Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentNETWORK SATELLITE SERVER 4.0

Table 2.4 . Ports to ope n on t he Sa te llit e

Port Protocol Direction Rea son

67 TCP/UDP Inbound Open this port to configure the Satellite system as a

DHCP server for systems requesting IP addresses.

69 TCP/UDP Inbound Open this port to configure Satellite as a PXE server

and allow installation and re-installation of PXE-boot

enabled systems.

80 TCP Outbound Satellite uses this port to reach Red Hat Network.

80 TCP Inbound Web UI and client requests come in via http.

44 3 TCP Inbound Web UI and client requests come in via https.

44 3 TCP Outbound Red Hat Network Satellite uses this port to reach

Red Hat Network (unles s running in a disconnected

mode for Satellite).

4545 TCP Inbound and

Outbound

Red Hat Network Satellite Monitoring makes

connections to rhnm d running on client sys tems, if

Monitoring is enabled and probes are configured for

registered systems.

5222 TCP Inbound If you plan to push actions to client systems.

5269 TCP Inbound and

Outbound

If you push actions to or via an Red Hat Network

Proxy Server.

RHN's list of hosts are as follows:rhn.redhat.com, xmlrpc.rhn.redhat.com, s atellite.rhn.redhat.com,

content-xmlrpc.rhn.redhat.com, content-web.rhn.redhat.com, and content-s atellite.rhn.redhat.com

DMZ Proxy Solution

Unless the Satellite server is in disconnected mode, it needs to initiate outbound connections on

ports 80 and 443 to the Red Hat Network (RHN) Hosted service (rhn.redhat.com ,

xmlrpc.rhn.redhat.com , and satellite.rhn.redhat.com ). To ensure correct functioning

of the s atellite system, do not res trict access to thes e hosts and ports. If required, an http or https

proxy can be used, by iss uing the satellite-sync --http-proxy command.

The Satellite server needs to allow inbound connections on ports 80 and 4 43 from client s ystems

and any RHN Proxy servers connected to the Satellite, as well as any system that needs to access

the Satellite Web UI. WebUI and client requests come in via either http or https.

The RHN monitoring functionality requires outbound connections to individual monitoring-enabled

client systems on port 4545. RHN Satellite monitoring makes connections to rhnm d running on client

systems if monitoring is enabled and probes are configured for registered systems.

The RHN push functionality requires both outbound and inbound connections on port 5269 to and

from each registered RHN Proxy server with RHN push functionality enabled. This is used for two-

way communications between the jabberd s ervice on Satellite and Proxy, respectively. In addition, it

needs to allow inbound connections on port 5222 from client systems directly registered to the

Satellite. This is used for one-way (client to server) communications between the osad service on

client systems and the jabberd service on the Satellite.

Synchronized System Times

There is great time sensitivity when connecting to a Web server running SSL (Secure Sockets Layer);

it is imperative that the time settings on the clients and server be reas onably close together so the

SSL certificate does not expire before or during use. For this reason, Red Hat requires the Satellite

and all client systems to use Network T ime Protocol (NTP). T his also applies to the separate

database machine in RHN Satellite with Stand-Alone Database, which must also be set to the same

time zone as the Satellite.

Setting System Language and Locale

You should properly set the UT F-8 encoding for your language and locale on your RHN Satellite

system via the /etc/sysconfig/i18n file. T he LANG setting in the file must be in the following

format:

LANG="[language_TERRITORY].UTF-8"

The language and TERRITORY are entered as two-letter codes. For example if your language is

English and your locale is the United States, you set your LANG setting to en_US.UT F-8.

Fully Qualified Domain Name (FQDN)

The system upon which the RHN Satellite will be installed must resolve its own FQDN properly. If this

is not the case, cookies will not work properly on the website.

Note

It is important that the hostname of a Satellite contains no uppercase letters. A hostname that

includes uppercase letters can cause jabberd to fail.

If, at any point, you need to change your Satellite hostname, refer to Section 8.7, “Changing the

Satellite Hostname”.

Functioning Domain Name Service (DNS)

For the RHN Satellite's domain name to be resolved by its clients , it and they must all be linked to a

working DNS server in the customer environment.

An Entitlement Certificate

The cus tomer will receive, via email from the s ales representative, a signed Entitlement Certificate

explaining the services provided by Red Hat through RHN Satellite. This certificate will be required

during the installation proces s.

If you do not have an Entitlement Certificate at installation time, contact Red Hat Global Support

Services at:

https://www.redhat.com/apps /support/

A Red Hat Network Account

Customers who connect to the central Red Hat Network Servers to receive incremental updates must

have an external account with Red Hat Network. This account should be set up at the time of

purchase with the sales representative.

Warning

Do not subscribe your RHN Satellite to any of the following child channels available on RHN

Hosted:

Red Hat Developer Suite

Red Hat Application Server

Red Hat Extras

Subscribing to these channels and updating your Satellite may install newer, incompatible

versions of critical software components, causing the Satellite to fail.

Backups of Login Information

It is imperative that customers keep track of all primary login information. For RHN Satellite, this

Chapter 2. Requirements