USA +1 866 806 2068 | UK +44 203 1292 513 | JAPAN +81 3 45208991 担当:萩原 info@openlm.com

Managing licenses with the OpenLM Router – AN4051

The OpenLM Router module is peripheral to the OpenLM system. It was conceived through feedback received from trusted OpenLM customers, and facilitates a new set of capabilities for license managers such as:

  • Providing a single point of reference to all application clients when applying changes to the license server configuration
  • Applying rules and restrictions on license usage according to specific users, IP ranges and time of day. These rules may be applied to any type of license server.
  • Setting up a license server redundancy scheme.

How does it work ?

The OpenLM Router was initially designed to redirect license requests made by application users to their respective license servers. The Router’s method of employment is to intervene in the license request made by the application, en-route the license manager.

The Router’s environment

  • The OpenLM Router requires OpenLM Server version 3.1.
  • It is implemented as a Java application. Java 7 or higher is required.
  • The Router should reside on a stable machine in the organization’s network.
  • The OpenLM Router receives a transaction containing a source IP and port number. It propagates it to a specified target, bearing the destination IP and port numbers.
  • The OpenLM Router may apply various restrictions to the propagation of license requests made by clients to the license managers.
  • As it is a critical application, the OpenLM Router will normally be implemented with some redundancy, allowing one Router module to step in if another Router fails to transfer license requests

2015-12-01 14_30_56-Start

Licensing

The OpenLM Router is not a part of the basic OpenLM package. As such it requires additional licensing. In order to verify that your OpenLM Server supports this capability, please open the license file (normally located at: C:\Program Files (x86)\OpenLM\OpenLM Server\License) and make sure it contains the “FEATURE name=Router” entry.

OpenLM Router installation (Windows)

1. Download the latest version of the OpenLM Router from the OpenLM website.

2. Click the .EXE file to launch the installation wizard.

3. During the installation process, you will be prompted to set up the hostname and API port number of your OpenLM Server (e.g. localhost and 7022 respectively).

3a. Its is possible to change the OpenLM server name and port later. Please refer to this document for more information: OpenLM Port numbers – AN4017

3b. It is also possible to switch to secured (SSL) communication between the OpenLM Server and Router. Please find a detailed explanation on this further below.

4. Follow the installation wizard to its completion.

5. Open the ‘Services’ window, select the OpenLM Router service and start it manually.

EasyAdmin configuration

Open the OpenLM EasyAdmin web interface by typing “http://My_OpenLM_Server_Name:7019/EasyAdmin2/index.html” on your browser. Click ‘Start’ → ‘Administration’ → “Router Management”.

2015-12-01 14_31_50-Start

The Router Management window opens.

Adding Router groups

“Router groups” represent groups of routers that are configured identically, in order to support routing redundancy schemes. This is in accord with the requirement to keep this critical application active, and provide license requirement transactions active at all times.

In order to configure a router group, open the “Router Management ” window (see above). Under the Router Groups tab, click the ‘Add’ icon. Provide a Router group name (e.g. group1) and click save.

Adding members to Router groups

2015-12-01 14_32_20-Start

Under the Router Groups tab select the group of interest (e.g. group1).

Select the ‘Routers’ tab on the bottom half of the  “Router Management ” window.

Click the ‘Add’ button, and type in the information regarding the new OpenLM Router module’s location. These include:

  • Router module’s group membership
  • OpenLM Router Hostname and IP

Note: When a router is initially configured to interface a specific OpenLM Server, the Router’s IP will be presented in that OpenLM Server’s EasyAdmin start → Widgets → Alerts window.

2015-12-01 14_32_39-Start

  • Enabled (set by default). Clear this box to disable this Router module
  • Description: An optional short verbal description.
  • Activity log interval (default 30 sec)- The rate at which the Router reports its activity to the OpenLM Server
  • Keep alive interval (default 60 sec) – The rate at which the Router sends heartbeat messages to the OpenLM Server
  • Statistics interval (default 300 sec) – The rate at which the Router accumulates transfer routing statistics.

Setting up routing rules

2015-12-01 14_33_04-Start

Still in the “Router Management ” window, select the “Route instructions” tab. Click the ‘Add’ button and set up the routing rules to be performed by each router group:

  • Router Group Name: Group to which the routing rule applies
  • Enabled (set by default). Clear this box to disable this routing rule
  • Client IP Range: The IP range to which a client addresses a license request. The OpenLM Router should route this IP to the Target IP.
  • Listener port: The client port to which a client addresses a license request. The OpenLM Router should redirect this request to the Target port.
  • Listener Protocol (TCP / UDP. Default: TCP): Different license managers use different communication protocols, e.g. FlexLM uses TCP, Sentinel RMS uses UDP.
  • Target host: the hostname or IP and the port to which license requests would be routed. It is possible to configure more than one host+port configuration, thus implementing a multi-server redundancy environment. See more about that below.
  • Application name: This is a descriptive free text field.
  • User / Group: This is also a descriptive free text field.
  • Allow (Allow/Block. Default: Allow). Allow or block the routing as described in the routing rule. Note that ‘Block’ has a higher priority. If a license request matches two instructions, one of which dictating ‘Block’, the request will not be routed.
  • Period Limit:a time frame for which the rule will be applied. Clicking the textbox will open a form for introducing this information. For example, in the image below the rule is applied between 00:30 and 02:00.

2015-12-01 14_33_28-Start

Multiple server redundancy

The OpenLM Router is able to accommodate a multiple-server redundancy scheme. It observes the activity of each license server, and routes the license requests to active license servers according to a predefined order. See the image below for clarification:

2015-12-01 14_33_44-Start

According to this example, clients’ license requests will be first directed to server win10b, port 710. If the OpenLM Router detects no indication activity from that socket, it will direct license requests to the next listed server; server2012x64 port 300. Please note that multiple  server redundancy will only be available for license server types that base their communication on the TCP/IP protocol (e.g. Flexnet). Multiple server redundancy for UDP based License servers (e.g. Sentinel RMS) is currently not supported.

Accessing the OpenLM Router over secure communication (SSL)

Communication between the OpenLM Server and OpenLM Router may be conducted over SSL secure connection. This would require the following steps, some of which may require consulting your system administrator:

1. IIS

Make sure IIS is installed on the OpenLM Server machine. You can do that by attempting to browse to the localhost URL (http://localhost/). If it is not installed, you may follow the instructions on this post to install it.

2. Certificate

Install a valid Certificate in IIS or the OpenLM Server’s Local Computer trust store. The OpenLM Router will not work with self-signed certificates.

3. Binding certificate to router port

Open the Internet Information Services (IIS) Manager. Select “Default Web Site” and  click “Bindings…” on the “Actions pane”. Add a new binding for the router port. The binding type should be HTTPS, and the default port number for OpenLM Router connection is 7022. Select the valid certificate that was installed above.

4. OpenLM Router port

The OpenLM Router port can be set on the OpenLM Server configuration tool, under the “Port settings” tab. The default port number is 7022. This number may be changed, but needs to be the same as in the “Binding certificate” item above. Check the ‘Use SSL’ box to enable SSL communication. See the image below for clarification:

2015-12-01 14_34_02-Start

5. OpenLM Router SSL configuration

Now you need to configure the OpenLM Router to communicate over secure connection. Double click the OpenLMRouterService.exe icon. The “OpenLM Router properties” window opens. Select the Startup tab.

5a. In the ‘Arguments’ text box edit the -log URL line; replace the http address with your OpenLM Server machine name, with an https header. This indicates the OpenLM Server machine that would control the OpenLM Router. See example below “https://OLMServer:7022/OpenLM.Server.Services/RouterAPI

5b. It is possible to specify the IP of a preferred network adapter on the OpenLM Router machine. See example 192.168.0.100 below. The Router will consequently only serve clients addressing the specified network adapter. ‘localhost’ and other IP addresses of the same server will NOT be served.

Click ‘Apply’ and ‘OK’.

2015-12-01 14_34_18-Start

6. Service

Stop and start the OpenLM Router service to apply the new URL.

Upgrading the OpenLM Router to a newer version

Every now and then OpenLM will publish new OpenLM Router versions, to provide enhancements and fixes to previous versions. As there is currently no installer provided with the software, the upgrade needs to be performed manually. This process runs as follows:

1. Stop the OpenLM Router service

2. It is optional (but by no means necessary) to copy and make use of the following files:

2a. data folder: Keep the content of the local usage messages queue to the OpenLM Server

2b. the x64 or x86 folder: in case the user has chosen to change the OpenLM Server host in the batch script

2c. conf.xml: local backup copy of the router instructions to run even if OpenLM has been stopped

2d. log4j.properties – custom configuration of logging

3. Click the “Uninstall Service.bat” icon. The OpenLM Router service will disappear from the Services list.

4. Delete the OpenLM Router directory.

5. Install the new version of the OpenLM Router as described in this document.

OpenLM Router logging.

Following the configuration above, routing should take place between the clients requesting licenses, and the License server granting those licenses.

The OpenLM Router logs this activity in a log file. This log is located by default in the ‘openlm-router’ installation directory. This is the ‘lsh-router.log’ file.

If you have any further questions regarding the OpenLM Router, its configuration and performance – please feel free to address the OpenLM Support team (support@openlm.com), zip and attach the log folder and we’ll be glad to assist.