13 Doms

2006 BEA Systems, Inc.
Domain Gateway Configuration

and Administration
At the end of this module, you will be able to:
Understand the Domain Gateway architecture and
components
Configure a Tuxedo application to support remote
domain connectivity
Monitor and manage Gateway activity with the
dmadmin utility
Module 13
Domain Gateway Configuration and Administration-1
2006 BEA Systems, Inc. 376
Road Map
1. Basic Domain Gateway Configuration
Domain Gateway Usages
Tuxedo System Server Components
The DMCONFIG File
Using the dmadmin Utility
2. Advanced Domain Gateway Enhancements
Multiple Domains
Domains are an administrative construct
One UBBCONFIG = One Domain
IPCKEY uniquely identifies domain / resources
One machine can support one to many domains
One Domain can span one to many machines
Domains are used to demarcate :
development / test / production boundaries
administrative boundaries
secure regions
organizational / business divisions
Communication between domains is done through one
or more Domain Gateways.
Native clients continue to connect to their machines
local bulletin board to look up services.
Remote Clients continue to use the WSL or JSL.
The location of the service is transparent to
applications making the request.
Domain Gateways
Domain A
Client
Domain
Gateway A
Domain B
Server
Domain
Gateway B
The BEA Tuxedo/D component provides different
kinds of Gateways:
BEA eLink Adapter for Mainframe TCP Gateway
BEA eLink Adapter for Mainframe SNA Gateway
BEA eLink Adapter for Mainframe OSI TP Gateway
Tuxedo TDomain Gateway
All Gateways are interoperable.

Types of Domain Gateways
eLink SNA DomainB
Server
Domain
Gateway B
WebLogic TDomainC
EJBs
WTC
Component
WTC Client
Tuxedo TDomainA
Client Domain
Gateway A
Server
Configuring Multiple Domains
Two configuration files are needed to configure
domain interoperability:
Deploys Domain Gateway Servers
UBBCONFIG
Defines Domain Gateway Connectivity
DMCONFIG
Description Configuration File
Domain A
UBBCONFIG
A
DMCONFIG
A
Domain B
UBBCONFIG
B
DMCONFIG
B
Configuring Gateways in UBBCONFIG
The UBBCONFIG file declares:
A unique identity / name for the domain
Admin and communications gateway servers
Declare the domain name in RESOURCES.
Declare the following servers in SERVERS:
DMADM: domain administration server
GWADM: gateway administration server
GWTDOMAIN: communication gateway server
Associate the servers with unique server groups.
Example UBB Configuration File
Here's an example configuration file that declares the
servers needed to support inter-domain
communication:

Example UBBCONFIG text file:
*RESOURCES
DOMAINID MUTT
...
*GROUPS
...
LDMGRP GRPNO=3 # used for the DMADM server
LGWGRP GRPNO=4 # used to pair GWADM & GWTDOMAIN
...
*SERVERS
DMADM SRVGRP=LDMGRP SRVID=1 # domain admin server
GWADM SRVGRP=LGWGRP SRVID=1 # gateway admin server
GWTDOMAIN SRVGRP=LGWGRP SRVID=2 # gateway comm server
...
ADMGRP
DOM_GW1
DOM_GW1
ADMGRP GRPNO=3
DOM_GW1 GRPNO=4
DMCONFIG Text File
DMCONFIG defines local and remote domain gateways:
includes seven sections
describes the relationship between gateways
is compiled with dmloadcf
(use dmunloadcf to print a text copy)
The BDMCONFIG environment variable must be set to
the name and location of the bdmconfig binary
version of DMCONFIG.
Unlike the tuxconfig binary, the bdmconfig binary is
NOT propagated to other machines during a tmboot.
Compiling DMCONFIG with dmloadcf:
C:\> set BDMCONFIG=C:\apps\bdmconfig
C:\> dmloadcf y dmconfig.bdm
The examples in the
following slides are
valid for versions 7.1+
For version 6.5, refer
to your documentation
Example DMCONFIG Text Files
Example MUTT DMCONFIG file:

*DM_RESOURCES
VERSION=Internal2.2
*DM_LOCAL
MUTTGW1 GWGRP=DOM_GW1
TYPE=TDOMAIN
ACCESSPOINTID=mgw1
*DM_REMOTE
JEFFGW1 TYPE=TDOMAIN
ACCESSPOINTID=jgw1
*DM_TDOMAIN
MUTTGW1 NWADDR=//mutt:2507
JEFFGW1 NWADDR=//jeff:3186
*DM_EXPORT
INQ
UPDATE
*DM_IMPORT
TOUPPER RACCESSPOINT=JEFFGW1
Example JEFF DMCONFIG file:

*DM_RESOURCES
VERSION=Internal2.3
*DM_LOCAL
LDOM1 GWGRP=GW_GRP1
TYPE=TDOMAIN
ACCESSPOINTID=jgw1
*DM_REMOTE
RDOM1 TYPE=TDOMAIN
ACCESSPOINTID=mgw1
*DM_TDOMAIN
LDOM1 NWADDR=//jeff:3186
TDOM1 NWADDR=//mutt:2507
*DM_EXPORT
TOUPPER
*DM_IMPORT
INQ RACCESSPOINT=RDOM1
UPDATE RACCESSPOINT=RDOM1
DM_RESOURCES
DM_RESOURCES has a single field, VERSION.
The VERSION field can be set to an arbitrary string
that can serve as versioning or documentation.
Example DM_RESOURCES section:
*DM_RESOURCES
VERSION=Experimental8.9
DM_LOCAL
The DM_LOCAL section identifies local gateways
associated with this domain.
Each gateway is mapped to a gateway server group in
the domains UBBCONFIG file.
Syntax of DM_LOCAL section:
*DM_LOCAL
unique_identifier
GWGRP=gateway_server_group_specified_in_UBBCONFIG
TYPE=always_TDOMAIN_for_Tuxedo
ACCESSPOINTID=unique_identifier_for_this_gateway

Example DM_LOCAL section:
*DM_LOCAL
MuttGateway1
GWGRP=DOM_GW_GRP1
TYPE=TDOMAIN
ACCESSPOINTID=mutt_gw_1
DM_REMOTE
This section identifies gateways configured in remote
domains.
Multiple remote gateway configurations indicate:
multiple gateways into one remote domain < OR >
multiple remote domains < OR > both
Syntax of DM_REMOTE section:
*DM_REMOTE
unique_identifier
TYPE=is_always_TDOMAIN_for_Tuxedo_or_WebLogic
ACCESSPOINTID=unique_identifier_for_this_gateway

Example DM_REMOTE section:
*DM_REMOTE
RDOM1 TYPE=TDOMAIN ACCESSPOINTID=JEFF1
RDOM2 TYPE=TDOMAIN ACCESSPOINTID=MARY2
DM_TDOMAIN
This section defines network addresses for all of the
TDomain gateways (LOCAL & REMOTE) visible to
this domain.
Syntax of DM_TDOMAIN section:
*DM_TDOMAIN
identifier_used_in_DM_LOCAL_or_DM_REMOTE
NWADDR=//host:port

Example DM_TDOMAIN section:
*DM_TDOMAIN
MuttGateway1 NWADDR=//mutt:2507
RDOM1 NWADDR=//jeff:3186
RDOM2 NWADDR=//mary:4377
DM_EXPORT
This section lists the services that can be made
available to remote gateways.
By default, these services can be accessed from all local
gateways.
Syntax for DM_EXPORT section:
*DM_EXPORT
Name_of_SERVICE_advertised_in_local_BB
[LACCESSPOINT=local_gateway_name_in_DM_LOCAL]
[ACL=...]
[RNAME=alias_SERVICE_name_used_by_remote_gateways]

Example DM_EXPORT section:
*DM_EXPORT
INQ
LACCESSPOINT=MuttGateway1
ACL=myRestrictedList
DM_IMPORT
This section lists the services to be requested from
remote gateways.
By default, these will be advertised by all local gateways.
Syntax for DM_IMPORT section:
*DM_IMPORT
Name_of_SERVICE_in_remote_domain
RACCESSPOINT=remote_gateway_name_in_DM_REMOTE
[LACCESSPOINT=local_gateway_name_in_DM_LOCAL]
[BLOCKTIME=max_time_before_requests_timeout]
[LOAD=load_factor]
[RNAME=alias_SERVICE_name_locally_advertised]
[ROUTING=routing_criteria]

Example DM_IMPORT section:
*DM_IMPORT
UPDATE RACCESSPOINT=RDOM1
TOUPPER RACCESSPOINT=RDOM2
CONNECTION_POLICY
Configured in the DM_LOCAL section (all versions) or
DM_TDOMAIN section (versions 8.1 +).
Specifies the conditions under which a local domain
gateway tries to establish a connection to a remote
domain gateway.
Supported Values:
ON_DEMAND(Default),ON_STARTUP, INCOMING_ONLY
Example CONNECTION_POLICY Setting:
*DM_LOCAL
GW1
GWGRP=GW_GRP1
TYPE=TDOMAIN
ACCESSPOINTID=mutt_ap1

CONNECTION_POLICY=ON_STARTUP
Dynamic Status Connections
- Incoming connection
- Administrator connect with dmadmin
- Gateway server initialization
- After connection failure as configured
- Local client request
- Incoming connection
Connection
Attempted
NO
ON_DEMAND
YES
ON_STARTUP
N/A
INCOMING_ONLY
Retry
Support
Connection
Policy
CONNECTION_POLICY Options
- Always advertised ON_DEMAND
- While a valid connection exists
- Suspended if connection lost
ON_STARTUP
- While a valid connection exists
- Suspended if connection lost
INCOMING_ONLY
Service Advertisement Connection Policy
The gateway attempts to establish a
connection every 30 seconds 3 times before
quitting
RETRY_INTERVAL=30
MAXRETRY=3
connection at initialization with no retries
MAXRETRY=0
connection every 30 seconds until a
connection is established
RETRY_INTERVAL=30
Behavior
Options
The ON_STARTUP options provides these additional
settings:
The dmadmin utility
dmadmin is used to monitor and control domain
gateway connectivity.
The BDMCONFIG environment variable must first be set
Displaying gateway statistics with dmadmin:
c:\> dmadmin
> default d ENG_AP1
> pd
Local domains :ENG_AP1
Connected domains:
Domainid: mktap1
Attempt manual reconnect co [-R]
Print domain gateway statistics pstats
Print domain connectivity information pd
Description Command
Force the gateway to disconnect dco
Section Review
Understand multiple domain architectures
Configure and deploy the Domain Gateway server
components
Configure the DMCONFIG File
Use the dmadmin utility
In this section, we learned how to:
Lab Exercise
For details on the exercise, refer to the Lab Guide.
If questions arise, ask the instructor.
The instructor will determine the stop time.
Lab 14 DOMS: Configure, Deploy, and Test
a Domain Gateway
Road Map
1. Basic Domain Gateway Configuration
2. Advanced Domain Gateway Enhancements
Using Multiple Domain Gateways
Performance Enhancement Options
Configuring Support for XA Transactions
Domain Gateway Security Options
Improving Domain Gateway Performance
Use multiple gateways to improve throughput:
Add a second GWADM/GWTDOMAIN in the UBBCONFIG file
(in another server group)
Add a second entry in DM_LOCAL section of the DMCONFIG
file
Encoding: Turn it OFF by setting MTYPE; the default is
ON if MTYPE is not set
Compression: set CMPLIMIT in the DMCONFIG
configuration file
Setting BLOCKTIME for each local domain gateway
We will look at examples of these next ...
Example Multiple Gateways...
MUTT DMCONFIG file:

*DM_RESOURCES
VERSION=1.1
*DM_LOCAL
MDOM1 GWGRP=LGWGRP1
TYPE=TDOMAIN
ACCESSPOINTID=mutt1
MDOM2 GWGRP=LGWGRP2
TYPE=TDOMAIN
ACCESSPOINTID=mutt2
*DM_REMOTE
JDOM1 TYPE=TDOMAIN
ACCESSPOINTID=jeff1
*DM_TDOMAIN
MDOM1 NWADDR=//mutt:2507
JDOM1 NWADDR=//jeff:3186
*DM_EXPORT
*DM_IMPORT
TOUPPER RACCESSPOINT=JDOM1
MUTT UBBCONFIG file:

*GROUPS
LGWADM GRPNO=1
LMID=SITE1
LGWGRP1 GRPNO=2
LMID=SITE1
LGWGRP2 GRPNO=3
LMID=SITE2

*Servers
DMADM SRVID=1
SRVGRP=LGWADM
GWADM SRVID=1
SRVGRP=LGWGRP1
GWTDOMAIN SRVID=2
SRVGRP=LGWGRP1
GWADM SRVID=1
SRVGRP=LGWGRP2
GWTDOMAIN SRVID=2
SRVGRP=LGWGRP2
Example Multiple Gateways
MUTT DMCONFIG file:

*DM_RESOURCES
VERSION=1.1
*DM_LOCAL
MDOM1 GWGRP=LGWGRP1
TYPE=TDOMAIN
ACCESSPOINTID=mutt1
MDOM2 GWGRP=LGWGRP2
TYPE=TDOMAIN
ACCESSPOINTID=mutt2
*DM_REMOTE
JDOM1 TYPE=TDOMAIN
ACCESSPOINTID=jeff1
*DM_TDOMAIN
JDOM1 NWADDR=//jeff:3186
*DM_EXPORT
*DM_IMPORT
TOUPPER RACCESSPOINT=JDOM1
JEFF DMCONFIG file:

*DM_RESOURCES
VERSION=1.1
*DM_LOCAL
LG1 GWGRP=TGWGRP
TYPE=TDOMAIN
ACCESSPOINTID =jeff1
*DM_REMOTE
RG1 TYPE=TDOMAIN
ACCESSPOINTID =mutt1
RG2 TYPE=TDOMAIN
ACCESSPOINTID =mutt2
*DM_TDOMAIN
LG1 NWADDR=//jeff:3186
RG1 NWADDR=//mutt:2507
RG2 NWADDR=//mutt:2509
*DM_EXPORT
TOUPPER
*DM_IMPORT

Setting MTYPE for Encoding Preference
Example: setting MTYPE; encoding OFF:
*DM_LOCAL
LDOM1 ACCESSPOINTID = mkt_ap1
MTYPE = SOLARIS

*DM_REMOTE
RDOM1 ACCESSPOINTID = eng_ap1
MTYPE = SOLARIS
Example: setting MTYPE; encoding ON:
(Note: Encoding ON by default when MTYPE is undefined)

*DM_LOCAL
LDOM1 ACCESSPOINTID = mkt_ap1
MTYPE = SOLARIS

*DM_REMOTE
RDOM2 ACCESSPOINTID = eng_ap2
MTYPE = WIN
Setting CMPLIMIT for Data Compression
Example: setting a CMPLIMIT for REMOTE gateways:
. . .
*DM_LOCAL
MDOM1 GWGRP=LGWGRP1
TYPE=TDOMAIN
ACCESSPOINTID=mutt1
*DM_REMOTE
RDOM1 TYPE=TDOMAIN
ACCESSPOINTID=jeff1
RDOM2 TYPE=TDOMAIN
ACCESSPOINTID=mary1
RDOM3 TYPE=TDOMAIN
ACCESSPOINTID=frank1
*DM_TDOMAIN
RDOM1 NWADDR=//jeff:3186 CMPLIMIT=8192
RDOM2 NWADDR=//mary:8754 CMPLIMIT=MAXLONG
RDOM3 NWADDR=//frank:9032 CMPLIMIT=1024
. . .
Setting BLOCKTIME for Local Gateways
Example: Setting a BLOCKTIME for LOCAL Gateways:
. . .
*DM_LOCAL
MDOM1 GWGRP=LGWGRP1 BLOCKTIME=12
TYPE=TDOMAIN
ACCESSPOINTID=mutt1
TYPE=TDOMAIN
ACCESSPOINTID=mutt2
TYPE=TDOMAIN
ACCESSPOINTID=mutt3
*DM_REMOTE
RDOM1 TYPE=TDOMAIN
ACCESSPOINTID=jeff1
*DM_TDOMAIN
RDOM1 NWADDR=//jeff:2507
. . .
Total block will be a multiplier of
BLOCKTIME x SCANUNIT(def=10s)
Domain Gateway Failover
Domain gateway failover is available with
ON_STARTUP or INCOMING_ONLY connection
policies.
Provides for automatic failover as well as automatic
failback to the primary when connection is restored.

Syntax for Domain-level failover:
*DM_IMPORT
SERVICE_Name
RACCESSPOINT=remote_gw1[,remote_gw2][,remote_gw3]

Example Domain-level failover configuration:
*DM_IMPORT
TOUPPER
RACCESSPOINT=jeffgw1,jeffgw2,jeffgw3
Example Domain Routing Usage
Example Configuring DDR over Domain Gateways:
*DM_IMPORT
BALANCE
ROUTING=on_account
*DM_ROUTING
on_account
BUFTYPE=FML32
FIELD=account_id
RANGES=1-500:MDG1,501-1000:MDG2,*:MDG3
Routing Identifier
Remote Domain Gateways
Data-Dependent Routing (DDR) can also be configured
for multiple remote gateways.
Configuration is similar to DDR Server Groups.
Transactions Across Domain
Gateways
Distributed transactions can span Domain boundaries.
A gateway acts as a subordinate of the transactions
coordinated by another server group within the
originating domain.
Gateways advertise the TMS service and coordinate the
2PC of transactions executed across domains.
GWADM
Tuxedo
System
TLOG
Domain
Gateway
DMTLOG
GWTDOMAIN
DMTLOG created by
Administrator with dmadmin
TLOG created by
Administrator with tmadmin
Domain Transaction Configuration
Section: DM_IMPORT
Section: DM_LOCAL
Size of DMTLOG [def=100 pages] DMTLOGSIZE
Max number of domains in a transaction [0-32768; def=16] MAXRDTRAN
Specifies name of DMTLOG [<30 chars][def=DMTLOG] DMTLOGNAME
Enables domain gateway to automatically begin, commit or rollback
transactions
AUTOTRAN
Sets default timeout for a transaction started by Tuxedo [0-
2147483648s; def=30s]
Max number of simultaneous global transactions on local domain
[0-MAXGTT; def=MAXGTT]
Specifies file system that contains domain transaction log (DMTLOG)
for this machine
Description
MAXTRAN
DMTLOGDEV
TRANTIME
Parameter
Security Across Domain Gateways
Enhanced security is available through:
Restricting services which are available
Defining access control lists for remote gateways
Setting of Link-Level Encryption (LLE) between gateways
Enforcing application passwords
Defining domain gateway passwords
Password Security Levels:
No security (NONE)
Application level security (APP_PW)
Provided by normal security configuration
Domain gateway passwords (DM_PW)
Domain Gateway Security: DM_PW
Example MUTT Config files:

UBBCONFIG
*RESOURCES
SECURITY NONE

DMCONFIG
*DM_LOCAL
Dom1AP SECURITY=DM_PW
ACCESSPOINTID=d1

*DM_REMOTE_DOMAINS
Dom2AP ACCESSPOINTID=d2
Example JEFF Config files:

UBBCONFIG
*RESOURCES
SECURITY NONE

DMCONFIG
*DM_LOCAL
MyAP ACCESSPOINTID=d2
SECURITY=DM_PW

*DM_REMOTE
RemAP ACCESSPOINTID=d1
Connections from remote domains are authenticated
using passwords defined in the DM_PASSWORDS section
of BDMCONFIG file.

Example setting the DM_PW
After the TUXCONFIG and BDMCONFIG files are generated, boot
the applications on DOMAIN1 and DOMAIN2:

On DOMAIN1:
dmadmin
passwd Dom1AP Dom2AP
Enter Local Domain Password:foo1
Reenter Local Domain Password:foo1
Enter Remote Domain Password:foo2
Reenter Remote Domain Password:foo2

On DOMAIN2:
dmadmin
passwd MyAP RemAP
Enter Local Domain Password:foo2
Reenter Local Domain Password:foo2
Enter Remote Domain Password:foo1
Reenter Remote Domain Password:foo1
Local and remote
gateway passwords
must match
DM_ACCESS_CONTROL
DM_ACCESS_CONTROL specifies an access control
list of remote domains allowed to access this domain
Syntax for DM_ACCESS_CONTROL section:
*DM_ACCESS_CONTROL
acl_name ACLIST = identifier [, identifier]

Example DM_ACCESS_CONTROL section for MUTT:
*DM_ACCESS_CONTROL
MyRemoteList ACLIST = JEFF1,MARY1
Example DM_EXPORT section:
*DM_EXPORT
INQ ACL = MyRemoteList
LLE between Gateways
Connecting process negotiates encryption level for the
link based on two configured parameters in the
DM_TDOMAIN section:
MINENCRYPTBITS:
Minimum encryption level - (0, 56, or 128 bit key size)
MAXENCRYPTBITS:
Maximum encryption level - (0, 56, or 128 bit key size)
GW1
LLE LLE
Standard Tuxedo Link Level Encryption
GW2
LLE encrypts all data
between the Domain
Gateways
Server
WebLogic-Tuxedo Connector (WTC)
WTC provides integration between WebLogic Server
and Tuxedo applications.
WebLogic clients call local EJBs to access Tuxedo services
Tuxedo clients can call WebLogic EJBs.
WebLogic Server
Connector
EJB
JSP
RMI
Tuxedo
GWTDOMAIN
TDOMAIN
Protocol
Section Review
Configure and deploy multiple domain gateways
Implement performance enhancement options
Configure support for XA transactions
Leverage the domain gateway security options
In this section, we learned how to:
Module Review
Understand the Domain Gateway architecture and
components
Configure a Tuxedo application to support remote
domain connectivity
Configure additional gateway options
Monitor and manage gateway activity with the
dmadmin utility
In this module, we learned how to:

13 Doms

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

13 Doms

Uploaded by

Copyright:

Available Formats

2006 BEA Systems, Inc.

Domain Gateway Configuration

You might also like