KBEC-00041 - ElectricFlow TCP port usage - diagram and descriptions

Description

Customers may frequently have firewalls between the many ElectricFlow components, especially in large, multi-geographical deployments. This diagram and table describes all TCP ports used in an ElectricFlow installation. You can click on the below image to enlarge the diagram.

Normally the Server opens up a port for listening and the client connects to the port to make requests.

This table summarizes TCP port usage

TCP Port Description Server Client Encryption Comment
22 Universal (proxy) agent proxy agent proxy target SSL encrypted by default default when used
25 mail SMTP mail server Flow Server   default
80 web browser Apache user Clear text  
138 SMB/CIFS Workspace Storage Flow Agent/Apache   optional
139 SMB/CIFS Workspace Storage Flow Agent/Apache   optional
389 Active Directory or LDAP server Active Directory or LDAP Flow Server   default
443 web browser Apache user Server configurable, SSL encrypted by default  
445 SMB/CIFS Workspace Storage Agent/Apache   optional
465 mail SSMTP mail server Flow Server   default
636 Active Directory or LDAP server Active Directory or LDAP Flow Server   default
1433 database SQL Server Flow Server   default when used
1521 database Oracle Flow Server   default when used
2049 NFS Workspace Storage Flow Agent and Apache   optional
3306 database MySQL Flow Server   default when used
6800 Local Agent Apache/Repo server Flow Agent Agent configurable default added in 4.2
7800 Access to Agent Flow Server / Gateway Agent Flow Agent / Gateway Agent Agent configurable, encrypted by default

default

must be open bidirectionally

8000 Access to Flow Server Apache/ectool/Perl API/Agent Flow Server   Must be open for agent installations that register resource
8200 Repository server User Repository server SSL encrypted by default default added in 4.0
8443 Access to Server (SSL) Flow Server Apache/ectool/Perl API Server configurable - SSL encrypted by default

 If a step running in agent has ec-perl or ectool commands , then the request is sent to https://<ELECTRIC_FLOW_SERVER>:8443/commanderRequest

A step running in agent will not complete unless 8443 is opened from agent back to Flow server. The agent has to send the <finishCommand> to Flow server port 8443 , to notify that the server of the outcome of the step run ( success or failure)  .

61613 Preflight file transfer Flow Server / Gateway Agent user/Agent/Gateway Agent encrypted using stomp+SSL

optional

Must be bi-directional if need to transfer files from A to B and B to A

 

5445 Hornetq / ActiveMQ Only when Flow Server is clustered Peer Flow Server in the cluster  

Only when Flow Server is clustered

5446-5449 JGroups Only when Flow Server is clustered Peer Flow Server in the cluster  

Only when Flow Server is clustered.

2 for TCP and 2 for Failure detection that accounts for the 4 JGroups ports.

8900 Database  MariaDB Flow Server  

Built-in database in Electric Flow Server 8.3 onwards

9200 DevOps Insight Server Ports DevOps Insight Server     

DevOps Insight server to retrieve data from Elasticsearch

9300   Only when Elasticsearch service is clustered Peer Elasticsearch in the cluster   Used by the Elasticsearch service for internal communication between nodes within the Elasticsearch cluster
9500   Logstash Flow Server   Logstash to receive data from ElectricFlow
9600   Logstash     Used by the Logstash service for the Logstash monitoring APIs

Resolving port conflicts

Windows

From a cmd.exe prompt, use

"netstat -ab"

to show all the current used ports and the executable using the port.

Linux

From a shell prompt, use

"netstat -ap"

to show all the current used ports and the executable using the port.

Applies to

  • Product versions: All
  • OS versions: All

 

Have more questions? Submit a request

Comments

Powered by Zendesk