Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

VIP and SMS TCP/IP Configuration Questionnaire

advertisement 
Visa Europe
TCP/IP Questionnaire for Extended
Access (EA) Servers
Version 1.2
Table of Contents
TABLE OF CONTENTS ------------------------------------------------------------------------------------------2
1.0
1.1
1.2
2.0
2.1
2.2
INTRODUCTION ----------------------------------------------------------------------------------------3
Scope ------------------------------------------------------------------------------------------------ 3
Points to Note -------------------------------------------------------------------------------------- 3
BASIC NETWORK PARAMETERS -----------------------------------------------------------------4
Single Mode Installation ------------------------------------------------------------------------- 4
Dual Mode Installation --------------------------------------------------------------------------- 5
3.0
UI CONFIGURATION ----------------------------------------------------------------------------------6
4.0
EMS CONFIGURATION -------------------------------------------------------------------------------7
5.0
EFS CONFIGURATION --------------------------------------------------------------------------------8
6.0
RESERVED PORT NUMBERS -----------------------------------------------------------------------9
7.0
APPENDIX A -------------------------------------------------------------------------------------------- 11
Definitions and Acronyms ------------------------------------------------------------------------------ 11
2
1.0
Introduction
The Visa Extended Access Server (EAS) is a Sun platform located at Member processing/data
centres. The EAS is the Member’s gateway into the Visa Europe processing environment and
is used for authorisation as well as clearing and settlement traffic.
1.1
Scope
This document/questionnaire is intended to gather required information from Members in
order for Visa Europe to correctly configure EA Servers at Member processing/data centres.
Requested information is split into the following areas:




1.2
Basic Network Parameters
UI Configuration
EMS Configuration
EFS Configuration
Points to Note
This section details general points for Members to note when completing this document.
Taking note of these points will enable Visa Europe to configure Member EA Servers in an
accurate and efficient manner.



Members are requested to avoid using IP addresses in the 10.220.0.0 – 10.222.0.0
range.
The EA Server operates using static routing. These routes are Member defined in
later sections of this document. EA Servers cannot operate with any dynamic routing
protocols.
Visa Europe NICs will be identified as ‘bge0’, whilst Member side interfaces are
identified as ‘bge1’.
3
2.0
Basic Network Parameters
The EA Server can be installed in one of 2 modes, which are ‘single’ and ‘dual’. Members
with servers to be installed in single mode should only complete section 2.1, whilst Members
whose servers are to be installed in dual mode should only complete section 2.2. If in doubt
about which of these modes the server(s) will be installed in please contact your Visa Europe
representative.
2.1
Single Mode Installation
A single mode installation may well have multiple EA Servers. However, each of these
servers will have unique IP addresses and station IDs. If multiple EA Servers are to be
installed at your site in single mode then one copy of the TCP/IP questionnaire should be
completed for each server.
Table 2.1 – Server Parameters
EAS IP address (bge1)
Subnet mask (bge1)
Bandwidth <Auto/10/100Mbps> (bge1)
Duplex <Auto/Full/Half> (bge1)
Adapter parameters
.
.
.
.
.
.
4
2.2
Dual Mode Installation
EA Servers acting in dual mode will share a virtual, or floating, IP address. The pair of
servers will have identical station IDs, but unique physical IP addresses. When
communicating with servers in dual/failover mode Members should use the assigned
Virtual/floating IP address. TCP sessions for authorisation, or clearing and settlement, data
will not be accepted to the physical server addresses.
Table 2.2 – Primary Server Parameters
EAS IP address (bge1)
Subnet mask (bge1)
Bandwidth <Auto/10/100Mbps> (bge1)
Duplex <Auto/Full/Half> (bge1)
Virtual/Floating IP address:
Adapter parameters
.
.
.
.
.
.
.
.
.
Table 2.3 – Secondary Server Parameters
EAS IP address (bge1)
Subnet mask (bge1)
Bandwidth <Auto/10/100Mbps> (bge1)
Duplex <Auto/Full/Half> (bge1)
Virtual/Floating IP address:
Adapter parameters
.
.
.
.
.
.
.
.
.
Table 2.4 – Failover Parameters
ICMP Enabled?
IP Multicast Enabled?
Parameters
<Y/N>
<Y/N>
For information regarding failover parameters please see the Visa Europe document entitled
‘Managing Failover for Extended Access (EA) Servers’, which can be obtained from your
Visa Europe representative.
5
3.0
UI Configuration
Members have the ability to remotely connect to the EA Server via a browser for management
and monitoring.
The URL for Members to use in order to access the EA Server UI is:
https://server_ip_address:9443/edgeui
Where ‘server_ip_address’ is the IP address of the EA Server. Members can use either
floating/virtual IP address (if servers are in dual/failover mode) or the physical IP address of
the server in question to access the device. By default access is currently granted on TCP port
9443. This is a configurable parameter and can be set to an alternative value upon request.
A username and password will be provided by the Visa Europe Network Representative. This
initial password will provide Members with the ability to administer usernames and
passwords for EAS access via the UI.
Members who have servers in dual/failover mode may use either the virtual/floating IP
address or the physical addresses of the servers to gain access to the UI.
Members should note that usernames and passwords are unique on each EA Server, even
when they are part of a dual/failover configuration.
Table 3.1 – UI Configuration Parameters
Endpoint Host UI IP
Address
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Endpoint Host UI
Gateway IP Address
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
*Note: Addresses in table 3.1 above should be host addresses and not subnet addresses.
Additional rows may be added to the above table if required.
6
4.0
EMS Configuration
Traditionally referred to as ‘BASE I’ or ‘VIP’, the EMS (EA Messaging Service) section of
this document requests information regarding connections from Member host systems to the
EA Server.
Members must provide host IP addresses and TCP port numbers in the table below for each
TCP session which will be established to the EA Server. Each station may have multiple
TCP sessions. The EA Server includes a firewall component, which will reject any EMS TCP
sessions not specified in Table 4.1 below.
Table 4.1 (EMS Parameters)
Host Station
Number
Session
Number
1
2
3
4
5
6
7
Host IP Address
EAS TCP
Port
Gateway
Address
Members should complete Table 4.1 for the sessions for each BASE I, VIP, SMS, or Visa
Auth’s host station that will be configured. If the host stations have not yet been assigned by
Visa Europe, then use: ‘station 1’, ‘station 2’, ‘VCMS’, ‘VTS/3’, etc.
Additional rows may be added to Table 4.1 if required.
7
5.0
EFS Configuration
Traditionally referred to as ‘BASE II’ or ‘Clearing and Settlement’ the EFS section of this document requests information regarding file transfer services
between the EAS and the Member’s host systems.
Once again Members should enter host IP addresses rather than using subnet ranges. Additional rows may be added to Table 5.1 if required.
Table 5.1 – FTP Parameters
FTP IP Address
FTP Gateway
Address
Active or
Passive FTP
FTP
Control
Port
FTP
Active
Port
NAT’d IP
address (for
passive FTP)
.
.
.
.
.
.
<Active>*
<21>*
<20>*
.
.
.
Control
Connection
Timeout
(secs)
<900>*
.
.
.
.
.
.
<Active>*
<21>*
<20>*
.
.
.
<900>*
<180>*
<1024/
1024>*
.
.
.
.
.
.
<Active>*
<21>*
<20>*
.
.
.
<900>*
<180>*
<1024/
1024>*
.
.
.
.
.
.
<Active>*
<21>*
<20>*
.
.
.
<900>*
<180>*
<1024/
1024>*
.
.
.
.
.
.
<Active>*
<21>*
<20>*
.
.
.
<900>*
<180>*
<1024/
1024>*
*Note: Values in brackets <> denote default values.
FTP
Passive
Port
Data
connection
timeout
(secs)
<180>*
Send/
Receive
Buffer Size
<1024/
1024>*
6.0
Reserved Port Numbers
The Extended Access (EA) Server reserves several ports for Visa Europe specific services.
These ports are not available for member use, and are as follows:
Port
53
111
123
389
670
1364
4018
5140
5432
8079
8415
9443
9463
9464
9465
9466
Service
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Peer Failover
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
HTTPS
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
9494
9495
9496
11090
11091
11091
12090
12091
13090
13191
13640
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
14090
50100
50111
50121
50100
51101
51121
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
Visa Europe Specific
File Services FTP
21 (control port)
20 (active data port)
11001 to 11010 (passive data
ports)
7.0
Appendix A
Definitions and Acronyms
Acronym
Definition
Active FTP
In active mode FTP the client connects from
a random unprivileged port (N > 1023) to the
FTP server's command/control port, port 21.
Then, the client starts listening to port N+1
and sends the FTP command PORT N+1 to
the FTP server. The server will then connect
back to the client's specified data port from
its local data port, which is port 20.
Identifies the NIC on the EAS used to
connect to Visa Europe
Identifies the NIC on the EAS used to
connect to Member networks.
Page: 11
Number of seconds the FTP control session
may be idle before session is timed out.
Number of seconds the FTP data session may
be idle before session is timed out.
Describes an EAS acting as part of a failover
pair of servers. The servers in the pair will
share access-point IDs, station IDs, and
virtual/floating IP addresses.
Extended Access Server. Visa Europe server
located at Member bank processing centres.
Used by Members to send/receive
authorisation and clearing and settlement data
to and from Visa Europe.
IP address of EAS NIC connecting to
Member’s network segment.
Page: 11
Destination TCP port for session
establishment
EA File Services. Clearing and
Settlement/File Transfer service running on
the EAS. Traditionally referred to as ‘BASE
II’.
EA Messaging Service. Service running on
the EAS, which handles ‘real-time’
authorisation traffic. Traditionally referred to
as ‘BASE I’.
Page: 11
IP address used by Members to connect to the
EAS UI.
See ‘Dual-Mode’
Virtual IP address used by a pair of EA
Servers configured in dual/failover mode.
bge0
bge1
Control Connection Timeout (secs)
Data connection timeout (secs)
Dual-Mode
EAS
EAS IP address (bge1)
EAS TCP Port
EFS
EMS
Endpoint Host UI IP Address
Failover-Mode
Floating IP address
FTP
FTP Active port
FTP Control Port
FTP Gateway Address
FTP IP Address
FTP Passive port
ICMP
IP Multicast
NAT
Passive FTP
Single-mode
Subnet Mask (bge1)
UI
All Member comm’s should be directed to
this floating IP address.
File Transfer Protocol. Protocol that allows
users to copy files between their local system
and any system they can reach on the
network
See ‘Passive FTP’
TCP port initially used by the client to
connect to the server via FTP. By default,
this is port 21.
Gateway IP address used to route to Endpoint
FTP host(s)
Page: 12
IP address(es) of Endpoint Host(s) which will
access EA Server FTP service. Input as
comma-separated list (eg. 10.1.1.1,
192.168.1.1, etc)
See ‘Passive FTP’
Internet Control Message Protocol, aka
‘ping’. ICMP is designed for sending control
and test messages across IP networks.
Bandwidth-conserving technology that
reduces traffic by simultaneously delivering a
single stream of information to multiple
recipients using a single destination IP
address.
Network Address Translation. NAT usually
operates on a router, usually connecting two
networks together, and translates the private
(not globally unique) addresses in the internal
network into legal addresses, before packets
are forwarded to another network.
In passive mode FTP the client initiates both
connections to the server, solving the
problem of firewalls filtering the incoming
data port connection to the client from the
server. When opening an FTP connection, the
client opens two random unprivileged ports
locally (N > 1023 and N+1). The first port
contacts the server on port 21, but instead of
then issuing a PORT command and allowing
the server to connect back to its data port, the
client will issue the PASV command. The
result of this is that the server then opens a
random unprivileged port (P > 1023) and
sends the PORT P command back to the
client. The client then initiates the connection
from port N+1 to port P on the server to
transfer data.
Describes EAS acting in a standalone role,
i.e. not part of a failover pair.
Page: 12
Subnet Mask relating to bge1
User Interface. This describes the browser-
12
URL
Virtual/Floating IP address:
based interface that both Members and Visa
Europe staff can use to monitor EA Servers.
Uniform Resource Locator. The address of a
specific web page.
See ‘Floating IP Address’
13
Related documents
APPLICATION FOR VISIT VISA WITH MULTIPLE ENTRY FACILITY
APPLICATION FOR VISIT VISA WITH MULTIPLE ENTRY FACILITY
Additional information for applying to Kings College
Additional information for applying to Kings College
registration checklist - London School of Hygiene & Tropical Medicine
registration checklist - London School of Hygiene & Tropical Medicine
HR24 Employee Induction Checklist
HR24 Employee Induction Checklist
1 Name of the Student Affix recent passport size photograph duly
1 Name of the Student Affix recent passport size photograph duly
Chapter 12: Labor Forces
Chapter 12: Labor Forces
MBF3C - msmccormick
MBF3C - msmccormick
Download
advertisement