CommServe and MediaAgent
When you enable firewall on a HyperScale cluster, the following ports are automatically opened for the data protection network when the CommServe and MediaAgent are installed in the appliance:
|
Source Device / Network |
Transport Protocol |
Port |
Purpose |
|---|---|---|---|
|
Firewall ports for apache thrift |
TCP |
9090, 9091 |
Apache thrift framework for remote server verification |
|
Commvault services |
TCP |
8400 |
CVD services |
|
Commvault services |
TCP |
8401 |
Server Event Manager |
|
Commvault services |
TCP |
8403 |
Commvault Firewall |
|
Commvault services |
TCP |
8800 - 8900* |
Other services |
|
Additional Ports |
TCP |
80, 9091 |
Deployment |
|
Firewall ports for avahi |
UDP |
37867 |
Zero-configuration protocol to discover remote appliance |
|
Firewall ports for avahi |
UDP |
5353 |
Zero-configuration protocol to discover remote appliance |
* 8800-8900 will be reserved using bind-to-open ports option.
MediaAgent Only
When you enable firewall on a HyperScale cluster, the following ports are automatically opened for the data protection network when only the MediaAgent is installed in the appliance:
|
Source Device / Network |
Transport Protocol |
Port |
Purpose |
|---|---|---|---|
|
Firewall ports for apache thrift |
TCP |
9090 |
Apache thrift framework for remote server verification |
|
Commvault services |
TCP |
8400 |
CVD services |
|
Commvault services |
TCP |
8401 |
Server Event Manager |
|
Commvault services |
TCP |
8403 |
Commvault Firewall |
|
Commvault services |
TCP |
8800 - 8900* |
Other services |
|
Additional Ports |
TCP |
80, 9091 |
Deployment |
|
Firewall ports for avahi |
UDP |
37867 |
Zero-configuration protocol to discover remote appliance |
|
Firewall ports for avahi |
UDP |
5353 |
Zero-configuration protocol to discover remote appliance |
* 8800-8900 will be reserved using bind-to-open ports option.
Commvault File System (CVFS)
When you enable firewall in a HyperScale cluster, open the following ports used by Super Micro server IPMI on the storage pool network between the nodes in the cluster:
|
Transport Protocol |
Port |
Purpose |
|---|---|---|
|
TCP |
22 |
ssh |
|
TCP |
80 |
UI |
|
TCP |
111 |
rpcbind utility |
|
TCP |
443 |
HTTPS |
|
TCP |
8750 |
rquotad server |
|
TCP |
50012 |
NFS |
|
TCP |
4321 |
NFS lock server |
|
TCP |
2181 |
ZooKeeper client |
|
TCP |
2224 |
pcsd (Pacemaker/Corosync Configuration System daemon) |
|
TCP |
3000, 4000 |
ZooKeeper |
|
TCP |
3121 |
Pacemaker |
|
TCP |
7000 - 7003, 7010, 7100, 8080 - 8081, 11001, 11002, 15000 |
Gossip, Thrift |
|
TCP |
21064 |
DLM (distributed lock manager) |
|
TCP |
50000 - 50008, 50022 |
CVM Thrift |
|
UDP |
111 |
rpcbind UDP utility |
|
UDP |
1024 - 65535 |
User Datagram Protocol high ports |
|
ICMP |
N/A |
Internet Control Message Protocol |
Super Micro Server
The following ports required by the Super Micro server is automatically opened when you enable firewall on a HyperScale cluster:
|
Transport Protocol |
Port |
Purpose |
|---|---|---|
|
TCP |
80 |
HTTP |
|
TCP |
443 |
HTTPS |
|
TCP |
5901 |
Video |
|
TCP |
5900 |
HID |
|
TCP |
5120 |
CD |
|
TCP |
623 |
IPMI |