Show Table of Contents
2.4. Connectivity Requirements
The operating system and the Java virtual machine operate according to their specification. These external systems shall be configured in accordance with this guidance.
Any other system with which JBoss EAP 6.2.2 communicates is assumed to be under the same management control and operate under the same security policy constraints as JBoss EAP 6.2.2.
2.4.1. Cluster Connectivity Requirements
JBoss EAP 6.2.2 instances must operate in a network segment that is logically separated from any other network segment by use of a packet filtering mechanism. This packet filter must only allow incoming communication that meets both the following criteria:
- network protocol is TCP
- destination port is 8080 or 8443
All outgoing communication from one of the JBoss EAP 6.2.2 instances must be allowed.
Note
There are three defined interfaces to separate trusted and untrusted network traffic: public, cluster, and internal. Refer to Section 5.3.1, “Network Interfaces” for more information.
Each cluster node communicates with the other nodes by means of standard network sockets. Whenever this occurs the client side of each connection has a port number assigned to it by the host operating system from a range of ports that are reserved for client sockets. These ports are referred to as dynamic or ephemeral ports. They are only used by a connection until it is closed. Once the connection is closed the port is made available for use by other new client connections. Refer to your operating system documentation if you need to configure this port range.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.