General Port Allocation
The Delphix Engine makes use of the following network ports regardless of the type of database platform:
General Outbound from the Delphix Engine Port Allocation
Connection to a local SMTP server for sending email
Connections to local DNS servers
Connection to an NTP server
|UDP||162||Sending SNMP TRAP messages to an SNMP Manager|
HTTPS connections from the Delphix Engine to the Delphix Support upload server
Secure connections to an LDAP server
Connections to a Delphix replication target. See Configuring Replication.
|TCP||50001||Connections to source and target environments for network performance tests via the Delphix command-line interface (CLI).|
General Inbound to the Delphix Engine Port Allocation
SSH connections to the Delphix Engine
HTTP connections to the Delphix GUI
|UDP||161||Messages from an SNMP Manager to the Delphix Engine|
HTTPS connections to the Delphix Management Application
Delphix Session Protocol connections from all DSP-based network services including Replication, SnapSync for Oracle, V2P, and the Delphix Connector.
|TCP||50001||Connections from source and target environments for network performance tests via the Delphix CLI.|
|TCP/UDP||32768 - 65535|
Required for NFS mountd and status services from the target environment only if the firewall between Delphix and the target environment does not dynamically open ports.
Firewalls and Intrusion Detection Systems (IDS)
Production databases on source environments (for dSources) are often separated from the non-production environment by firewalls. Firewalls can add milliseconds to the latency between servers. Accordingly, for best performance, there should be no firewalls between the Delphix Engine and the virtual database (VDB) target environments. If the Delphix Engine is separated from a source environment by a firewall, the firewall must be configured to permit network connections between the Delphix Engine and the source environments for the application protocols (ports) listed above.
Intrusion detection systems (IDSs) should also be made permissive to the Delphix Engine deployment. IDSs should be made aware of the anticipated high volumes of data transfer between dSources and the Delphix Engine.
Both source and target Unix environments are required to have
sshd running and configured such that the Delphix Engine can connect over
The Delphix platform expects to maintain long-running, highly performant
ssh connections with remote Unix environments. The following
sshd configuration entries can interfere with these
ssh connections and are therefore disallowed:
Network and Connectivity Requirements for Oracle
IP connections must exist between the Delphix Engine and the source and target environments.
- For source environments, Delphix Engine uses an SSH connection to each source host, an HTTP connection from each source environment to Delphix Engine, and a DSP connection to the Delphix Engine. The Delphix Engine uses SQL*Net connections to the DBMS on the source environment.
- For target environments, Delphix uses an SSH connection to each target environment and an NFS connection to Delphix Engine. Delphix Engine uses SQL*Net connections to the virtual databases on the target environment.
The scp program must be available in the environment in order to add an environment.
Port Allocation for Oracle Environments
The following diagram describes the port allocations for Oracle environments. It illustrates the ports that we recommend to be open from Delphix to remote services, to the Delphix Engine, and to the Target Environments.
The Delphix Engine makes use of the following network ports for Oracle dSources and VDBs:
Outbound from the Delphix Engine Port Allocation
|TCP||22||SSH connections to source and target environments|
|TCP||xxx||Connections to the Oracle SQL*Net Listener on the source and target environments (typically port 1521)|
Inbound to the Delphix Engine Port Allocation
Remote Procedure Call (RPC) port mapper used for NFS mounts
Note: RPC calls in NFS are used to establish additional ports, in the high range 32768-65535, for supporting services. Some firewalls interpret RPC traffic and open these ports automatically. Some do not; see below.
|TCP||1110||NFS Server daemon status and NFS server daemon keep-alive (client info)|
|TCP/UDP||2049||NFS Server daemon from VDB to the Delphix Engine|
|TCP||54045||NFS lock daemon/manager|
|Sending data from source to the Delphix Engine (for LogSync)|
SnapSync control and data from source to the Delphix Engine
V2P control and data from the target environment to the Delphix Engine.
|UDP||33434 - 33464||Traceroute from source and target database servers to the Delphix Engine (optional)|
|UDP/TCP||32768 - 65535||NFS mountd and status services, which run on a random high port. Necessary when a firewall does not dynamically open ports.|
AppData Port Requirements
The use of AppData requires the following ports/protocols.
Two important notes about these specifications:
- The next release of the Delphix Engine will significantly augment the port/protocol utilization of AppData. The upcoming-only requirements have been marked with a *.
- AppData V2P uses RSYNC to export to the target. RSYNC between the target and Delphix Engine is not required for general virtualization usage. The V2P-only requirements have been marked with a ^.
From Source to Delphix Engine
From Delphix Engine to Source
From Target to Delphix Engine
From Delphix Engine to Target
|RSYNC (TCP Port 873)||RSYNC (TCP Port 873)||DSP (Default TCP Port 8415)||DSP (Default TCP Port 8415)|
|DSP (Default TCP Port 8415)||SSH (TCP Port 22)||NFS||SSH (TCP Port 22)|
|*NFS||DSP (Default TCP Port 8415)||^RSYNC (TCP Port 873)||^RSYNC (TCP Port 873)|