Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco ONS 15300 Series

Use a Static CORBA Listener Port on the CTM Server

Downloads

Document ID: 68184


Contents

Introduction
Prerequisites
      Requirements
      Components Used
      Conventions
Topology
Static CORBA Listener Port
NetPro Discussion Forums - Featured Conversations
Related Information

Introduction

This document describes how to implement the static CORBA listener port on Cisco Transport Manager (CTM) server. This procedure reduces the number of TCP ports that need to be open on the firewall that exists between the CTM server and Network Elements (NEs).

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

  • CTM

Components Used

The information in this document is based on these software and hardware versions:

  • CTM version 4.6.x and later

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Topology

Figure 1 depicts the topology. A firewall separates the CTM server from the NEs. All NEs are inside the firewall and the CTM server is outside the firewall.

Figure 1 – Topology

ctmsvr_staticports_01.gif

Static CORBA Listener Port

A firewall between the CTM server and NEs is a supported configuration. The CORBA Internet Inter-ORB Protocol (IIOP) listener port on the CTM server is dynamic by default. Any firewall that exists between the CTM server and NEs must open a number of TCP ports. The number of TCP ports must be in the range of 1024 through 65535.

In order to reduce security risks, Cisco recommends that you use a static CORBA listener port on the CTM server. A static port reduces the number of TCP ports that need to be open on the firewall. Complete these steps:

  1. Browse to the /opt/CiscoTransportManagerServer/bin directory.

  2. Use ctms-stop to stop CTM.

  3. Use Telnet to log into the CTM server as root.

  4. Change directory to /opt/CiscoTransportManagerServer/bin.

  5. Edit the jne454.sh file to insert this line before the -classpath line (see arrow A in Figure 2).

    -Dong.orb.iioplistenerport = port number \

    The recommended port number is 5555. If 5555 is chosen, type -Dong.orb.iioplistenerport=5555 \:

    Figure 2 – Partial List of jne454.sh

    ctmsvr_staticports_02.gif

  6. Open a range of TCP ports on the firewall beginning with TCP port 5555, if the CTM server is outside the firewall. The range is subject to the number of NEs, but allow at least 150.

  7. Browse to the /opt/CiscoTransportManagerServer/bin directory again.

  8. Use ctms-start to restart CTM in order to implement the changes.

NetPro Discussion Forums - Featured Conversations

Networking Professionals Connection is a forum for networking professionals to share questions, suggestions, and information about networking solutions, products, and technologies. The featured links are some of the most recent conversations available in this technology.
NetPro Discussion Forums - Featured Conversations for Optical
Service Providers: Optical Networking
Service Providers: Metro

Related Information

Updated: Nov 29, 2005Document ID: 68184