The following section summarize Sun Ray system port and protocol usage.
The range of dynamic/UDP ports on the server is constrained to
the range defined by the utservices-low and
utservices-high UDP service definitions,
whose default values in /etc/services are
40000 and 42000 respectively.
Dynamic/TCP ports on the client are in the range 32768-65535.
Dynamic/UDP ports on the client are in the range 4096-65535.
ALP rendering traffic (ALP-RENDER) always uses a UDP port number greater than 32767 at the client.
Table 2.6, “Sun Ray Client-to-Server Ports and Protocols” lists the Sun Ray Client-to-server ports and protocols. In the table, a double-headed arrow in the Flow column indicates the direction of the initial packet. In most cases, the client (a Sun Ray Client or Oracle Virtual Desktop Client) initiates the interaction.
Table 2.6. Sun Ray Client-to-Server Ports and Protocols
Client Port | Flow | Protocol | Flow | Server Port | Peer | Importance | Comments |
|---|---|---|---|---|---|---|---|
66/UDP (BOOTPC/DHCPC) | broadcast=>> unicast=>> | DHCP | <=broadcast <=unicast | 67/UDP (BOOTPS/DHCPS) | DHCP Service | Mandatory | Network and configuration parameter discovery |
Dynamic/UDP | unicast=>> | TFTP | <=unicast | 69/UDP (TFTP) | TFTP Service | Recommended | Firmware download (Configuration parameter download) |
Dynamic/UDP | unicast=>> | DNS | <=unicast | 53/UDP (domain) | DNS Service | Optional | For server name lookups |
514/UDP (syslog) | unicast=>> | Syslog | (none) | 514/UDP (syslog) | Syslog Service | Optional | Event reporting |
Dynamic/UDP | broadcast=>> | ALP-DISCOVERY | <=unicast | 7009/UDP (utauthd-gm) | Sun Ray Server | Optional | On-subnet Sun Ray server discovery |
Dynamic/TCP | unicast=>> | ALP-AUTH | <=unicast | 7009/TCP (utauthd) | Sun Ray Server | Mandatory | Presence, control, status |
Dynamic/UDP with port number >= 32768 | unicast=> or unicast=>> when NAT is in use | ALP-RENDER | <<=unicast or <=unicast when NAT is in use | Dynamic/UDP constrained by utservices-low and utservices-high | Sun Ray Server | Mandatory | On-screen drawing, user input, audio |
5498/UDP | unicast=>> | ALP-AUDIO-IN | Dynamic/UDP constrained by utservices-low and utservices-high | Sun Ray Server | Optional | Inbound audio | |
Dynamic/TCP | unicast=>> | ALP-DEVMGR | <=unicast | 7011/TCP (utdevmgr) | Sun Ray Server | Optional | Device management |
7777/TCP | unicast=> | ALP-DEVDATA | <<=unicast | Dynamic/TCP | Sun Ray Server | Optional | Device data transfer |
7013/UDP (utquery) | unicast=> | ALP-QUERY | <<=unicast <<=broadcast | Dynamic/UDP | Any | Optional | utquery support |
Due to CR 6985550, the keyboard may become unresponsive to input. To work around this issue, allow ICMP messages to flow from the Sun Ray server to the client.
Table 2.7, “Sun Ray Server-to-Server Ports” lists the Sun Ray server-to-server ports.
Table 2.7. Sun Ray Server-to-Server Ports
Sun Ray Server Port | Protocol | Port | Peer | Notes |
|---|---|---|---|---|
<<=ARP=>> | All on subnet | IP-to-MAC mapping | ||
Transient | SYSLOG/UDP unicast=>> | 514 (SYSLOG) | Syslog Server | Status reporting, if required |
7009 (UTAUTHD) | <<=UTAUTHD-GM/UDP=>> broadcast or multicast | 7009 (UTAUTHD) | Sun Ray Server | Group discovery, if required |
7011 (UTDEVMGRD) | <<=UTDEVMGRD/TCP=>> | 7011 (UTDEVMGR) | SR Group Member | Device control and status |
7008 (UTRCMD) | <<=UTRCMD/TCP=> | Privileged | SR Group Member | Remote execution |
<<=ICMP ECHO=> | Any | Admin: presence (a bug) | ||
7010 (UTAUTH-CB) | <<=UTAUTH-CB/TCP=> | Transient | Any | Admin: control and status |
7012 (UTDS) | <<=UTDS/TCP=> | Transient | Any | Data store, if required. |
7007 (UTSESSIOND) | <<=UTSESSION/TCP=> | Transient | Any | Session members |
7011 (UTDEVMGR) | <<=UTDEVMGR/TCP=> | Transient | Any | Device clients |
1660 (HTTP) | <<=HTTP/TCP=> | Transient | Localhost | Web GUI, if configured |
1661 (HTTPS) | <<=HTTPS/TCP=> | Transient | Localhost | Web GUI, if configured |
7007 (UTSESSIOND) | <<=UTSESSION/TCP=> | Privileged | Localhost | Session management |
For basic Windows connector operations (RDP port access), the Windows server firewall needs TCP port 3389 open for inbound connections. The Sun Ray server (where the Windows connector is running) firewall needs TCP port 3389 open for outbound connections.