Port assignments for Avaya IC 7.

2
The Avaya IC servers require several ports to communicate with other Avaya IC servers and
third-party servers and applications.
If an Avaya IC server uses a port that is already assigned to a network application or another
server, either the server or the application may not function. Avaya recommends that you use
the default ports and locations in the Avaya IC configuration to reduce potential conflict.
This section describes the guidelines for assigning ports and the default port assignments in
Avaya IC and Avaya OA.
This section includes the following topics:
● Guidelines for assigning ports on page 1.
● Ports used by Avaya IC core components on page 3.
● Ports used by Business Advocate components on page 8.
● Ports used by Avaya Agent Web Client on page 8.
● Ports used by Client SDK and Web Services on page 9.
● Ports used by Siebel Integration on page 10.
● Ports used by Avaya OA components on page 10.
● Ports used by third party servers on page 11.

! CAUTION:
CAUTION: To avoid potential port conflicts, for an Avaya IC deployment that includes Avaya
IC and Avaya OA components on the same computer, always start the Avaya IC
components first, then start the Avaya OA components.

Guidelines for assigning ports

This section includes the following topics:
● Allowable values on page 2.
● Multiple server instances on page 2.
● Automatic settings for Avaya IC core servers on page 2.
● Primary and secondary Avaya IC servers on page 2.
● Port verification on page 2.
● Changing default port assignments on page 3.

IC Installation Planning and Prerequisites March 2009 1

Allowable values
All ports must be numeric and in the range of 1024-65535.

Multiple server instances

Multiple instances of a server that run on the same computer require different port numbers for
each instance.

Automatic settings for Avaya IC core servers

Port numbers for the Avaya IC core servers are sequential. Avaya IC assigns port numbers to
all core servers according to the port assigned to the ORB server. For example, Avaya IC
automatically assigns the ports in the following table to the servers that are added when you
configure the primary server environment. When you configure the other servers, IC Manager
assigns port numbers sequentially, starting with 9005.

Server Default Port

ORB server 9001

Directory server 9002
Alarm server 9003
License server 9004

Primary and secondary Avaya IC servers

If you install primary and secondary servers, use the default port number of 9001 for the primary
port. You can use the same number for the secondary servers on another computer. If you
select a different port, Avaya IC assigns ports sequentially from that port number.

Port verification
Avaya IC servers use TCP/IP ports for communication with the other Avaya IC servers. These
ports start at 9001 and increment from there. Before you install these servers, verify with your
network administrator that no other network applications use the same ports.
Review the current port numbers in IC Manager to verify that there are no conflicts when you
assign ports.

2 IC Installation Planning and Prerequisites March 2009

 Port assignments for Avaya IC 7.2

Changing default port assignments

You can change the default port numbers:
● When you configure Avaya IC servers
● In IC Manager
For more information, see IC Installation and Configuration or IC Administration Volume 1:
Servers & Domains.
Avaya OA uses some additional ports. However, the CORBA third party product (ORBAcus)
does not allow you to specify a range for those ports. ORBacus dynamically gets whatever port
the operating system provides. For more information, see Ephemeral ports in Avaya IC and
Avaya OA on page 11.

Ports used by Avaya IC core components

The following table contains default port assignments for the Avaya IC core servers and some
third-party servers. To make sure that you assign unique ports to each server, write your port
assignments in the empty cells of the Assigned Port column.

! CAUTION:
CAUTION: By default, Solaris runs the HTT Input Method Server (htt_server) on port 9010.
On non-English Solaris computers, this port assignment creates a conflict with
any Avaya IC server that you configure to run on port 9010. To avoid the conflict,
you can update htt_server to use a different port, or not assign an Avaya IC
server to port 9010. In a typical installation, with the primary ORB server on port
9001, IC Manager automatically assigns port 9010 to the Report server.

Server Default port Assigned port Notes

ORB server 9001 Default port assignment.

Directory server 9002 Sequential from ORB server.
Alarm server 9003 Sequential from Directory server.
License server 9004 Sequential from Alarm server
Blender server Sequential Sequential from the previous
server created in IC Manager.
Workflow server Sequential Sequential from the previous
server created in IC Manager.
ADU server Sequential Sequential from the previous
server created in IC Manager.

IC Installation Planning and Prerequisites March 2009 3

Server Default port Assigned port Notes

Data server Sequential Connects to the following ports:

● Oracle database on 1521

● SQL Server database on 1433

● DB2 database on 50000

For DB2, this port is the default for

the first DB2 instance that is
created. Additional instances use
a different port
Sequential from the previous
server created in IC Manager.
EDU server Sequential Sequential from the previous
server created in IC Manager.
Report server Sequential Sequential from the previous
server created in IC Manager.
HTTP Connector server Sequential Connects to HTTP protocol on
port 80.
Sequential from the previous
server created in IC Manager.
Notification server Sequential Sequential from the previous
server created in IC Manager.
WebACD server Sequential Sequential from the previous
server created in IC Manager.
ComHub server Sequential Sequential from the previous
server created in IC Manager.
Paging server Sequential Sequential from the previous
server created in IC Manager.
Attribute server Sequential Sequential from the previous
server created in IC Manager.
IC Email server Sequential Connects to the following ports:
SMTP server on 25
Sequential from the previous
server created in IC Manager.

4 IC Installation Planning and Prerequisites March 2009


Server
Poller server
DUStore server
Telephony server
TS Queue Statistics server
VOX server
Content Analyzer
Administration server
Content Analyzer Operation
server
WebACD server - Service
port (Legacy services)
ComHub server - Service
port (Legacy services)
Paging server - Service port
(Legacy services)
Attribute server - Service port
(Legacy services)
HTTP Connector server -
HTTP request port
IC Installation Planning and Prerequisites
Port assignments for Avaya IC 7.2
Default port Assigned port Notes
Sequential Connects to the following ports:
● POP3 server on 110
● IMAP4 server on 143
● POP3 server on 995 with TLS
enabled
● IMAP4 server on 993 with TLS
enabled
Sequential from the previous
server created in IC Manager.
Sequential Sequential from the previous
server created in IC Manager.
Sequential Sequential from the previous
server created in IC Manager.
Note: Some switch interfaces
require additional ports. For more
information, see the
documentation for your switch.
Sequential Sequential from the previous
server created in IC Manager.
Sequential Connects to the IVR through
default port 3000. You can change
this port assignment in the IVR.
Sequential from the previous
server created in IC Manager.
Sequential Sequential from the previous
server created in IC Manager.
Sequential Sequential from the previous
server created in IC Manager.
4010 If you must change this port, see
IC Installation and Configuration.
4001 If you must change this port, see
IC Installation and Configuration.
4200 If you must change this port, see
IC Installation and Configuration.
2300 If you must change this port, see
IC Installation and Configuration.
9170 Can change default if required.
March 2009 5
Server
Ports reserved for ICM and
CIRS
Internet Call Manager service
- ICM agent
Internet Call Manager service
- ICM caller
Internet Call Manager service
- ICM bridge in Attribute
server port
Internet Call Manager service
- ICM administration (Util
port)
Internet Call Manager service
- ICM tunnel
CIRS service - CIRS servlet
port
CIRS service - CIRS
administration (Util port)
CIRS service - CIRS caller
IC Email server - Email
provider port
IC Email server - HTTP port
for administration interface
Web License Manager, Web
site, Email Template
Administration, Agent
Installer, and ICM tunneling
6 IC Installation Planning and Prerequisites
Default port Assigned port Notes
9500 to 9520 See cells below for details.
9501 Change this port in the ICM
Directory server table through
Configuration tab of IC Manager.
9502 Change this port in the ICM
Directory server table through
Configuration tab of IC Manager.
9503 Change this port in the ICM
Directory server table through
Configuration tab of IC Manager.
9504 Change this port in the ICM
Directory server table through
Configuration tab of IC Manager.
9505 If you must change this port, see
IC Installation and Configuration.
9506 If you must change this port, see
IC Installation and Configuration.
9507 Change this port in the CIRS
Directory server table through
Configuration tab of IC Manager.
This port is used to monitor the
CIRS server.
9508 Change this port in the CIRS
Directory server table through
Configuration tab of IC Manager.
19113 Used by Web Agent to retrieve
email contacts from the IC Email
server.
19114 Used by Email Template
Administration to send changes to
the IC Email server.
Http - 80 HTTP and HTTPS connections for
Https - 443 web applications.
March 2009
 Port assignments for Avaya IC 7.2

Server Default port Assigned port Notes

Tomcat servlet 9600 HTTP port.

Change through the Configuration
Tool.
If you configure multiple Web
applications on one computer, the
Configuration Tool uses the
following ports:
● Weblicense Manager uses
port 8443 by default.
● baseport+2 for Web site

● baseport+3 for Email Template

Administration
● baseport+6 for IC Test

Tomcat servlet 9640 Change in the following files:

ajp13 ports ● IC_INSTALL_DIR/IC72/
lib/ictomcat.sh
● IC_INSTALL_DIR/IC72/
tomcat/conf/server.*.xml
where * is the name of the
Tomcat Web application
● IC_INSTALL_DIR/IC72/
tomcat/conf/jk/
workers.properties
If you configure multiple Web
applications on one computer, the
following sequential ports:
● baseport+41 for Web License
Manager (for example 9641)
● baseport+42 for Web site

● baseport+43 for Email

Template Administration
● baseport+46 for IC Test

IC Installation Planning and Prerequisites March 2009 7

Ports used by Business Advocate components
The following table lists the ports used for Business Advocate, plus additional information on
how to control those ports:

Component Default port Assigned port Notes

Business Advocate Resource Sequential Sequential from the previous

Manager server
Business Advocate
Telephony Services Adaptor
server
Web Advocate Adaptor
server
Advocate Services
DCOM
Active Directory and MSMQ
Windows network share to
primary Resource Manager
server.
server created in IC Manager.
Sequential Sequential from the previous
server created in IC Manager.
Sequential Sequential from the previous
server created in IC Manager.
1521 Use by connection to Oracle
database.
5000 to 5050 Business Advocate servers that
use DCOM, limit to 5000-5050.
See Microsoft Knowledge Base
article 154596 and the article
entitled "Using Distributed COM
with Firewalls" by Michael Nelson
per Windows See Microsoft Knowledge Base
configuration article 179442.
per Windows See Microsoft Knowledge Base
configuration article 179442.

Ports used by Avaya Agent Web Client

The following table lists the ports used by Avaya Agent Web Client.

Component Default port Notes

Java Application Bridge 900x This component can use any unused port
in the 9000 range.
Avaya Agent Web Client listener port 85xx This component can use any unused port.

8 IC Installation Planning and Prerequisites March 2009

 Port assignments for Avaya IC 7.2

Component Default port Notes

IBM HTTP Server Http - 80 HTTP and HTTPS connections for web
Https - 443 applications

Avaya Agent Web Client configured 9443 This component can use any unused port.
for SSL.

Ports used by Client SDK and Web Services

For the Client SDK messaging component:
● The client initiates all connections to the Client SDK server.
● HTTP is the application protocol for communication.
The following table lists the ports used by the Avaya IC Client SDK and Web Services.

Component Default port Notes

Java Application Bridge
Tomcat port for client SDK
server
Tomcat port for Web
Services
Client SDK server ports
used for messaging/
asynchronous
communication
900x This component can use any unused port in the
9000 range.
9700 The Client SDK server uses this port ais the default
port for inbound connections.
Note: To change the default port, modify the
following file:
IC_INSTALL_DIR/IC72/tomcat/conf/
server.icsdk.xml
9800 Web Services uses this port ais the default port for
inbound connections.
Note: To change the default port, modify the
following file:
IC_INSTALL_DIR/IC72/tomcat/conf/
server.icwebservices.xml
8000-9000 By default, the Client SDK server accepts
connections from a client in a port range between
8000 and 9000. If a client is outside the firewall, you
must open up ports in this range.
For information about how to change these ports,
see IC Installation and Configuration.

IC Installation Planning and Prerequisites March 2009 9

Ports used by Siebel Integration
The following table lists the ports used for Siebel integration servers and components.

Component Default port Assigned port Notes

ASIS server Sequential Sequential from the previous

server created in IC Manager.
AICD server Sequential Sequential from the previous
server created in IC Manager.
EAI server Sequential Communicates with Siebel on
HTTP port 80.
You can configure this port by
setting hostname:port on the
Configuration tab of the server.
Sequential from the previous
server created in IC Manager.

Ports used by Avaya OA components

The following table lists the default ports used by Avaya OA components. For information about
ports used by the Event Collector server and the Event Collector bridge, see Ports used by
Avaya IC core components on page 3.

Component Default port Assigned port Notes

Avaya OA Event Collector Sequential Sequential from the previous

server server created in IC Manager.
Orbacus 10000 Orbacus naming service
OA services 1521 Used by connection to Oracle
database.
OA services 1433 Used by connection to Microsoft
SQL Server database.
OA services 50000 Used by connection to IBM DB2
database.
This listen port is the default for
the first DB2 instance that is
created. Any additional instances
will use a different port.

10 IC Installation Planning and Prerequisites March 2009

 Ephemeral ports in Avaya IC and Avaya OA

Component Default port Assigned port Notes

Reporting 8999 Report URL for Windows

Reporting 11004 Report URL for Solaris
Reporting 9080 Report URL for AIX

Ports used by third party servers

Avaya IC and Avaya OA also use third party servers which are accessed through TCP/IP. These
third party servers include, but are not limited, to those listed in the following table.

Default Port Protocol or Component Avaya IC Components

25 SMTP IC Email server and Web Management web

site
110 POP IC Email server and POP3 email servers
143 IMAP IC Email server and IMAP4 email servers
995 POP POP3 server on 995 with TLS enabled
993 IMAP IMAP4 server on 993 with TLS enabled
1433 SQL Server database Data server, Web Management web site, and
ICM connection for SQL Server installation
1521 Oracle database Data server, Web Management web site, and
ICM connection for Oracle installation
50000 DB2 database Data server, Web Management web site, and
ICM connection for DB2 installation

Ephemeral ports in Avaya IC and Avaya OA

A TCP/IPv4 connection consists of two endpoints. Each endpoint includes an IP address and a
port number. When a client user connects to a server, an established connection is the
combination of server IP, server port, client IP, and client port. Usually, the following three of
these parts are known and required:
● Client IP
● Server IP

IC Installation Planning and Prerequisites March 2009 11

 ● Server port number
When a connection is established, the client-side of the connection uses a port number. Unless
a client program explicitly requests a specific port, the client port is an ephemeral port number.
Ephemeral ports are temporary ports assigned by the IP stack of a computer. The IP stack
assigns ephemeral ports from a range of ports that is designated for this purpose. When the
connection terminates, the ephemeral port is available for reuse. However, most IP stacks will
not reuse a port number until after the entire pool of ephemeral ports has been used. If the client
program reconnects, the IP stack assigns a different ephemeral port number the client side of
the new connection.
This section includes the following topics:
● Limits implied by the ephemeral port range on page 12
● Traditional configuration of the ephemeral port range on page 12
● Firewalling the ephemeral port range on page 13
● Changing the ephemeral port range on page 13

Limits implied by the ephemeral port range

The ephemeral port range limits the maximum number of connections from one computer to a
specific service on a remote computer. The TCP/IP protocol uses the combination of server IP,
server port, client IP, and client port to distinguish between connections. Therefore, if the
ephemeral port range is only 4000 ports wide, a client computer can have only 4000 unique,
simultaneous connections to a remote service.
A port range of 4000 may seem large, but it is actually small for current computing demand. A
TCP connection must expire through the TIME_WAIT state before the connection is completed.
For example, even if both sides of a connection properly close their ends of the connection, due
to the error control for TCP, each side must wait until the TIME_WAIT state is expired before the
disposing of the connection resources. The TIME_WAIT state is twice the maximum segment
lifetime (MSL) which is usually configured at 240 seconds. This configuration means that a
client computer can have only 4000 connections per 240 second window.

Traditional configuration of the ephemeral port range

The BSD Sockets TCP/IP stack uses ports 1024 through 4999 as ephemeral ports. Additionally,
ports 1 through 1023 are reserved ports, used for systems services that run as the superuser.
The ephemeral port range for the BSD stack has a relatively small size of 3975 ports with a low
numbered position. The current preferred default range is 49152 through 65535, which has a
much larger size of 16383 ports and is at the top of the full port range.

12 IC Installation Planning and Prerequisites March 2009

 Ephemeral ports in Avaya IC and Avaya OA

Firewalling the ephemeral port range

For firewalls, administrators often restrict access to the maximum number of ports. Inbound
connections to ephemeral ports can require administrators to open an entire range of ports.
Avaya recommends that when a range of ports is opened on the firewall, no system services
listen on ports in the open range.
Administrators can open a specific range on the firewall. Then for each computer on the internal
network, administrators can ensure that the ephemeral port range on the computer coincides
with the open range on the firewall.
The ephemeral port ranges on computers on the internal network often do not coincide with
each other since different operating systems may use different ranges. The process to manually
configure the ephemeral port range for individual computers to coincide with the open range on
the firewall can be time-consuming. As a result, administrators often adopt a policy of allowing
all incoming ports and denying access to specific ports when needed.
You may not need to open the ephemeral port range on all computers. The ephemeral port
range is usually only required when:
● The application serves FTP to the outside world. Passive PASV data connections use
inbound ephemeral ports.
● FTP client access must work in non-passive mode. PORT connections from the server use
ephemeral ports when inbound to clients.

Changing the ephemeral port range

Avaya recommends that you change the ephemeral port range to 49152 through 65535. If you
need a larger range, continue downward from 49152, but leave 65535 as your upper bound.
You should change the ephemeral port range for the following reasons:
● To use a larger range so that more simultaneous connections are possible.
● To shift the range to the higher numbered ports. The higher numbered ports should be
used as ephemeral ports because they are less likely to be used as port numbers for
system services. Well known service ports have traditionally been assigned to lower port
numbers.
● To change the range to coincide with other systems for purposes of firewalling and
automatic network address translation.
The following sections describe how to change the ephemeral port range on the supported
operating systems:
● Changing the port range for Microsoft Windows on page 14
● Changing the port range for Sun Solaris on page 14
● Changing the port range for IBM AIX on page 16

IC Installation Planning and Prerequisites March 2009 13

 Some systems already use the preferred range and do not need to be changed. Some
operating systems also use two or more ranges.

Changing the port range for Microsoft Windows

Windows uses the traditional BSD range of 1024 through 4999 for its ephemeral port range.
You can only set the upper bound of the ephemeral port range.
Information about how to set the upper boundary of the ephemeral port is available in Microsoft
Knowledgebase Article Q196271:
http://support.microsoft.com/kb/Q196271

Changing the port range for Sun Solaris

Solaris uses the ndd utility program to change tunable IP stack parameters. The ephemeral
ports on Solaris can be tuned individually for both TCP and UDP, so there are really two
separate ephemeral port ranges. Solaris also provides options to change the privileged port
range (ports only processes running with superuser privileges can use).
Solaris, by default, provides a large range at the end of the port range (32768 through 65535, or
the upper 50%) so you are unlikely to need to change the range from the default values.

! Important:
Important: Avaya recommends that you use the default range. If you change the range
values, you must do it each time the system starts up.
The example below shows how to query the existing range for the TCP ephemeral ports and
change the range to 49152 through 61000:
1. Enter:
/usr/sbin/ndd /dev/tcp tcp_smallest_anon_port
tcp_largest_anon_port
The current range (by default, 32768 to 65535) is displayed.
2. Enter the following commands to change the ephemeral port range to 49152
through 61000:
/usr/sbin/ndd -set /dev/tcp tcp_smallest_anon_port 49152
/usr/sbin/ndd -set /dev/tcp tcp_largest_anon_port 61000
3. Enter the following command to display the new range:
/usr/sbin/ndd /dev/tcp tcp_smallest_anon_port
tcp_largest_anon_port
The new range, 49152 through 61000, is displayed.
For more information about tuning Solaris, refer to the Solaris Tunable Parameters Reference
Manual.

14 IC Installation Planning and Prerequisites March 2009

 Ephemeral ports in Avaya IC and Avaya OA

The following is a sample script you can use to change the range at startup:
#!/sbin/sh
#
# Copy me to /etc/init.d/ephemports, then do
# "ln -s /etc/init.d/ephemports /etc/rc2.d/S70ephemports".
#
EPHEM_HI="65535"
EPHEM_LO="49152"

if [ "$#" -eq 0 ] ; then arg="start" ; else arg="$1" ; fi

case "$arg" in
'start')
;; # Fall through -- rest of script is the initialization code

'stop')
exit 0
;;

'status')
EPHEM_HI=`/usr/sbin/ndd /dev/udp udp_largest_anon_port`
EPHEM_LO=`/usr/sbin/ndd /dev/udp udp_smallest_anon_port`
echo "UDP ephemeral port range is ${EPHEM_LO}..${EPHEM_HI}."
EPHEM_HI=`/usr/sbin/ndd /dev/tcp tcp_largest_anon_port`
EPHEM_LO=`/usr/sbin/ndd /dev/tcp tcp_smallest_anon_port`
echo "TCP ephemeral port range is ${EPHEM_LO}..${EPHEM_HI}."
exit 0
;;

*)
echo "Usage: $0 { start | stop | status }"
exit 1
;;
esac

/usr/sbin/ndd -set /dev/udp udp_smallest_anon_port "${EPHEM_LO}"

/usr/sbin/ndd -set /dev/udp udp_largest_anon_port "${EPHEM_HI}"
/usr/sbin/ndd -set /dev/tcp tcp_smallest_anon_port "${EPHEM_LO}"
/usr/sbin/ndd -set /dev/tcp tcp_largest_anon_port "${EPHEM_HI}"

EPHEM_HI=`/usr/sbin/ndd /dev/udp udp_largest_anon_port`

EPHEM_LO=`/usr/sbin/ndd /dev/udp udp_smallest_anon_port`
echo "UDP ephemeral port range is ${EPHEM_LO}..${EPHEM_HI}."
EPHEM_HI=`/usr/sbin/ndd /dev/tcp tcp_largest_anon_port`
EPHEM_LO=`/usr/sbin/ndd /dev/tcp tcp_smallest_anon_port`
echo "TCP ephemeral port range is ${EPHEM_LO}..${EPHEM_HI}."

exit 0

IC Installation Planning and Prerequisites March 2009 15

Changing the port range for IBM AIX
AIX uses the no command to set network options. AIX uses two separate ephemeral port
ranges, one for TCP and UDP. Both ranges default to the values 32768 through 65535.
To display the current port range, enter:
/usr/sbin/no -a | fgrep ephemeral
The port range is displayed:

tcp_ephemeral_low = 32768
tcp_ephemeral_high = 65535
udp_ephemeral_low = 32768
udp_ephemeral_high = 65535

! Important:
Important: Avaya recommends that you use the default range. If you change the range
values, you must do it each time the system starts up.
If necessary, you can change the default range with the no command.
For example, to set the TCP ephemeral port range to 49152 through 65535, enter:
/usr/sbin/no -o tcp_ephemeral_low=49152 -o
tcp_ephemeral_high=65535
You can set the options with no each time the system starts up by editing /etc/rc.tcpip and
inserting the no commands just before the script starts to run the server daemons.

16 IC Installation Planning and Prerequisites March 2009