%META:TOPICPARENT{name="ConfigureUDAFeatures"}%

= Configuring Firewalls to permit Multi-Tier Connectivity =

If you use our Multi-Tier components through with a firewall, several ports must be opened to permit requests from Generic Clients to Request Broker and Database Agents (and their responses).  

Some ports are user or admin configurable; some are not.

== Unconfigurable Ports ==

TCP and UDP ports 60001 <b>must</b> be open. These ports are used by the Request Broker and the <nop>OpenLink License Manager, and cannot be changed.

== Configurable Ports ==

Configurable ports are specified in the <code>[Protocol TCP]</code> section of your Session Rulebook (default, <code>oplrqb.ini</code>). You can use any text editor to open your Rulebook, and edit this section:
{{{
[Protocol TCP]
PingWatchdog       = No   
PingInterval       = 600   
;IPAddress          = 127.0.0.1    
Listen             = 5000
PortLow            = 5000
PortHigh           = 5025
}}}

* The Request Broker listens on the TCP port specified in the Rulebook as <code>Listen</code>.  (Release 3.x and earlier listened at <code><nop>PortLow</code>.)
* <code>Listen</code> and <code><nop>PortLow</code> are generally best set to the same value.
* The Request Broker restricts Database Agents to use only ports in the range between (and including) those specified in the Rulebook as <code><nop>PortLow</code> and <code><nop>PortHigh</code>.  Specific Agent ports are requested from and assigned by the operating system when an Agent is instantiated; they are not preemptively reserved.
* The span between <code><nop>PortLow</code> and <code><nop>PortHigh</code> is generally best set to twice the licensed number of Database Sessions.  At minimum, this span should be the licensed number of Database Sessions plus 5 (and thus, not less than 10).

== Related Documentation ==

* [[MTFirewallConfiguration | Firewall Considerations for Multi-Tier "Enterprise" Edition Data Access Drivers]]
* [[UnableContactLicenseManager | Error Message: Unable to contact the OpenLink License Manager]]
* [[OplmgrNetworking | OpenLink License Manager Networking Considerations]]
* [[ConfigureMulti-TierRequestBrokerForUseOnMachinesWithMultipleNetworkCards | Configure Multi-Tier Request Broker for Use on Machines with Multiple Network Cards]]