FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Does port 8443 needed in-between Managed Nodess in a Cluster?

Go to solution
waikeat_chan
DynaMight Pro
DynaMight Pro

‎17 Nov 2019 08:32 PM

From what I read in the documentation, the ports 8443 should be meant for communication in-between:

1. AG and Managed Nodes

2. OA and Managed Nodes


but it isn't meant for communication in-between Managed Nodess in a Managed Cluster right?



Best Regards,

Wai Keat


0 Kudos
Reply
4 REPLIES 4

Go to solution
Babar_Qayyum
DynaMight Guru
DynaMight Guru

‎17 Nov 2019 09:50 PM

Hello @Wai Keat C.

8443 for Managed versions earlier than 1.166

Dynatrace environments with a cluster version earlier than 1.166 use port 8443. New Dynatrace environments still use port 8443, but this port doesn't need to be exposed to the outside of the cluster nodes. Upgraded Dynatrace environments preserve port settings from the previous version. As a result, it is possible to have an upgraded Dynatrace environment that still uses port 8443.

Regards,

Babar


Reply

Go to solution
skrystosik
DynaMight Guru
DynaMight Guru

‎17 Nov 2019 11:35 PM

If you have HA architecture, and you are asking about communication between Dynatrace colusters, than no, this port does not have to be open. In other cases, look on Babar's answer.

Sebastian


Regards, Sebastian
0 Kudos
Reply

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend

‎17 Nov 2019 11:48 PM

I'm not absolutely sure here, but I think the communication port (443 or 8443 by default depending on the version and configuration) it is used at least while deploying a new node (seed process). I think you should have the communication port open while adding the cluster node. Adding a new node configures firewall rules at the added node as well at the existing nodes.

I would not recommend to play with the firewall rules at the cluster node unless necessary and only if you really know what you are doing.

I would really recommend having the 443/8443 port opened globally.


Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner
0 Kudos
Reply

Go to solution
Malaik
DynaMight Champion
DynaMight Champion

‎16 Dec 2020 02:51 AM

Hi All

I have the same question:


What is the impact of closing this port ? knowing that we install Dynatrace recently and get a message from Security team

We performed VA rescan for the Dynatrace servers, still the port was open ,still the vulnerability” Multiple Cross-Site Scripting Vulnerabilities Detected” detected.


Please advise.

cid:image002.jpg@01D6D39A.EA2BC650

Thanks & Regards,

Sharing Knowledge
0 Kudos
Reply
Ask a question