• Forum
• FAQs
• Videos
• MSDN Webcast
•  
• StorageEdge
• FAQs
• Forum
•  
• TierDeveloper
• Forum
• FAQs
• Online Demos
• MSDN Webcast
•  

Configuring NCache behind Firewall

The core of NCache is its dynamic cache cluster which is formed based on our own implemented TCP/IP based socket Protocol. There are mainly two types of communications i.e. from cache server to cache server (within cluster) and from client to cache servers. NCache manager also communicates with cache servers and remote clients for cache configurations.

Therefore, in a firewalled environment, it is required that NCache ports are open to allow these communications.

Here are details of all required NCache Ports:

NCache Ports:

1. Cluster Ports (Server-Server communication): A cluster port is defined while creating a cache cluster and cache servers communicate on this port afterwards. This cluster port and one next in the range need to be open e.g. if cluster port was defined as 7802 then you should open 7802 and 7803 for inbound and outbound communication on all cache servers.
2. Client-Server Port: By default, NCache server listens to all requests from cache clients on port 9800.
3. NCache Manager Ports: NCache Manager requires TCP port 8250 and HTTP port 8251 by default to configure and manage NCache servers and Remote clients.

For optimum performance and easy management, it is not recommended to turn on firewall between remote clients and cache servers or between cache servers. However, for specific business needs, if you turn on firewall you should allow communication on all NCache ports. In the following scenarios we've explained which ports should be open for NCache to work.

Firewall between NCache Clients (Web/App-servers) and NCache Cache servers:

For environments where Web/App servers and cache servers are placed in separate networks (like DMZ and private networks) and a firewall is placed between them, the port 9800 should be open on all cache servers for client-server communication.

Also open NCache Manager Ports (TCP port 8250 and HTTP port 8251) on all firewalled cache servers.

Firewall between NCache server nodes:

If there is a firewall between NCache server nodes for example in a four node cache cluster, two cache servers are in DMZ network and 2 cache servers are in a Private Network across firewall then you need to open Cluster Ports and NCache Manager Ports for successful cluster communication and management.