Advanced Topics
- About This Guide
- 1 SUSE Manager on IBM z Systems
- 2 SUSE Manager 3.2 Proxy
- 3 Security
- 4 SUSE Manager in the Public Cloud
- 5 Optimization and Scalability
- 6 Salt SSH Integration
- 7 Monitoring with Icinga
- 8 Image Building and Management
- 9 Kubernetes Integration Guide
- 10 Cobbler
- 11 Virtualization
- 12 Inventorying vCenter/vSphere ESXi Hosts with SUSE Manager
- 13 SUSE Manager Command Line Tools
- 14 spacecmd Reference
- A Ports
- B Minimalist AutoYaST Profile for Automated Installations and Useful Enhancements
- C GNU Licenses
- 15 GNU Free Documentation License
A Ports
A.1 SUSE Manager Server #
Some ports are only relevant if you actually run the related service on the SUSE Manager server.
Ports to Open on SUSE ManagerServer #
- 67
Inbound / TCP/UDP / DHCP
Required when SUSE Manager is configured as a DHCP server for systems requesting IP addresses.
- 69
Inbound / TCP/UDP / TFTP
Used when SUSE Manager is configured as a PXE server and allows installation and re-installation of PXE-boot enabled systems.
- 80
Inbound / TCP / HTTP
All Web UI , client, and proxy server requests travel via HTTP or HTTPS.
- 80
Outbound / TCP / HTTP
Used to contact SUSE Customer Center /Novell Customer Center .
- 443
Inbound / TCP / HTTPS
All Web UI , client, and proxy server requests travel via HTTP or HTTPS.
- 443
Outbound / TCP / HTTPS
SUSE Manager uses this port to reach SUSE Customer Center (unless running in a disconnected mode with RMT or SMT— as described in Section 2.2, “Disconnected Setup with RMT or SMT (DMZ)”).
- 5222
Inbound / TCP / osad
When you wish to push actions to clients this port is required by the
osaddaemon running on your client systems.- 5269
Inbound/Outbound / TCP / jabberd
Needed if you push actions to or via a SUSE Manager Proxy .
- 4505
Inbound / TCP / salt
Required by the Salt-master to accept communication requests via TCP from minions.
- 4506
Inbound / TCP / salt
Required by the Salt-master to accept communication requests via TCP from minions.
- 25151
TCP
Cobbler.
Internally Used Ports on SUSE ManagerServer #
- 2828
Internal /
satellite-search API, used by the RHN application in Tomcat and Taskomatic.
- 2829
Internal /
Taskomatic API, used by the RHN application in Tomcat.
- 6868
Internal
Auditlog-keeper to database.
- 6888
Internal
Auditlog-keeper API, used by the RHN application in Tomcat.
- 8005
Internal
Tomcat shutdown port.
- 8009
Internal
Tomcat to Apache HTTPD (AJP).
- 8080
Internal
Tomcat to Apache HTTPD (HTTP).
- 9080
Internal
salt-api, used by the RHN application in Tomcat and Taskomatic.
- 32000
Internal / TCP
Port for a TCP connection to the Java Virtual Machine (JVM) that runs Taskomatic and the search (satellite-search).
Note: Ephemeral Ports
Anything from port 32768 on (more exactly, what you can see with cat
/proc/sys/net/ipv4/ip_local_port_range) is an ephemeral port, typically used as the receiving end of a TCP connection.
So if process A opens a TCP connection to process B (for example, port 22), then A chooses an arbitrary source TCP port to match with destination port 22.
A.2 SUSE Manager Proxy Server #
Ports to Open on SUSE ManagerProxy Server #
- 22
Inbound /
Required when using ssh-push or ssh-push-tunnel contact methods. Check-in on clients connected to a SUSE Manager Proxy will be initiated on the SUSE Manager Server and “hop through” through to clients.
- 80
Outbound /
Used to reach SUSE Manager .
- 5222
Inbound / TCP
For push actions and connections issued by
osadrunning on the client systems.- 5269
Inbound/Outbound / TCP
For push actions with the server.