We need a complete list of URL and IPs for connecting on-prem deployed components to DX SaaS. Our network team is requiring that we configure the firewall rules to allow connection to specific DX SaaS IPs. Can this list be provided?
The URLs we had accounted for were wss://cloudgw.dxi-na1.saas.broadcom.com:443 and wss://acc-configserver.dxi-na1.saas.broadcom.com:443. We found that Cloud Proxies in one environment were trying to connect to pmgw.dxi-na1.saas.broadcom.com even though the configuration only has parameters for cloudgw & acc-configserver. When this happened the Cloud Proxy logs had filled with mostly "connection reset by peer" entries and the nproc limits (4096) had been reached for Cloud Proxy and APMIA agents . Do on-prem components get redirected to other URLs after connecting via cloudgw URL?
Release : 11.1.3
Component : APM Agents
These are the only URLs that the Cloud Proxy will use.
In this situation, it was how the firewall resolved the IP that caused the issue, as all the URLs resolve to the same IP. Please ensure that you have added all three to the firewall rules.