ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum IndexGeneral IBM MQ SupportNot able to see MQ listener port in the netstat output

Post new topicReply to topic
Not able to see MQ listener port in the netstat output View previous topic :: View next topic
Author Message
Mangesh1187
PostPosted: Fri Feb 23, 2018 4:27 am Post subject: Not able to see MQ listener port in the netstat output Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

I have MQ 8.0.0.4 installed on Linux & created a Queue manager QM1 with two listener.
Also I have started these listeners on the port 15000 & 15005 respectively. PFB screenshot :


display lsstatus(*) all
2 : display lsstatus(*) all
AMQ8631: Display listener status details.
LISTENER(LSNR1) STATUS(RUNNING)
PID(5901) STARTDA(2017-06-06)
STARTTI(12.38.19) DESCR( )
TRPTYPE(TCP) CONTROL(QMGR)
IPADDR(*) PORT(15000)
BACKLOG(100)
AMQ8631: Display listener status details.
LISTENER(LSNR2) STATUS(RUNNING)
PID(5902) STARTDA(2017-06-06)
STARTTI(12.38.19) DESCR( )
TRPTYPE(TCP) CONTROL(QMGR)
IPADDR(*) PORT(15005)
BACKLOG(100)


From command prompt I can see the runmqlsr process presence with these two ports :

[mqm@XXXXX ]$ ps -ef| grep runmqlsr
mqm 5901 5883 0 2017 ? 00:02:56 /opt/IBM/mqm/bin/runmqlsr -r -m QM1 -t TCP -p 15000
mqm 5902 5883 0 2017 ? 00:02:48 /opt/IBM/mqm/bin/runmqlsr -r -m QM1 -t TCP -p 15005
mquser 10895 9972 0 12:18 pts/0 00:00:00 grep runmqlsr


However when I tried to check these ports entries in the netstat outpt. (Expected these to be in LISTEN status)
[mqm@XXXXX]$ netstat -a | grep 15005
tcp 0 0 *:15005 *:* LISTEN
[mqm@XXXXX]$ netstat -a | grep 15000
[mqm@XXXXX]$

As seen in above output I can see entry for the port 15005 only. And don't see any entry for 15000 although the listener on this port is running.

Any veiew on this scenario ?
Back to top
View user's profile Send private message
crashdog
PostPosted: Fri Feb 23, 2018 8:19 am Post subject: Reply with quote

Novice

Joined: 02 Apr 2017
Posts: 19
Location: Schaffhausen

try
Code:

netstat -an

it will show all ports as numbers and not translated to the service names.
_________________
You win again gravity !
Back to top
View user's profile Send private message
Mangesh1187
PostPosted: Mon Feb 26, 2018 3:39 am Post subject: Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

crashdog wrote:
try
Code:

netstat -an

it will show all ports as numbers and not translated to the service names.


Thanks for your input. I checked with the netstat -an as you suggested and can see the enttries for both the listener ports, as given below :

[mqm@XXXX ~]$ netstat -an | grep 15000
tcp 0 0 0.0.0.0:15000 0.0.0.0:* LISTEN
tcp 0 0 w.x.y.z:15000 p.q.r.s:44959 ESTABLISHED
[mqm@XXXX ~]$
[mqm@XXXX ~]$ netstat -an | grep 15005
tcp 0 0 0.0.0.0:15005 0.0.0.0:* LISTEN
[mqm@XXXX ~]$

By looking at the above data I can come to the conclusion :
1) There are two listeners & both are runnin on their respective TCP port. 15000 & 15005.
2) Although both listeners are running , at the moment there are connections (foreign ip p.q.r.s. ) to this queue manager using 15000 port only. (by seeing state as ESTABLISHED)

However how to interpret the state LISTEN ?
Does it mean that the port is ready to listen the communication but at the moment nothing is being happening on this port.

Also what is the difference between LISTEN & LISTENING state ?
As both the listener are in running state I was expecting their state should be LISTENING instead of LISTEN ?

If we created a listener in Queue Manager , it is required to be configured it into the /etc/services file ?
During analysis I have come acrros a file /etc/services where number of entreies present in the order :
service-name port/protocol [aliases ...] [# comment]

What is the implication of this file ? If we created a listener in Queue manager & port 2012 & its running.
In what scenario we should add entry for hte port 2012 in /etc/services file. ?
Back to top
View user's profile Send private message
bruce2359
PostPosted: Mon Feb 26, 2018 5:46 am Post subject: Reply with quote

Poobah

Joined: 05 Jan 2008
Posts: 8103
Location: US: west coast, almost. Otherwise, enroute.

Have you googled 'understanding netstat -an output'?
_________________
I would tell you a UDP joke, but you might not get it.
Back to top
View user's profile Send private message
Mangesh1187
PostPosted: Mon Feb 26, 2018 9:45 pm Post subject: Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

bruce2359 wrote:
Have you googled 'understanding netstat -an output'?


Yes.
netstat -a
will show the details of all the ports having any status & protocols.

netstat -an
will show the same details as of 'netstat -a' . The only difference is that any name resolution of port or hostname will not happened.
Instead it will show the exact IP address and the port numbers.

Also I found the LISTEN means that the socket is waiting for a connection.

However I am not able to find the difference between LISTEN & LISTENING status. (I tried to google, but not able to get exact answer)
What I observed in the 'netstat -an' output , some entries with tcp protocol showing status as LISTEN.
And some entries with unix protocol showing status as LISTENING.

I think LISTEN for tcp ports & LISTENING for unix port are same things. But not sure.

Apart form that I have another query. If we can reserve port for any perpendicular application. (e.g. IBM MQ Queue Manager on port 2012) so that no other application can use it.
I searched on google for the same , however not able to see the satisfying answer.
Back to top
View user's profile Send private message
gbaddeley
PostPosted: Tue Feb 27, 2018 3:18 pm Post subject: Q Reply with quote

Padawan

Joined: 25 Mar 2003
Posts: 1857
Location: Melbourne, Australia

Mangesh1187 wrote:
If we can reserve port for any perpendicular application. (e.g. IBM MQ Queue Manager on port 2012) so that no other application can use it. I searched on google for the same , however not able to see the satisfying answer.

There are reserved port numbers for well known apps, https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
We normlally use 1414, 1415, 1416 etc for MQ queue managers, although I have seen other ranges successfully used (eg. 8001+, 14000+) WMMV. Refer to your n/w support specialists for your local organization standards.
_________________
Glenn
Back to top
View user's profile Send private message
bruce2359
PostPosted: Tue Feb 27, 2018 6:03 pm Post subject: Reply with quote

Poobah

Joined: 05 Jan 2008
Posts: 8103
Location: US: west coast, almost. Otherwise, enroute.

"Well-known" does not equal "reserved" in the sense that, for example, 1414 can only be used by MQ. "Reserved" refers to an industry standard for well established applications, the purpose of which is to avoid port usage conflicts.
_________________
I would tell you a UDP joke, but you might not get it.
Back to top
View user's profile Send private message
Mangesh1187
PostPosted: Wed Feb 28, 2018 4:39 am Post subject: Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

bruce2359 wrote:
"Well-known" does not equal "reserved" in the sense that, for example, 1414 can only be used by MQ. "Reserved" refers to an industry standard for well established applications, the purpose of which is to avoid port usage conflicts.


So if I am corect , although 1414 is the Well_kknon port for IBM MQ service , this can be used by any other applicaiton / service , technically.

And same is true for all other ports as well.

Also technically we can't reserver any port for perticular service. Its n/w administrator to suggest the best possible ports for mthe avaiable once to be used by IBM MQ .


Right to say this ?
Back to top
View user's profile Send private message
zpat
PostPosted: Wed Feb 28, 2018 4:57 am Post subject: Reply with quote

Jedi Council

Joined: 19 May 2001
Posts: 5650
Location: UK

Ironically. many sites avoid the use of well-known ports since they are a target for hackers and are used by those who forget to change the defaults.

Generally one does not want anyone to connect to a production QM unless they really intended to use it, so avoiding default ports is a good idea.
_________________
Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error.
Back to top
View user's profile Send private message
Vitor
PostPosted: Wed Feb 28, 2018 5:58 am Post subject: Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 25103
Location: Ohio, USA

zpat wrote:
Ironically. many sites avoid the use of well-known ports since they are a target for hackers and are used by those who forget to change the defaults.




We're one such site; we typically avoid well known ports as far as possible (clearly we're stuck with 80, 443, 21, 22, etc.) but if we can change the port we will. Well known ports we abstract (so you'd connect to our web site through port 80 but that's not what the hosting server is using).

Lots of network appliances, firewalls and DNS tomfoolery. It may or may not confuse the hackers but it certainly confuses us.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
bruce2359
PostPosted: Wed Feb 28, 2018 8:47 am Post subject: Reply with quote

Poobah

Joined: 05 Jan 2008
Posts: 8103
Location: US: west coast, almost. Otherwise, enroute.

Mangesh1187 wrote:
bruce2359 wrote:
"Well-known" does not equal "reserved" in the sense that, for example, 1414 can only be used by MQ. "Reserved" refers to an industry standard for well established applications, the purpose of which is to avoid port usage conflicts.


So if I am corect , although 1414 is the Well_kknon port for IBM MQ service , this can be used by any other applicaiton / service , technically.

Yes.

Mangesh1187 wrote:
And same is true for all other ports as well.

Yes.

Mangesh1187 wrote:
Also technically we can't reserve any port for perticular service. Its n/w administrator to suggest the best possible ports for mthe avaiable once to be used by IBM MQ .

They are just ports. There are 64K ports to choose from. None of them are "best possible." If by "reserved" you mean "prevent" use other than one you specify, then no, you cannot reserve.

I have a "reserved" parking space, but others park there. Same idea.
_________________
I would tell you a UDP joke, but you might not get it.
Back to top
View user's profile Send private message
Mangesh1187
PostPosted: Wed Feb 28, 2018 11:11 pm Post subject: Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

Vitor wrote:
zpat wrote:
Ironically. many sites avoid the use of well-known ports since they are a target for hackers and are used by those who forget to change the defaults.




We're one such site; we typically avoid well known ports as far as possible (clearly we're stuck with 80, 443, 21, 22, etc.) but if we can change the port we will. Well known ports we abstract (so you'd connect to our web site through port 80 but that's not what the hosting server is using).

Lots of network appliances, firewalls and DNS tomfoolery. It may or may not confuse the hackers but it certainly confuses us.


Back to top
View user's profile Send private message
Mangesh1187
PostPosted: Wed Feb 28, 2018 11:14 pm Post subject: Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

bruce2359 wrote:
Mangesh1187 wrote:
bruce2359 wrote:
"Well-known" does not equal "reserved" in the sense that, for example, 1414 can only be used by MQ. "Reserved" refers to an industry standard for well established applications, the purpose of which is to avoid port usage conflicts.


So if I am corect , although 1414 is the Well_kknon port for IBM MQ service , this can be used by any other applicaiton / service , technically.

Yes.

Mangesh1187 wrote:
And same is true for all other ports as well.

Yes.

Mangesh1187 wrote:
Also technically we can't reserve any port for perticular service. Its n/w administrator to suggest the best possible ports for mthe avaiable once to be used by IBM MQ .

They are just ports. There are 64K ports to choose from. None of them are "best possible." If by "reserved" you mean "prevent" use other than one you specify, then no, you cannot reserve.

I have a "reserved" parking space, but others park there. Same idea.



Thanks bruce2359 , Vitor , zpat ,crashdog for your replies. This discussion realy cleared mose my doubts about port selections and related things.
Back to top
View user's profile Send private message
Display posts from previous:
Post new topicReply to topic Page 1 of 1

MQSeries.net Forum IndexGeneral IBM MQ SupportNot able to see MQ listener port in the netstat output
Jump to:



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP


Theme by Dustin Baccetti
Powered by phpBB 2001, 2002 phpBB Group

Copyright MQSeries.net. All rights reserved.