Ports that are used for deployment and Day 2 operations
The following table provides information about the ports for deployment and Day 2 operations. For more information about the ports that are used by the add-on services, see Ports for services.
Review the following information about the ports described in the table:
- Windows® Active Directory™ has two options: single Windows Virtual Service Instance (VSI) and two HA dedicated Windows Server virtual machines (VMs). For single Windows VSI, the VSI is in the primary subnet. For Windows Server VMs, the VMs are in the infrastructure VMs subnet.
- IBM Cloud® infrastructure services network subnets vary from data center to data center. For more information, see IBM Cloud IP ranges.
- Some Windows resources in your environment might use classic infrastructure services in Dallas.
- IBM Cloud endpoint service network includes
166.8.0.0/14. - IBM CloudDriver is an ephemeral VSI that is deployed by the IBM Cloud automation to configure your instance. While IBM CloudDriver is being bootstrapped, it uses an ephemeral primary IP address. However, after bootstrapping, it uses a predictable portable IP address that you can find on your instance details page. For more information, see IBM CloudDriver.
- Infrastructure VMs refer to the private portable subnet allocated for use by vCenter, NSX manager, the cloud driver
- Depending on your mode of deployment, your Windows Active Directory domain controllers can be VSIs on a primary subnet, or VMs on a portable subnet.
For more information about Red Hat® OpenShift® (OCP) networking, see About the OpenShift SDN network plugin.
| Source | Subnet, IP range | Target | Subnet, IP range | Port | Protocol | Purpose | Service |
|---|---|---|---|---|---|---|---|
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
IBM Cloud Service - Cloud Object Storage10.1.129.0/24[1] |
IBM Cloud infrastructure services network | 443 | TCP | Use IBM Cloud Object Storage service | HTTPS |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
IBM Cloud Service - RabbitMQ 166.9.59.6166.9.90.7166.9.58.162IBM Cloud Service - Log Analysis[2] |
IBM Cloud endpoint service network | 443, 30560 | TCP | Use IBM Cloud RabbitMQ and Log Analysis services | |
| IBM CloudDriver | Private primary subnet | vCenter Server | Infrastructure VMs | ICMP | Install and configure vCenter Server | ||
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
vCenter Server | Infrastructure VMs | 22 | TCP | Set up and configure vCenter Server | SSH |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
vCenter Server | Infrastructure VMs | 443 | TCP | Install and configure vCenter Server and cluster | SSH |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
vCenter Server | Infrastructure VMs | 9443 | TCP | Install and configure vCenter Server and cluster | |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
vCenter Server | Infrastructure VMs | 5489 | TCP | Install and configure vCenter Server and cluster | |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
ESXi™ host | Private primary subnet | 22 | TCP | Set up, configure, and apply patches to ESXi host | SSH |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
ESXi vMotion | vMotion traffic | ICMP | Set up ESXi network | ||
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
ESXi vSAN™ | vSAN traffic | ICMP | Set up ESXi network | ||
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
ESXi shared storage | Shared storage traffic | ICMP | Set up ESXi network | ||
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
Customer edge private | Customer edge gateway private | ICMP | Set up NSX edge network | ||
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
Windows Active Directory | Private primary subnet (for Windows VSI)/ Infrastructure VMs (for Windows VMs) |
5986 | TCP | Set up and configure Windows Active Directory and DNS | |
| IBM CloudDriver | Private primary subnet | NSX Manager | Infrastructure VMs | ICMP | Install and set up NSX Manager | ||
| IBM CloudDriver | Private primary subnet | NSX Manager | Infrastructure VMs | 443 | TCP | Set up and configure NSX Manager | HTTPS |
| IBM CloudDriver | Private primary subnet | NSX Manager | Infrastructure VMs | 80 | TCP | Set up and configure NSX Manager | HTTP |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure provisioning API10.0.80.0/25 |
IBM Cloud infrastructure services network | 443 | TCP | Order and provision IBM Cloud infrastructure resources | HTTPS |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure DNS service10.0.80.1110.0.80.12 |
IBM Cloud infrastructure services network | 53 | UDP | Use IBM Cloud infrastructure DNS service | |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure NTP service. | IBM Cloud infrastructure services network. For more information, see NTP overview. | 123 | UDP | Use IBM Cloud infrastructure NTP service | |
| IBM CloudDriver | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure endurance storage | IBM Cloud infrastructure services network | Any | ICMP and TCP | Set up endurance storage for ESXi host | |
| Windows Active Directory | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure DNS service10.0.80.1110.0.80.12 |
IBM Cloud infrastructure services network | 53 | UDP | Use IBM Cloud infrastructure DNS service | |
| Windows Active Directory | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure NTP service | IBM Cloud infrastructure services network | 123 | UDP | Use IBM Cloud infrastructure NTP service | |
| Windows Active Directory | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure WSUS service | IBM Cloud infrastructure services network | 80 | TCP | Use IBM Cloud infrastructure WSUS service | HTTP |
| Windows Active Directory | Private primary subnet Infrastructure VMs |
IBM Cloud infrastructure Windows KMS service | IBM Cloud infrastructure services network | 1688 | TCP | Use IBM Cloud infrastructure Windows KMS service | |
| ESXi host | Private primary subnet | IBM Cloud infrastructure NTP service | IBM Cloud infrastructure services network | 123 | UDP | Use IBM Cloud infrastructure NTP service | |
| vCenter Server | Infrastructure VMs | IBM Cloud infrastructure NTP service | IBM Cloud infrastructure services network | 123 | UDP | Use IBM Cloud infrastructure NTP service | |
| NSX Manager | Infrastructure VMs | IBM Cloud infrastructure NTP service | IBM Cloud infrastructure services network | 123 | UDP | Use IBM Cloud infrastructure NTP service | |
| NSX Manager | Infrastructure VMs | TEP subnet | TEP traffic | 443 | |||
| NSX Manager | Infrastructure VMs | Customer edge subnet | Customer edge private traffic | 443 | |||
| ESXi host shared storage | ESXi shared storage | IBM Cloud infrastructure endurance storage | IBM Cloud infrastructure services network | 111, 635, and 2049 | TCP and UDP | Use IBM Cloud infrastructure endurance storage | |
| IBM CloudDriver Windows Active Directory (VSI) |
Private primary subnet | IBM Cloud infrastructure engine | IBM Cloud infrastructure services network | 80 | TCP | Provision IBM CloudDriver and Windows Active Directory (VSI) | |
| IBM Cloud infrastructure engine | IBM Cloud infrastructure services network | IBM CloudDriver Windows Active Directory (VSI) |
Private primary subnet | Any | TCP and UDP | Provision IBM CloudDriver and Windows Active Directory (VSI) | |
| IBM Cloud infrastructure engine | IBM Cloud infrastructure services network | ESXi host management0 | Private primary subnet | 623 | TCP and UDP | IBM Cloud infrastructure IPMI | |
| IBM CloudDriver | IBM Cloud Service10.221.68.39 |
514 | TCP | ||||
| IBM CloudDriver | Internet | HTTPS |