Previous Topic: View the ConfigurationNext Topic: Configuring Alternative Network Addresses

Administration GuideHow CA Directory WorksIP Requirements

IP Requirements

CA Directory works across an IP network and has the following requirements:

Firewall access for ports used for multiwrite

Any firewall between hosts must allow bidirectional access to the ports used for DSAs to send and receive multiwrite access.

In addition, DXmanager has the following IP requirements.

Static and dynamic IP addresses

Because DXmanager refers to DSA hosts by their DNS name, the hosts can have dynamic IP addresses.

DXmanager host must have a static IP address.

Firewall access for ports used by DXmanager and dxadmind

Any firewall between the DXmanager host and a DSA host must allow bidirectional access to the ports that DXadmind uses. By default this is port 2123.

Host names resolution to network wide IP addresses

On UNIX machines some host files have an entry that gives the host name of a machine as a local address. For example if the host name is host1, then the entry might appear as:

 127.0.0.1 host1

This causes the DSA to fail. Provide the global IP address of the host or use DNS to resolve the host name.

Reverse DNS if you use host names

If you specify the DXmanager host to a DSA host in terms of its host name, then you need to have reverse DNS enabled. When the DXmanager sends a message, DXadmind needs reverse DNS to match the message's source IP address to the host name that you provided.