8 Replies Latest reply on Feb 17, 2016 4:31 AM by Ronald van Gogh

    Official port for the RSCD agents

    Ronald van Gogh

      What is officially the port to be used for the RSCD agent? Port 4750 or port 5750? We've deployed SuSE servers and have the secure file contains the lines:

       

      rscd:port=4750:protocol=5:tls_mode=encryption_only:encryption=tls:

      default:port=4750:protocol=5:tls_mode=encryption_only:encryption=tls:

       

      As far as I know this automatically generated and makes sure the rscd agent is listening on port 4750.

      If i however start the local firewall on this server and tell it to keep not block the ports for the rscd agent, it unblocks port 5750 as that is registered in the file /etc/services:

       

      ssad           4750/tcp # Simple Service Auto Discovery  [Dr_Horst_Herb]
      ssad           4750/udp # Simple Service Auto Discovery  [Dr_Horst_Herb]
      rscd           5750/tcp # Bladelogic Agent Service  [Brian_Trevor]
      rscd           5750/udp

      # Bladelogic Agent Service  [Brian_Trevor]

       

      Should we change the secure file or the services file? Or am I misunderstanding this port story?

       

      Kind regards,  Ronald van Gogh

        • 1. Re: Official port for the RSCD agents
          Laurent Matheo

          Discussion successfully moved from Ronald van Gogh to BMC BladeLogic

          • 2. Re: Official port for the RSCD agents
            Vipin Tripathi

            Ronald van Gogh


            4750 is the official port no. for RSCD agent.

            Also you can use 4752 port no. but you have to put entry of 4752 port in app server secure file for particular server.


            Regards,

            Vipin Tripathi

            • 3. Re: Official port for the RSCD agents
              Kai Hintze

              The misconception seems to be widespread. All my services files say ssad/4750 and rscd/5750 also. That's why I always specify the port number rather than the name.

               

              But it has me wondering...  What is SSAD? I've spent half an hour looking and can't find anything except that supposedly it uses port 4750.

              • 4. Re: Official port for the RSCD agents
                Jim Wilson

                SSAD = Simple Service Auto Discovery

                According to IANA, Port 4750 is registered by a contact at dorrigomedical.com

                Service Name and Transport Protocol Port Number Registry

                As far as I can tell, that domain no longer exists

                 

                RSCD = Bladelogic Agent Service

                According to IANA, Port 5750 is registered by a contact at bmc.com (In fact he is a VP of R&D)

                Service Name and Transport Protocol Port Number Registry

                 

                To correct Vipin, 4750 is the default port number used during installation, but the RSCD Agent can be configured to use any available port.

                As SSAD appear to be defunct, using the default 4750 seems to rarely cause a problem

                • 5. Re: Official port for the RSCD agents
                  Bill Robinson

                  this is really a non-issue.  look at other ports in the /etc/services file.

                   

                  1521 - 'ncube license manger'.  gee, that's also the default oracle tns listener port

                  8080 - pretty much the default port for tomcat, but it's 'www caching service', also used frequently for proxies.

                   

                  i'm sure there are many others like this.  most services can listen on any port you want and there are more than 65536 products that listen on a port.

                  • 6. Re: Official port for the RSCD agents
                    Kai Hintze

                    I can't quite agree that it is a non-issue. I would say that it is a very small issue. I wouldn't be stressed at all if we didn't have a different port registered. That leads to confusion.

                     

                    May I suggest 2 things?

                    1) Can BMC unregister port 5750? That will reduce confusion. *I* know enough to use the port number, not the port name, but when Linux admins try to install the agent sometimes they try to use the port name. If there weren't an rscd named port then they would have to look for the number. But there is a named port, and it is wrong.

                     

                    2) Improve the documentation.

                    2a) When port 4750 is first introduced in the documentation, put a footnote in that someone else registered the port, but we are unaware of conflicts with SSAD in practice.

                    2b) Documentation about opening the port in iptables under Linux and possibly other host base firewalls needs to have an short but clear paragraph using the port number rather than the name. The SSAD conflict may be mentioned in documentation I have not seen, but it isn't in the docs I learned from.

                    • 7. Re: Official port for the RSCD agents
                      Bill Robinson

                      What do you do for oracle?  clearly that port is in conflict.  As are so many others.  relying on the name of the service is a bad idea imo – you should know what actual service is listening on the port and not just assume it’s what /etc/services says.

                      • 8. Re: Official port for the RSCD agents
                        Ronald van Gogh

                        Bill,

                         

                        I agree with you that using a portnumber instead of the name of the services is much smarter. However, the services file is there for a purpose and there are people who rather like to use the names instead of the numbers.

                        I then agree with Kai to have at least port 5750 unregistered to avoid confusion.

                         

                        Kind regards,  Ronald