Showing results for 
Show  only  | Search instead for 
Did you mean: 

Does port 8443 needed in-between Managed Nodess in a Cluster?

DynaMight Pro
DynaMight Pro

From what I read in the documentation, the ports 8443 should be meant for communication in-between:

1. AG and Managed Nodes

2. OA and Managed Nodes

but it isn't meant for communication in-between Managed Nodess in a Managed Cluster right?

Best Regards,

Wai Keat


DynaMight Guru
DynaMight Guru

Hello @Wai Keat C.

8443 for Managed versions earlier than 1.166

Dynatrace environments with a cluster version earlier than 1.166 use port 8443. New Dynatrace environments still use port 8443, but this port doesn't need to be exposed to the outside of the cluster nodes. Upgraded Dynatrace environments preserve port settings from the previous version. As a result, it is possible to have an upgraded Dynatrace environment that still uses port 8443.



DynaMight Guru
DynaMight Guru

If you have HA architecture, and you are asking about communication between Dynatrace colusters, than no, this port does not have to be open. In other cases, look on Babar's answer.


Regards, Sebastian

DynaMight Legend
DynaMight Legend

I'm not absolutely sure here, but I think the communication port (443 or 8443 by default depending on the version and configuration) it is used at least while deploying a new node (seed process). I think you should have the communication port open while adding the cluster node. Adding a new node configures firewall rules at the added node as well at the existing nodes.

I would not recommend to play with the firewall rules at the cluster node unless necessary and only if you really know what you are doing.

I would really recommend having the 443/8443 port opened globally.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner

DynaMight Champion
DynaMight Champion

Hi All

I have the same question:

What is the impact of closing this port ? knowing that we install Dynatrace recently and get a message from Security team

We performed VA rescan for the Dynatrace servers, still the port was open ,still the vulnerability” Multiple Cross-Site Scripting Vulnerabilities Detected” detected.

Please advise.


Thanks & Regards,

Sharing Knowledge