RG02C – Ports of RES products

By Max Ranzau

 

This article is a handy reference to of all IP ports which are being used in RES Workspace Manager, Automation Manager etc. This information is useful for architechts and other solution providers who are designing an network environment that includes RES products. The document will be updated as new ports and/or technologies are added in the future. The reference is divided up by product, although there are some overlapping port usage when it comes to the datastore, which I will cover first:

 

Datastore access ports

While this section strictly doesn’t apply directly to the RES products, it’s nevertheless a good idea to know what ports are being used for connectivity to the different datastores which can be used by the products. These TCP ports will be used by both RES Workspace Manager and RES Automation Manager. Chances are if you’re a DBA you probably know more than I do about this, however below is my attempt to gather some usable information on this topic:

Datastore Port(s)
SQLserver (2000+) 

 

Covers regular SQLserver, SQLexpres, and SQL Server Azure

TCP/1433 is the well known port for SQL servers. Note that from SQLserver 2005 and up, the servers support dynamic ports by default, hence you may have to reconfigure your datatore to ensure you get the expected port
Oracle (9.1+) TCP/1521 will generally be the right port for Oracle SQL*Net 2 traffic. However, Oracle uses quite a few ports it seems. I found a good overview of these ports here.
IBM DB2 (8.1+) TCP/50000 should be the default port when running DB2 on Windows. Sources indicate that when running on AIX, the port number is TCP/50009. On all operatingsystems, check your etc/services file where you should have a dbadmin1 entry.
MYsql (5.0+) TCP/3306 is the default port according to the MySQL 5.1 reference manual here.

 

RES Workspace Manager ports

Port Usage
TCP/1942 Direction: Console->Agent.This port is used by the powerfuse management console, when you go to the Setup|Agents node, rightclick an agent and select Force Cache update. Effectively this means you have to open this port on every machine that runs the RES Workspace Manager agent. The port is hardcoded, hence cannot be changed.

The reason that this port exists is that if everything else fails (i.e. in the hypothetical situation that cache updates have stopped) you need the ability to reach out directly to the agent and tell it to reload it’s configuration cache.

Fun fact: TCP/1942 was originally registered with IANA (the guys who keep track of who uses what IP ports for what purpose) by Bob Janssen

Update April 17th 2012. TCP/1942 is now also being used by the RES Relay Server, part of RES Workspace Manager 2012. For more information see technote RG046

TCP/3163 LEGACY. Direction: Session->Subscriber. Before the 7.01 release of the RES Subcriber aka Workspace Extender aka VDX, a dedicated TCP port was used for all subscriber<->session communication. These days the VDX client relies on using a virtual channel within either the RDP or ICA protocol, so the TCP/3163 port is no longer required for PowerFuse. Instead it is being used for RES Wisdom. See below.

 

RES Automation Manager ports

Port Usage
TCP/3163 Direction Agent->Dispatcher. This port is being used for traffic between the Wisdom Agent and the Wisdom Dispatcher.  This port port was previously hardcoded, but can be changed from AM2011 and up. Go here for further info.

 

RES IT Store ports

Port Usage
TCP/4733 This port is used for communication between the IT Store web client and the Catalog server. Traffic is both directions.
TCP/8080 RES Workspace Manager agents communicate with the Catalog server using this port.

 

RES VDX ports

Port Usage
TCP/808 Direction: VDX Agent -> License server. This is the default port for .Net TCP, which is used between the RES VDX Engine and the VDX License Server.
TCP/2598 (ICA with session reliability) 

 

TCP/1494 (Oldschool ICA or ICA without Ses. Reliability)

TCP/3389 (Default TS RDP port)

 

RES VDX doesn’t have it’s own tcp port, per say. Instead it uses the virtual channels of the display protocol in effect for transfering information about windows metrics and what to launch. 

 

Here on the left are the most common known tcp ports for Citrix ICA and RDP.

 

RES HyperDrive ports*

Port Usage
TCP/80 Direction: Client <-> HD server. Syncronization process of the Windows HyperDrive client uses an SSL tunnel, running on port 80
TCP/8080 Direction: Client <-> HD server. Syncronization process of the OSX HyperDrive client uses an SSL tunnel, running on port 8080
TCP/1433  Direction: HD Server -> SQL Database. Regular SQL traffic to the backend HyperDrive database server
TCP/443 Direction: Mobile clients/Browser <-> HD server. The Mobile site and myHyperDrive use https over port 443

This port is also used for https by all mobile devices.

TCP/389 Direction: HD Server -> Active Directory. Used for LDAP queries.
TCP/88+464 Direction: HD Server <-> Active Directory. Used for Kerberos authentication.
TCP/25 Direction: HD Server -> Mail Server. Used for SMTP/email notifications.

*The above information is available in RES KB Q203448.

 

2 Comments

  • By Iain Brighton, September 16, 2010 @ 19:59

    Just a couple of additions!

    Additional Shared Ports:
    TCP/443 Direction PowerFuse Agent -> Datastore, Wisdom Dispatcher -> Datastore if a secure connection (SSL) is used (by default).

    Additional Wisdom ports:
    UDP/3163 Direction Dispatcher -> Agent. This port is used (by default) for WoL.
    UDP/3163 Direction Agent -> Dispatcher. This is used for Dispatcher discovery.
    TCP/3163 Is used whether Dispatcher encryption is used or not.

    I *think* TCP/1434 is used by the SQL Browser Service to aid discovery if the MS SQL server is using a dynamic port, e.g. not TCP/1433.

  • By RESguru, September 16, 2010 @ 21:12

    Thanks Iain! I’ll add this info to the article

Other Links to this Post

RSS feed for comments on this post.

Leave a comment

Comments are welcome as always. Just do the math below. * Time limit is exhausted. Please reload the CAPTCHA.