Set up communication connections

This page introduces the default communication layer used by AppMon components, and provides access to information about configuring the settings needed to deploy AppMon into a networked environment.

The communication layer handles data transmission between AppMon components, which includes the Agent, Collector, Server, Frontend Server, and Client. The communication layer compresses, encrypts and authenticates and provides optimal performance and high throughput.

Default ports

This table shows the default communication ports used for communication between AppMon components.

Components to connect Port non-SSL Port SSL or e. HTTP Protocol Comment
Client to frontend server 2021 TCP For AppMon 6.5 and later, non-SSL connections are no longer supported.
Client to Frontend Server   8023 HTTP Tunnel using HTTP. Sent data is by default encrypted.
Frontend Server to Server 2031 TCP The communication port between the Frontend Server and the Backend Server.
Collector to Server (6698) 6699 TCP For AppMon 6.5 and later, non-SSL connections are no longer supported. For compatibility reasons with pre-6.5 collectors the 6698 plain port is still available and must be activated using the Client running in debug mode.
Collector to Server 8033 HTTP Tunnel using HTTP. Sent data is by default encrypted.
Collector to Server 8040 8041 HTTP(S) For HTTP-based Agent connections1
Agent to Collector 9998 9998 TCP Also applies to demo scenarios with Server-embedded Collector.
Agent to Collector 8042 8043 HTTP(S) The Node.js Agent uses this connection.1
Memory Analysis Server to Server 7788 TCP For AppMon 6.5 and later, non-SSL connections are no longer supported.
Browser to Server 8020 8021 HTTP(S) Web interface for RESTful Server administration, to start the Webstart Client.
AppMon Web to Frontend Server 9911 HTTPS Port on which browser-based dashboards get their data.
Web Server Slave Agent to Web Server Master Agent 8001 UDP The UDP port on which the Web Server Master Agent should listen for data packets of the Web Server Slave Agent

1 These ports are used for the Node.js Agent (Linux only) to connect the Collector to the Server. There is no UI to change them. Edit communication port in <DT_HOME>/collector/conf/collector.config.xml and <DT_HOME>/server/conf/server.config.xml respectively.

Ensure that your firewall configuration allows communication between the components.

Note

For performance reasons, do not pass communication between the Agent and the Collector through firewalls. Place a Collector as close as possible to Agents.

Set up AppMon Server communication

You can configure most AppMon Server connections using the AppMon Client. Select Settings > Dynatrace Server > Services.

Bind address

For machines with multiple network interface cards, the Server can be bound to a specific network adapter. This is useful when you want to disallow connections from other connected networks. To do this, enter the optional bind address next to the service port you want to restrict. Both host name and IP address work. You can specify bind address for both Client connections and Collector connections to the AppMon Server.

Note

By default, AppMon Server also uses the machine's DNS hostname, which may be ambiguous or unacceptable. To manually specify a name for the AppMon Server, stop the AppMon Server service, then edit the DT_HOME/server/conf/server.config.xml file. Modify the name attribute of the server tag (XPath: /dynatrace/serverconfig/settings/server/@name). Save your changes and start the AppMon Server.

For example:

<settings>
...
<server
tunnelenabled="true" tunneladdress="" tunnelport="8023"
upperdeletiontriggerlimitenabled="false" upperdeletiontriggerlimit="51200" lowerdeletiontriggerlimit="1024"
eventstatistics="false"
id="12345678"
jmxexportmanagement="false" jmxexportmonitoring="false" jmxport="1099"
name="MyNewHostName"
watchdogtimeout="10"
selfmonitoringenabled="true"
hascollector="true" />
...
</settings>

Make a backup copy of this file before you edit.

Note

If a configured port is already in use, or cannot be bound for any other reason, the Server restart fails. You must manually change the port to a free port. To do this, edit the corresponding attribute in the server.config.xml file in <DT_HOME>/server/conf. The settings tag (for example, XPath) specifies the ports for the single components:

  • AppMon Client: /dynatrace/serverconfig/settings/client/@clientsslport
  • AppMon Collector: /dynatrace/serverconfig/settings/collector/@collectorport
  • AppMon Memory Analysis Server: /dynatrace/serverconfig/settings/oopanalyzer/@port

Set up AppMon Client connections

Two set of parameters are responsible for the Client to Server connections:

  • Client side settings: the Client uses them to connect to the Server.
  • Server side settings: the Server uses them to listen for the Client.

Note

Non-SSL connections are not allowed for Client to Server connections.

Client side settings

To connect the Client to the Server you must specify host/IP and port. Use Settings > Dynatrace Server > Connectivity if you need to make changes to the default Client connection settings.

The connection types are as follows:

  • Default: The default connection is SSL encrypted and compressed.
  • HTTP Tunnel: The HTTP Tunnel uses only HTTP traffic between the AppMon Client and the AppMon Server. Use this setting if restrictive firewalls are in use and/or if reverse proxies must forward the traffic.
  • Via Proxy: You can specify a forward proxy with this setting. Use this setting if a forward proxy (HTTP Connect) must forward the traffic.
  • HTTP Tunnel Via Proxy: This connection style combines the HTTP tunnel with the ability to specify a forward proxy. Use this setting if the traffic must be routed through a proxy chain that consists of forward and reverse proxies.

For changes to take effect, the Server must be restarted.

For details on how to configure the HTTP Tunnel and forward proxies, see Set up Proxiestunneling, and forward proxy.

Server side settings

Use Settings > Dynatrace Server > Services > General > Client Connection Settings. Here you can specify the port where the Server listens for the Client; enable HTTP tunnel connections, and specify the port for such a connection.

For changes to take effect, the Server must be restarted.

Set Up AppMon Collector communication

Once a Collector is connected to the AppMon Server, you can change Collector connection settings such as the Server port to connect to or listen for, at the General tab of the Services item from the Dynatrace Server Settings dialog box.

You can specify communications settings in the configuration file. See Collector configuration file to learn how.

Secure connections (SSL)

For AppMon 6.5 and later, only SSL connections for Collector to Server connections. For compatibility, any pre 6.5 Collector wanting to connect to the Server can use the plain Server port. To enable that port, select the Allow non-SSL connections check box. This starts the plain Collector port on the next restart of the Server.

Note

Non-SSL communication is not available in AppMon 6.5 and later.

Set up Server-embedded Collector connections

Only demo or POC environments can use the Server-embedded Collector and are allowed to bypass the stand-alone Collector and directly connect Agents to the AppMon Server.

So by default, the Allow Agent Connections to Dynatrace Server check box is not selected, which closes this port on the Server.

Set up built-in webserver connections

The AppMon Server has a built-in web server that offers SOAP/REST web services for automation and the remote installation of AppMon Clients using Java Web Start. You can also use JMX to monitor AppMon Server and AppMon Client internals. This is similar to the SOAP/REST web services. All related settings are available in the Management tab of the Services item.

Note

The AppMon Server requires sufficient user privileges, depending on the automation operation.

Set up Webstart Client communication

Use settings in the Webstart tab of the Services item to set up the connection between the Webstart Client and the AppMon Server. See Configure Webstart Client for more information.

Set up E-mail communication

See Email configuration for more information.

Set up AppMon Memory Analysis Server communication

Use the Dynatrace Memory Analysis Server tab of the Services item to configure the connection settings to the AppMon Memory Analysis Server. See Set up a Memory Analysis Server for more information.

Setup AppMon Web communication

See server.config.xml to configure communication ports for AppMon Web.