cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Regarding deleting the rdisp/msserv_internal from DEFAULT profile

Go to solution
Former Member

on ‎04-20-2011 9:23 AM

0 Kudos

Hi,

The Parameter rdisp/msserv_internal has been set in Default Profile to 3900 in the Solman System.

One day there was a port conflict kind of thing occurred and no users could log-in to the system.

Since the port number 3900 has not been set in the /etc/services file, sometimes other OS applications make use of this port and it is getting into port conflict.

To avoid this we are planning to delete the above parameter from the Default Profile.

My question is, even if we delete this profile parameter from the DEFAULT Profile, will the system be using this profile parameter as a default one with port 3900. Since we could not test the same as it is being used by customer, I am posting this in the forum.

Thanks and Regards

Raghunahth L

System Info.

+Solman System

BASIS 700

Windows / Oracle

No Application servers+

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-20-2011 9:59 AM
0 Kudos 
My question is, even if we delete this profile parameter from the DEFAULT Profile, will the system be using this profile parameter as a default one with port 3900.

Yes, the port will still be used.

Cheers Michael

Show replies
Show replies
Former Member
‎04-20-2011 11:45 AM
0 Kudos

Hi,

Thanks for the reply. I have found the following in the SAP Library but has a doubt.

Please see my question below:

Separate Internal and External MS Communication

To prevent unwanted clients pretending to the message server to be application servers, you can use parameter rdisp/msserv_internal = <no.> (default 0). Value 0 (default setting) means that a separate port is not used for internal communication.

For internal communication another data channel is used to the one used for external communication, to which external clients have only read-only access.

The message server opens another port <no.>, in addition to its port sapms<SID> (rdisp/msserv), which is used for internal communication with the application servers. This port must be used to log on to an application server. Clients that log on through the 'normal' port sapms<SID> are denied access (MSEACCESSDENIED).

Caution

If you want to use this parameter, you must define it on the central system and it must have the same value on all application servers.

The normal sapms<SID> port can still be used for queries. Load distribution functions and the retrieval of application server lists and logon groups are not affected.

http://help.sap.com/saphelp_nw70/helpdata/en/4e/cffdb69d10424e97eb1d993b1e2cfd/frameset.htm

My Question:

Should we have to define this parameter in Default Profile as 0 in order to avoid using the port. Or if we dont set

the parameter, by default will be 0 and the port will not be used.. Please Clarify..

Thanks & Best Regards

Raghunahth L

Former Member
‎04-20-2011 1:15 PM
0 Kudos

Hi Raghunahth,

In case of the system is started with "rdisp/msserv_internal=3900" parameter, the application servers will communicate each other, over TCP/3900.

Please find the sample configuration, below;

rdisp/msserv_internal=3900

rdisp/msserv=3600

Logon load balancing requests over TCP/3600

Message server requests over TCP/3900

At the second case;

rdisp/msserv_internal=0

rdisp/msserv=3600

Logon load balancing requests over TCP/3600

Message server requests over TCP/3600

All in all, this is a security profile parameter and it is necessary to abstract LB and message server requests. As an additional information, LB requests will not be affected even if your configure "rdisp/msserv_internal" parameter.

I hope that I clarified the issue.

Best regards,

Orkun Gedik

Senior SAP Netweaver and Development Consultant

SAP Technical Architect

Former Member
‎04-20-2011 3:22 PM
0 Kudos

Indeed you guys are totally right, sorry for that. I tested it on a test system and as soon as rdisp/msserv_internal is removed from the profile or set to 0, then the port is not used anymore.

But one thing, i am not sure if deactivating the port is the best solution here. I would rather recommend to enter it properly in the services file. Besides that most OS support restricting the ports used by applications for communication like ip_local_port_range on linux.

http://www.ncftp.com/ncftpd/doc/misc/ephemeral_ports.html

Cheers Michael

Former Member
‎04-20-2011 3:28 PM
0 Kudos

Michael,

You are exactly right about your doubts. "rdisp/msserv_internal" parameter, should be configured for the security reasons, as well.

brgds,

Orkun

Former Member
‎04-26-2011 1:25 PM
0 Kudos

Hi Michael,

Thanks for sharing the useful info link on ephemeral ports.

Regards,

Srini.

Answers (1)

Answers (1)

Former Member
‎04-20-2011 9:57 AM
0 Kudos

3900 - This is only used internally by the SAP system (Communication between ABAP & JAVA)

Ideally end users should not get any problems bcoz of this.

The port for end users message server is 36XX & this should be defined inthe end user's services file.

(incase load balancing is being used)

Regards,

Rajneesh

Show replies
Show replies
Ask a Question