Tag Archives: MAG

Juniper MAG/SA Cluster Ports

Summary:This article provides information about the ports that maintain the cluster state and the importance of ARP.

Problem or Goal:Information about the ports that maintain the cluster state and the importance of ARP.

Solution:There are several KB articles, which list all the ports that are involved with SA/UAC clusters. However, at times, it is required to specifically know which ports maintain the cluster state.

The ports that are responsible for maintaining the cluster state are:

    • ARPAt times, this protocol is forgotten during cluster state checks/investigations. The ARP requests/replies are important to a SA cluster, as ARP’s are sent to the gateway of the subnet, to which the VIP of the cluster belongs, to maintain reach-ability to the subnet gateway.
    • UDP 4803The state data replication, which refers to all data that must be replicated between cluster nodes. Examples include a user session record, when session synchronization has been enabled between cluster members (see the UI cluster properties page) and the cluster-wide configuration.
  • UDP 4804 – Heartbeat.

You should always check the ARP tables, when investigating/checking a cluster state, along with the other two ports listed above; as all the above ports are important for maintaining a cluster state.

What TCP and UDP ports are required/used for clustering and what is each port used for?

Port Number

Usage

Encrypted

TCP 4808 Cluster heartbeats and intra cluster RPC calls Yes
TCP 4809 Clustering on. Used to query the build version being run at the remote IVE No
TCP 4900-4910 For a short period when a node joins the cluster Key exchange for group communication, state sync where applicableMostly copying the state data from one cluster node to another when a node joins the cluster or when a cluster rejoins after partition. There should be significant data only on one these ports Yes
UDP 4803 Clustering On, always Group communication. Incremental state data replication. Yes
UDP 4804 Clustering On, always Token Heartbeat.  Group communication heartbeats. No data on this channel. No