CommServe and MediaAgent
When you enable firewall on a HyperScale cluster, the following ports are automatically opened for the data protection network when the CommServe and MediaAgent are installed in the appliance:
Source Device / Network |
Transport Protocol |
Port |
Purpose |
---|---|---|---|
Firewall ports for apache thrift |
TCP |
9090, 9091 |
Apache thrift framework for remote server verification |
Commvault services |
TCP |
8400 |
CVD services |
Commvault services |
TCP |
8401 |
Server Event Manager |
Commvault services |
TCP |
8403 |
Commvault Firewall |
Commvault services |
TCP |
8800 - 8900* |
Other services |
Additional Ports |
TCP |
80, 9091 |
Deployment |
Firewall ports for avahi |
UDP |
37867 |
Zero-configuration protocol to discover remote appliance |
Firewall ports for avahi |
UDP |
5353 |
Zero-configuration protocol to discover remote appliance |
* 8800-8900 will be reserved using bind-to-open ports option.
MediaAgent Only
When you enable firewall on a HyperScale cluster, the following ports are automatically opened for the data protection network when only the MediaAgent is installed in the appliance:
Source Device / Network |
Transport Protocol |
Port |
Purpose |
---|---|---|---|
Firewall ports for apache thrift |
TCP |
9090 |
Apache thrift framework for remote server verification |
Commvault services |
TCP |
8400 |
CVD services |
Commvault services |
TCP |
8401 |
Server Event Manager |
Commvault services |
TCP |
8403 |
Commvault Firewall |
Commvault services |
TCP |
8800 - 8900* |
Other services |
Additional Ports |
TCP |
80, 9091 |
Deployment |
Firewall ports for avahi |
UDP |
37867 |
Zero-configuration protocol to discover remote appliance |
Firewall ports for avahi |
UDP |
5353 |
Zero-configuration protocol to discover remote appliance |
* 8800-8900 will be reserved using bind-to-open ports option.
Commvault File System (CVFS)
The following ports required by CVFS is automatically opened for the storage pool network, between the nodes in the cluster, when you enable firewall on a HyperScale cluster.
Transport Protocol |
Port |
Purpose |
---|---|---|
TCP |
22 |
ssh |
TCP |
80 |
UI |
TCP |
111 |
rpcbind utility |
TCP |
443 |
HTTPS |
TCP |
8750 |
rquotad server |
TCP |
50012 |
NFS |
TCP |
4321 |
NFS lock server |
TCP |
2181 |
ZooKeeper client |
TCP |
2224 |
pcsd (Pacemaker/Corosync Configuration System daemon) |
TCP |
3000, 4000 |
ZooKeeper |
TCP |
3121 |
Pacemaker |
TCP |
7000 - 7003, 7010, 7100, 8080 - 8081, 11001, 11002, 15000 |
Gossip, Thrift |
TCP |
21064 |
DLM (distributed lock manager) |
TCP |
50000 - 50008, 50022 |
CVM Thrift |
UDP |
111 |
rpcbind UDP utility |
UDP |
1024 - 65535 |
User Datagram Protocol high ports |
ICMP |
N/A |
Internet Control Message Protocol |
Super Micro Server
The following ports required by the Super Micro server is automatically opened when you enable firewall on a HyperScale cluster:
Transport Protocol |
Port |
Purpose |
---|---|---|
TCP |
80 |
HTTP |
TCP |
443 |
HTTPS |
TCP |
5901 |
Video |
TCP |
5900 |
HID |
TCP |
5120 |
CD |
TCP |
623 |
IPMI |