Routing Network Communications

This topic describes the internal network communication paths of the routing subsystem with other Elastic Runtime components.

HTTP Routing

The following table lists network communication paths for HTTP routing.

Source VM Destination VM Port Protocol Security and Authentication
diego_cell (local Route Emitter) nats 4222 NATS Basic authentication
Load balancer router (Gorouter) 80 HTTP None
Load balancer router (Gorouter) 443 HTTPS TLS
router (Gorouter) nats 4222 NATS Basic authentication
router (Gorouter) System components and app containers Varies HTTP None

TCP Routing (Optional)

The following table lists network communication paths for TCP routing.

Source VM Destination VM Port Protocol Security and Authentication
cloud_controller cloud_controller (Routing API)* 443 HTTPS TLS and OAuth
cloud_controller (Routing API) diego_database (Locket) 8891 HTTPS Mutual TLS
cloud_controller (Routing API) mysql_proxy 3306 MySQL MySQL authentication
cloud_controller (Routing API) uaa 8443 HTTPS TLS
diego_brain (global TCP Emitter) cloud_controller (Routing API) 3000 HTTP OAuth
diego_brain (global TCP Emitter) uaa 8443 HTTPS TLS
diego_cell (local Route Emitter) cloud_controller (Routing API) 3000 HTTP OAuth
diego_cell (local Route Emitter) uaa 8443 HTTPS TLS
Load balancer tcp_router 1024-65535 TCP None
router (Gorouter) cloud_controller (Routing API) 3000 HTTP OAuth
router (Gorouter) uaa 8443 HTTPS TLS
tcp_router cloud_controller (Routing API) 3000 HTTP OAuth
tcp_router uaa 8443 HTTPS TLS

* This communication happens through a load balancer and Gorouter. Requests are received by Routing API on port 3000.

You can use this port range to configure the port in the ERT tile.

Consul Communications

ERT components call out to Consul for service discovery. For more information, see Consul Network Communications.

Create a pull request or raise an issue on the source for this page in GitHub