Firewall Rules Between the Gateway and ZFS
This section provides a table showing the internal firewall rules between the
Gateway and Oracle ZFS Storage Appliance Racked System (ZFS).
Table 8 Firewall Rules Between the Gateway and ZFS Storage Appliance Racked
System
|
|
|
|
|
ICMP
|
All monitored interfaces
|
Gateway
|
ICMP Type 0 and 8
|
Used to test network connectivity between customer systems and
the Gateway
|
ICMP
|
Gateway
|
All monitored interfaces
|
ICMP Type 0 and 8
|
Used to test network connectivity between the Gateway and
customer systems
|
SSH/SCP
|
Gateway
|
ZFS Controllers
ZFS ILOM
Cisco Switch
|
TCP/22
|
Monitoring configuration, fault diagnostics, and patching
|
SSH/SCP
|
Gateway
|
PDU
|
TCP/22
|
Monitoring configuration, fault diagnostics, and
patching
|
HTTPS
|
Gateway
|
PDU
|
TCP/443 (HTTPS)
|
PDU web interface for monitoring configuration and
diagnostics
|
HTTPS
|
Gateway
|
ZFS ILOM
|
TCP/443
|
Monitoring configuration and fault diagnostic
collection
|
HTTPS
|
Gateway
|
ZFS Controllers
|
TCP/215
|
OEM plug-in communication to ZFS for monitoring
|
SNMP
|
Gateway
|
PDU
ZFS ILOM
ZFS Controllers
Cisco Switch
|
UDP/161
|
SNMP for ASR telemetry
|
SNMP
|
PDU
Cisco Switch
|
Gateway
|
UDP/162
|
SNMP for Monitoring Events
|
RCMP+
|
Gateway
|
ZFS ILOM
|
UDP/623, TCP/623
|
Management and monitoring using the ILOM interface
(IPMI)
|
ZFS Phone Home
|
ZFS Controllers
|
Gateway
|
TCP/8000
|
Gateway hosting a proxy server
|
SSH/SCP
|
ZFS Controllers
|
Gateway
|
TCP/22
|
Used to copy patches from the gateway to the ZFS arrays as SCP
is available only to pull from a remote system to the ZFS
array.
|
HTTP
|
ZFS ILOM
ZFS Controllers
Cisco Switch
|
Gateway
|
HTTP/8234
|
ASR assets to communicate with ASR Manager
|
|
Note -
ZFS reporting for ASR is an exception as error telemetry is reported directly
to Oracle using port 443.