Manager Node Ports
The manager nodes have multiple ports for client application connections, system management connections, and connections to external services. The Manager nodes firewall is configured to allow these connections. To make changes to the manager node firewall settings, contact Technical Support; do not attempt to make changes to the firewall settings yourself.
Ports for Client Applications
All client application and user connections to Yellowbrick appliances occur only through the manager node via the following ports. (See also Opening Network Ports for Clients.)
| Port | Purpose | Protocol | Notes |
|---|---|---|---|
| 22 | ssh | TCP | Used for database upgrades and administration. |
| 80 | SMC | HTTP | HTTP server port |
| 8182 | SMC | HTTP | Internal port for SMC. External connections can be blocked. |
| 443 | SMC | HTTPS | TLS versions 1.1 and 1.2 only |
| 5432 | Yellowbrick database | TCP | Default port for database connections for all protocols: ODBC, JDBC, libpq, and so on. This port can be changed. |
| 11111 | ybtools control port |
TCP | Control port used for ybload, ybunload,
ybbackup, and ybrestore. |
| 11112 | ybtools control port |
TCP | Control port used when the --secured option is specified for
ybload, ybunload, ybbackup,
ybrestore. |
| 31000 and 31001 | ybtools data transfer |
TCP |
BMC Ports
The Baseboard Management Controller (BMC) is the lights-out management application for the manager nodes. It may be on the same or a different network from the manager nodes. Only Yellowbrick system managers should need access to the BMC.
| Port | Purpose | Protocol | Notes |
|---|---|---|---|
| 22 | ssh | TCP | Used for database upgrades and administration. |
| 80 | BMC Admin UI | HTTP | HTTP server port |
| 443 | BMC Admin UI | HTTPS | TLS versions 1.1 and 1.2 only |
| 5900 | BMC | TCP | Management port |
Connections to External Services
By default, the manager node attempts to connect to the following external services.
| Service | Host:port | Protocol | Purpose/Notes |
|---|---|---|---|
| DNS service | …:53 |
TCP |
|
| NTP time server service | time.nist.gov:123 |
UDP |
|
| Red Hat Subscription | subscription.rhn.redhat.com :443 |
TCP | Can be blocked; not needed. |
| Yellowbrick remote diagnostics (phonehome) | phonehome.yellowbrick.com:443 |
TCP | Only needed if phonehome is enabled; it is not enabled by default. See Remote Diagnostics for configuration instructions. |