Firewall Port Requirements For HyperScale X

CommServe and MediaAgent

When you enable firewall on a HyperScale cluster, the following ports are automatically opened for the data protection network when the CommServe and MediaAgent are installed in the appliance:

Source Device / Network

Transport Protocol

Port

Purpose

Firewall ports for apache thrift

TCP

9090, 9091

Apache thrift framework for remote server verification

Commvault services

TCP

8400

CVD services

Commvault services

TCP

8401

Server Event Manager

Commvault services

TCP

8403

Commvault Firewall

Commvault services

TCP

8800 - 8900*

Other services

Additional Ports

TCP

80, 9091

Deployment

Firewall ports for avahi

UDP

37867

Zero-configuration protocol to discover remote appliance

Firewall ports for avahi

UDP

5353

Zero-configuration protocol to discover remote appliance

* 8800-8900 will be reserved using bind-to-open ports option.

MediaAgent Only

When you enable firewall on a HyperScale cluster, the following ports are automatically opened for the data protection network when only the MediaAgent is installed in the appliance:

Source Device / Network

Transport Protocol

Port

Purpose

Firewall ports for apache thrift

TCP

9090

Apache thrift framework for remote server verification

Commvault services

TCP

8400

CVD services

Commvault services

TCP

8401

Server Event Manager

Commvault services

TCP

8403

Commvault Firewall

Commvault services

TCP

8800 - 8900*

Other services

Additional Ports

TCP

80, 9091

Deployment

Firewall ports for avahi

UDP

37867

Zero-configuration protocol to discover remote appliance

Firewall ports for avahi

UDP

5353

Zero-configuration protocol to discover remote appliance

* 8800-8900 will be reserved using bind-to-open ports option.

Commvault File System (CVFS)

The following ports required by CVFS is automatically opened for the storage pool network, between the nodes in the cluster, when you enable firewall on a HyperScale cluster.

Transport Protocol

Port

Purpose

TCP

22

ssh

TCP

80

UI

TCP

111

rpcbind utility

TCP

443

HTTPS

TCP

8750

rquotad server

TCP

50012

NFS

TCP

4321

NFS lock server

TCP

2181

ZooKeeper client

TCP

2224

pcsd (Pacemaker/Corosync Configuration System daemon)

TCP

3000, 4000

ZooKeeper

TCP

3121

Pacemaker

TCP

7000 - 7003,

7010, 7100,
7500, 8000,

8080 - 8081,
8777 - 8778,
8090 - 8096,

11001, 11002,

15000

Gossip, Thrift

TCP

21064

DLM (distributed lock manager)

TCP

50000 - 50008,

50022

CVM Thrift

UDP

111

rpcbind UDP utility

UDP

1024 - 65535

User Datagram Protocol high ports

ICMP

N/A

Internet Control Message Protocol

Super Micro Server

The following ports required by the Super Micro server is automatically opened when you enable firewall on a HyperScale cluster:

Transport Protocol

Port

Purpose

TCP

80

HTTP

TCP

443

HTTPS

TCP

5901

Video

TCP

5900

HID

TCP

5120

CD

TCP

623

IPMI

TCP Ports Used for Services

Loading...