Configure an addtional Notes port on a server
Daniel Nashed – 10 May 2025 15:51:34
The previous blog post was more dealing with the background about having a second Notes TCP/IP port.
This post focuses to setup a new Notes port end to end using the DNUG Lab environment as an example.
The server I am configuring has two separate IP addresses on two different network cards.
But the same procedure would also work with IP addresses in the same network.
Some of the settings have to be specified via notes.ini directly.
Other settings can be configured in the UI, but result in notes.ini settings.
In my example I am using a public (159.69.82.118) and a private IP address (10.0.0.3).
The ports notes.ini setting can be managed with the port configuration in admin client - similar to how you configure your local Notes client port.
The dialog is a bit hidden in the admin client.
Open the admin client and switch to the "Configuration" tab
In the menu select "Configuration -> Server -> Setup ports ..."
After configuring the port the Notes.ini settings "ports" will contain two ports:
ports=TCPIP,TCPIP-LOCAL
Each port gets basic settings set automatically using the dialog.
The first line contains the settings for the port. The last part of it are option bits containing port compression and encryption settings.
The second line contains the connection timeout also specified in the UI.
TCPIP=TCP, 0, 15, 0,,45088
TCPIP_TcpConnectTimeout=0,30
TCPIP-LOCAL=TCP,0,15,0,,45056
TCPIP-LOCAL_TcpConnectTimeout=0,30
Complete Notes port settings for hosting multiple ports
Because both ports by default use port 1352, you now have to bind each port to a specific IP address.
In this case we are assigning the public IP to the standard "TCPIP" port and the local IP to Port "TCPIP-LOCAL".
The prefix for all those parameters is always the port name you selected.
It's a bit confusing because the standard port itself is named "TCPIP" as well.
TCPIP_TcpIpAddress=0,159.69.82.118
TCPIP-LOCAL_TcpIpAddress=0,10.0.0.3
Specify the port used for internet protocols
Once you have another port you want to make sure Internet traffic is send thru the external port by specifying the following notes.ini parameters.
SMTPNotesPort=TCPIP
POP3NotesPort=TCPIP
LDAPNotesPort=TCPIP
IMAPNotesPort=TCPIP
Set the cluster port
In a cluster environment you should also set the default port for cluster traffic to our new local port.
Server_Cluster_Default_Port=TCPIP-LOCAL
Check and complete port settings in server document
The server document contains a list of ports.
The driver will be filled by AdminP. But the other settings need to be completed manually.
Each port should map to a Notes named network (NNN), which should be the same for the same type of port for all servers connected very close to each other -- for example in the same LAN or cluster.
Servers in the same NNN see each other and can route mail without connection documents.
But usually I would recommend creating connection documents for each server to be in full control.
Start/restart ports or better restart server
Restarting a port to bind it only to one IP is tricky.
You can stop and restart ports. But usually it is easier to restart your server.
Check port availability
First run "show port TCPIP-LOCAL".
If the port is not yet started try to start it manually:
start port TCPIP-LOCAL
Once the port is enabled on multiple servers, you can trace the connection.
The extended syntax uses the port delimiter "!!!"
The full path to a database is port!!!server!!db.nsf
Ports are usually omitted and the server chooses the right port or only has one port.
But this syntax also works when tracing connection
trace TCPIP-LOCAL!!!linus.lab.dnug.eu/dnug-lab
Connection documents
Connection documents contain the port to use for the connection. Usually you see "TCPIP" in those connection documents when only one port is available.
Now you can switch connection document to the new local port to use the local connection between servers.
TCP/IP Settings for IPv6
Running IPv6 introduces additional challenges and would be for another blog post.
But here is the basic information for IPv6, which can also assigned to separate ports.
With one Notes port you would only need to enable IPv6. But with multiple ports you will also need to bind the IP to separate ports.
https://help.hcl-software.com/domino/14.0.0/admin/plan_examplesofusingnotesinivariableswithipv6_c.html
- Comments [2]
![[HCL Domino]](../lotus-domino.gif){kind=small}
![[Domino on Linux]](../domino-linux.gif){kind=small}
![[Nash!Com]](../nashcom.gif){kind=small}
![[Daniel Nashed]](../daniel-nsh.gif){kind=small}
1Friedhelm Klein 12.05.2025 13:22:12 Configure an addtional Notes port on a server
Thanks Daniel,
the triple-!!! delimiter was new to me.
Btw: In my oppinion is a very stupid thing to name Domino Servers with a hostname as you did in linus.lab.dnug.eu/dnug-lab. Instead, the server should be named just "linus" and "lab.dnug.eu" should be set as default dns suffix for the network ports.
In 12.0.x a dot in server names were unsupported (requires a notes.ini parameter).
In my 30 years of Domino administration, way more hosts changed their host domains than Domino server changed their Domino name. Every 10 to 20 years companies tend to change their name and establish new domain names - like my company will be doing on August 1st.
I also had customers who tried to get rid of entire DNS branches but could not, because an admin in the past used the FQHN as Domino Server name. Since there is no way to rename an existing Domino server, you are f***ed up and forced to migrate to another server. Without the domain part in the Domino server name, you simply change the default DNS suffix and you're done.
Regards
Friedhelm
2Friedhelm Klein 12.05.2025 13:26:41 Configure an addtional Notes port on a server
PS: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0111664
3Daniel Nashed 12.05.2025 19:28:26 Configure an addtional Notes port on a server
@Friedhelm, the server naming really depends on what you are trying to do.
If you are operating in the internet and you don't control everones search domains, using a FQDN is a good idea.
In a corporate environment that's different.
In the early days the admin who ran the EMEA servers running the business partner forum did a research what takes most support tickets.
George found out that most of their tickets have been about DNS name resolution on the internet.
That was a different time but still domain search are difficult to handle for people.
You would need a connection document instead.
Using a FQDN makes you just use DNS for your server name.
At the time George Chiesa took a even wilder approach. He used the IP address of the servers as their CN....
The naming conventions change was put in place because some customer complained and someone was even smarter to "fix" it, by default.
The default on for the parameter ADMIN_IGNORE_NEW_SERVERNAMING_CONVENTION to on has been reverted!
I am personally a fan of FQDNs for Domino servers on the internet.
But I agree that they are not a good ideal in the corporate world.