× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2008

Re: Ports for DDM

http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/ddm/rbae5ports.htm

Ports and port restrictions for
DDM<http://publib.boulder.ibm.com/infocenter/iseries/v5r3/topic/ddm/rbae502.htm#ToC_89>

The DDM TCP/IP server listens on port 447 (the well-known DDM port) and 446
(the well-known DRDA(R) port) as well as 448 (the well-known SSL port). The
DB2 UDB for iSeries implementation of DDM does not distinguish between the
two ports 446 and 447, however, so both DDM and DRDA access can be done on
either port.

Using the convention recommended for IPSec, the port usage for the DDM
TCP/IP server follows:

- 446 for clear text datastreams
- 447 for IPSec encrypted datastreams (suggested)
- 448 for SSL encrypted datastreams (required)

You can block usage of one or more ports at the server by using the
Configure TCP/IP (CFGTCP) command. To do this, choose the 'Work with TCP/IP
port restrictions' option of that command. You can add a restriction so that
only a specific user profile other than the one that QRWTLSTN runs under
(normally QUSER) can use a certain port, such as 446. That effectively
blocks 446. If 447 were configured for use only with IPSec, then blocking
446 would allow only encrypted datastreams to be used for DDM and DRDA
access over native TCP/IP. You could block both 447 and 448 to restrict
usage only to SSL. It may be impractical to follow these examples for
performance or other reasons (such as current limited availability of
SSL-capable clients), but they are given to show the possible
configurations.
--
Bryan


On Jan 8, 2008 1:32 PM, <kirkg@xxxxxxxxxxxxx> wrote:

I have a client that is going to require a DDM connection between 2
systems. This will require some firewall changes. DDM is listed as using
port 447 for non-secure traffic. Is any other port needed to support a
DDM connection between 2 i5's?

Thanks

--
Kirk Goins
Systems Engineer, Manage Inc.
IBM Certified in i5 Solution Sales,
i5 Technical Solutions Expert V5R4,
iSeries Multiple Systems Administrator V5R3,
Systems Expert - i5 LPAR Technical Solutions V5R3

Office 503-353-1721 x106 Cell 503-577-9519
Home Office 503-674-2985
kirkg@xxxxxxxxxxxxx www.manageinc.com

Email Response Times:
Same Day Maybe, Next Day Probably
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.