Show TOC

Background documentationNetwork Configuration for RMI-P4 Locate this document in the navigation structure

 

The RMI-P4 provides reliable network connections between remote clients and servers if the following requirements are met:

  • Firewalls/proxies

    P4 must be able to establish direct TCP connections to the configured P4 ports of the cluster. P4 does not automatically reestablish broken connections, so if the firewall is configured to close established connections after a timeout, it breaks the communication. If the message server is used for load balancing, connections to its HTTP/HTTPS port must also be possible. Only standalone P4 applications that use the HTTPS as the connection type support proxies. The proxy must be configured to allow SSL connections to the specified P4 SSL host/port.

  • NAT

    NAT is supported with the following limitations:

    • Load balancing with the message server cannot be used unless it is also accessible through NAT, the DNS on the local side is configured to resolve the ICM host names to the configured addresses for NAT access, and the port numbers have to be the same.

    • Connections to other instances from the same cluster that are also behind NAT cannot be opened automatically when stubs are created because the correct NAT IP address for them is not known. The limitations for private network addresses also apply when NAT is used.

  • Loopback addresses

    Loopback addresses such as 127.0.0.1, 127.0.0.2 and so on are not used with RMI-P4 as they are invalid on the remote side. The machine should have a valid IP address and the host name must not resolve locally to a loopback address.

  • Private network addresses (rfc1918)

    Private network addresses are generally supported by RMI-P4 but connections between machines from two different local networks that use the same private network address space are not supported.

    Two machines have real IP addresses that they can use to connect with each other over the Internet but are also part of two separate private networks with a conflicting address space.

  • Security limitations

    For security reasons, only a single connection between two participants is allowed. Subsequent connection attempts are rejected. If two machines can access each other via several IP addresses, you have to configure the applications to use the same address.

  • SAP router

    Only standalone P4 applications support SAP router connections. The user must pass a valid SAP router string which is typically in the InitalContext properties.