Need to know all network ports used by FDB, for security policies in TLS

We are deploying FDB on a secured TLS env, where a security policy needs to be created for every network port, thus we need to know all network ports used by FDB.

In addition to the ports used by storage, transaction and stateless processes, are there any other network ports used by FDB internally (e.g. by fdbmonitor)?

Thank you.

fdbmonitor doesn’t open any network connections.

Each fdbserver process opens exactly one port and you can freely chose which one. In our environment we mark a range of ports (can’t give you specifics here) to be used by FDB - even though we sometimes run fewer processes by machine. It depends a bit on how strict your security policies are.

In general I would say: define the range 4500 to 4500 + x (where x is the max number of processes you’re planning to use on a single machine) as fdb ports and exclude them from firewall rules.

@markus.pilman Your plan sounds nice. Thank you for sharing.