SAS Safety Scalable Performance Data Server 4.5 Manual Do Utilizador
Using SPD Server with an Internet Firewall
Overview of Using SPD Server with a Firewall
SPD Server and its clients communicate through ports that permit requests to be sent to the
server and that send and receive data (such as table rows) between client and server. If the
server is running with an Internet firewall, the ports that the client and server use must be
configured so that the firewall will allow the communication. This section describes the
SPD Server server and client ports, as well as how to assign and configure them for use
with an Internet firewall.
server and that send and receive data (such as table rows) between client and server. If the
server is running with an Internet firewall, the ports that the client and server use must be
configured so that the firewall will allow the communication. This section describes the
SPD Server server and client ports, as well as how to assign and configure them for use
with an Internet firewall.
SPD Server clients communicate with the SPD Server Name Server via the SPD Server
Name Server listen port. The Name Server listen port is used by clients (such as Base SAS)
when LIBNAME and SQL CONNECT statements are issued. The LIBNAME and SQL
CONNECT statements must be able to pass through a firewall. The Name Server listen
port is also used by ODBC data sources that need to communicate with the SPD Server
Name Server.
Name Server listen port. The Name Server listen port is used by clients (such as Base SAS)
when LIBNAME and SQL CONNECT statements are issued. The LIBNAME and SQL
CONNECT statements must be able to pass through a firewall. The Name Server listen
port is also used by ODBC data sources that need to communicate with the SPD Server
Name Server.
SPD Server clients communicate with the SPD Server host whenever a client needs to
complete a LIBNAME connection, or whenever a client needs to issue SPD Server operator
commands. LIBNAME connections and operator commands must be able to access the
SPD Server listen port and the SPD Server operator port through existing firewalls.
complete a LIBNAME connection, or whenever a client needs to issue SPD Server operator
commands. LIBNAME connections and operator commands must be able to access the
SPD Server listen port and the SPD Server operator port through existing firewalls.
When an SPD Server server completes a client request for a LIBNAME connection, it
creates an SPD Server Base user proxy process. The user proxy handles all of the client
data requests. The proxy process requires multiple ports: a port to receive data commands
from the client, a port to receive operator commands from the client, and a port for each
open table to send and receive data between client and server. Therefore, the SPD Server
Base user proxy requires a range of port numbers that must be accessible through the
firewall.
creates an SPD Server Base user proxy process. The user proxy handles all of the client
data requests. The proxy process requires multiple ports: a port to receive data commands
from the client, a port to receive operator commands from the client, and a port for each
open table to send and receive data between client and server. Therefore, the SPD Server
Base user proxy requires a range of port numbers that must be accessible through the
firewall.
Assigning SPD Server Ports that Require Firewall Access
SPD Server Name Server Listen Port
The SPD Server Name Server listen port can be specified using well-known port definitions
that are declared in the operating system's services file, or by using the SPD Server
command line interface to specify the listen port. In the services file, the spdsname
specification corresponds to the listen port. The SPD Name Server listen port can also be
defined for UNIX installations in the rc.spds start-up script. The NSPORT parameter in
the rc.spds start-up script defines the SPD Server Name Server listen port. If NSPORT is
not defined in the rc.spds start-up script, the SPD Name Server will use the spdsname
service entry.
that are declared in the operating system's services file, or by using the SPD Server
command line interface to specify the listen port. In the services file, the spdsname
specification corresponds to the listen port. The SPD Name Server listen port can also be
defined for UNIX installations in the rc.spds start-up script. The NSPORT parameter in
the rc.spds start-up script defines the SPD Server Name Server listen port. If NSPORT is
not defined in the rc.spds start-up script, the SPD Name Server will use the spdsname
service entry.
SPD Server Listen Port and SPD Server Operator Port
The SPD Server listen and operator ports can be specified using well-known port definitions
that are declared in the operating system's services file, or they can be specified using the
SPD Server command line interface. In the operating system's services file, the
spdsserv_sas specification corresponds to the SPD Server listen port. The
spdsserv_oper specification corresponds to the SPD Server operator port. The SPD Server
listen and operator ports can also be defined in the rc.spds start-up script for UNIX
installations. In a rc.spds start-up script, the SRVLPORT parameter defines the listen port,
that are declared in the operating system's services file, or they can be specified using the
SPD Server command line interface. In the operating system's services file, the
spdsserv_sas specification corresponds to the SPD Server listen port. The
spdsserv_oper specification corresponds to the SPD Server operator port. The SPD Server
listen and operator ports can also be defined in the rc.spds start-up script for UNIX
installations. In a rc.spds start-up script, the SRVLPORT parameter defines the listen port,
188
Chapter 14 • ACL Security Overview