Ports



  • Hi,

    Would you be able to advise what ports are required for CD to fully function? I am looking to install this to a rack mounted server but would need to be able to quote the ports needed to submit request - I imagine they are default Windows ports mostly.



  • Should only be 80 and possibly 443 if you are using ssl.
    The standard smb ports
    Udpcast ports 9000-10000 by default, can be changed in admin->multicast



  • Forgot about tftp on 69, and maybe more if using CloneDeploy Proxy DHCP. Here are the exceptions that are created during install, should be everything.

    [code]netsh advfirewall firewall add rule name=dhcps dir=in action=allow protocol=UDP localport=67 profile=any
    netsh advfirewall firewall add rule name=dhcpd dir=in action=allow protocol=UDP localport=68 profile=any
    netsh advfirewall firewall add rule name=tftp dir=in action=allow protocol=UDP localport=69 profile=any
    netsh advfirewall firewall add rule name=http dir=in action=allow protocol=TCP localport=80 profile=any
    netsh advfirewall firewall add rule name=https dir=in action=allow protocol=TCP localport=443 profile=any
    netsh advfirewall firewall add rule name=proxyd dir=in action=allow protocol=UDP localport=4011 profile=any
    netsh advfirewall firewall add rule name=udp-sender dir=in action=allow program="{app}\web\private\apps\udp-sender.exe"
    netsh advfirewall firewall add rule name=udp-sender dir=out action=allow program="{app}\web\private\apps\udp-sender.exe"
    netsh advfirewall firewall set rule group=""File and Printer Sharing"" new enable=Yes"[/code]



  • Thank you,

    I wont be using Proxy DHCP.

    Just installed CloneDeploy but already ran into issue

    Exception error when trying to finalize settings after setup.

    Will have to look into that



  • I believe its because I had a browser issue (too old) and missed the finalise button.

    Then I changed default admin account name and password.

    Installed Chrome, changed back to clonedeploy=password and now working.



  • 800mbpm unicast, will do some tweaking and try and increase this - still testing stages.
    WIll be more work trying to get it on a full rack server than a desktop I imagine, has 4 RJ45 ports that I might be able to team later on.

    has RAID 5 of 3x 500GB drives



  • Hello, can you assist with a quick question?
    Udpcast ports 9000-10000 by default, can be changed in admin->multicast

    How many ports are actually required? If I multitask up-to batches of 20 at a time?



  • 2 ports are always used for each multicast session, doesn't matter if it's 1 client or 100.

    First multicast session
    9000-9001
    Second session
    9002-9003
    etc.
    When you reach 10000 it starts over at 9000.

    You can see that 1000 ports you could have 500 simultaneous multicast sessions, each with however many clients. You can change the port range to something smaller if you would like.



  • Hi,

    I have to submit a tech design otherwise I wouldn't care, We block EVERY port usually (not within VLAN) but outside VLAN unless it has been opened for Purpose.

    "Think outsource firm who has banking clients so gets audited more than the banks"

    I literally want to have as little ports opened from all the client VLANS that will be communicating up to the server hosted on our server LAN/DMZ?

    Is there any requirement for the ports to change each time or was it just for the sake of ease as default?



  • so If I use 9002 to 9003 I should have no issues at all?



  • They change so that you can have multiple sessions. Can't open two sessions using the same ports. If you know that you will ever only do one multicast at a time, you could set the start port at 9000 and end to 9002



  • I tend to queue up my multicast jobs however I usually set off 1 job (imaging) and then PAUSE the 2nd bank of machines on the DHCP screen so it doesn't try to queue up a 2nd bank which used to make my Desktop server struggle 2 much.

    But if I go whole hog with rack server it might have much more power to do more. I may just set a range of 10. which is acceptable and leaves me space.

    Thank you pal 🙂



  • Thinking about this you would need to open one port higher than end number. So if you start at 9000 and end at 9008 you would also need port 9009 opened.



  • I think 9000 to 9010 will still be plenty.

    I cant PXE boot as fast as I image most our machines (Well using Crucible - which was faster than my testing of CD).

    So cant see myself ever been able to hit more than 4-5 MC at once.



  • cant even see me doing 3 jobs at once in all honestly. will be too much for network I imagine.



  • If you do that open ports 9000-9011 if you only open to 9010 every 6th multicast job will fail.



  • 6th simultaneously though right? or are you saying it needs +1 port for itself anyway?



  • I think I get you, but I don't get why.

    so add the 1 so the 6th of every single job will fail as it runs out of ports as it rolls through the pairs?



  • The ports increment for every job, doesn't matter if it's only 1 single job or multiple.
    1st
    9000-9001
    2nd
    9002-9003
    3rd
    9004-9005
    4th
    9006-9007
    5th
    9008-9009
    6th
    9010-9011, so even though 9010 is specified as the last port 9011 is also used, if you don't open that in your firewall the session will fail.
    7th
    9000-9001
    8th
    9002-9003
    etc.



  • Ah sorry

    Now I understand- thank you.