Security Group for OpenStack (V Series 1)
A security group defines the virtual firewall rules for your instance to control inbound and outbound traffic. When you launch GigaVUE‑FM, GigaVUE V Series Controllers, GigaVUE V Series nodes, and G-vTAP Controllers in your project, you add rules that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic.
The Security Group Rules table lists the rules and port numbers for each component.
|
Direction |
Ether Type |
Protocol |
Port |
CIDR |
Purpose |
|
GigaVUE‑FM |
|||||
|
Inbound |
HTTPS |
TCP |
443 |
Any IP address |
Allows users to connect to the GigaVUE‑FM GUI. |
|
Inbound |
IPv4 |
UDP |
67 and 68 |
Any IP address |
Allows GigaVUE‑FM to communicate with DHCP server for assigning IP addresses and other related configuration information such as the subnet mask and default gateway |
|
Inbound |
IPv4 |
UDP |
53 |
Any IP address |
Allows GigaVUE‑FM to communicate with standard DNS server |
|
G-vTAP Controller |
|||||
|
Inbound |
IPv4 |
TCP |
9900 |
GigaVUE‑FM IP address |
Allows GigaVUE‑FM to communicate with G-vTAP Controllers |
|
G-vTAP Agent |
|||||
|
Inbound |
IPv4 |
TCP |
9901 |
G-vTAP Controller IP address |
Allows G-vTAP Controllers to communicate with G-vTAP Agents |
|
V Series Controller |
|||||
|
Inbound |
IPv4 |
TCP |
9902 |
GigaVUE‑FM IP address |
Allows GigaVUE‑FM to communicate with GigaVUE V Series Controllers. |
|
V Series 1 Node |
|||||
|
Inbound |
Custom TCP Rule |
TCP(6) |
9903 |
GigaVUE V Series Controller IP address |
Allows GigaVUE V Series Controllers to communicate with GigaVUE V Series nodes |
|
GRE Traffic |
|||||
|
Inbound |
Custom Protocol Rule |
GRE (47) |
47 |
Any IP address |
Allows mirrored traffic from G-vTAP Agents to be sent to GigaVUE V Series nodes using the L2 GRE or VXLAN tunnel |
|
Outbound |
Custom Protocol Rule |
GRE (47) |
47 |
Any IP address |
Allows monitored traffic from GigaVUE V Series nodes to be sent to the monitoring tools using the L2 GRE or VXLAN tunnel |
|
VXLAN Traffic |
|||||
|
Inbound |
Custom UDPRule |
UDP |
4789 |
Any IP address |
Allows mirrored traffic from G-vTAP Agents to be sent to GigaVUE V Series nodes using the VXLAN tunnel |
|
Outbound |
Custom UDPRule |
UDP |
4789 |
Any IP address |
Allows monitored traffic from GigaVUE V Series nodes to be sent to the monitoring tools using the VXLAN tunnel |
