Opening Network Ports for Clients
The Yellowbrick client applications (ybtools) run on customer computers
and need to communicate with Yellowbrick instances in order to send or receive data, using
the customer's existing network infrastructure.
Connection Refused: the firewall rejected the traffic and sent a response to the client indicating that it was rejected.Connection Timeout: the firewall dropped the traffic without sending a response to the client.
Configure the network firewall to allow traffic from the client computer to the cluster on these ports (for example, by opening up the ports using source and destination filters in routing tables). The corporate IT staff should be familiar with this process and should only need to be informed about the port requirements listed on this page. In most cases, a VPN should not be necessary to send Yellowbrick client traffic through corporate firewalls.
Yellowbrick client tools communicate with the cluster by specifying both a host (instance
name or YBHOST value) and port 5432
(YBPORT), which cannot be changed.
SSL-only mode is used for client connections.
All client application and user connections to Yellowbrick instances occur via the following reserved ports.
| Port | Purpose | Protocol | Notes |
|---|---|---|---|
| 80 | CDWM/Yellowbrick Manager | HTTP | HTTP server port (redirects to 443) |
| 443 | CDWM/Yellowbrick Manager | HTTPS | TLS versions 1.1 and 1.2 only |
| 5432 | Yellowbrick database | TCP | Default port for database connections for all protocols: ODBC, JDBC, libpq, and so on. |
| 11111, 11112 | ybtools control port |
TCP | Control ports used for ybload, ybunload,
ybbackup, and ybrestore. (11111 redirects to
11112.) |
| 31000 and 31001 | ybtools data transfer |
TCP | 31000 and 31001: two ports for sending and
receiving data (used by ybload, ybunload,
ybbackup, ybrestore, and so on) |