Important

   

This space contains documentation for TrueSight Server Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Server Automation 8.9.

TrueSight Server Automation ports

The following sections list the ports used by the various components of TrueSight Server Automation:

Overview

These ports are required for a basic TrueSight Server Automation installation. Your firewall must allow communication through these ports for the associated components to function.

Note

Before you install the TrueSight Server Automation Console, make sure that port 9998 (TCP) is not being used. Installation of the console requires use of this port. If the port is already in use, the installer shows a progress bar but exits before launching and the installation fails.

To define port numbers that differ from the defaults, use the TrueSight Server Automation Application Server console (the blasadmin utility) or use the TrueSight Server Automation Console (the Infrastructure Management window). For information about changing port numbers using the TrueSight Server Automation Console or the blasadmin utility, see Configuring communication ports.

Client ports

The following table lists the TCP/UDP ports used by the TrueSight Server Automation clients.

Port

Protocol

From

To

Notes

9840 (base + 40)1

TCP

RCP (Client UI)

Application Server

Required port. This port is used for the TrueSight Server Automation Console and blcred utility to authenticate against the Application server.

9841 (base + 41)1

TCP

RCP (Client UI)

Application Server

Required port. This port is used by the TrueSight Server Automation Console and blcli to communicate with the Application after successful authentication against the Authentication Service.

9842 (base + 42)1

TCP

NSH

NSH Proxy

This port is used by the NSH client to connect to the Application Server, when the Application Server is configured to run the NSH Proxy service. For more information about the NSH proxy, see Setting up a Network Shell proxy server.

1 Default ports, as noted above are added on top of the base port when an Application Server instance is created. For example, if the base port is 9900, then the authsvc port is 9940, appsvc port is 9941, and NSH proxy svc port is 9942. If you add another Application Server instance on an existing Application Server host, you must select a different base port range. For example, the default Application Server instance uses a base port of 9800 and when you add another instance, you can select 9900 as the base port for the new instance to avoid conflict with the existing instance. Arbitrary port assignments can be made in all cases.

Application Server ports

The following table lists the TCP/UDP ports used by the TrueSight Server Automation application server.

Port

Protocol

From

To

Notes

25

SMTP (TCP)

Application Server

Mail Server

SMTP

161

SNMP (UDP)

Application Server

SNMP

162

SNMP (UDP)

Application Server

SNMPTRAP

1080

TCP

SOCKS client

SOCKS proxy

SOCKS Proxy protocol

1433

MS--SQL (TCP)

Application Server

SQL Server DB

Communication with the SQL database

1521

TNS (TCP)

Application Server

Oracle DB

Communication with the Oracle database.

9700

JMX (TCP)

Application Server

Application Server

Default RMI registry port used for JMX communication to the Application Server Launcher.  In order to perform Application Server Launcher operations, each Application Server host must have access to this port on every other Application Server host.

9701

TCP

Application Server

Application Server

Default communications port used for Application Server communication with the Application Server Launcher. The traffic type is incoming messages. Each managed Application Server uses this port to notify the Application Server Launcher that the Application Server is up and in a ready state. This communication is all local traffic for this port.

9702

TCP

Application Server

Application Server

Default RMI execution port used for JMX communication to the Application Server Launcher.  In order to perform Application Server Launcher operations, each Application Server host must have access to this port on every other Application Server host.

9836 (base + 36)1

TCP

Application Server

Application Server

Required port. Listening port for traffic between Application Servers that cooperate by distributing jobs to each other
This port is used in a multiple Application Server configuration for Application Server to Application Server communication. It is used in conjunction with the RMI Execution Port 9850+ (which is obtained from the MaxPort/MinPort range when the Application Server starts). This communication is used for various administration tasks, such as to pull Application Server statistics, coordinate job work item execution, update the remote heartbeat status, and so on.

9838 (base + 38)1

TCP

Application Server

Jconsole or JMXCLI

Required port. JMX listener for Application Server

9850-9899 (MinPort-MaxPort)

TCP

Application Server

Application Server

RMI communication ports. The MinPort-MaxPort range is configurable, with 9850-9899 being the default for a single Application Server.

9843HTTPSWeb clientApplication ServerWeb services port

1 Application Server ports are normally configured from a base port, with 9800 being the default base port. A second Application Server on the same host will typically have a base port of 9900, and so on. Arbitrary port assignments can be made in all cases.

Provisioning server ports

The following table lists the TCP/UDP ports used by TrueSight Server Automation in provisioning.

Port

Protocol

From

To

Notes

671

DHCP (UDP)

PXE client

DHCP service

(Windows and Linux provisioning) For PXE discovery and image transfer.
BOOTP/DHCP port – The port that the DHCP server listens on in order to process broadcasts and requests from bare metal target servers and to assign each a unique IP. The PXE boot broadcasts a DHCP request that includes PXE information. By default, the PXE Server binds to 67 UDP.

68

DHCP (UDP)

DHCP

PXE client

(Windows and Linux provisioning) BOOTP/DHCP port — A bare metal server listens on this port to receive the dynamic IP it has requested from the DHCP server. The server uses this IP to configure itself and access the network. Extended DHCP response to an initial extended DHCP request.

69

TFTP (TCP/UDP)

PXE client

TFTP Server

(Windows and Linux provisioning) Port used in provisioning for PXE discovery. The port on which the TFTP server listens. The bare metal target server downloads the initial boot image (the WinPE or gentoo image) over this port.

80

HTTP (TCP)

PXE client

PXE server

(Linux provisioning) Used for provisioning data store.
The port used to download Linux operating system files from the data store server. The bare metal target server uses this port to download the Linux operating system files from the data store that is running a web server (typically an Apache server).

445

SMB (TCP)

PXE client

PXE server

(Windows provisioning) Used for provisioning data store.
Samba over TCP -- File and printer sharing takes place over this port. The port is used when the WinPE image mounts a Samba share to transfer operating system files from the data store to the bare metal target server.

1433

MS-SQL (TCP)

PXE server

SQL Server DB

(Windows and Linux provisioning) The PXE/TFTP server communicates directly to the database server over this port to determine which boot image to provide to the bare metal target server.

1521

TNS (TCP)

PXE server

Oracle DB

Port that the database listens on. Typically, port 1521 is for an Oracle database.
(Windows and Linux provisioning) The PXE/TFTP server communicates directly to the database server over this port to determine which boot image to provide to the bare metal target server.

4011

DHCP (UDP)

PXE client

PXE server

(Windows and Linux provisioning) The PXE server listens on this port for DHCPREQUESTS from bare metal target servers when they boot for the first time. When both the PXE service and the DHCP service reside on the same server, both services cannot listen on the same port. In that case, this port is effectively the proxy DHCP.

4750RSCD (TCP)Application ServerRSCD agent(Windows and Linux provisioning) Port used to communicate to the RSCD agent on a managed target server after it is provisioned.
Note: After modifying the RSCD agent listening port, you must restart both the agent and the Application Server. 

9831

TCP

Provisioning Client

Application Server

Required port. By default, the Application Server uses this port for SSL communication.
(Provisioning) The provisioning process explicitly uses this port. Bare metal target servers use this port to communicate back to the Application Server (Provisioning Server).

1 The PXE server binds to port 67, a port that the DHCP server normally uses. However, PXE clients broadcast a DHCPDISCOVER packet with PXE-specific information to port 67. This communication enables the PXE server running on that port to identify the PXE client and initiate the provisioning process. For this reason, provisioning uses the same ports as the DHCP server.

RSCD Agent ports

The following table lists the TCP/UDP ports used by the TrueSight Server Automation RSCD Agents.

PortProtocolFromToNotes
4750+TCPTrueSight Server Automation Application ServerRSCD Agent (Managed Server)Default port for all communication from application server to agent
139TCPTrueSight Server Automation Application ServerTarget Windows Servernetbios port for Agent Installer Job (smb1)
445TCPTrueSight Server Automation Application ServerTarget Windows Servermicrosoft-ds port for Agent Installer Job (smb2)
445TCPTrueSight Server Automation Application ServerTarget Windows Serverpsexec helper 
22*TCPTrueSight Server Automation Application ServerTarget UNIX Serverssh, scp port for Agent Installer Job (file copy and command execution)
23*TCPTrueSight Server Automation Application ServerTarget UNIX Servertelnet port for Agent Installer Job (command execution)
20,21*UDPTrueSight Server Automation Application ServerTarget UNIX Serverftp port for Agent Installer Job (file copy)
139TCPWindows RSCD Agent / Managed ServerCIFS/SMB Sharefor AGENT_MOUNT deploy types
445TCPWindows RSCD Agent / Managed ServerCIFS/SMB Sharefor AGENT_MOUNT deploy types
NFS portsTCP/UDPRSCD Agent / Managed ServerNFS Sharefor AGENT_MOUNT deploy types

+ The RSCD Agent is registered with port 5750 with IANA, but the default port is 4750 (listed as ssad in most UNIX /etc/services files).
*
For the UNIX agent installer, use either ssh or ftp/telnet to run the agent installer. Only the ports for the specific method of install need to be open.

Remote facility ports

The following table lists the TCP/UDP ports used by TrueSight Server Automation for remote facility communications (SOCKS, Repeater). 

Port

Protocol

From

To

Notes

4750

RSCD (TCP)

Application Server

RSCD Agent

Primary communication channel from Application Server to each managed host.
Note: After modifying the RSCD agent listening port, you must restart both the agent and the Application Server.

External Authentication ports

The following table lists the TCP/UDP ports used in the communication with external authentication sources.

PortProtocolAuthentication TypeFromToNotes
88TCP & UDPADK, Domain Authentication

Application Server

(and client system for ADK)

Windows Domain Controller/KDCFor ADK, because a Kerberos ticket is required, the client system must also be able to access the Domain Controller/KDC.
389TLS/TCPLDAP (LDAP + Start TLS)Application ServerLDAP Server 
80/443HTTP/HTTPS (TCP)PKIApplication ServerOCSP serverApplication Server needs access to the OCSP responder if OCSP is enabled.
5500UDPRSAApplication ServerRSA Server 
Was this page helpful? Yes No Submitting... Thank you

Comments