Post

2 followers Follow
0
Avatar

vOneCloud Appliance is accessing the internet

Hello everyone,

I'm pretty new to vOneCloud. I'm going to  test the appliance to see if it fits our needs and we could build our cloud with it.

During the setup and first login I monitored the connections in our firewall log and saw that the appliance initiated some outgoing connections. I'm wondering for what reasons these connections are needed and if I could run the appliance in a restricted network segment without any internet access allowed.

So, could someone tell me something about the following connections?

At first I saw a lot NTP (udp/123) traffic. How could I configure the appliance to use my internal NTP servers? Am I right, that I have to login to the console and configure the settings in /etc/ntp.conf or /etc/chrony.conf? Or will changes in these files be overwritten when updating the appliance?

Second I saw HTTPS connections to the IP 159.69.16.82 which seems to belong to securitycheck.phusionpassenger.com which seems to be some kind of update check. Does anyone have some further information? Are these connections needed for proper operation?

Third thera are some HTTPS conenctions to IP 178.79.156.92 which belongs to li275-92.members.linode.com. The access happens when I'm clicking around in the WebUI. Same happens whith 173.255.245.62 alias li255-62.members.linode.com. Why is that? What is this external destination need for?

And last but not least when accessing Sunstone there was an outgoing HTTPS connections with destination 104.16.53.111. Does anyone know what this connection is used for?

Usually our systems are not allowed to access the internet except the access is a MUST HAVE needed for proper operation.

Thank your in advance for your ansers. Looking forward reading you, soon.

Best regards,

VMA

VMA

Official comment

Avatar

By default vOneCloud appliance uses external ntp servers as you noticed. You can configure it to use your internal NTP servers the same way you would do it on any other Centos7 server. This modification will not be overwritten by an upgrade.

Traffic to 159.69.16.82 is related to Passenger security checks. This appliance uses Sunstone with Apache and Passenger as described here. You can block those security checks or you can run them behind a proxy as described here. It will not affect the behavior of vOneCloud.

Traffic to 178.79.156.92 is used for updates checks. You can block this traffic but you will not be notified about new versions. It can be blocked.

Traffic to 104.16.53.111 is used to check your subscription status. You can manually manage them using this link: vonecloud.zendesk.com. It can also be blocked.

vOneCloud Support Team
Comment actions Permalink

Please sign in to leave a comment.

1 comment