Which External IP Addresses Does Hybrid Deployment Access?
Question
Which external IP addresses does Hybrid Deployment access?
Answer
In addition to connecting to your source and destination, Hybrid Deployment requires outbound access to the following Fivetran services and supporting infrastructure:
- mTLS connection to the Fivetran Orchestration Service
- Host:
ldp.orchestrator.fivetran.com - IP addresses:
35.188.225.82,136.107.81.248/29, and34.143.64.0/29
- Host:
- HTTPS with a secure token to the Fivetran Public API
- Host:
api.fivetran.com - IP addresses:
35.236.237.87,136.107.81.248/29, and34.143.64.0/29
- Host:
- gRPC to the Fivetran Orchestration Gateway
- Host:
hdt.orchestrator.fivetran.com - IP addresses:
136.107.81.248/29and34.143.64.0/29
- Host:
- Google Artifact Registry
- Host:
us-docker.pkg.dev - To determine the applicable IP range, run
nslookup us-docker.pkg.devfrom your Hybrid Deployment machine and use the returned IP address to identify the corresponding IP range through ICANN
- Host:
- (Only for Docker and Podman) GitHub repository hosting the automated installation script
- Host:
raw.githubusercontent.com/fivetran/hybrid_deployment - To determine the applicable IP range, run
nslookup raw.githubusercontent.comfrom your Hybrid Deployment machine and use the returned IP address to identify the corresponding IP range through ICANN
- Host:
- Fivetran Platform Connector logs
- Host:
storage.googleapis.com/fivetran-metrics-log-sr
- Host:
- Unless specified otherwise, all HTTPS-based outbound connections use port
443. - If your firewall supports domain-based allowlisting, Fivetran recommends allowing hostnames instead of IP ranges wherever possible.