User Datagram Protocol (UDP). When the WebSpeed Messenger initiates the connection, it sends a UDP packet to the known NameServer port. When the NameServer receives the packet, it sends a response packet, also in UDP packet form, back to the WebSpeed Messenger.
To facilitate communication when a firewall exists between the WebSpeed Messenger and the NameServer, you could open all UDP ports from the machine that is running the NameServer to the machine that is running the WebSpeed Messenger.
However, opening all 65,000 UDP ports from inside the firewall to outbound ports is a time-consuming job. Also, opening every port is not a necessity. In Progress Version 9.1B, Progress introduced two new parameters that allow you to specify a range of UDP ports. You can specify a client port range minimum with
minNSClientPort and a
client port range maximum withmaxNSClientPort.
Using these two new parameters, a firewall administrator can restrict the UDP response from the NameServer to the client. The administrator can specify a range of ports in the properties file and therefore reduce the number of UDP ports that are open in the firewall.
The following rules apply to the values set for these parameters:
Copyright © 2004 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |