8.3.2 JP1/IM communication
This subsection describes support of port numbers, IP addresses, and address translation (NAT) with respect to JP1/IM communication.
The information provided here applies to both JP1/IM and JP1/Base communications, because JP1/IM uses the functions of JP1/Base as the prerequisite product.
- Organization of this subsection
(1) Port numbers
(a) Port numbers
For details about the port numbers used by JP1/IM and JP1/Base and the firewall passage direction (direction in which connection is established), see the following:
-
Port numbers of JP1/Base: Description of port numbers in the JP1/Base User's Guide
-
Port numbers of JP1/IM: Appendix C. Port Numbers in the JP1/Integrated Management - Manager Overview and System Design Guide
(b) Example of system configuration and communication
This subsection describes the port numbers to be used and the firewall passage direction (direction in which connection is established) based on an example system configuration.
- Important
-
If you use JP1 on the firewall host, set communications within the same host in such a manner that all ports used by JP1 can be passed. This is because ports are used between JP1 processes.
Figure 8‒7: System configuration (example)
To set JP1/IM communication:
-
Connect to HOST-M1 by JP1/IM - View of HOST-V1.
-
Position HOST-M2 under HOST-M1.
-
Install HOST-A1 as an agent under HOST-M1, and install HOST-A2 as an agent under HOST-M2.
-
Position HOST-A3 under HOST-M1 and HOST-A4 under HOST-M2 as remote monitored hosts.
-
Set the authentication server on HOST-M1 to HOST-AUTH.
-
Authentication server and communication between managers and agents
Manager or agent
(JP1/Base)
Passage direction
Authentication server
(JP1/Base)
(ANY)
→
20240/tcp (jp1bsuser)
This table applies to communication between each host and HOST-AUTH in the example system configuration.
-
Communication between managers and remote monitored hosts
Manager(JP1/IM)
Passage direction
Remote monitored host
(ANY)
→
135/tcp (WMI)
445/tcp (WMI)
Dynamic port (1024 or greater)/tcp (WMI)
137/udp (NetBIOS)
138/udp (NetBIOS)
139/tcp (NetBIOS)
22/tcp (SSH)#
-
Communication between viewer and manager
JP1/IM - View
Passage direction
Manager
(JP1/IM and JP1/Base)
(ANY)
→
20115/tcp (jp1imevtcon)
20238/tcp (jp1imcmda)
20305/tcp (jp1imcss)#1
20380/tcp (jp1rmregistry)#2
20381/tcp (jp1rmobject)#2
20702/tcp (jp1imcf)#3
This applies to communication between HOST-V1 and HOST-M1 in the example system configuration.
If a Web-based JP1/IM - View is used on HOST-V1, the settings are as shown below.
Web-based JP1/IM - View (Web browser)
Passage direction
Manager
(HTTP server and JP1/IM - Manager)
(ANY)
→
80/tcp#
20115/tcp (jp1imevtcon)
-
Communication between JP1/IM - View and agent
There is no communication between JP1/IM - View and agent (JP1/Base).
-
Communication between the higher manager and the lower manager
Higher manager
(JP1/IM and JP1/Base)
Passage direction
Lower manager
(JP1/IM and JP1/Base)
(ANY)
→
20099/tcp (jp1imevtapi)
20237/tcp (jp1imrt)
20239/tcp (jp1imcmdc)
20306/tcp (jp1bsplugin)
20600/tcp(jp1bscom)
20702/tcp(jp1imcf)#
20098/tcp (jp1imevt)
20239/tcp (jp1imcmdc)
←
(ANY)
20600/tcp(jp1bscom)
←
(ANY)
This table applies to communication between HOST-M1 and HOST-M2 in the example system configuration.
This example assumes that event forwarding occurs only from the lower manager to the higher manager, and communication execution occurs only from the higher manager to the lower manager.
-
Communication between managers and agents
Manager
(JP1/Base)
Passage direction
Agent
(JP1/Base)
(ANY)
→
20099/tcp (jp1imevtapi)
20237/tcp (jp1imrt)
20239/tcp (jp1imcmdc)
20306/tcp (jp1bsplugin)
20600/tcp(jp1bscom)
20098/tcp (jp1imev)
20239/tcp (jp1imcmdc)
←
(ANY)
20600/tcp(jp1bscom)
←
(ANY)
This table applies to communications between HOST-M1 and HOST-A1 and HOST-A2, and between HOST-M2 and HOST-A2.
When JP1/SES events are used:
If JP1/SES-format JP1 events are used, the following settings are also required:
-
Define a port number by the service name JP1AutoJob (in Windows) or jesrd (in UNIX).
-
Set the firewall in such a manner that the defined port number is used for bi-directional communication between JP1/Base and the products that use JP1/SES events.
For details, see the JP1/Base User's Guide.
(2) IP addresses
This subsection describes the IP addresses that are used by JP1/IM and JP1/Base.
Only IPv4 addresses can be used between JP1/IM - View and JP1/IM - Manager. Both IPv4 addresses and IPv6 addresses can be used between JP1/Base and JP1/IM - Manager.
If you use IP addresses for filtering or perform address translation (NAT), specify the IP addresses described here.
JP1/IM uses the functions of the required JP1/Base product to control the communication method.
For details about the settings, see the chapter that describes the JP1/Base communication settings depending on the network in the JP1/Base User's Guide.
(a) For a normal system
This subsection describes the IP addresses that are used when a logical host has not been set up in a normal non-cluster system.
-
Receiver's IP address (when the receiver uses ANY binding)
JP1 services use this IP address to accept connection.
Use the IP address that corresponds to the host name (host name displayed by executing the hostname command).
-
Sender's IP address (when the sender uses ANY binding)
This IP address is used to connect to JP1 services.
JP1 issues a connection request (executes the connect function) without specifying its own IP address. In this case, depending on the OS specifications, the IP address corresponding to the target is assigned by the OS. In general, the assigned IP address corresponds to the NIC that is used when packets are sent to the target IP address. For details, check the TCP/IP control specifications of the OS.
(b) For a cluster system
If a logical host environment is set up in a cluster system, unlike in a normal system, the following IP addresses are used:
-
Receiver's IP address (when the receiver uses IP binding)
JP1 services use this IP address to accept connection.
A physical host environment uses the IP address that corresponds to the physical host name (host name displayed by executing the hostname command). A logical host environment uses the logical IP address that corresponds to the logical host name.
-
Sender's IP address (when the sender uses IP binding)
This IP address is used to connect to JP1 services.
A physical host environment uses the IP address that corresponds to the physical host name (host name displayed by executing the hostname command). A logical host environment uses the logical IP address that corresponds to the logical host name.
(c) Notes about customizing the communication settings
The information provided in 8.3.2(2)(a) For a normal system and 8.3.2(2)(b) For a cluster system constitutes the standard communication settings when JP1 has just been set up. If you have customized multiple LAN connections by, for example, defining jp1hosts information or jp1hosts2 information in JP1/Base, note that the operation is determined by the combination of the communication methods used by the receiver and the sender (ANY binding and IP binding).
If you have customized the settings so that the receiver uses IP binding and the sender uses ANY binding, the receiver's operation is as discussed in 8.3.2(2)(b) For a cluster system, while the sender's operation is as discussed in 8.3.2(2)(a) For a normal system.
In addition, if host names and IP addresses are defined in the jp1hosts information or the jp1hosts2 information when the jp1hosts information or the jp1hosts2 information is configured, the definitions in the hosts file will not be referenced for those host names and IP addresses.
For example, suppose that the jp1hosts information is defined as follows:
hostA 100.0.0.10 200.0.0.10
Also suppose that the hosts file contains the following definition:
100.0.0.10 hostA hostB
200.0.0.10 hostC
The hosts file is not referenced regarding hostA and IP addresses 100.0.0.10 and 200.0.0.10. Therefore, if the configuration definition file contains hostB and hostC that are not defined in the jp1hosts information, the system configuration cannot be defined.
(d) Notes on using the email notification function of JP1/IM - Manager
The email notification function of JP1/IM - Manager communicates with a mail server by using IPv4 addresses. Therefore, prepare a mail server which has IPv4 addresses. This function cannot perform communication using IPv6 addresses.