V11 SP8

Network TCP Port Requirements

Table of Contents

TCP Port Types

TCP ports can be statically or dynamically assigned. Commvault software uses them as follows:

  • Static Ports

    Several services used by the software listen for incoming network traffic on predefined network ports. The CommServe system, MediaAgents, and agents within the CommCell group communicate with each other through these ports. Essential CommServe services are automatically assigned registered, static port numbers during installation. MediaAgents, agents, and other software components can use the same default static port numbers or any static port numbers specified during installation.

    For the services listed, the software registers the following ports by default:

    Service Port Number Protocol
    Commvault Communications Service (GxCVD, found in all client computers) 8400 TCP
    Commvault Server Event Manager (GxEvMgrS, available in CommServe) 8401 TCP
    Commvault Client Manager Service (GxClMgrS, available in some Windows client computers)

    Note: On UNIX client computers, the Commvault Client Manager Service (GxClMgrS) uses dynamic ports.

    8402 TCP
    Commvault Firewall (tunnel HTTP/HTTPS port) 8403 TCP

    For information on binding services to static ports, see Binding Services to Static Ports.

  • Dynamic Ports

    Dynamic ports are opened and closed by the running Commvault software to permit certain types of transient traffic.

    The GxCVD service dynamically uses free ports between 1024 and 65535 to communicate during data protection and data recovery jobs. The system dynamically assigns a number of free ports to be used by each job to allow parallel data movement. After the job is finished, if no other job is pending, the dynamic ports are released.

    If you have a large CommCell environment and you want to increase the range of dynamic ports, log on to the CommServe computer, open the command prompt, and then enter the following command:

    netsh int [IPv4|IPv6] set dynamicportrange [TCP|UDP] start=number num=range store=[active|persistent]

    Network TCP port requirements remain the same whether the IPv4 or IPv6 protocol family is used. Dynamic port range assignment can be restricted by using Binding Services to Open Ports.

List of Default Ports

The following tables display the default ports used by Commvault and third-party applications. Based on your environment settings, you can configure the applications to use different port numbers.

Ports Used By Commvault Applications

Applications Port Number
Analytics Engine MediaAgent 20000
Content Indexing Engine (Apache Solr) 27000
LREPListener (SnapVault) MediaAgent 10566
NDMP MediaAgent 10000
NFS/ESX, NFS (DataServer-IP) MediaAgent 111, 2049
Web Console (Apache Tomcat) 80, 443
Web Server (Apache Tomcat) 81

Ports Used By Third-Party Applications

Applications Port Number
DB2 5000
DNS 53
Exchange, HTTP/HTTPS, SalesForce/ESX, SharePoint 80, 443
IIS, offline Commvault documentation 8080
Informix 1526
IMAP 143, 993
LDAP catalog 3268, 3269
LDAP search/authentication 389, 636
Lotus Notes 1352
Microsoft SQL Server 1433, 1434
MongoDB (Tagging Catalog CommServe) 27017
MySQL 3306
Oracle 1521
PostgreSQL/GreenPlum 5432
SNMP 101, 162
SMTP 25, 465, 587
VMware NFC 902

SQL Server Ports

The default instance of a SQL server listens for incoming network traffic using static ports (1433 and 1434). But named instances, such as those used by this software, are configured by default to listen for incoming network traffic using dynamic ports. If a SQL Server instance is configured to listen for network traffic using dynamic ports, the instance will obtain an available port from the operating system and create an endpoint for that port. Incoming connections must then request that port number in order to connect to the software.

You have the option of configuring named instances to use static ports. For instructions, see Microsoft's TechNet article, Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager). If you do configure static ports for SQL Server, be sure to configure your firewall to allow TCP on port 1433 and UDP on port 1434.

Since a dynamic port number can change each time SQL Server launches, the SQL server software provides the SQL Server Browser Service to monitor ports and direct incoming network traffic to the current port used by the default instance. This capability ensures that all port traffic between the SQL Server and the software can be traced at any given time, which is especially useful in network troubleshooting scenarios.

Note: Changing this behavior manually may require additional configuration changes to the DSN (data source name) settings installed by the software. Therefore, we recommended that this behavior not be changed unless absolutely necessary.

Multi Instancing

Multi Instancing requires that each instance of the same agent (for example, the SQL Server iDataAgent) or MediaAgent have a unique set of static TCP port numbers assigned. For more information, see Considerations for Multi-Instance Installations.


For a given cluster server, the MediaAgent, agent, or other software component installed on every physical node in a cluster that is configured to host that cluster server must have the same port numbers configured. If, for example, you have a cluster server named VS1, and three physical computers configured to host VS1, all three computers must have the same Network TCP port numbers configured for the network interface used by VS1. For greater detail, consider this example:

  • Node A is configured to host cluster server VS1. Instance001 has the Informix iDataAgent installed to protect Informix data on VS1. During install, Port 8502 was specified for the Communications Service (CVD).
  • Node B is also configured to host VS1. Instance003 has the Informix iDataAgent installed to protect Informix data on VS1. During the Agent install, Port 8502 must be specified for the Communications Service (CVD) to match the Network TCP port number configuration of Node A.

Firewall Ports

For CommCell components to communicate across a firewall, the network TCP port numbers you select must be configured on your firewall. This specifically includes tunnel ports and additional ports.

Tunnel Port: This is the incoming port number through which the CommServe receives tunnel connections. Port 8403 is the default for Commvault software, but it can be configured to another port number. To determine what the incoming connections port has been set to, see Setting up Incoming Ports on the CommServe and MediaAgent, the step that sets Listen for tunnel connections on port.

Additional Open Ports: You can speed up data transfer for components that handle it (such as MediaAgent or File System iDataAgent), by opening additional ports on the firewall, and configuring them as open in this dialog. Specify the range of ports in the Additional open ports area, in the From and To fields. Click Add to add the ports. To remove a port from the listing, select the port and click Delete. The ports must be within the range of 1024 - 65000. Ensure that the ports specified here are not used by other applications.

For more information on additional open ports, see Opening Additional Ports.


  • When specifying Network TCP port numbers, it is essential to choose Network TCP ports that are unassigned and unused. The software requires the ability to open the same ports across when the operating system or applications are restarted, and these ports must not be in use by other resources. All effort should be made to ensure that no other resource expects the specified ports to be open, as a port conflict will cause an application failure.
  • When specifying a Network TCP Port Number other than 8400 for a MediaAgent's Communications Service (GxCVD), which may be necessary when more than one instance of the MediaAgent is installed on a computer, bear in mind that clients with an earlier release may not be able to communicate through that port. Therefore, when specifying a non-default port number in such cases, you should ensure that all clients using the MediaAgent support the Multi Instancing feature, and non-default network TCP port numbers.

If you need to change the network port numbers of a client or MediaAgent, see Changing Network Ports.