Cisco Headend Digital Broadband Delivery System
Chapter 7 DNCS Web Services Security
56
4034689 Rev A
Define the Web Service Listening Interface
By default, the DNCS Web Services are only accessible internally on the DNCS. The
DNCS Web Service must be configured to operate on an external-facing network
interface to allow access for service requesters, such as billing systems and remote
set-top staging clients. Complete the procedures in this section to define the DNCS
Web Services network interface.
DNCS Web Service must be configured to operate on an external-facing network
interface to allow access for service requesters, such as billing systems and remote
set-top staging clients. Complete the procedures in this section to define the DNCS
Web Services network interface.
Second Web Instance Consideration
A second web server instance was added to the DNCS in SR 5.0. The existing web
server instance supports the web user interface (web UI) and web services.
server instance supports the web user interface (web UI) and web services.
The new web server instance was added to allow separation of remote web UI traffic
and web services. The web services can be configured to operate on the original web
server instance; however, we do NOT recommend this approach. You should ONLY
configure both the web UI and web services to operate on the same web server
instance if there are insufficient network interfaces on the DNCS to support both
instances.
and web services. The web services can be configured to operate on the original web
server instance; however, we do NOT recommend this approach. You should ONLY
configure both the web UI and web services to operate on the same web server
instance if there are insufficient network interfaces on the DNCS to support both
instances.
The web UI web server instance, http, is configured to listen locally on port 80 by
default.
default.
The second web server instance, http-dncsws, is configured to listen on the private
dncs interface (TED network) during an initial installation of the DNCS. A remotely
accessible network interface must exist or be created on the DNCS if you are going to
use the same port number for both web server instances.
dncs interface (TED network) during an initial installation of the DNCS. A remotely
accessible network interface must exist or be created on the DNCS if you are going to
use the same port number for both web server instances.
Important: The two web server instances cannot listen on the same network
interface and port. A second remotely accessible network interface must exist or be
created on the DNCS if the same port number will be used for both web server
instances.
interface and port. A second remotely accessible network interface must exist or be
created on the DNCS if the same port number will be used for both web server
instances.
Notes: http Instance
The “Listen” definitions exist in the /etc/apache2/user-conf/httpd.ports and
/etc/apache2/user-conf/ssl.ports files.
/etc/apache2/user-conf/ssl.ports files.
The instance listens on port 8045 of all interfaces and port 80 on localhost by
default.
default.