IP Address Management Framework: Managing Application IP Address/Port Configurations in NetWare 6.5
Articles and Tips: article
Software Consultant
Novell, Inc.
mbalasubramaniam@novell.com
CH Ganapathi
Senior Software Engineer
Novell, Inc.
cganapathi@novell.com
B Thavamani Rajan
Senior Software Engineer
Novell, Inc.
rthavamani@novell.com
01 Sep 2003
This AppNote discusses IP Address Management, a centralized framework that stores and displays the IP address:port configuration of applications present on a server. The framework helps you in managing applications' IP address associations when changing a server's IP address. It also helps in resolving IP address and port conflicts on a NetWare server.
One of the new features of the Novell Client for Windows NT/2000/XP version 4.9 is the ability for users to log in to the network without having to enter any eDirectory tree or context information. This AppNote explains how to install, configure, and maintain LDAP Contextless Login on your network.
Topics |
IP Address Management Framework, IP addresses, network management, TCP/IP |
Products |
NetWare 6.5 |
Audience |
network administrators, consultants, integrators |
Level |
intermediate |
Prerequisite Skills |
familiarity with the TCP/IP protocol suite |
Operating System |
NetWare 6.5 |
Tools |
none |
Sample Code |
no |
Introduction
The IP Address Management framework is a centralized repository for managing applications' IP address/port associations. It provides the infrastructure to support applications that use their own configuration files to get IP address and port information, as well as applications that want to use the framework to get the IP address and port information.
The Web-based NetWare Remote Manager utility is provided to manage the framework. This utility that provides the following:
A bird's-eye view of the configuration of all applications
The status of applications as IP addresses are bound/unbound and as applications compete for ports
A list of IP addresses that are currently configured on the server
This AppNote starts off with a discussion of several common IP address configuration scenarios. It then introduces the functional features of the IP Address Management framework, provides a high-level architectural overview, and lists the benefits of using the framework. It also provides a comparison between what is involved in managing IP address configurations in NetWare 6.0 (without the framework) and NetWare 6.5 (with the framework).
Problems with Applications and IP Addresses
Every application stores IP addresses in its own way and in its own databases. Without a central and safe repository to store all IP configuration information, the following types of problems arise:
A change in a server's IP address can cause many critical applications to become broken and remain broken even after a server reboot. To successfully restart these broken applications, server administrators must perform extensive modification of numerous configuration files to reflect the changed IP address.
There are so many different configuration files that it is difficult for the administrator to know which configuration files need to be edited. It is also difficult to figure out what application is using which IP address.
The administrator is not able to easily tell if an application is configured with a conflicting port (one that is already in use by another application).
Common Scenarios Involving IP Address/Port Configuration Changes
There are numerous scenarios that commonly occur involving changes to IP address and port configurations.
IP Address Configuration Changes. Here are some scenarios that you might encounter when you need to change the IP address of a server.
Applications that bind to a wildcard address (0.0.0.0).Applications that bind to a wildcard address (INADDR_ANY) will be bound to 0.0.0.0. These applications use any available IP address for connections. Such applications continue to work without any problem if an IP address on the server is changed.
Applications that bind to a specific IP address.In the case of applications that bind only to a specific IP address, these applications stop working if the IP address is changed. They will not work even after they are reloaded or the server is restarted.
Applications that bind to a non-specific address (default IP).In this case, it does not matter which IP address these applications listen on as long as they get one of the IP addresses on the server.
Note: To configure the default IP address on a NetWare server, use the INETCFG utility with the NetWare Remote Manager snap-in, which provides a Configure TCP/IP option. If no default IP address is configured, the TCP/IP stack assigns the first bound IP address on the server as the default IP address.
Scenarios for Port Conflicts.The following scenarios relate to port conflicts during IP address/port configuration changes.
Applications that compete for ports.When multiple applications contend for the same port/IP address/protocol combination, this results in a port conflict. Port conflicts can be resolved by using either a different port or a different IP address.
Applications that do not compete for ports.Applications that do not compete for ports toggle between the valid and invalid status. These applications have their ports marked as "N/A."
Benefits of the IP Address Management Framework
The IP Address Management framework is designed to help you deal with these problems and scenarios more effectively. By using the framework, you will gain the following benefits:
Changes in server IP addresses will have minimal impact on applications.
The framework pushes any change in IP address information to an application's local configuration file so that when the application restarts, it gets the correct information.
The framework eliminates the risk of applications breaking due to IP address/port conflicts.
You can easily see what is happened with the IP addresses and port within the server through the NetWare Remote Manager snap-in.
Functional Features of the IP Address Management Framework
The IP Address Management framework is a centralized repository that gives you a bird's-eye view of the IP address/port/protocol configurations of all applications running on a NetWare server. It provides a Web-based user interface to access the configuration information held within the framework. Each application that uses IP addresses is listed and identified as being in one of these three classifications:
VALID: The application is configured with an IP address that is available on the server (shown in the IP address list).
INVALID: The application is configured with an IP address that is not available on the server (not shown in the IP address list).
CONFLICT: Two or more applications are using the same IP address, port, and protocol.
From this centralized list, you can easily edit the IP address configurations and resolve any invalid or conflicting assignments.
In addition to providing the current status of all applications to help you resolve post-installation port conflicts, the framework notifies the server administrator and the applications present on the server of any change in the server's IP address/port configuration.
When you use the framework to change an application's IP address/port configuration, it updates the application's configuration file so that when the server is restarted, the application receives the correct configuration information. When any change occurs in the server's IP address, the framework automatically updates the etc/hosts and etc/hostname files with the correct IP address. The framework also accommodates and displays any change in an application's configuration that is done outside the framework's user interface. It supports IP address configuration done at the command line, through INETCFG, and the Configure TCP/IP snap-in for NetWare Remote Manager.
Through the IP Address Management framework, you can also display the list of configured IP addresses on the server, and schedule changes to an application's IP address configuration at a specified date and time.
High-Level Architectural Overview
From a high-level view, the architecture of the IP Address Management framework can be classified into two main categories, based on the characteristics of the applications with respect to their configuration:
Applications that use the IP Address Management framework as a reference
Applications that use custom configuration files/databases as a reference
Applications Using the IP Address Management Framework
If an application wants to use the new IP Address Management framework to store its IP configuration information, it must import and use the framework- provided APIs and act upon the EVENT_IPSERVICES_CONFIG_CHANGE OS event.
Figure 1 illustrates the internal processes that take place when an application uses the IP Address Management framework as a reference.
Figure 1: Figure 1: Application using the IP Address Management framework as a reference.
If the application is configured with the default IP address, the IP Address Management utility takes care of updating the application configuration information with the updated IP address for such applications.
A follow-up AppNote will cover the process of integrating applications with the IP Address Management framework in more detail.
Applications Using Custom Configuration Files/Databases
Some cross-platform applications, legacy applications, and third-party applications continue to refer their own custom configuration files/databases for configuration. The administrator can modify the custom configuration files or databases using a different tool, and the modifications will be reflected in the IP Address Management framework.
The modification tool can either be provided with the application, or an administrator can write a tool to reconcile the changes using the new framework (see Figure 2).
If the configuration file/database is changed outside the framework, you must refresh the IP Address Management framework's main page so that the framework can go get the changes and reflect them in its display.
Using the IP Address Management Framework
In NetWare 6.5, you can use the NetWare Remote Manager (NRM) to view the IP Address Management framework. After starting NRM, select the "IP Address Management" link under the Manage Server category. You will see the framework's main page as shown in Figure 3.
Figure 3: IP Address Management framework main page in NetWare Remote Manager.
The applications can be grouped either by application name or configured status. The sample page in Figure 3 is grouped by application. To group the list by status, click the Group By (
) icon next to Status to change the display. Clicking this icon again will revert the display back to the application grouping. When the Grouped By () icon is visible next to a field, it indicates that the list is grouped by that field.Here is a brief explanation of the options available on the IP Address Management main page.
Show Configured IP Addresses.Use this option link to view the configured IP addresses on the server.
Schedule Configuration Change.Use this option link to schedule configuration changes for applications by selecting the date and time when the changes need to take place.
Restart Server.Use this option link to restart the server once all applications are displaying the "Valid" status. For the Restart Server link to appear on the IP Address Management page, you must change at least one application's configuration.
Comparison Between NetWare 6.0 and NetWare 6.5
To see how much less work is involved when using the IP Address Management framework with NetWare 6.5 versus the old way with NetWare 6.0 and earlier, this section compares the steps involved when you change a server's IP address and you need to update the configuration files of applications with the changed IP address. For simplicity's sake, this example will consider only the following server applications:
Apache Web Server
iManager Utility
FTP Server
In this example, the IP address of the server hosting these applications is changed from 10.1.1.1 to some other IP address.
NetWare 6.0 Procedure
With NetWare 6.0 and earlier versions, you must manually modify each configuration file separately to reflect the IP address change.
Apache.To verify or change the IP address for the Apache Web Server, open the SYS:\APACHE\CONF\ADMINSERV.CONF file with a text editor such as Notepad or WordPad. There may be up to seven references to the IP address that need to be changed: look for the "listen", "securelisten", and "redirect" commands.
For example, in the following configuration file, there are two IP address references that you would need to change manually:
# Start Apache Services Port Configuration Port 51080 Listen 10.1.1.1:51080 <IfModule mod_tls.c> SecureListen 10.1.1.1:51443 "SSL CertificateDNS" </IfModule> # End Apache Services Port Configuration
iManager Utility.In this section that refers to iManager, there are four IP address references that need to be changed:
# NetWare Web Manager config starts Listen 10.1.1.1:2211 <IfModule mod_tls.c> SecureListen 10.1.1.1:2200 "SSL CertificateDNS" # Listen 10.1.1.1:2200 </IfModule> IManager: Redirect /iManage/ https://10.1.1.1:2200/eMFrame/iManage.html
FTP Server.To verify or change the IP address for the FTP Server, open the SYS:\ETC\FTPSERV.CFG file.
#IP address of the host on which FTP Server is being loaded. # If parameter not specified, it binds the local host HOST_IP_ADDR=10.1.1.1
Use the "Search and Replace" function within the text editor to make the necessary changes. Make sure that all IP addresses within these files reflect the new IP address on the server. Also, make sure the IP address changes are made to the SYS:\ETC\HOSTS and SYS:\ETC\HOSTNAMES file on the server.
You need to make similar changes to all the applications hosted on the server. After making the changes, restart the server
NetWare 6.5 Procedure
Using the IP Address Management framework with NetWare 6.5, you can edit the configuration information of all applications connected to the server from a single page.
Figure 4 shows the framework's main page after the change in the server's IP address.
Figure 4: After an IP address change on the server, all applications display the "INVALID" status.
Click on an application's name in the list to bring up the screen shown in Figure 5.
Figure 5: Making configuration changes for an application.
Once you have changed the IP address for the application, click Apply. The main page will now display the application with the "VALID" status, as shown in Figure 6.
Figure 6: The application displays the "VALID" status after a configuration change.
You need to make similar changes to all the applications hosted on the server. Repeat the above process for all applications that have the "INVALID" status. When you are finished, the main page should appear as shown in Figure 7.
Figure 7: When you are finished, all applications should display the "VALID" status.
After making the changes, restart the server.
Applications Integrated with the Framework
The applications that are integrated with the IP Address Management framework in NetWare 6.5 are listed below.
Application Name |
Description |
Admin Tomcat |
Tomcat Admin Instance |
Apache 2.0 |
Apache 2.0 Web Server |
ApacheAdmin |
Apache Administration Web Server |
DNS Server |
eDirectory integrated DNS Server |
exteNdAppServer |
Novell exteNd Application Server |
FTP |
NetWare FTP Server |
HTTPSTK |
Novell Small HTTP Interface |
iManager 2.0 |
iManager 2.0 Framework |
MySQL |
MySQL Database Server |
NDPS Broker |
Host for brokered services: SRS, ENS, and RMS |
NFAU |
Native File Access for UNIX |
NLS Metering |
Novell Licensing Service usage metering |
RSyncNRM |
RSync NRM Management Utility |
SMDR |
SMS Storage Data Requestor |
SSH |
SSH Server |
Tomcat 4 |
Tomcat User Instance |
Web Search 3.0.0 |
NetWare Web Search Server 3.0.0 |
Conclusion
This AppNote has discussed the various functional aspects of the IP Address Management framework included with NetWare 6.5.
The information provided in this AppNote is derived strictly from test scenarios; there may be deviations from these results in real user scenarios. Novell does not recommend deploying any new configurations directly in a production network. Configuration changes should always be verified in a simulated test network before being deployed in a production environment.
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.