EntireX Version 9.7
 —  Administration under Windows  —

Administration of Broker Stubs

This document covers the following topics:


Available Stubs

The following table lists available stubs and gives an overview of available features and supported transport methods.

Stub Language Transport Methods Compression More Information
broker.dll * C TCP / SSL Yes See below.
Jaci Java TCP /SSL Yes See Java ACI.
(*) Stub broker32.dll is still supported for reasons of backward compatibility. The functionality is identical to broker.dll.

Top of page

Transport Methods for Broker Stubs

The Broker stub can use TCP/IP and Secure Sockets Layer.

Using TCP/IP as Transport Method for the Broker Stub

Start of instruction setTo use TCP/IP

  1. Optional: set the timeout, see Setting the Timeout for the Transport Method.

  2. The Broker stub requires the IP address and the TCP port number (if the Broker's default TCP port number 1971 cannot be used) for each BROKER-ID. Either add an entry in the Domain Name System (DNS) or modify your local hosts and services tables. See Modifying the Hosts and Services Tables.

    You can check whether the Broker has already been added to your DNS with the command:

    ping <broker-id>

    for example: ping ETB001. If a message such as "...is alive" or "Reply from ..." is displayed (the text displayed varies depending on your ping implementation), the name is known to your DNS and the host where the Broker is running is reachable. However, this does not necessarily mean that the Broker is active.

Using SSL or TLS as Transport Method for the Broker Stub

Note:
The SETSSLPARMS function must contain the subparameter VERIFY_SERVER=N, unless the common name of the server certificate matches the Broker name. Otherwise, the connection will be refused.

Example:

TRUST_STORE=C:\SoftwareAG\EntireX\ExxCACert.pem&VERIFY_SERVER=N

Start of instruction setTo use Secure Sockets Layer

  1. To operate with Secure Sockets Layer, certificates need to be provided and maintained. Software AG provides default certificates, but we strongly recommend that you create your own, for example, with the OpenSSL toolkit. The certificates must be installed locally with the EntireX Broker Stub.

  2. Set the value SSL as part of the Broker ID (see the field BROKER-ID in the ACI control block, see also Using the Broker ID in Applications) and set the SSL parameters (see Setting SSL or TLS Parameters). Example: localhost:1958:SSL.

    The SSL parameters can be specified with the FCT_SETSSLPARMS call type for ACI programs, or they can be appended with a "?" to the broker ID (Java stub).

  3. The Broker stub requires the IP address and the SSL port number for each BROKER-ID. Either add an entry to the Domain Name System (DNS) or modify your local hosts and services tables. See Modifying the Hosts and Services Tables.

    The default port number is 1958.

    You can check whether the Broker has already been added to your DNS with the following command:

    ping <broker-id>

    for example: ping ETB001. If a message such as "...is alive" or "Reply from ..." is displayed (the text displayed varies depending on your ping implementation), the name is known to your DNS and the host where the Broker is running is reachable. However, this does not necessarily mean that the Broker is active.

Setting SSL or TLS Parameters

Enter the SSL parameters as follows: <keyword>=<value>. Parameters are separated by "&".

Example code:

C:\SoftwareAG\EntireX\examples\ACI\conversational\C\convSvr -blocalhost:1958:SSL -cACLASS -sASERVER -vASERVICE -x
"VERIFY_SERVER=N&TRUST_STORE=C:\SoftwareAG\EntireX\etc\ExxCACert.pem"
Warning:
If stub tracing level is > 1, unencrypted contents of the send/receive buffers are exposed in the trace.

For information on the parameters see Running Broker with SSL or TLS Transport under z/OS | UNIX | Windows.

Setting the Timeout for the Transport Method

The timeout settings of the transport layers are independent of the broker's timeout settings, which are set by the application in the WAIT field of the broker ACI control block.

If the transport layer is interrupted, communication between the Broker and the stub (i.e. client or server application) is interrupted as well. To prevent a client from waiting for a Broker reply indefinitely, set a timeout value for the transport method. The actual timeout for the procedure is then the Broker timeout (which is set by the application in the field WAIT (see Broker ACI Fields) plus this value.

Start of instruction setTo set a transport timeout value

Limiting the TCP/IP Connection Lifetime

With transport methods TCP/IP and SSL, the broker stub establishes one or more TCP/IP connections to the brokers specified with BROKER-ID. These connections can be controlled by the transport-specific CONNECTION-NONACT attribute on the broker side, but also by the transport-specific environment variable ETB_NONACT on the stub side. If ETB_NONACT is not 0, it defines the non-activity time (in seconds) of active TCP/IP connections to any broker. See ETB_NONACT under Environment Variables in EntireX. Whenever the broker stub is called, it checks for the elapsed non-activity time and closes connections with a non-activity time greater than the value defined with ETB_NONACT.

Transport Non-activity Value Description
0 Infinite lifetime until application is stopped.
n (seconds) Transport connections with non-activity time greater than n will be closed.
Nothing set Transport connections with non-activity time greater than 300s (default) will be closed.

Modifying the Hosts and Services Tables

Start of instruction setTo add an entry to the hosts table

Start of instruction setTo add an entry to the services table

Top of page

Tracing for Broker Stubs

The broker stubs provide an option for writing trace files.

Start of instruction setTo switch on tracing for the broker stub

If the trace level is greater than 1, unencrypted contents of the send/receive buffers may be exposed in the trace.

Trace output, file <thread-id>.etb, is written to the trace directory. The location of the trace file depends on the settings of environment variable %USERPROFILE%, for example:

C:\Documents And Settings\<UserName>\My Documents\Software AG\EntireX

See Trace Directory.

Remember to switch off tracing to prevent trace files from filling up your disk.

Start of instruction setTo switch off tracing for the broker stub

Top of page

Support of Clustering in a High Availability Scenario

EntireX Broker supports clustering in a high-availability scenario, using the environment variable ETB_SOCKETPOOL. See Environment Variables in EntireX. This section covers the following topics:

See also High Availability in EntireX.

Introduction

A TCP/IP connection established between stub and broker is not exclusively assigned to a particular thread. With multithreaded applications, two or more threads may use the same connection. On the other hand, if a connection is busy, another new one is created to exchange data.

In order to access the same broker instance in a clustering environment, an affinity between application thread and TCP/IP connection is needed to always use the same connection within an application thread. Therefore, an environment variable is evaluated to control the handling of TCP/IP connections.

If environment variable ETB_SOCKETPOOL is set to "OFF" (ETB_SOCKETPOOL=OFF), an affinity between threads and TCP/IP connections is established. All requests to one particular broker will use the same TCP/IP connection. ETB_SOCKETPOOL controls all TCP/IP connections.

Exceptions

Broker attribute CONNECTION-NONACT is used by the broker to close TCP/IP connections after the elapsed non-activity time. Omit this attribute to keep the TCP/IP connection alive.

Default

ETB_SOCKETPOOL=ON is the default setting. In this case, an established broker connection can be used by any thread if the connection is not busy.

Top of page