Red Hat Training

A Red Hat training course is available for Red Hat JBoss Enterprise Application Platform

Chapter 5. Network and Port Configuration

5.1. Interfaces

5.1.1. About Interfaces

JBoss EAP uses named interface references throughout the configuration. This gives the configuration the ability to reference individual interface declarations with logical names, rather than requiring the full details of the interface at each use.
The use of logical names also allows for consistency in group references to named interfaces, where server instances on a managed domain may contain varying interface details across multiple machines. With logical names, each server instance can correspond to a logical name group, allowing for easier interface group administration.
Network interfaces are declared by specifying a logical name and a selection criteria for the physical interface.
The JBoss EAP default configuration includes both a management and public interface names. The management interface name can be used for all components and services that require the management layer, including the HTTP Management Endpoint. The public interface name can be used for all application-related network communications, including Web and Messaging.
The use of default names is not compulsory. New logical names can be created and substituted for default names.
The domain.xml, host.xml and standalone.xml configuration files all include interface declarations. The declaration criteria can reference a wildcard address or specify a set of one or more characteristics that an interface or address must have in order to be a valid match.
The three configuration files remain directly editable but manual edits are no longer required. The Management CLI and Management Console provide a safe, controlled and persistent environment for configuration changes.
The following examples show multiple possible configurations of interface declarations, typically defined in either the standalone.xml or host.xml configuration files. Using these files allow remote host groups to maintain specific interface attributes, while still allowing references to domain controller interfaces.
The following example shows a specific inet-address value specified for both the management and public relative name groups.

Example 5.1. An interface group created with an inet-address value

<interfaces>
  <interface name="management">
   <inet-address value="127.0.0.1"/>
  </interface>
  <interface name="public">
   <inet-address value="127.0.0.1"/>
  </interface>
</interfaces>
The following example shows a global interface group. It uses the any-address element to declare a wildcard address.

Example 5.2. A global group created with a wildcard declaration

<interface name="global">
   <!-- Use the wild-card address -->
   <any-address/>
</interface>
The following example declares a network interface card (eth0) under a relative group called external.

Example 5.3. An external group created with an NIC value

<interface name="external">
   <nic name="eth0"/>
</interface>
The following example declares the default group with requirements. These requirements set the conditions for the interface to be a valid match. This is an example of how JBoss EAP allows for the creation of interface declaration groups with specific properties that can then be referenced using the interface’s name. This helps in reducing configuration complexity and administration overhead across multiple server instances.

Example 5.4. A default group created with specific conditional values

<interface name="default">
   <!-- Match any interface/address on the right subnet if it's
        up, supports multicast, and isn't point-to-point -->
   <subnet-match value="192.168.0.0/16"/>
   <up/>
   <multicast/>
   <not>
      <point-to-point/>
   </not>
</interface>
Report a bug

5.1.2. Configure Interfaces

The default interface configurations in the standalone.xml and host.xml configuration files offer three named interfaces with relative interface tokens for each. Use the Management Console or Management CLI to configure additional attributes and values, as listed in the table below. The relative interface bindings can be replaced with specific values as required but note that if you do so, you will be unable to pass an interface value at server runtime, as the -b switch can only override a relative value.

Example 5.5. Default Interface Configurations

<interfaces>
  <interface name="management">
    <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
  </interface>
  <interface name="public">
    <inet-address value="${jboss.bind.address:127.0.0.1}"/>
  </interface>
  <interface name="unsecure">
    <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
  </interface>
</interfaces>
While running multiple servers in a managed domain, interface binding can be assigned to individual servers in their respective host.xml files. For example: 
<servers>
  <server name="server-name" group="main-server-group">
    <interfaces>
      <interface name="public">
        <inet-address value="ip-address"/>
      </interface>
    </interfaces>
  </server>
</servers>

Note

For the above example, substitute server-name with your actual server name and substitute ip-address with your actual IP address.

Table 5.1. Interface Attributes and Values

Interface Element Description
any Element indicating that part of the selection criteria for an interface should be that it meets at least one, but not necessarily all, of the nested set of criteria.
any-address
Empty element indicating that sockets using this interface should be bound to a wildcard address.
The IPv6 wildcard address (::) will be used unless the java.net.preferIpV4Stack system property is set to true, in which case the IPv4 wildcard address (0.0.0.0) will be used.
If a socket is bound to an IPv6 anylocal address on a dual-stack machine, it can accept both IPv6 and IPv4 traffic; if it is bound to an IPv4 (IPv4-mapped) anylocal address, it can only accept IPv4 traffic.
any-ipv4-address Empty element indicating that sockets using this interface should be bound to the IPv4 wildcard address (0.0.0.0).
any-ipv6-address Empty element indicating that sockets using this interface should be bound to the IPv6 wildcard address (::).
inet-address Either an IP address in IPv6 or IPv4 dotted decimal notation, or a hostname that can be resolved to an IP address.
link-local-address Empty element indicating that part of the selection criteria for an interface should be whether or not an address associated with it is link-local.
loopback Empty element indicating that part of the selection criteria for an interface should be whether or not it is a loopback interface.
loopback-address A loopback address that may not actually be configured on the machine's loopback interface. Differs from inet-address type in that the given value will be used even if no NIC can be found that has the IP address associated with it.
multicast Empty element indicating that part of the selection criteria for an interface should be whether or not it supports multicast.
nic The name of a network interface (e.g. eth0, eth1, lo).
nic-match A regular expression against which the names of the network interfaces available on the machine can be matched to find an acceptable interface.
not Element indicating that part of the selection criteria for an interface should be that it does not meet any of the nested set of criteria.
point-to-point Empty element indicating that part of the selection criteria for an interface should be whether or not it is a point-to-point interface.
public-address Empty element indicating that part of the selection criteria for an interface should be whether or not it has a publicly routable address.
site-local-address Empty element indicating that part of the selection criteria for an interface should be whether or not an address associated with it is site-local.
subnet-match A network IP address and the number of bits in the address' network prefix, written in "slash notation"; e.g. "192.168.0.0/16".
up Empty element indicating that part of the selection criteria for an interface should be whether or not it is currently up.
virtual Empty element indicating that part of the selection criteria for an interface should be whether or not it is a virtual interface.

  • Configure Interface Attributes

    • Configure Interface Attributes with the Management CLI

      You can use tab completion to complete the command string as you type, as well as to expose the available attributes.
      Use the Management CLI to add a new server and configure instances to it, effectively adding the same piece of configuration to the XML. Substitute server-name with your actual server name and substitute ip-address with your actual IP address. 
      /host=master/server-config=server-name:add(group=main-server-group)
/host=master/server-config=server-name/interface=public:add(inet-address=ip-address)
      Use the Management CLI to add new interfaces and write new values to the interface attributes.

      1. Add a New Interface

        The add operation creates new interfaces as required. The add command runs from the root of the Management CLI session, and in the following example it creates a new interface name title interfacename, with an inet-address declared as 12.0.0.2. 
        /interface=interfacename/:add(inet-address=12.0.0.2)

      2. Edit Interface Attributes

        The write-attribute operation writes new values to an attribute. The following example updates the inet-address value to 12.0.0.8. 
        /interface=interfacename/:write-attribute(name=inet-address, value=12.0.0.8)

      3. Verify Interface Attributes

        Confirm that the attribute values have changed by running the read-resource operation with the include-runtime=true parameter to expose all current values active in the server model. For example: 
        [standalone@localhost:9999 interface=public] :read-resource(include-runtime=true)

    • Configure Interface Attributes with the Management Console

      1. Log into the Management Console.

        Log into the Management Console of your Managed Domain or Standalone Server instance.

      2. Navigate to Configuration tab

        Select the Configuration tab from the top of the screen.

        Note

        For Domain Mode, select a profile from the Profile drop-down menu at the top left of the screen.

      3. Select Interfaces from the Navigation Menu.

        Select the Interfaces menu item from the navigation menu.

      4. Add a New Interface

        1. Click Add.
        2. Enter required values for Name, Inet Address and Address Wildcard.
        3. Click Save.

      5. Edit Interface Attributes

        1. Select the interface that you need to edit from the Available Interfaces list and click Edit.
        2. Enter required values for Name, Inet Address and Address Wildcard.
        3. Click Save.
Report a bug