question

SebastianTobuschat avatar image
SebastianTobuschat asked SebastianTobuschat answered

Spirent TestCenter: What TCP /UDP ports are used to communicate between STC Clients and Chassis

Hi,

when the Chassis and TestCenter Client are in different VLANs / there is a firewall in between: what TCP/UDP need to be opened in the firewall?

There is a FAQ/KB on this: https://support.spirent.com/SpirentCSC/SC_knowledgeView?id=FAQ10405

However, after following this, I still observe issues. That is, I can reserve only the first port of the chassis. When trying to reserve other/multiple ports, this is not working.

In this non-working case, the firewall blocks several accesses from the Client to the chassis using TCP destination ports 5xxxx (e.g. 51232, 57432, …). Clearly these are not allowed in the firewall, as the KB article did not mention these under "Ingress TCP port ranges" for the chassis (or as egress for the client). Or I am misunderstanding the KB.

When only reserving the first port of the chassis, the client will use TCP destination port 51204, which is listed in the KB. And hence allowed in the firewall and this case is working.

So, what port ranges, in addition to what is mentioned in the FAQ/KB, do I need to open in the firewall?

chassistcp portfirewall
10 |950
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
SebastianTobuschat avatar image
SebastianTobuschat answered

Thanks @mnakamura. But this last entry covers "egress". But the range is also needed for "ingress".

So the chassis must also be able to receive TCP sessions on the 20096-65535 port range, to facilitate port reservation. This part is missing in the KB (at least in the 2020-08-31 version). With this the problem is solved for me.

10 |950
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

mnakamura avatar image
mnakamura answered

From that FAQ/KB, seems the last entry in the Chassis and Appliance section shows:

  • TCP ports 32768 – 65535: Ephemeral TCP/UDP port range

I believe this covers the 5xxxx port numbers.

10 |950
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.