ZITI_CTRL_PORT vs ZITI_EDGE_CONTROLLER_PORT

Building/Development
1

I noticed this in the env file.

export ZITI_CTRL_PORT= “6262”
export ZITI_EDGE_CONTROLLER_PORT= “1280”

I understand the port numbers… but are not sure about the differences… eg ZITI_CTRL_PORT vs ZITI_EDGE_CONTROLLER_PORT

Any tips?

2

For the most part - these are totally “informational” for you… Probably not even needed. zitiLogin uses a few of the variables to make it easy for you to login:

$ alias | grep zitiLogin
alias zitiLogin='ziti edge login "${ZITI_EDGE_CTRL_ADVERTISED}" -u "${ZITI_USER-}" -p "${ZITI_PWD}" -c "${ZITI_PKI}/${ZITI_EDGE_CONTROLLER_INTERMEDIATE_NAME}/certs/${ZITI_EDGE_CONTROLLER_INTERMEDIATE_NAME}.cert"'

The ZITI_CTRL_PORT is what the routers connect to the controller over. The ZITI_EDGE_CONTROLLER_PORT is what ‘users’ connect to for the API on (the REST api). in the .env file - those are basically how you configured your instance.

You can find in your config file for “1280” and see where that value was used - same for 6262.

If I grep for “PORT” on a machine I provisioned in amazon using the “host it anywhere” quickstart, i see:

grep PORT $HOME/.ziti/quickstart/$(hostname)/$(hostname).env
export ZITI_CTRL_MGMT_HOST_PORT="ip-172-31-42-64:10000"
export ZITI_CTRL_PORT="6262"
export ZITI_EDGE_CONTROLLER_PORT="8441"
export ZITI_EDGE_CTRL_ADVERTISED_HOST_PORT="ec2-18-188-201-183.us-east-2.compute.amazonaws.com:8441"
export ZITI_EDGE_ROUTER_PORT="8442"

These are just variables used by the quickstart to setup the environment and they are put back onto your shell when you source the file in case they are needed at later times.

1 Like
3

Thanks… that fills in a few more blanks… and also raises another question…

What ports do I need to use for my controller to use the NetFoundry mobile app.

Currently, I have setup a controller that uses port 1280… can I still use this… or do I need to change it to 443?

My next step is to create an identity for the mobile app and enroll the identity… though I have a suspicion that this will not work because of port numbers.

4

Mobile/Desktop works identically. As a consumer/user running the tunneling app you wouldn’t even know the difference. It’ll look to you like you’re going to “my.server.whatever:443”. You shouldn’t have any issues with ports

1 Like