Container-to-Container Networking Communications

This topic describes Container-to-Container Networking internal network communication paths with other Pivotal Application Service (PAS) components.

Inbound Communications

The following table lists network communication paths that are inbound to Container-to-Container Networking.

Source VM Destination VM Port Transport Layer Protocol App Layer Protocol Security and Authentication
diego-cell (Silk CNI) diego-cell (Silk Daemon) 23954 TCP HTTP None
diego-cell (Silk Daemon) diego-api (Silk Controller) 4103 TCP HTTP Mutual TLS
diego-cell (VXLAN Policy Agent) api (Policy Server Internal) 4003 TCP HTTP Mutual TLS

Outbound Communications

The following table lists network communication paths that are outbound from Container-to-Container Networking.

Source VM Destination VM Port Transport Layer Protocol App Layer Protocol Security and Authentication
api (Policy Server) uaa 8443 TCP HTTPS TLS
api (Policy Server) api (Cloud Controller) 9022 TCP HTTP OAuth 2.0

BOSH DNS Communications

Application containers look up services using the BOSH DNS service discovery mechanism. To support this lookup, BOSH Director colocates a BOSH DNS server on every deployed VM. For more information, see BOSH DNS Network Communications.

Create a pull request or raise an issue on the source for this page in GitHub