I am planning to use the deployment server functionality of splunk 4.2 . I am trying to in down all the firewall rules and direction that will be required to make all the components of splunk work.
is the deployment server a push from server to client, or are there client to server initiated communications (call home, checkups)? Do these use the same 8089 (or configured) port that a distributed search head and indexer would use to communicate ?
what about the master license server? What ports does it use to transfer/poll for licensing information? What is the direction of that network flow ? (pull from master or push from slave?)
With respect to deployment client-server, the client is responsible for contacting the server. The port for this is configurable based on splunkd of your deployment server but would default to 8089.
See also: http://www.splunk.com/base/Documentation/latest/Deploy/Aboutdeploymentserver
With respect to License slaves I believe they work similar to deployment clients (contacting License master via splunkd 8089 by default).
See also: http://www.splunk.com/base/Documentation/latest/Admin/Configurealicenseslave
With respect to deployment client-server, the client is responsible for contacting the server. The port for this is configurable based on splunkd of your deployment server but would default to 8089.
See also: http://www.splunk.com/base/Documentation/latest/Deploy/Aboutdeploymentserver
With respect to License slaves I believe they work similar to deployment clients (contacting License master via splunkd 8089 by default).
See also: http://www.splunk.com/base/Documentation/latest/Admin/Configurealicenseslave