Applications deployed in on-premises data centers or multi-cloud environments must reach specific Microservices Engine (MSE) endpoints for Microservices Governance to function. This topic lists every IP address and port that your network must allow, organized by region.
Applications deployed inside an Alibaba Cloud virtual private cloud (VPC) connect to MSE automatically. No additional network configuration is required.
Traffic categories and required ports
MSE Microservices Governance requires outbound connectivity from your application to several cloud-side services. The following table summarizes each traffic category, the ports it uses, and whether it is mandatory.
| Category | Ports | Direction | Required |
|---|---|---|---|
| Obtain basic information | 8080 | Outbound | Yes |
| Obtain governance rule configurations | 8080, 8848, 9848 | Outbound | Yes |
| Obtain agent metadata configurations | 80 | Outbound | Yes |
| Report metric data and events | 80 | Outbound | Yes |
| Report diagnostic information | 80 | Outbound | Yes |
| Report ARMS monitoring information | 80 | Outbound | Only if you use Application Real-Time Monitoring Service (ARMS) |
| Report ARMS information | 80 | Outbound | Only if you use ARMS |
Your application pulls configuration and metadata from the first three categories at startup, and pushes metrics, events, and diagnostics to the remaining categories at runtime. If any mandatory endpoint is unreachable, the application may fail to start or governance features may not work.
Before you begin
Make sure that you have:
Identified the region where your MSE instance is deployed
Access to modify firewall rules or security group policies in your deployment environment
(Optional) ARMS enabled, if you plan to use ARMS monitoring
Endpoints by region
Find your MSE instance region below and allow outbound traffic to all listed IP addresses and ports.
China (Hangzhou)
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.103.35.248 | 8080 | Obtain basic information |
| 100.103.35.249 | 8080 | Obtain basic information |
| 100.100.45.175 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.45.174 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.45.190 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.17.91 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.103.42.233 | 80 | Report metric data and events |
| 100.100.32.118 | 80 | Report diagnostic information |
| 100.103.89.113 | 80 | Report diagnostic information |
| 100.100.142.4 | 80 | Report diagnostic information |
| 100.103.89.114 | 80 | Report diagnostic information |
| 100.103.89.112 | 80 | Report diagnostic information |
| 100.100.142.1 | 80 | Report diagnostic information |
| 100.103.89.115 | 80 | Report diagnostic information |
| 100.100.142.7 | 80 | Report diagnostic information |
| 100.100.142.6 | 80 | Report diagnostic information |
| 100.100.142.5 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.103.107.82 | 80 | Report ARMS monitoring information |
| 100.103.13.169 | 80 | Report ARMS monitoring information |
| 100.103.107.83 | 80 | Report ARMS monitoring information |
| 100.103.13.153 | 80 | Report ARMS monitoring information |
| 100.103.83.69 | 80 | Report ARMS monitoring information |
| 121.43.177.209 | 80 | Report ARMS information |
China (Shanghai)
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.103.16.42 | 8080 | Obtain basic information |
| 100.103.16.41 | 8080 | Obtain basic information |
| 100.100.27.5 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.109.63 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.27.223 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.27.224 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.103.22.120 | 80 | Report metric data and events |
| 100.100.140.3 | 80 | Report diagnostic information |
| 100.100.119.199 | 80 | Report diagnostic information |
| 100.100.119.196 | 80 | Report diagnostic information |
| 100.100.119.197 | 80 | Report diagnostic information |
| 100.100.119.193 | 80 | Report diagnostic information |
| 100.100.140.5 | 80 | Report diagnostic information |
| 100.100.140.9 | 80 | Report diagnostic information |
| 100.100.140.4 | 80 | Report diagnostic information |
| 100.100.119.198 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.103.84.86 | 80 | Report ARMS monitoring information |
| 100.103.105.73 | 80 | Report ARMS monitoring information |
| 100.103.104.185 | 80 | Report ARMS monitoring information |
| 100.103.9.159 | 80 | Report ARMS monitoring information |
| 100.103.103.59 | 80 | Report ARMS monitoring information |
| 100.103.105.74 | 80 | Report ARMS monitoring information |
| 100.103.103.60 | 80 | Report ARMS monitoring information |
| 139.224.101.69 | 80 | Report ARMS information |
China (Beijing)
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.103.96.146 | 8080 | Obtain basic information |
| 100.103.96.147 | 8080 | Obtain basic information |
| 100.100.105.57 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.105.56 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.18.22 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.18.50 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.33.9 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.33.133 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.103.100.72 | 80 | Report metric data and events |
| 100.100.120.57 | 80 | Report diagnostic information |
| 100.100.120.56 | 80 | Report diagnostic information |
| 100.100.120.58 | 80 | Report diagnostic information |
| 100.100.120.55 | 80 | Report diagnostic information |
| 100.100.120.12 | 80 | Report diagnostic information |
| 100.100.120.13 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.103.84.46 | 80 | Report ARMS monitoring information |
| 100.103.102.216 | 80 | Report ARMS monitoring information |
| 100.103.102.217 | 80 | Report ARMS monitoring information |
| 100.103.102.218 | 80 | Report ARMS monitoring information |
| 100.103.92.244 | 80 | Report ARMS monitoring information |
| 47.94.108.11 | 80 | Report ARMS information |
China (Shenzhen)
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.103.102.149 | 8080 | Obtain basic information |
| 100.103.102.148 | 8080 | Obtain basic information |
| 100.100.0.110 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.21.205 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.0.109 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.21.204 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.103.92.211 | 80 | Report metric data and events |
| 100.100.144.67 | 80 | Report diagnostic information |
| 100.100.0.90 | 80 | Report diagnostic information |
| 100.115.10.148 | 80 | Report diagnostic information |
| 100.115.10.158 | 80 | Report diagnostic information |
| 100.100.161.195 | 80 | Report diagnostic information |
| 100.100.161.194 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.103.31.86 | 80 | Report ARMS monitoring information |
| 100.103.94.185 | 80 | Report ARMS monitoring information |
| 100.103.102.213 | 80 | Report ARMS monitoring information |
| 47.106.155.67 | 80 | Report ARMS information |
China (Zhangjiakou)
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.100.2.86 | 8080 | Obtain basic information |
| 100.100.2.85 | 8080 | Obtain basic information |
| 100.100.99.86 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.100.0.8 | 80 | Report metric data and events |
| 100.100.171.2 | 80 | Report diagnostic information |
| 100.100.99.74 | 80 | Report diagnostic information |
| 100.100.166.73 | 80 | Report diagnostic information |
| 100.100.171.3 | 80 | Report diagnostic information |
| 100.100.99.2 | 80 | Report diagnostic information |
| 100.100.166.72 | 80 | Report diagnostic information |
| 100.100.99.174 | 80 | Report diagnostic information |
| 100.100.166.82 | 80 | Report diagnostic information |
| 100.100.166.79 | 80 | Report diagnostic information |
| 100.100.171.1 | 80 | Report diagnostic information |
| 100.100.99.136 | 80 | Report diagnostic information |
| 100.100.99.173 | 80 | Report diagnostic information |
| 100.100.99.135 | 80 | Report diagnostic information |
| 100.100.166.81 | 80 | Report diagnostic information |
| 100.100.166.80 | 80 | Report diagnostic information |
| 100.100.171.4 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.100.1.234 | 80 | Report ARMS monitoring information |
| 100.100.3.172 | 80 | Report ARMS monitoring information |
| 100.100.2.107 | 80 | Report ARMS monitoring information |
| 100.100.1.30 | 80 | Report ARMS monitoring information |
| 39.98.65.44 | 80 | Report ARMS information |
China East 1 Finance
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.103.102.254 | 8080 | Obtain basic information |
| 100.103.102.253 | 8080 | Obtain basic information |
| 100.100.17.5 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 10.157.201.65 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.103.42.233 | 80 | Report metric data and events |
| 100.100.164.50 | 80 | Report diagnostic information |
| 100.100.164.49 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.103.211.183 | 80 | Report ARMS monitoring information |
| 116.62.99.219 | 80 | Report ARMS information |
China East 2 Finance
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.100.0.114 | 8080 | Obtain basic information |
| 100.100.0.117 | 8080 | Obtain basic information |
| 100.100.27.123 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.36.41 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.100.0.221 | 80 | Report metric data and events |
| 100.100.24.17 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.100.1.135 | 80 | Report ARMS monitoring information |
| 139.224.146.27 | 80 | Report ARMS information |
China South 1 Finance
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.103.102.26 | 8080 | Obtain basic information |
| 100.103.102.25 | 8080 | Obtain basic information |
| 100.100.0.86 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.0.79 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.103.83.91 | 80 | Report metric data and events |
| 100.100.0.1 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.103.0.206 | 80 | Report ARMS monitoring information |
| 119.23.169.35 | 80 | Report ARMS information |
Alibaba Gov Cloud
Mandatory endpoints
| IP address | Port | Usage |
|---|---|---|
| 100.100.1.189 | 8080 | Obtain basic information |
| 100.100.1.188 | 8080 | Obtain basic information |
| 100.100.49.16 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.131.36 | 8080, 8848, 9848 | Obtain governance rule configurations |
| 100.100.100.200 | 80 | Obtain agent metadata configurations |
| 100.100.1.18 | 80 | Report metric data and events |
| 100.100.1.131 | 80 | Report diagnostic information |
| 100.100.49.133 | 80 | Report diagnostic information |
| 100.100.49.9 | 80 | Report diagnostic information |
ARMS endpoints (optional)
Skip these if you do not use ARMS.
| IP address | Port | Usage |
|---|---|---|
| 100.100.0.207 | 80 | Report ARMS monitoring information |
| 39.107.189.16 | 80 | Report ARMS information |
Verify connectivity
After you configure your firewall rules, verify that your application environment can reach the required endpoints. Use telnet or curl to test connectivity to each IP address and port.
To verify connectivity to a basic information endpoint in the China (Hangzhou) region:
# Test TCP connectivity on port 8080
telnet 100.103.35.248 8080
# Or use curl with a timeout
curl -v --connect-timeout 5 http://100.103.35.248:8080Run similar tests for at least one IP address in each usage category for your region. A successful TCP connection confirms that the firewall rules are correctly configured.
Troubleshooting
| Symptom | Possible cause | Action |
|---|---|---|
| Application fails to start with a timeout error | Basic information or governance rule endpoints are unreachable | Verify that ports 8080, 8848, and 9848 are open for the corresponding IP addresses in your region |
| Application starts but governance features do not work | Metric, event, or diagnostic endpoints are blocked | Verify that port 80 is open for the metric and diagnostic IP addresses in your region |
| ARMS monitoring data is missing | ARMS endpoints are unreachable | If you use ARMS, verify that port 80 is open for the ARMS IP addresses in your region |
| Intermittent connectivity failures | Not all IP addresses for a category are allowed | Make sure that all IP addresses listed for each category are in your allowlist, not just the first one |