DTC uses RPC to setup a communication between two machines in a 2 phase commit transaction, one of the most important things about this communication is that should be in bidirectional mode.
RPC communication follow this process:
-
The source server sends a TCP request over port 135 (RPC portmapper port)
-
The destination server replies back over port 135 with a port from its allowed TCP high range
-
The destination server sends a TCP 135 request to source
-
The source server replies back with a port in the allowable TCP high range
-
Now the computers participate in the transaction and use the TCP high range ports provided by both of them
TCP High Range
By default the high range is port 1024 and above, so RPC could use any port between 1024 and 65535. This is a problem if you have a firewall between servers and need to apply Firewall rules. Fortunately Microsoft provides a way to restrict the RPC port range:
You can configure it directly from Component Services console (Control Panel, Administrative Tools, Component Services or you can type dcomcnfg.exe command from the Run window), expand the Component Services and Computers nodes, right click on My Computer one and then select Properties. Click on Default Protocols tab, on DCOM Protocols section select Connection-oriented TCP/IP and click on Properties button.
On the Properties for COM Internal Services window, click on Add button and type the port range that you want to use (for development or staging environment you can use a range of 200 ports, for example, 5000-5200 and for production environments with a great number of transactions you can use a bigger range, for example, 5000-6000). Click OK and select Internet range option in both Port range assignment and Default dynamic port allocation sections.
Click OK, Apply and OK to close all windows.
You can configure it modifying some Registry entries too. Follow the instructions described on these Microsoft articles to do it http://support.microsoft.com/kb/154596/ and http://support.microsoft.com/kb/306843. The most important thing here is to no that the UseInternetPorts regkey must match on the source and destination.
No hay comentarios:
Publicar un comentario