| Author |
Message
|
| queuetip |
 Posted: Wed Feb 22, 2006 11:37 am Post subject: Reserving Ports For MQSeries Listener - Windows Server 2003? |
 |
|
Acolyte
Joined: 03 Feb 2005
Posts: 67
|
Anyone know how to prevent applications from "stealing" MQSeries V5.3 listener ports? Seeing this during the day when a queue manager is down and is determined to be needed later in the day. BTW, starting every queue manager on reboot is not an option - we have too many.
I think for UNIX the ADDTCPPORT command can reserve use by security group (e.g. MQM). I think that can get around the issue.
However, for Windows Server 2003 - I can't find out the equivilent Windows command or how to reserve the ports for an application or user group. I would appreciate any tips or ideas.
Thanks! 
Mike |
|
| Back to top |
|
 |
| KramJ |
| Posted: Wed Feb 22, 2006 12:48 pm Post subject: |
|
|
Voyager
Joined: 09 Jan 2006
Posts: 80
Location: Atlanta
|
Add it to C:\windows\system32\drivers\etc\services
I'm not 100% sure of this, but I believe that will reserve the port. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Feb 22, 2006 2:50 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
If you need multiple ports reserved:
MQSeries1 1414/tcp
MQSeries2 xxxx/tcp
etc...
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| wschutz |
| Posted: Wed Feb 22, 2006 3:10 pm Post subject: |
|
|
Jedi Knight
Joined: 02 Jun 2005
Posts: 3316
Location: IBM (retired)
|
| KramJ wrote: |
Add it to C:\windows\system32\drivers\etc\services
I'm not 100% sure of this, but I believe that will reserve the port. |
Does it really? If it reserves the port, what allows MQ to use it ?
_________________
-wayne |
|
| Back to top |
|
|
| mvic |
| Posted: Wed Feb 22, 2006 3:33 pm Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| wschutz wrote: |
| KramJ wrote: |
Add it to C:\windows\system32\drivers\etc\services
I'm not 100% sure of this, but I believe that will reserve the port. |
Does it really? If it reserves the port, what allows MQ to use it ? |
Perfect logic!
The only way to reserve a port is to bind to it yourself. One way (not necessarily the best way, or recommended) to do this is by starting runmqlsr manually before the queue manager is running:
| Code: |
| runmqlsr -m QMNAME -t tcp -p 1414 |
|
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Feb 22, 2006 3:35 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| wschutz wrote: |
| KramJ wrote: |
Add it to C:\windows\system32\drivers\etc\services
I'm not 100% sure of this, but I believe that will reserve the port. |
Does it really? If it reserves the port, what allows MQ to use it ? |
It does reserve the Port (but only for Inetd purposes). If you start manually a different service on the same port you are SOL.
The fact that the entries are labeled
MQSeries xxxx/tcp
or
MQSeriesxx xxxx/tcp
is what marks it for MQ use
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| wschutz |
| Posted: Wed Feb 22, 2006 3:45 pm Post subject: |
|
|
Jedi Knight
Joined: 02 Jun 2005
Posts: 3316
Location: IBM (retired)
|
fj, if thats the case, how come I can do this:
| Quote: |
C:\WINNT\system32\drivers\etc>find "1433" services
---------- SERVICES
ms-sql-s 1433/tcp #Microsoft-SQL-Server
ms-sql-s 1433/udp #Microsoft-SQL-Server
C:\WINNT\system32\drivers\etc>runmqlsr -t tcp -p 1433
5724-H72 (C) Copyright IBM Corp. 1994, 2004. ALL RIGHTS RESERVED.
|
_________________
-wayne |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Feb 22, 2006 3:47 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Because you are not running the listener on the inetd service.
This is the equivalent of starting a service manually on a port.
As I said in my post SOL. 
Did you miss only for inetd purposes ?
We usually put our listener ports into the services file so no other progs will grab the port and run the listener on those ports using runmqlsr...
_________________
MQ & Broker admin
Last edited by fjb_saper on Wed Feb 22, 2006 3:51 pm; edited 1 time in total |
|
| Back to top |
|
|
| mvic |
| Posted: Wed Feb 22, 2006 3:48 pm Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| fjb_saper wrote: |
It does reserve the Port (but only for Inetd purposes).
...
The fact that the entries are labeled
MQSeries xxxx/tcp
or
MQSeriesxx xxxx/tcp
is what marks it for MQ use |
I'm sure you appreciate this, but I think it relevant to add the following. (1) This is Windows; there is no inetd. (2) Whether on Windows or *ix, port 1414 can be grabbed by bind() in any process, regardless of the contents of etc/services. |
|
| Back to top |
|
|
| wschutz |
| Posted: Wed Feb 22, 2006 3:50 pm Post subject: |
|
|
Jedi Knight
Joined: 02 Jun 2005
Posts: 3316
Location: IBM (retired)
|
| Quote: |
| Did you miss only for inetd purposes ? |
No, but that wasn't the original question .....
_________________
-wayne |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Feb 22, 2006 3:55 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
The original question was how to reserve a port for MQSeries.
The answer is you can't.
The qualified answer is: if you enter the port into the services file there is a good chance that "well behaved" apps will leave it alone.
Any port can be grabbed by a "manual" start (like runmqlsr) as long as it is not already in use.
The port issue should really be discussed with the network group on your site. They can tell you what they do to reserve ports for an app.
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| mvic |
| Posted: Wed Feb 22, 2006 4:03 pm Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| fjb_saper wrote: |
| Any port can be grabbed by a "manual" start (like runmqlsr) as long as it is not already in use. |
This stops others from binding to the port (ie. "reserves the port"), no?  |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Feb 22, 2006 4:08 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| mvic wrote: |
| fjb_saper wrote: |
| Any port can be grabbed by a "manual" start (like runmqlsr) as long as it is not already in use. |
This stops others from binding to the port (ie. "reserves the port"), no? |
Sure but what about if conflict arise at start up, or you need to shut the listener down and cannot restart it on the same port? What if using your port prevents some other application from working correctly?
The port issue is really more of a regulatory and compliance issue than a technical issue.
If your organization reserves a certain number of ports for use with specific applications you should comply and use these ports only for said application.
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| mvic |
| Posted: Wed Feb 22, 2006 4:31 pm Post subject: |
|
|
Jedi
Joined: 09 Mar 2004
Posts: 2080
|
| fjb_saper wrote: |
| Sure but what about if conflict arise at start up, or you need to shut the listener down and cannot restart it on the same port? What if using your port prevents some other application from working correctly? |
Sure, no disagreement. This is definitely a potential reason why my suggestion might not work on some occasions.
| Quote: |
| The port issue is really more of a regulatory and compliance issue than a technical issue. |
OK, in principle, if there is such a group/person to appeal such issues to. The answers being offered here (at least by me) are technical options. It's entirely possible (as far as I know) the OP has no regulatory group to which this question can be appealed.
| Quote: |
| If your organization reserves a certain number of ports for use with specific applications you should comply and use these ports only for said application. |
No disagreement. |
|
| Back to top |
|
|
|
|
