Network ports

Network ports are virtual points for networking connections that allow services or applications running at different locations to talk to each other. Each port is associated with a particular service and receives or transmits communication for that specific service. 

BMC Helix IT Operations Management(BMC Helix ITOM) consists of several components that use ports for communication. This topic lists the ports used by BMC Helix ITOM components.

Related topics

System-requirements

image-2024-1-10_17-5-49-1.png

Standard ports used for communication

Source component

Destination

Port

Direction

Local image registry.
For example, Harbor registry.

BMC DTR

Kubernetes container registry

Google container registry

443 is the default port.
You can use custom ports.

Outbound

Users or clients

Load balancer

443

Outbound

Kubernetes cluster

 

BMC Discovery

443

Inbound and outbound
 

BMC DiscoveryCommunication

If BMC Discovery is installed as a single node:

Required ports:

  • Port 443 for UI access
  • Ports 25030–25033 (CORBA) for internal service communication

Configuration:

  • Allow outbound traffic from all Kubernetes worker nodes (such as BHOM Managed Object Service, Smartgraph Controller, and Smartgraph API) to the BMC Discovery node over ports 25030–25033 (CORBA ports).
  • Do not route non-HTTPS traffic through the load balancer. These ports must connect directly to the BMC Discovery node.
  • Port 443 is used only for user access to the BMC Discovery UI.

If BMC Discovery is installed as a multinode cluster, and has a load balancer (LB) in front:

Required ports:

  • Port 443 for UI access
  • Ports 25030–25033 (CORBA) for internal service communication

Configuration:

  • Allow outbound traffic from all Kubernetes worker nodes to each BMC Discovery node directly over ports 25030–25033 (CORBA).
  • Do not route non-HTTPS traffic through the load balancer.
  • Route Port 443 through the load balancer for user access to the UI.
  • Make sure that all BMC Discovery nodes are accessible for direct communication.

For more information about the ports used by BMC Discovery, see System communications and network ports in the BMC Discovery documentation.

Inbound

and outbound

Local image registry.
For example, Harbor registry.

443, 80

The default Harbor registry port is 80 if the Secure Socket Layer (SSL)
is not enabled.

Outbound

Database server

The database port varies based on your database type and service.

The TCP port 5432 is used to expose the PostgreSQL database server.

Outbound

SMTP Server

25 is the default port.
You can use custom ports.

Use port 587 for encrypted email transmissions using
SMTP Secure (SMTPS).

Outbound from all worker nodes

 

Active Directory Server

636 is the default port.
You can use custom ports.

Outbound

Active Directory Federation Services (ADFS) server (SAML)

2500 is the default port.
You can use custom ports.

Outbound

BMC Helix IT Service Managementserver

Usually, 443 (https).

The BMC Helix IT Service Management service port might be
different for some of the customer setups and cloud deployments.

Outbound

BMC Discovery

BMC Helix Operations Management Virtual IP (Load balancer)

443

Outbound

External Load Balancer

NGINX Ingress controller

The Ingress controller service port varies based on your
Kubernetes platform and the Ingress controller service.

Inbound and outbound

NGINX Ingress Controller

Kubernetes Cluster 

NGINX Ingress service port from 30000-32767

Outbound

LDAP sync agent (runs on customer’s server)

LDAP server

389
This port might vary based on the configuration and cloud deployments.

Outbound

LDAP sync agent (runs on customer’s server)

Load balancer or HA proxy

443

Inbound and outbound

Ports used by specific BMC Helix ITOM components

BMC Helix Operations Management ports

Source component

Destination

Port

Direction

PATROL Agents

Load balancer

443

Inbound and outbound

Cell Gateway

BHOM

443

Inbound

Cell Gateway

Load balancer

443

Inbound and outbound

BMC Helix Continuous Optimization ports

Source component

Destination

Port

Direction

Remote ETL Engine (REE)

Load balancer

443

Outbound

BMC Helix Log Analytics and BMC Helix Developer Tools ports

Source component

Destination

Port

Direction

BMC Helix Log Analytics(BHLA) log collectors

Logs

 

443

Inbound

BMC Helix Intelligent Automation ports

Source component

Destination

Port

Direction

IA on-prem connector

Connects to third-party applications through REST over HTTP.

8000 (default) or 8443 (SSL)

Inbound

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*