Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[CSO] List of ports to be opened on CSO VMs and their functions

0

0

Article ID: KB34169 KB Last Updated: 26 Apr 2019Version: 1.0
Summary:

This article shares information about the ports that must be opened on all CSO VMs to enable the following types of CSO communication:

  • External: CSO user interface (UI) and CPE connectivity

  • Internal: Between CSO components

The provisioning tool opens these ports on each VM; however, if you provision the VMs manually, you must manually open the ports on each VM.

 

Symptoms:

The following questions are addressed in this article:

  • I am unable to add on-premise spoke side, how do I make sure I have all required ports opened for communication?

  • What are the functions of a specific port?

 

Solution:

The list of ports to be opened on all CSO VMs is as follows:

 
Port CSO Communication Type Port Function
22 External & Internal SSH
53 External & Internal DNS
80 Internal HAProxy
83 External Network Service Designer
123 External & Internal NTP
179 External BGP for VRR
443 External & Internal HTTPS, including Administration Portal and Customer Portal
444 NFX250 spokes only Telemetry-agent in JDM
514 Internal Syslog receiving port
1414 Internal Cassandra Java Virtual Machine (JVM)
1936 External HAProxy status page
1947 External Icinga service
2181 Internal ZooKeeper client
2216 NFX250 spokes only Syslog
2379 Internal etcd client communication
2380 Internal etcd peer
2888 Internal ZooKeeper follower
3000 External Grafana
3306 Internal MySQL
3514 External Contrail analytics syslog receiving port
3888 Internal ZooKeeper leader
4001 Internal SkyDNS etcd discover
4505, 4506 Internal Salt communications
5000 External Keystone public
5044 Internal Beats
5543 Internal Logstash UDP
5601 External Kibana UI
5665 Internal Icinga API
5666 Internal icinga nrpe
5671 Internal RabbitMQ SSL listener
5672 Internal RabbitMQ client
6000 Internal Swift Object Server
6001 Internal Swift Container Server
6002 Internal Swift Account Server
6379 Internal Redis
6543 Internal Virtualized Network Function manager (VNFM)
7804 External Device Connectivity
8006 Internal Network Service Orchestrator
8016 Internal Notification engine
8080 Internal cAdvisor
8082 Internal Device Management Service (DMS) central
8083 Internal Activation Service (AS) central
8085 Internal DMS schema
8086 Internal Contrail Analytics
8090, 8091 Internal Generic container
8529 Internal ArangoDB
9042 Internal Cassandra native transport
9090 Internal Swift Proxy Server
9091 Internal xmltec-xmlmail tcp
9101 External & Internal HA proxy exporter
9102 Internal jetdirect
9160 Internal Cassandra
9200 Internal Elasticsearch
10248 Internal kubelet healthz
15100 Internal Logstash TCP
15672 Internal RabbitMQ management
30000-32767 Internal Kubernetes service node range
30900 External Prometheus
35357 Internal Keystone private

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search