Question: There is a firewall between the Foglight Management Server (FMS) and the FglAM concentrator. The firewall report shows the FMS trying to communicate to port 8081 on the concentrator. We verified that the FMS process is the process that is attempting to connect to port 8081. The FglAM typically listens for connections from downstream hosts on port 8081. Why is the FMS trying to communicate with the FglAM on port 8081?
Older versions of FglAM concentrator had only 1 channel to communicate with the FMS, meaning upstream messages and downstream messages were exchanged on the same channel. Because there can potentially be many FglAMs connecting to the concentrator, this can cause delays in control messages from the FMS to FglAMs behind the concentrator. This is why the message push channel was introduced. This method sends control messages to the concentrator's downstream port so that they do not interfere with upstream messages. If the FMS is unable to send messages to the downstream port, then the polling port is used as a fall back.
The FMS tries to connect to downstream port on the concentrator (8081), if it fails then the messages are resent to the polling port instead. When port 8081 is blocked communication does not fail but is not very efficient.
Our recommendation is to open port 8081 on the firewall from the FMS to the FglAM hosts, so the message push feature can be used. If you do not want to use the message push, you can leave the port closed, the FMS will fall back to the polling port, which is not preferred.