on 04-20-2011 9:23 AM
Hi,
The Parameter rdisp/msserv_internal has been set in Default Profile to 3900 in the Solman System.
One day there was a port conflict kind of thing occurred and no users could log-in to the system.
Since the port number 3900 has not been set in the /etc/services file, sometimes other OS applications make use of this port and it is getting into port conflict.
To avoid this we are planning to delete the above parameter from the Default Profile.
My question is, even if we delete this profile parameter from the DEFAULT Profile, will the system be using this profile parameter as a default one with port 3900. Since we could not test the same as it is being used by customer, I am posting this in the forum.
Thanks and Regards
Raghunahth L
System Info.
+Solman System
BASIS 700
Windows / Oracle
No Application servers+
My question is, even if we delete this profile parameter from the DEFAULT Profile, will the system be using this profile parameter as a default one with port 3900.
Yes, the port will still be used.
Cheers Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Thanks for the reply. I have found the following in the SAP Library but has a doubt.
Please see my question below:
Separate Internal and External MS Communication
To prevent unwanted clients pretending to the message server to be application servers, you can use parameter rdisp/msserv_internal = <no.> (default 0). Value 0 (default setting) means that a separate port is not used for internal communication.
For internal communication another data channel is used to the one used for external communication, to which external clients have only read-only access.
The message server opens another port <no.>, in addition to its port sapms<SID> (rdisp/msserv), which is used for internal communication with the application servers. This port must be used to log on to an application server. Clients that log on through the 'normal' port sapms<SID> are denied access (MSEACCESSDENIED).
Caution
If you want to use this parameter, you must define it on the central system and it must have the same value on all application servers.
The normal sapms<SID> port can still be used for queries. Load distribution functions and the retrieval of application server lists and logon groups are not affected.
http://help.sap.com/saphelp_nw70/helpdata/en/4e/cffdb69d10424e97eb1d993b1e2cfd/frameset.htm
My Question:
Should we have to define this parameter in Default Profile as 0 in order to avoid using the port. Or if we dont set
the parameter, by default will be 0 and the port will not be used.. Please Clarify..
Thanks & Best Regards
Raghunahth L
Hi Raghunahth,
In case of the system is started with "rdisp/msserv_internal=3900" parameter, the application servers will communicate each other, over TCP/3900.
Please find the sample configuration, below;
rdisp/msserv_internal=3900
rdisp/msserv=3600
Logon load balancing requests over TCP/3600
Message server requests over TCP/3900
At the second case;
rdisp/msserv_internal=0
rdisp/msserv=3600
Logon load balancing requests over TCP/3600
Message server requests over TCP/3600
All in all, this is a security profile parameter and it is necessary to abstract LB and message server requests. As an additional information, LB requests will not be affected even if your configure "rdisp/msserv_internal" parameter.
I hope that I clarified the issue.
Best regards,
Orkun Gedik
Senior SAP Netweaver and Development Consultant
SAP Technical Architect
Indeed you guys are totally right, sorry for that. I tested it on a test system and as soon as rdisp/msserv_internal is removed from the profile or set to 0, then the port is not used anymore.
But one thing, i am not sure if deactivating the port is the best solution here. I would rather recommend to enter it properly in the services file. Besides that most OS support restricting the ports used by applications for communication like ip_local_port_range on linux.
http://www.ncftp.com/ncftpd/doc/misc/ephemeral_ports.html
Cheers Michael
3900 - This is only used internally by the SAP system (Communication between ABAP & JAVA)
Ideally end users should not get any problems bcoz of this.
The port for end users message server is 36XX & this should be defined inthe end user's services file.
(incase load balancing is being used)
Regards,
Rajneesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.